ic_file_splice_read+0x491/0x780 [ 1758.701114][ T4630] ? splice_shrink_spd+0xb0/0xb0 [ 1758.706026][ T4630] ? security_file_permission+0x1e9/0x300 [ 1758.711712][ T4630] ? splice_shrink_spd+0xb0/0xb0 [ 1758.716638][ T4630] splice_direct_to_actor+0x3cf/0xb00 [ 1758.721992][ T4630] ? do_splice_direct+0x3d0/0x3d0 [ 1758.726987][ T4630] ? pipe_to_sendpage+0x300/0x300 [ 1758.731980][ T4630] ? security_file_permission+0x128/0x300 [ 1758.737667][ T4630] do_splice_direct+0x279/0x3d0 [ 1758.742489][ T4630] ? splice_direct_to_actor+0xb00/0xb00 [ 1758.748004][ T4630] ? security_file_permission+0x128/0x300 [ 1758.753698][ T4630] do_sendfile+0x89d/0x1110 [ 1758.758180][ T4630] ? compat_writev+0x390/0x390 [ 1758.762914][ T4630] ? security_file_permission+0x128/0x300 [ 1758.768606][ T4630] ? vfs_write+0x427/0x4f0 [ 1758.772999][ T4630] ? fput_many+0x42/0x1a0 [ 1758.777301][ T4630] __x64_sys_sendfile64+0x1ae/0x220 [ 1758.782471][ T4630] ? __ia32_sys_sendfile+0x240/0x240 [ 1758.787736][ T4630] do_syscall_64+0xcb/0x150 03:03:44 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1758.792224][ T4630] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1758.798100][ T4630] RIP: 0033:0x45dd99 [ 1758.801980][ T4630] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1758.821562][ T4630] RSP: 002b:00007fa5beb56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1758.829957][ T4630] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1758.837898][ T4630] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1758.845841][ T4630] RBP: 00007fa5beb56ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1758.853788][ T4630] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000005 [ 1758.861734][ T4630] R13: 00007ffeb17b6aaf R14: 00007fa5beb579c0 R15: 000000000118bf2c [ 1758.869690][ T4629] CPU: 0 PID: 4629 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1758.881130][ T4629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1758.891175][ T4629] Call Trace: [ 1758.894452][ T4629] dump_stack+0x1b0/0x21e [ 1758.898768][ T4629] ? devkmsg_release+0x11c/0x11c [ 1758.903689][ T4629] ? show_regs_print_info+0x12/0x12 [ 1758.908870][ T4629] ? kasan_alloc_pages+0x4a/0x60 [ 1758.913794][ T4629] should_fail+0x6fb/0x860 [ 1758.918197][ T4629] ? setup_fault_attr+0x2b0/0x2b0 [ 1758.923212][ T4629] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1758.928568][ T4629] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1758.934097][ T4629] ? find_get_entry+0x5da/0x670 [ 1758.938932][ T4629] ? xa_load+0x323/0x340 [ 1758.943160][ T4629] __do_page_cache_readahead+0x244/0x510 [ 1758.948778][ T4629] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1758.955181][ T4629] ? unwind_next_frame+0x1c07/0x22b0 [ 1758.960452][ T4629] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1758.966155][ T4629] generic_file_read_iter+0x626/0x20a0 [ 1758.971601][ T4629] ? find_get_pages_range_tag+0xae0/0xae0 [ 1758.977302][ T4629] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1758.982660][ T4629] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1758.985675][ T4642] FAULT_INJECTION: forcing a failure. [ 1758.985675][ T4642] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1758.988709][ T4629] ? avc_denied+0x1c0/0x1c0 [ 1758.988720][ T4629] generic_file_splice_read+0x491/0x780 [ 1758.988733][ T4629] ? splice_shrink_spd+0xb0/0xb0 [ 1759.016799][ T4629] ? security_file_permission+0x1e9/0x300 [ 1759.022498][ T4629] ? splice_shrink_spd+0xb0/0xb0 [ 1759.027431][ T4629] splice_direct_to_actor+0x3cf/0xb00 [ 1759.032792][ T4629] ? do_splice_direct+0x3d0/0x3d0 [ 1759.037796][ T4629] ? pipe_to_sendpage+0x300/0x300 [ 1759.042808][ T4629] ? security_file_permission+0x128/0x300 [ 1759.048499][ T4629] do_splice_direct+0x279/0x3d0 [ 1759.053336][ T4629] ? splice_direct_to_actor+0xb00/0xb00 [ 1759.058854][ T4629] ? security_file_permission+0x128/0x300 [ 1759.064546][ T4629] do_sendfile+0x89d/0x1110 [ 1759.069028][ T4629] ? compat_writev+0x390/0x390 [ 1759.073763][ T4629] ? security_file_permission+0x128/0x300 [ 1759.079469][ T4629] ? vfs_write+0x427/0x4f0 [ 1759.083854][ T4629] ? fput_many+0x42/0x1a0 [ 1759.088154][ T4629] __x64_sys_sendfile64+0x1ae/0x220 [ 1759.093334][ T4629] ? __ia32_sys_sendfile+0x240/0x240 [ 1759.098590][ T4629] do_syscall_64+0xcb/0x150 [ 1759.103066][ T4629] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1759.108927][ T4629] RIP: 0033:0x45dd99 [ 1759.112793][ T4629] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1759.132366][ T4629] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:03:44 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x200fc0) 03:03:44 executing program 3 (fault-call:8 fault-nth:6): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:44 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x200fc0) [ 1759.140746][ T4629] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1759.148687][ T4629] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1759.156630][ T4629] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1759.164570][ T4629] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000008 [ 1759.172516][ T4629] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1759.180468][ T4642] CPU: 1 PID: 4642 Comm: syz-executor.3 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1759.191908][ T4642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1759.201944][ T4642] Call Trace: [ 1759.205676][ T4642] dump_stack+0x1b0/0x21e [ 1759.209996][ T4642] ? devkmsg_release+0x11c/0x11c [ 1759.214923][ T4642] ? show_regs_print_info+0x12/0x12 [ 1759.220113][ T4642] ? kasan_alloc_pages+0x4a/0x60 [ 1759.225703][ T4642] should_fail+0x6fb/0x860 [ 1759.230117][ T4642] ? setup_fault_attr+0x2b0/0x2b0 [ 1759.235129][ T4642] __alloc_pages_nodemask+0x1ee/0x7c0 03:03:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x541b, r3) 03:03:45 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x200fc0) 03:03:45 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8a) [ 1759.240489][ T4642] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1759.246017][ T4642] ? find_get_entry+0x5da/0x670 [ 1759.250856][ T4642] ? xa_load+0x323/0x340 [ 1759.255091][ T4642] __do_page_cache_readahead+0x244/0x510 [ 1759.260708][ T4642] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1759.267105][ T4642] ? unwind_next_frame+0x1c07/0x22b0 [ 1759.272376][ T4642] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1759.278083][ T4642] generic_file_read_iter+0x626/0x20a0 [ 1759.283562][ T4642] ? find_get_pages_range_tag+0xae0/0xae0 [ 1759.289266][ T4642] ? avc_has_perm_noaudit+0x2fc/0x3f0 03:03:45 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x7ffff000) [ 1759.294622][ T4642] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1759.300674][ T4642] ? avc_denied+0x1c0/0x1c0 [ 1759.305160][ T4642] generic_file_splice_read+0x491/0x780 [ 1759.310694][ T4642] ? splice_shrink_spd+0xb0/0xb0 [ 1759.315624][ T4642] ? security_file_permission+0x1e9/0x300 [ 1759.321328][ T4642] ? splice_shrink_spd+0xb0/0xb0 [ 1759.326245][ T4642] splice_direct_to_actor+0x3cf/0xb00 [ 1759.331648][ T4642] ? do_splice_direct+0x3d0/0x3d0 [ 1759.336637][ T4642] ? pipe_to_sendpage+0x300/0x300 [ 1759.341670][ T4642] ? security_file_permission+0x128/0x300 [ 1759.347357][ T4642] do_splice_direct+0x279/0x3d0 [ 1759.352175][ T4642] ? splice_direct_to_actor+0xb00/0xb00 [ 1759.357688][ T4642] ? security_file_permission+0x128/0x300 [ 1759.363374][ T4642] do_sendfile+0x89d/0x1110 [ 1759.367844][ T4642] ? compat_writev+0x390/0x390 [ 1759.372614][ T4642] ? security_file_permission+0x128/0x300 [ 1759.378300][ T4642] ? vfs_write+0x427/0x4f0 [ 1759.382681][ T4642] ? fput_many+0x42/0x1a0 [ 1759.387014][ T4642] __x64_sys_sendfile64+0x1ae/0x220 [ 1759.392178][ T4642] ? __ia32_sys_sendfile+0x240/0x240 [ 1759.397430][ T4642] do_syscall_64+0xcb/0x150 [ 1759.401940][ T4642] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1759.407806][ T4642] RIP: 0033:0x45dd99 [ 1759.411668][ T4642] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1759.431239][ T4642] RSP: 002b:00007fa5beb56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:03:45 executing program 2 (fault-call:8 fault-nth:9): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:45 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x200fc0) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000008000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x5421, r3) [ 1759.439628][ T4642] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1759.447570][ T4642] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1759.455523][ T4642] RBP: 00007fa5beb56ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1759.463460][ T4642] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000006 [ 1759.471400][ T4642] R13: 00007ffeb17b6aaf R14: 00007fa5beb579c0 R15: 000000000118bf2c 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000009000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:45 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x200fc0) [ 1759.547217][ T4666] FAULT_INJECTION: forcing a failure. [ 1759.547217][ T4666] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1759.598985][ T4666] CPU: 1 PID: 4666 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1759.610454][ T4666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1759.620497][ T4666] Call Trace: [ 1759.623780][ T4666] dump_stack+0x1b0/0x21e [ 1759.628100][ T4666] ? devkmsg_release+0x11c/0x11c [ 1759.633027][ T4666] ? show_regs_print_info+0x12/0x12 [ 1759.638214][ T4666] ? kasan_alloc_pages+0x4a/0x60 [ 1759.643157][ T4666] should_fail+0x6fb/0x860 [ 1759.647561][ T4666] ? setup_fault_attr+0x2b0/0x2b0 [ 1759.652575][ T4666] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1759.657945][ T4666] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1759.663477][ T4666] ? find_get_entry+0x5da/0x670 [ 1759.668312][ T4666] ? xa_load+0x323/0x340 [ 1759.672542][ T4666] __do_page_cache_readahead+0x244/0x510 [ 1759.678165][ T4666] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1759.684563][ T4666] ? unwind_next_frame+0x1c07/0x22b0 [ 1759.689831][ T4666] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1759.695539][ T4666] generic_file_read_iter+0x626/0x20a0 [ 1759.700987][ T4666] ? find_get_pages_range_tag+0xae0/0xae0 [ 1759.706690][ T4666] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1759.712047][ T4666] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1759.718102][ T4666] ? avc_denied+0x1c0/0x1c0 [ 1759.722593][ T4666] generic_file_splice_read+0x491/0x780 [ 1759.728126][ T4666] ? splice_shrink_spd+0xb0/0xb0 [ 1759.733057][ T4666] ? security_file_permission+0x1e9/0x300 [ 1759.738763][ T4666] ? splice_shrink_spd+0xb0/0xb0 [ 1759.743693][ T4666] splice_direct_to_actor+0x3cf/0xb00 [ 1759.749057][ T4666] ? do_splice_direct+0x3d0/0x3d0 [ 1759.754069][ T4666] ? pipe_to_sendpage+0x300/0x300 [ 1759.759085][ T4666] ? security_file_permission+0x128/0x300 [ 1759.764788][ T4666] do_splice_direct+0x279/0x3d0 [ 1759.769623][ T4666] ? splice_direct_to_actor+0xb00/0xb00 [ 1759.775159][ T4666] ? security_file_permission+0x128/0x300 [ 1759.780863][ T4666] do_sendfile+0x89d/0x1110 [ 1759.785353][ T4666] ? compat_writev+0x390/0x390 [ 1759.790101][ T4666] ? security_file_permission+0x128/0x300 [ 1759.795809][ T4666] ? vfs_write+0x427/0x4f0 [ 1759.800211][ T4666] ? fput_many+0x42/0x1a0 [ 1759.804525][ T4666] __x64_sys_sendfile64+0x1ae/0x220 [ 1759.809712][ T4666] ? __ia32_sys_sendfile+0x240/0x240 [ 1759.814982][ T4666] do_syscall_64+0xcb/0x150 [ 1759.819471][ T4666] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1759.825348][ T4666] RIP: 0033:0x45dd99 [ 1759.829226][ T4666] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:45 executing program 3 (fault-call:8 fault-nth:7): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x5450, r3) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000a000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:45 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x200fc0) [ 1759.848813][ T4666] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1759.857206][ T4666] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1759.865164][ T4666] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1759.873123][ T4666] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1759.881078][ T4666] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000009 [ 1759.889034][ T4666] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:45 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0xffffffff000) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000b000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1759.962191][ T4686] FAULT_INJECTION: forcing a failure. [ 1759.962191][ T4686] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1759.989628][ T4686] CPU: 0 PID: 4686 Comm: syz-executor.3 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1760.001091][ T4686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1760.011132][ T4686] Call Trace: [ 1760.014420][ T4686] dump_stack+0x1b0/0x21e [ 1760.018743][ T4686] ? devkmsg_release+0x11c/0x11c [ 1760.023666][ T4686] ? show_regs_print_info+0x12/0x12 [ 1760.028853][ T4686] ? kasan_alloc_pages+0x4a/0x60 [ 1760.033795][ T4686] should_fail+0x6fb/0x860 [ 1760.038203][ T4686] ? setup_fault_attr+0x2b0/0x2b0 [ 1760.043224][ T4686] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1760.048591][ T4686] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1760.054131][ T4686] ? find_get_entry+0x5da/0x670 [ 1760.058969][ T4686] ? xa_load+0x323/0x340 [ 1760.063201][ T4686] __do_page_cache_readahead+0x244/0x510 [ 1760.068825][ T4686] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1760.075225][ T4686] ? unwind_next_frame+0x1c07/0x22b0 [ 1760.080494][ T4686] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1760.086205][ T4686] generic_file_read_iter+0x626/0x20a0 [ 1760.091659][ T4686] ? find_get_pages_range_tag+0xae0/0xae0 [ 1760.097364][ T4686] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1760.102729][ T4686] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.108784][ T4686] ? avc_denied+0x1c0/0x1c0 [ 1760.113278][ T4686] generic_file_splice_read+0x491/0x780 [ 1760.118810][ T4686] ? splice_shrink_spd+0xb0/0xb0 [ 1760.123739][ T4686] ? security_file_permission+0x1e9/0x300 [ 1760.129448][ T4686] ? splice_shrink_spd+0xb0/0xb0 [ 1760.134374][ T4686] splice_direct_to_actor+0x3cf/0xb00 [ 1760.139735][ T4686] ? do_splice_direct+0x3d0/0x3d0 [ 1760.144745][ T4686] ? pipe_to_sendpage+0x300/0x300 [ 1760.149756][ T4686] ? security_file_permission+0x128/0x300 [ 1760.155458][ T4686] do_splice_direct+0x279/0x3d0 [ 1760.160296][ T4686] ? splice_direct_to_actor+0xb00/0xb00 [ 1760.165828][ T4686] ? security_file_permission+0x128/0x300 [ 1760.171534][ T4686] do_sendfile+0x89d/0x1110 [ 1760.176027][ T4686] ? compat_writev+0x390/0x390 [ 1760.180778][ T4686] ? security_file_permission+0x128/0x300 [ 1760.186482][ T4686] ? vfs_write+0x427/0x4f0 [ 1760.190885][ T4686] ? fput_many+0x42/0x1a0 [ 1760.195204][ T4686] __x64_sys_sendfile64+0x1ae/0x220 [ 1760.200394][ T4686] ? __ia32_sys_sendfile+0x240/0x240 [ 1760.205666][ T4686] do_syscall_64+0xcb/0x150 [ 1760.210158][ T4686] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.216033][ T4686] RIP: 0033:0x45dd99 [ 1760.220015][ T4686] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1760.239602][ T4686] RSP: 002b:00007fa5beb56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1760.248001][ T4686] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:03:45 executing program 2 (fault-call:8 fault-nth:10): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:45 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x0) 03:03:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x5451, r3) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000c000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000d000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000e000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1760.255964][ T4686] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1760.263922][ T4686] RBP: 00007fa5beb56ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1760.271876][ T4686] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000007 [ 1760.279833][ T4686] R13: 00007ffeb17b6aaf R14: 00007fa5beb579c0 R15: 000000000118bf2c [ 1760.325342][ T4709] FAULT_INJECTION: forcing a failure. [ 1760.325342][ T4709] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1760.339053][ T4709] CPU: 0 PID: 4709 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1760.350499][ T4709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1760.360539][ T4709] Call Trace: [ 1760.363824][ T4709] dump_stack+0x1b0/0x21e [ 1760.368142][ T4709] ? devkmsg_release+0x11c/0x11c [ 1760.373071][ T4709] ? show_regs_print_info+0x12/0x12 [ 1760.378255][ T4709] ? kasan_alloc_pages+0x4a/0x60 [ 1760.383184][ T4709] should_fail+0x6fb/0x860 [ 1760.387595][ T4709] ? setup_fault_attr+0x2b0/0x2b0 [ 1760.392614][ T4709] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1760.397979][ T4709] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1760.403510][ T4709] ? find_get_entry+0x5da/0x670 [ 1760.408345][ T4709] ? xa_load+0x323/0x340 [ 1760.412574][ T4709] __do_page_cache_readahead+0x244/0x510 [ 1760.418198][ T4709] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1760.424600][ T4709] ? unwind_next_frame+0x1c07/0x22b0 [ 1760.429874][ T4709] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1760.435580][ T4709] generic_file_read_iter+0x626/0x20a0 [ 1760.441031][ T4709] ? find_get_pages_range_tag+0xae0/0xae0 [ 1760.446742][ T4709] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1760.452099][ T4709] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.458152][ T4709] ? avc_denied+0x1c0/0x1c0 [ 1760.462668][ T4709] generic_file_splice_read+0x491/0x780 [ 1760.468306][ T4709] ? splice_shrink_spd+0xb0/0xb0 [ 1760.473237][ T4709] ? security_file_permission+0x1e9/0x300 [ 1760.478950][ T4709] ? splice_shrink_spd+0xb0/0xb0 [ 1760.483534][ T4715] FAULT_INJECTION: forcing a failure. [ 1760.483534][ T4715] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1760.483877][ T4709] splice_direct_to_actor+0x3cf/0xb00 [ 1760.502399][ T4709] ? do_splice_direct+0x3d0/0x3d0 [ 1760.507404][ T4709] ? pipe_to_sendpage+0x300/0x300 [ 1760.512405][ T4709] ? security_file_permission+0x128/0x300 [ 1760.518098][ T4709] do_splice_direct+0x279/0x3d0 [ 1760.522930][ T4709] ? splice_direct_to_actor+0xb00/0xb00 [ 1760.528455][ T4709] ? security_file_permission+0x128/0x300 [ 1760.534155][ T4709] do_sendfile+0x89d/0x1110 [ 1760.538633][ T4709] ? compat_writev+0x390/0x390 [ 1760.543369][ T4709] ? security_file_permission+0x128/0x300 [ 1760.549062][ T4709] ? vfs_write+0x427/0x4f0 [ 1760.553449][ T4709] ? fput_many+0x42/0x1a0 [ 1760.557754][ T4709] __x64_sys_sendfile64+0x1ae/0x220 [ 1760.562924][ T4709] ? __ia32_sys_sendfile+0x240/0x240 [ 1760.568181][ T4709] do_syscall_64+0xcb/0x150 [ 1760.572656][ T4709] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.578534][ T4709] RIP: 0033:0x45dd99 [ 1760.582417][ T4709] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1760.602006][ T4709] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1760.610386][ T4709] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1760.618351][ T4709] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:46 executing program 3 (fault-call:8 fault-nth:8): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000010000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x5452, r3) 03:03:46 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x0) [ 1760.626296][ T4709] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1760.634245][ T4709] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000a [ 1760.642187][ T4709] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1760.650141][ T4715] CPU: 1 PID: 4715 Comm: syz-executor.3 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1760.661579][ T4715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1760.671622][ T4715] Call Trace: [ 1760.674899][ T4715] dump_stack+0x1b0/0x21e [ 1760.679216][ T4715] ? devkmsg_release+0x11c/0x11c [ 1760.684140][ T4715] ? show_regs_print_info+0x12/0x12 [ 1760.689323][ T4715] ? kasan_alloc_pages+0x4a/0x60 [ 1760.694247][ T4715] should_fail+0x6fb/0x860 [ 1760.698651][ T4715] ? setup_fault_attr+0x2b0/0x2b0 [ 1760.703667][ T4715] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1760.709027][ T4715] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1760.714556][ T4715] ? find_get_entry+0x5da/0x670 [ 1760.719390][ T4715] ? xa_load+0x323/0x340 03:03:46 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r3 = socket(0x1e, 0x4, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, 0x0, 0x20, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x4000044) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:03:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000011000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1760.723617][ T4715] __do_page_cache_readahead+0x244/0x510 [ 1760.729239][ T4715] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1760.735639][ T4715] ? unwind_next_frame+0x1c07/0x22b0 [ 1760.740907][ T4715] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1760.746629][ T4715] generic_file_read_iter+0x626/0x20a0 [ 1760.752077][ T4715] ? find_get_pages_range_tag+0xae0/0xae0 [ 1760.757783][ T4715] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1760.763142][ T4715] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.769194][ T4715] ? avc_denied+0x1c0/0x1c0 [ 1760.773688][ T4715] generic_file_splice_read+0x491/0x780 [ 1760.779223][ T4715] ? splice_shrink_spd+0xb0/0xb0 [ 1760.784151][ T4715] ? security_file_permission+0x1e9/0x300 [ 1760.789855][ T4715] ? splice_shrink_spd+0xb0/0xb0 [ 1760.794776][ T4715] splice_direct_to_actor+0x3cf/0xb00 [ 1760.800133][ T4715] ? do_splice_direct+0x3d0/0x3d0 [ 1760.805140][ T4715] ? pipe_to_sendpage+0x300/0x300 [ 1760.810253][ T4715] ? security_file_permission+0x128/0x300 [ 1760.815951][ T4715] do_splice_direct+0x279/0x3d0 [ 1760.820768][ T4715] ? splice_direct_to_actor+0xb00/0xb00 [ 1760.826286][ T4715] ? security_file_permission+0x128/0x300 [ 1760.831972][ T4715] do_sendfile+0x89d/0x1110 [ 1760.836446][ T4715] ? compat_writev+0x390/0x390 [ 1760.841179][ T4715] ? security_file_permission+0x128/0x300 [ 1760.846867][ T4715] ? vfs_write+0x427/0x4f0 [ 1760.851258][ T4715] ? fput_many+0x42/0x1a0 [ 1760.855555][ T4715] __x64_sys_sendfile64+0x1ae/0x220 [ 1760.860721][ T4715] ? __ia32_sys_sendfile+0x240/0x240 [ 1760.865972][ T4715] do_syscall_64+0xcb/0x150 [ 1760.870444][ T4715] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1760.876306][ T4715] RIP: 0033:0x45dd99 [ 1760.880211][ T4715] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1760.899782][ T4715] RSP: 002b:00007fa5beb56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1760.908197][ T4715] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1760.916137][ T4715] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:46 executing program 2 (fault-call:8 fault-nth:11): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000012000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x5460, r3) 03:03:46 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x0) 03:03:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000040000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x40049409, r3) [ 1760.924074][ T4715] RBP: 00007fa5beb56ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1760.932052][ T4715] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000008 [ 1760.939999][ T4715] R13: 00007ffeb17b6aaf R14: 00007fa5beb579c0 R15: 000000000118bf2c [ 1760.997955][ T4744] FAULT_INJECTION: forcing a failure. [ 1760.997955][ T4744] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1761.021809][ T4744] CPU: 0 PID: 4744 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1761.033270][ T4744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1761.043325][ T4744] Call Trace: 03:03:46 executing program 3 (fault-call:8 fault-nth:9): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:46 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0xffffffff000) [ 1761.046624][ T4744] dump_stack+0x1b0/0x21e [ 1761.050943][ T4744] ? devkmsg_release+0x11c/0x11c [ 1761.055981][ T4744] ? show_regs_print_info+0x12/0x12 [ 1761.061163][ T4744] ? kasan_alloc_pages+0x4a/0x60 [ 1761.066086][ T4744] should_fail+0x6fb/0x860 [ 1761.070492][ T4744] ? setup_fault_attr+0x2b0/0x2b0 [ 1761.075507][ T4744] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1761.080880][ T4744] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1761.086404][ T4744] ? find_get_entry+0x5da/0x670 [ 1761.091233][ T4744] ? xa_load+0x323/0x340 [ 1761.095465][ T4744] __do_page_cache_readahead+0x244/0x510 [ 1761.101094][ T4744] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1761.107505][ T4744] ? unwind_next_frame+0x1c07/0x22b0 [ 1761.112710][ T4753] FAULT_INJECTION: forcing a failure. [ 1761.112710][ T4753] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1761.112777][ T4744] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1761.132032][ T4744] generic_file_read_iter+0x626/0x20a0 [ 1761.137480][ T4744] ? find_get_pages_range_tag+0xae0/0xae0 [ 1761.143188][ T4744] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1761.148546][ T4744] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1761.154602][ T4744] ? avc_denied+0x1c0/0x1c0 [ 1761.159090][ T4744] generic_file_splice_read+0x491/0x780 [ 1761.164616][ T4744] ? splice_shrink_spd+0xb0/0xb0 [ 1761.169542][ T4744] ? security_file_permission+0x1e9/0x300 [ 1761.175245][ T4744] ? splice_shrink_spd+0xb0/0xb0 [ 1761.180167][ T4744] splice_direct_to_actor+0x3cf/0xb00 [ 1761.185520][ T4744] ? do_splice_direct+0x3d0/0x3d0 [ 1761.190519][ T4744] ? pipe_to_sendpage+0x300/0x300 [ 1761.195520][ T4744] ? security_file_permission+0x128/0x300 [ 1761.201217][ T4744] do_splice_direct+0x279/0x3d0 [ 1761.206056][ T4744] ? splice_direct_to_actor+0xb00/0xb00 [ 1761.211596][ T4744] ? security_file_permission+0x128/0x300 [ 1761.217298][ T4744] do_sendfile+0x89d/0x1110 [ 1761.221784][ T4744] ? compat_writev+0x390/0x390 [ 1761.226535][ T4744] ? security_file_permission+0x128/0x300 [ 1761.232237][ T4744] ? vfs_write+0x427/0x4f0 [ 1761.236640][ T4744] ? fput_many+0x42/0x1a0 [ 1761.240974][ T4744] __x64_sys_sendfile64+0x1ae/0x220 [ 1761.246152][ T4744] ? __ia32_sys_sendfile+0x240/0x240 [ 1761.251421][ T4744] do_syscall_64+0xcb/0x150 [ 1761.255908][ T4744] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1761.261779][ T4744] RIP: 0033:0x45dd99 [ 1761.265652][ T4744] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1761.285234][ T4744] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1761.293618][ T4744] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1761.301572][ T4744] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1761.309523][ T4744] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1761.317473][ T4744] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000b [ 1761.325429][ T4744] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1761.333388][ T4753] CPU: 1 PID: 4753 Comm: syz-executor.3 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1761.344837][ T4753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1761.354872][ T4753] Call Trace: [ 1761.358150][ T4753] dump_stack+0x1b0/0x21e [ 1761.362463][ T4753] ? devkmsg_release+0x11c/0x11c [ 1761.367390][ T4753] ? show_regs_print_info+0x12/0x12 [ 1761.372571][ T4753] ? kasan_alloc_pages+0x4a/0x60 [ 1761.377496][ T4753] should_fail+0x6fb/0x860 [ 1761.381903][ T4753] ? setup_fault_attr+0x2b0/0x2b0 [ 1761.386926][ T4753] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1761.392294][ T4753] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1761.397827][ T4753] ? find_get_entry+0x5da/0x670 [ 1761.402663][ T4753] ? xa_load+0x323/0x340 [ 1761.406890][ T4753] __do_page_cache_readahead+0x244/0x510 [ 1761.412511][ T4753] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1761.418913][ T4753] ? unwind_next_frame+0x1c07/0x22b0 [ 1761.424174][ T4753] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1761.429866][ T4753] generic_file_read_iter+0x626/0x20a0 [ 1761.435308][ T4753] ? find_get_pages_range_tag+0xae0/0xae0 [ 1761.441025][ T4753] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1761.446390][ T4753] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1761.452440][ T4753] ? avc_denied+0x1c0/0x1c0 [ 1761.456931][ T4753] generic_file_splice_read+0x491/0x780 [ 1761.462465][ T4753] ? splice_shrink_spd+0xb0/0xb0 [ 1761.467392][ T4753] ? security_file_permission+0x1e9/0x300 [ 1761.473098][ T4753] ? splice_shrink_spd+0xb0/0xb0 [ 1761.478018][ T4753] splice_direct_to_actor+0x3cf/0xb00 [ 1761.483383][ T4753] ? do_splice_direct+0x3d0/0x3d0 [ 1761.488391][ T4753] ? pipe_to_sendpage+0x300/0x300 [ 1761.493403][ T4753] ? security_file_permission+0x128/0x300 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000777e2acbb747000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1761.499106][ T4753] do_splice_direct+0x279/0x3d0 [ 1761.503941][ T4753] ? splice_direct_to_actor+0xb00/0xb00 [ 1761.509478][ T4753] ? security_file_permission+0x128/0x300 [ 1761.515181][ T4753] do_sendfile+0x89d/0x1110 [ 1761.519670][ T4753] ? compat_writev+0x390/0x390 [ 1761.524421][ T4753] ? security_file_permission+0x128/0x300 [ 1761.530127][ T4753] ? vfs_write+0x427/0x4f0 [ 1761.534524][ T4753] ? fput_many+0x42/0x1a0 [ 1761.538840][ T4753] __x64_sys_sendfile64+0x1ae/0x220 [ 1761.544021][ T4753] ? __ia32_sys_sendfile+0x240/0x240 [ 1761.549289][ T4753] do_syscall_64+0xcb/0x150 [ 1761.553779][ T4753] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1761.559654][ T4753] RIP: 0033:0x45dd99 [ 1761.563532][ T4753] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1761.583119][ T4753] RSP: 002b:00007fa5beb56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1761.591511][ T4753] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000ffffffff000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:47 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000080)={0xfffd, 0x720, 0x4f, 0x518, 0x6162, 0x6}) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000001000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:47 executing program 2 (fault-call:8 fault-nth:12): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x40086602, r3) [ 1761.599465][ T4753] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1761.607429][ T4753] RBP: 00007fa5beb56ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1761.615387][ T4753] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000009 [ 1761.623346][ T4753] R13: 00007ffeb17b6aaf R14: 00007fa5beb579c0 R15: 000000000118bf2c 03:03:47 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x7ffff000) 03:03:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x40087602, r3) 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000002000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1761.687426][ T4762] FAULT_INJECTION: forcing a failure. [ 1761.687426][ T4762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1761.711167][ T4762] CPU: 1 PID: 4762 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1761.722618][ T4762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1761.732657][ T4762] Call Trace: [ 1761.735938][ T4762] dump_stack+0x1b0/0x21e [ 1761.740254][ T4762] ? devkmsg_release+0x11c/0x11c [ 1761.745182][ T4762] ? show_regs_print_info+0x12/0x12 [ 1761.750369][ T4762] ? kasan_alloc_pages+0x4a/0x60 [ 1761.755292][ T4762] should_fail+0x6fb/0x860 [ 1761.759703][ T4762] ? setup_fault_attr+0x2b0/0x2b0 [ 1761.764716][ T4762] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1761.770079][ T4762] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1761.775615][ T4762] ? find_get_entry+0x5da/0x670 [ 1761.780454][ T4762] ? xa_load+0x323/0x340 [ 1761.784681][ T4762] __do_page_cache_readahead+0x244/0x510 [ 1761.790310][ T4762] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1761.796713][ T4762] ? unwind_next_frame+0x1c07/0x22b0 [ 1761.801984][ T4762] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1761.807689][ T4762] generic_file_read_iter+0x626/0x20a0 [ 1761.813146][ T4762] ? find_get_pages_range_tag+0xae0/0xae0 [ 1761.818852][ T4762] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1761.824210][ T4762] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1761.830262][ T4762] ? avc_denied+0x1c0/0x1c0 [ 1761.834758][ T4762] generic_file_splice_read+0x491/0x780 [ 1761.840287][ T4762] ? splice_shrink_spd+0xb0/0xb0 [ 1761.845217][ T4762] ? security_file_permission+0x1e9/0x300 [ 1761.850918][ T4762] ? splice_shrink_spd+0xb0/0xb0 [ 1761.855840][ T4762] splice_direct_to_actor+0x3cf/0xb00 [ 1761.861197][ T4762] ? do_splice_direct+0x3d0/0x3d0 [ 1761.866204][ T4762] ? pipe_to_sendpage+0x300/0x300 [ 1761.871216][ T4762] ? security_file_permission+0x128/0x300 [ 1761.876922][ T4762] do_splice_direct+0x279/0x3d0 [ 1761.881758][ T4762] ? splice_direct_to_actor+0xb00/0xb00 03:03:47 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1761.887290][ T4762] ? security_file_permission+0x128/0x300 [ 1761.892999][ T4762] do_sendfile+0x89d/0x1110 [ 1761.897493][ T4762] ? compat_writev+0x390/0x390 [ 1761.902253][ T4762] ? security_file_permission+0x128/0x300 [ 1761.907957][ T4762] ? vfs_write+0x427/0x4f0 [ 1761.912360][ T4762] ? fput_many+0x42/0x1a0 [ 1761.916680][ T4762] __x64_sys_sendfile64+0x1ae/0x220 [ 1761.921866][ T4762] ? __ia32_sys_sendfile+0x240/0x240 [ 1761.927142][ T4762] do_syscall_64+0xcb/0x150 [ 1761.931634][ T4762] entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1761.937513][ T4762] RIP: 0033:0x45dd99 [ 1761.941392][ T4762] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1761.960980][ T4762] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1761.969381][ T4762] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1761.977338][ T4762] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4020940d, r3) [ 1761.985301][ T4762] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1761.993259][ T4762] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000c [ 1762.001219][ T4762] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x80086601, r3) 03:03:47 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x7ffff000) 03:03:47 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000080)) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x80087601, r3) 03:03:47 executing program 2 (fault-call:8 fault-nth:13): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000002000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1762.193331][ T4814] FAULT_INJECTION: forcing a failure. [ 1762.193331][ T4814] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1762.207233][ T4814] CPU: 1 PID: 4814 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1762.218678][ T4814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1762.228719][ T4814] Call Trace: [ 1762.232005][ T4814] dump_stack+0x1b0/0x21e [ 1762.236323][ T4814] ? devkmsg_release+0x11c/0x11c [ 1762.241259][ T4814] ? show_regs_print_info+0x12/0x12 [ 1762.246444][ T4814] ? kasan_alloc_pages+0x4a/0x60 [ 1762.251371][ T4814] should_fail+0x6fb/0x860 [ 1762.255775][ T4814] ? setup_fault_attr+0x2b0/0x2b0 [ 1762.260786][ T4814] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1762.266149][ T4814] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1762.271682][ T4814] ? find_get_entry+0x5da/0x670 [ 1762.276522][ T4814] ? xa_load+0x323/0x340 [ 1762.280753][ T4814] __do_page_cache_readahead+0x244/0x510 [ 1762.286375][ T4814] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1762.292773][ T4814] ? unwind_next_frame+0x1c07/0x22b0 [ 1762.298044][ T4814] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1762.303752][ T4814] generic_file_read_iter+0x626/0x20a0 [ 1762.309208][ T4814] ? find_get_pages_range_tag+0xae0/0xae0 [ 1762.314912][ T4814] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1762.320269][ T4814] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1762.326328][ T4814] ? avc_denied+0x1c0/0x1c0 [ 1762.330821][ T4814] generic_file_splice_read+0x491/0x780 [ 1762.336357][ T4814] ? splice_shrink_spd+0xb0/0xb0 [ 1762.341284][ T4814] ? security_file_permission+0x1e9/0x300 [ 1762.346984][ T4814] ? splice_shrink_spd+0xb0/0xb0 [ 1762.351903][ T4814] splice_direct_to_actor+0x3cf/0xb00 [ 1762.357259][ T4814] ? do_splice_direct+0x3d0/0x3d0 [ 1762.362270][ T4814] ? pipe_to_sendpage+0x300/0x300 [ 1762.367281][ T4814] ? security_file_permission+0x128/0x300 [ 1762.372984][ T4814] do_splice_direct+0x279/0x3d0 [ 1762.377817][ T4814] ? splice_direct_to_actor+0xb00/0xb00 [ 1762.383354][ T4814] ? security_file_permission+0x128/0x300 [ 1762.389061][ T4814] do_sendfile+0x89d/0x1110 [ 1762.393550][ T4814] ? compat_writev+0x390/0x390 [ 1762.398301][ T4814] ? security_file_permission+0x128/0x300 [ 1762.404008][ T4814] ? vfs_write+0x427/0x4f0 [ 1762.408408][ T4814] ? fput_many+0x42/0x1a0 [ 1762.412724][ T4814] __x64_sys_sendfile64+0x1ae/0x220 [ 1762.417908][ T4814] ? __ia32_sys_sendfile+0x240/0x240 [ 1762.423181][ T4814] do_syscall_64+0xcb/0x150 [ 1762.427673][ T4814] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1762.433548][ T4814] RIP: 0033:0x45dd99 [ 1762.437427][ T4814] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1762.457012][ T4814] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1762.465408][ T4814] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1762.473367][ T4814] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1762.481323][ T4814] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1762.489274][ T4814] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000d [ 1762.497233][ T4814] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:48 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x7ffff000) 03:03:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0xc0045878, r3) 03:03:48 executing program 4: r0 = creat(&(0x7f0000000200)='./file0\x00', 0x100) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0)='devlink\x00') sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x60, r2, 0x20, 0x70bd27, 0x25dfdbfc, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x8e, 0x1}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x4}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x880) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x200fc0) 03:03:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000003000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0xc0045878, r3) 03:03:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000004000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0xc0189436, r3) 03:03:48 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0xffffffff000) 03:03:48 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x6c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000080)={@flat=@binder={0x73622a85, 0x100}, @fda={0x66646185, 0x5, 0x0, 0x21}, @fda={0x66646185, 0x6, 0x2, 0x27}}, &(0x7f0000000100)={0x0, 0x18, 0x38}}, 0x40}, @dead_binder_done, @request_death, @register_looper], 0x2d, 0x0, &(0x7f00000001c0)="cf92518e5863a7860bb33d6e980c4a2429c54f550ee58bc820b12054029058993be267f9e45db676db8d027564"}) 03:03:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000005000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0xc020660b, r3) 03:03:48 executing program 2 (fault-call:8 fault-nth:14): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1762.835469][ T4857] FAULT_INJECTION: forcing a failure. [ 1762.835469][ T4857] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1762.882337][ T4857] CPU: 1 PID: 4857 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1762.893806][ T4857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1762.903845][ T4857] Call Trace: [ 1762.907124][ T4857] dump_stack+0x1b0/0x21e [ 1762.911442][ T4857] ? devkmsg_release+0x11c/0x11c [ 1762.916364][ T4857] ? show_regs_print_info+0x12/0x12 [ 1762.921550][ T4857] ? kasan_alloc_pages+0x4a/0x60 [ 1762.926472][ T4857] should_fail+0x6fb/0x860 [ 1762.930874][ T4857] ? setup_fault_attr+0x2b0/0x2b0 [ 1762.935888][ T4857] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1762.941254][ T4857] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1762.946786][ T4857] ? find_get_entry+0x5da/0x670 [ 1762.951623][ T4857] ? xa_load+0x323/0x340 [ 1762.955849][ T4857] __do_page_cache_readahead+0x244/0x510 [ 1762.961470][ T4857] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1762.967869][ T4857] ? unwind_next_frame+0x1c07/0x22b0 [ 1762.973141][ T4857] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1762.978843][ T4857] generic_file_read_iter+0x626/0x20a0 [ 1762.984292][ T4857] ? find_get_pages_range_tag+0xae0/0xae0 [ 1762.989996][ T4857] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1762.995353][ T4857] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1763.001405][ T4857] ? avc_denied+0x1c0/0x1c0 [ 1763.005904][ T4857] generic_file_splice_read+0x491/0x780 [ 1763.011442][ T4857] ? splice_shrink_spd+0xb0/0xb0 [ 1763.016372][ T4857] ? security_file_permission+0x1e9/0x300 [ 1763.022078][ T4857] ? splice_shrink_spd+0xb0/0xb0 [ 1763.027001][ T4857] splice_direct_to_actor+0x3cf/0xb00 [ 1763.032366][ T4857] ? do_splice_direct+0x3d0/0x3d0 [ 1763.037376][ T4857] ? pipe_to_sendpage+0x300/0x300 [ 1763.042389][ T4857] ? security_file_permission+0x128/0x300 [ 1763.048093][ T4857] do_splice_direct+0x279/0x3d0 [ 1763.052928][ T4857] ? splice_direct_to_actor+0xb00/0xb00 [ 1763.058465][ T4857] ? security_file_permission+0x128/0x300 [ 1763.064170][ T4857] do_sendfile+0x89d/0x1110 [ 1763.068681][ T4857] ? compat_writev+0x390/0x390 [ 1763.073430][ T4857] ? security_file_permission+0x128/0x300 [ 1763.079133][ T4857] ? vfs_write+0x427/0x4f0 [ 1763.083535][ T4857] ? fput_many+0x42/0x1a0 [ 1763.087848][ T4857] __x64_sys_sendfile64+0x1ae/0x220 [ 1763.093039][ T4857] ? __ia32_sys_sendfile+0x240/0x240 [ 1763.098316][ T4857] do_syscall_64+0xcb/0x150 [ 1763.102807][ T4857] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1763.108687][ T4857] RIP: 0033:0x45dd99 [ 1763.112566][ T4857] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1763.132153][ T4857] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1763.140545][ T4857] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1763.148500][ T4857] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1763.156460][ T4857] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1763.164418][ T4857] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000e [ 1763.172376][ T4857] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:48 executing program 1 (fault-call:9 fault-nth:0): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000080)=@caif=@dbg, 0x80, &(0x7f0000000000)=[{&(0x7f0000000140)=""/252, 0xfc}], 0x1, &(0x7f00000002c0)=""/224, 0xe0}, 0x102) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:03:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000006000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:48 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) read$FUSE(r0, &(0x7f0000002040)={0x2020, 0x0, 0x0}, 0x2020) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=0x0) write$FUSE_LK(r3, &(0x7f00000000c0)={0x28, 0x0, r4, {{0x0, 0x0, 0x1, r5}}}, 0x28) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000007000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000008000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:49 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$RTC_UIE_OFF(r3, 0x7004) [ 1763.262253][ T4871] FAULT_INJECTION: forcing a failure. [ 1763.262253][ T4871] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.318757][ T4871] CPU: 1 PID: 4871 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1763.330229][ T4871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.340266][ T4871] Call Trace: [ 1763.343547][ T4871] dump_stack+0x1b0/0x21e [ 1763.347863][ T4871] ? devkmsg_release+0x11c/0x11c [ 1763.352796][ T4871] ? show_regs_print_info+0x12/0x12 [ 1763.357984][ T4871] ? avc_denied+0x1c0/0x1c0 [ 1763.362476][ T4871] should_fail+0x6fb/0x860 [ 1763.366881][ T4871] ? setup_fault_attr+0x2b0/0x2b0 [ 1763.371892][ T4871] ? avc_has_perm+0xbd/0x260 [ 1763.376467][ T4871] ? avc_has_perm+0x15f/0x260 [ 1763.381132][ T4871] ? alloc_pipe_info+0xa1/0x3a0 [ 1763.385969][ T4871] should_failslab+0x5/0x20 [ 1763.390461][ T4871] kmem_cache_alloc_trace+0x39/0x270 [ 1763.395734][ T4871] alloc_pipe_info+0xa1/0x3a0 [ 1763.400401][ T4871] splice_direct_to_actor+0x94e/0xb00 [ 1763.405758][ T4871] ? avc_has_perm+0xbd/0x260 [ 1763.410341][ T4871] ? match_file+0x120/0x120 [ 1763.414830][ T4871] ? avc_has_perm_noaudit+0x3f0/0x3f0 [ 1763.420189][ T4871] ? do_splice_direct+0x3d0/0x3d0 [ 1763.425202][ T4871] ? pipe_to_sendpage+0x300/0x300 [ 1763.430216][ T4871] ? security_file_permission+0x128/0x300 [ 1763.435918][ T4871] do_splice_direct+0x279/0x3d0 [ 1763.440752][ T4871] ? splice_direct_to_actor+0xb00/0xb00 [ 1763.446290][ T4871] ? security_file_permission+0x128/0x300 [ 1763.451994][ T4871] do_sendfile+0x89d/0x1110 [ 1763.456487][ T4871] ? compat_writev+0x390/0x390 [ 1763.461237][ T4871] ? security_file_permission+0x128/0x300 [ 1763.466952][ T4871] ? vfs_write+0x427/0x4f0 [ 1763.471351][ T4871] ? fput_many+0x42/0x1a0 [ 1763.475666][ T4871] __x64_sys_sendfile64+0x1ae/0x220 [ 1763.480852][ T4871] ? __ia32_sys_sendfile+0x240/0x240 [ 1763.486114][ T4871] ? __fdget+0x187/0x200 [ 1763.490324][ T4871] do_syscall_64+0xcb/0x150 [ 1763.494792][ T4871] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1763.500648][ T4871] RIP: 0033:0x45dd99 [ 1763.504511][ T4871] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1763.524127][ T4871] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1763.532503][ T4871] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1763.540440][ T4871] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1763.548393][ T4871] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 [ 1763.556335][ T4871] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000000 [ 1763.564273][ T4871] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c 03:03:49 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) readahead(r4, 0x200, 0x8) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000009000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:49 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000080)) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x800, 0x0) sendfile(r2, r5, 0x0, 0x2) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f00000000c0)={'mangle\x00', 0x3, [{}, {}, {}]}, 0x58) 03:03:49 executing program 2 (fault-call:8 fault-nth:15): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x1000000000000000, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x20, 0x0, 0x9049, 0x0, 0xfffffb}, 0x0) ioctl$USBDEVFS_GET_CAPABILITIES(0xffffffffffffffff, 0x8004551a, &(0x7f0000000000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@bridge_delneigh={0x60, 0x1d, 0x8, 0x70bd2b, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0x25, 0x3, 0x9}, [@NDA_VLAN={0x6}, @NDA_VLAN={0x6, 0x5, 0x3}, @NDA_SRC_VNI={0x8, 0xb, 0x80}, @NDA_LLADDR={0xa, 0x2, @multicast}, @NDA_MASTER={0x8, 0x9, 0xe34}, @NDA_MASTER={0x8, 0x9, 0x12}, @NDA_DST_IPV4={0x8, 0x1, @remote}, @NDA_PROBES={0x8, 0x4, 0x3}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x8000) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r5, 0x0, 0x15, &(0x7f0000000080)=0x7, 0x4) 03:03:49 executing program 1 (fault-call:9 fault-nth:1): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000a000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:49 executing program 0: prlimit64(0x0, 0x2, &(0x7f0000000280)={0x9, 0x5}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f00000001c0)={'rose0\x00', {0x2, 0x0, @initdev}}) sched_setattr(r0, &(0x7f0000000000)={0x38, 0x2, 0x0, 0xfffffffe, 0x15, 0xffffffffffffffe0, 0x4000000008, 0x0, 0xfffffffd, 0x6}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) keyctl$reject(0x13, 0x0, 0xc7, 0x3, 0xfffffffffffffffa) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) sched_setattr(r0, &(0x7f0000000180)={0x38, 0x0, 0x48, 0x8, 0x3, 0xfffffffffffffff7, 0x380000, 0xfffffffffffffffc, 0x3, 0x10000}, 0x0) sendmsg$nl_netfilter(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001a40)=ANY=[@ANYBLOB="141000000408050028bd7000fbdbdf250c0000011537c08ed17d0a4f4be0786f9fbea9b202c1cc51608ebfffded0c1ef517fcccec5ac270877434127bd3faaffacc62d11b3bad32b3e47ed17da2a8da180baa15b76fa105d813ad1487014c32310f1a4ef27a239a90525f4b59ee48073e4815069062fb2f71cdf81d808127d317aa37e7f8a82f513cbb342794c5c0922579670abf811d0d341b78b2e59940ba773fcfb3354a21ce132a65766adf0e1ff8e6eeebaf22782fe0b3759f78f503ef50425cf1a5eea5afc37106e1115910c457d2aea847cb68e1a0697cc1728324ade42638604d2456343d7166c8db5078d53ca50f3a61bafc9c64260f8c0cf7fc2017690b43003800c0e1d0003e66148bdece7874aa76a624698f6db4e6028f7b3c7237dbd92f67016da4de276f10dd7fc6fa7e404fd3e1ca4eaf5eb9ef2483751394240c463e067bdba13cb667953b3c93febc2d10c5c611891aaf07c7c70553b8094f78407aebe4fb2a054ad9c259320d723d74e5acf5f19dbe69e069d2bf27d1b00f7888317621860e543ffdbc45bd434a899ee657d7d56c80f6bba1d90083ced815a3beda583f5c832173938870dbab1977afcf419b6e6c00b4eb8af8ac4f51b41e80d39001ec4eee9e413e2e4e593a010fb3292d691d5382d16bde01cfee9a6ab13c793ea6d2c3771a04bb317f5861f6ee6ef30622d8f8af8384e2d1a7654dbc77347b8c8f2912a84345a3bda904a1a9a06fbfe0afc997cc691ab009bd9ea76b148e3d14d9a3bdc30c4d86a21a5101809cea127ad0501b46401687d96987fa7205e7edfacc6bc7ae82e216bd7e5e123bb330bbc7067b9962257f982b69108cf41d4208f0c6ff9e253e91db4bae9ae1234f84d993e6f4c2130aaa4f87c9e02c095cc8a501b9bb07a6aa69de56dece2cf9bcdc54d303e6b90a4266bbc1b6e5a81fad5aba21f50a89510fd8394471eaabca822b6b2e8b5e076030360aa4d4b31cba23b6a23975360ece6ff0456930b38d99c92511468b216e0cd6bbd1bf462160d448f7bbd14cba4a0eb7090093c2520413d1cbebfa4bb416eeefdcea548239cfa1b691a43d37f0fc231509efc1dfb75e349b62e39e04af09c62de2ce98c18854f406a2159e964f8d18d35a3c192a71f67a19ccc5f87dcb54274fddc019c6c83527b8fd3746c1049d9cad18f1e8523eb4af81304998e758dfedae1eef0eb9ae658b36f640f3d7d75d696253e5aca747ef0568b7b8bf15208efbda14945ab6eb1d290f28a430a55499a03a69cb1d0790daaa499cac96cc085a6650898e61cbf25240f5f30a6b5edf87e5b0ba0bf70e4ae4543cbe2070437e252868c7af4ea839f3fb42c2a6470386881cbb09f863d6d2255a3f1953983b12e468aed9d2f49112738d1241568768113fb24cd468277c996bfa733f4f83a6b93b40ca58d20127813a29c790a634399837386283556b302d43375175e33fab93f1a11e9ff29c01316b6cb57ef2e58a439da8175c011cf1fb9964b72fcf7ebbe9c25e84b15c0bf7b4ecb7a692fb6cdb41326e2c0b1f4f6238bf2396bc035a1fc9b411118ffa994d9ffb3bd3fcccd8b209f1232341dc98136b5815faf6d6e0bd6f93c684225d934b5eb30383a5dc9262d2f39b3960c6bebbb87baa0311937490b09ae9b6c24324a50212e082278768f283a6ed586746fcbfee3e0581b1ca10d6e831bd5558e565078b4ef1a645bee77fd1a363ba34035dd9896d43701c669d3bd5a992c6fa91c243f2db7222d42b1d5342b98ec28d20b1c2be0c206977245a7e211b8228f8961f0d14b919552d61349e201a4b28f3ad53fbc35bbc5522bf31924108777e6d282a1e4cd776edf3bf6865aa5261a15409335f8edb3491c6b57e16e8507453e91b573e62dfd25c72f10c38f5e8896785452e5e0bd8be73929d4710e230223b166f917931ea75b53ae93b4b1becd91b0141ca509bc496aeb79ac177cbc01f05f1ea9e10685f5eb800956d203a887710c03b780531c8ccc049ae4a5db6fa4369097a8d76e0e034a73a5854892e5d37f2a8aa956369a19410cbc07eb1d271550c3775f0ab257964fbc2a591e83451a4014b058cacf680a7b95f04c417fecd7d785e9eca38f6a26c6c145d0be1d575e40c8217a9632e9d151ecf6ae715bda90a1840feeca4150f022363d27339f616dc3c24ef9469f178f5d775ada4b2b3587302c832458defbe9e8efb79b2b81a5dc38166d10f0010000800319bea7b5a13014b74589a45c31bed85e85e2d9f56aa9d48bc0087f0aa5d43119c0697c57446a2e249967caf9825904f29d6c6ef581a92b580719fcebc693beba87a94df4cbcfb691dad52fbbc088a0591ad25151563e77b170edc99b9cd167e777f4146e2990d287ccc333ce1e97f5fcbb6799b9015165e7848ecc6360486e0aa94781e4d4f6ec7ed41e8356e958590dd948278b305a4a6d8cf895bf33b646bd2a363018c0ad5c66ede40db5ffa145d85f167a70b9a06de4f0d4a82a490b57dff98fdcc7cbf3ca65fa6bcab860f2f4c96286d7acc9b01716f4daedad22a80c3fd74b96b7ba37c251199f72fa8e31f4b865d2d76562712b716161bdefb233ebae588a59851bd14be233924f1d7c5b9eabb4eef2d34e8e58e6c261b4851f37564ba42cc4eaad8c395eedb1daca9b3a27072d094c7dfbf6f968f9d82400b448ac30e5b7917e7df890fedba9fec9633473fab10d03f21be6e5f7240fcd1c6f09a50bb1fc40d7589b7c0867e4d3f698c29896f83a8473f7bf0927d9b2a3f15a06d11fd02d76bcbc2403cbe19b21ea0abc9c1d9e5ef940b266a7009b7928409f5344d3baf1c4e38d21b969166eff1bb41e364f14fd39d89f31b9601e6e372a42cca5e0bd05f1e914ef30058cc843b72d937ffd654221c19a4b1d540e51a164d2a2ffb1d04ea4781e0e28a50e77baa7e77f9eb6f87cffc219738f76ff8c444472653799f6cedbd1fb4b73aae46fdb0509c7e405a652c43d3af6155d05f0271578f4317f16a7b1e35b9a6c5ccac439eecd48955a2649cd63ef1367d58ca30576426d9373d8cc2558704f88583450f15af8b181e2793581052b227d8d52b620e99c3863cc1038375bb50ffd0ecb6e383acc388cb858c2a5222f9d2b80c96cfedb48682aee8af1ab802d273d11e6ee79cbcadc58007492c8dd25e3a28fa4ab264a5ff86f8c3f23f766e77d0be4dd87e87ec97723c6eb53c41068f781d5cb35e8c83fad5ea50c431a2105d22a57df099ced1b05ae44296c626972b98523513d56c238c8614756bff23b7ad7b493592ba4ff9c9e2945e727f6b886caf27392a78abc2bb0d8f9f8dad4590c8600870cbec0fa8a2f8f6dca0e8f892d613857b89a6f7c4be226fa7f170b64aa1ee7e9063039336d57eec05bde73a4aec095d82682252be397ab1c32d2137d7b060742c23ac5ad838245de098f875c1bc26927ca2fdf234eb11753bade97f3319c84de4a416853d54b90ee25965309a797438f5ee9ea94d977ed7bab2b10337b155f8d354f8c3631930d57b2759f37ba8b15eeebb18ab4f2d209624cf28dbed78ddd7ab3a4606ff78fdd261dbea0f0f6e658b5e3a7ea1cf1c32830cade6eaaf6601c91a3e8a4f26d4b5e5ae6e39bb69e0d390e2bd6a25e86b2fee9c89c632272999337c742975c9357998fbe137b163e45b850b54436619cb93d873e27d95c5f87666b9bd246de01ff6acabedb67f612759d6f872873de30da438da6a3aec1438d7fa78fe2dc3b222b9f2cec692cfa95afaaaf2dbd5ecdb26abd30e11d79bfc203cfe6798a54c82a9468fac031942df10a7c07cf077e3812ba1b3bade56082a78e6c4d97a634e9eb32b6bea67e1bd1e946fa89ce7257e14806caa795d67aafa313f30d5497d7b8dc6fd113c4788f0046e3ebec303ac6cfa4c506e523d8cd0f8742e4493fdd0b836574b48297cef8b8e1551b3031d48efca75a5bee5e54195600f3f424231be1b6557e7c81f36f019d4821e1e5fea2c4ed5b9839e94c9164c9dddb1e20fda4a26c3adfb3727b907a8806152937e3ee8df75502e3d9b2b57963934a2a95d79dc2ffd9bf7f29da03384253e05d31a1849b868c5fa4770dd9fd6cc83dcd7d7823158ee4df1e6cf9090c207ac9b1d1e4e6a514048373f6ebdea4a6d1494304dbd1bdfa6cdbb0a457d8d5ff89b476618e04478078038d60d4958aa1b3f29289c58f010967a227e54a3c6e8ee4e0e624e7062280cb112d35d5b1e3c6efd13000b908a6c43836c62586097b286f38eb1a907ac3bb4f878b03e6d8f60a064e26ae27f6e84951e9a41075aa34e9d1f06aae781e0059347dc86e612fc12a55653365729a27644738488185b25dc0ee4382520d0eafbb2d42f927ad04a27cb3a8ae16358ad8f58068efec5eebc91e54f2ca0ad18758953f4441ff65084f5215e48fdcdc435d84863228009753a67049ecff0d3cc1bab4c301f04a0748ae2ea26f72011a467709d2eaba8b5aa98f9c7a024bf8541b819c41e2c8e6095c2c7fba0d0079147c42396c9e13310966f5e3eb8a9af948123359b3a963eecc30343587f0201234d5e24880e3ce4b3c3c8b9d17516119b1386e32e3ab2fce88f8fdb21b64887507c34244ab6a3e199e02ac78769a815ebe17d6592ff667a843ffc83d2c3e1f65a5e542ee4fb7814c347b05e7158355f5b5a62efb036c2551f6d62ddc773e3e0155ad07eb8cea3b6eed7d01ab7150ef02d8c97b6f6b12dfde58006101d4e251d6eae5c68b2aff56bda03d04e8609e95df51fb597cba874e12c42cfb5060383c0ae7dc0abe09f3c6d9ce5ec131a73115c1b06b3f05dfe2218755b0aaa6633d1123291e7810324083e4b908e6f650835570a3de33d2a10cd4071cbf726d789922489cf687bc7bf455437783e43294e345e467a173973c4f77c6e783c9892d161f71970b110c1833d23ef204728816e521c197cf5c6fa8255adb243aa954dae4ced93cc7c75311021829d89519787bcd366c5cacd846c81f6029f843a87ec2ba9f5c2f7b124235df9abf8019fe52f2a29fad69ec66bbf2dd1856e2be1cb9d9a70c1b85b7af969e2b51708e656411bd5d622507772dd3fdba20111fd044f07ca151a80a7e8eb4a6323765e7d329d039c0fce251ada01613b6023d9696480b36864dbcd63a44aa665e98c4bdf915cd41cbe7b428e8363f3bd262280890881796db97875cd8d0873d2763a73ab37099eae6901f31d8daa6532b6731e85c85999eff9a8afa7cd3b33b90f932f2e5ddc76042a3f4d0f58bc700bcf4bb4cc6d5fa1624c02227c526faca64500e198df312752d245c3352c0d50e097eda86a03315f888e63b070ed82f5963b0b584b4d6235725dc23f5be630935dae822850414d3867c464ae99ee544e5db506a90ed2694085cb4e76e62d4c6ec98cd66f0b54e864212b5d4834c35e69ec02854926e5c330a3ac0be53f3e99342cef9da688c177f7645d369e94abcd93d3bd4be13cb49ba8bfdff0fc0e0d8bdaa0dda7b65b010550f5925a1c7939cf0ce950236b89b7d5d8f8c7c0262043648178cb08e9aead68d0b7fcc3d6230d3c329774050a50a3bf96785dd6f51d7483b991d06bba79cb4447b3cbd7a04f86404a5a9e9086eec45e53834deec8654f98e3b8aa3bd5fee363e009c4d8bd0dbb395bbc796c3190ef77d2b2be5718e67cb05ddececa6bfc434575087504d7aab62f21591ed37e26c9784984df88a193ae17a3b2e6acc74f7214ebd7a6e79197c7adefd8b1e60a56936a8b7cb60aeeb5d3621945ca138ed597654ab27ce4bf3806eedf9bfd6c06b623d656b64d34ca3dfbbdd0bf99c4d8e3bc23618d914fd851b47fb955af7d16f"], 0x1014}, 0x1, 0x0, 0x0, 0x4000800}, 0x4001000) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) getpid() 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000b000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:49 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r1, 0x80000000, 0x20, 0x1000}) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, 0xffffffffffffffff) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) [ 1763.662523][ T4900] FAULT_INJECTION: forcing a failure. [ 1763.662523][ T4900] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.697705][ T4907] FAULT_INJECTION: forcing a failure. [ 1763.697705][ T4907] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1763.711477][ T4900] CPU: 1 PID: 4900 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1763.722923][ T4900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.732999][ T4900] Call Trace: [ 1763.736284][ T4900] dump_stack+0x1b0/0x21e [ 1763.740601][ T4900] ? devkmsg_release+0x11c/0x11c [ 1763.745527][ T4900] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1763.750895][ T4900] ? show_regs_print_info+0x12/0x12 [ 1763.756081][ T4900] ? avc_denied+0x1c0/0x1c0 [ 1763.760575][ T4900] should_fail+0x6fb/0x860 [ 1763.764982][ T4900] ? setup_fault_attr+0x2b0/0x2b0 [ 1763.769991][ T4900] ? setup_fault_attr+0x2b0/0x2b0 [ 1763.774995][ T4900] ? avc_has_perm+0xbd/0x260 [ 1763.779570][ T4900] ? avc_has_perm+0x15f/0x260 [ 1763.784227][ T4900] ? kcalloc+0x32/0x60 [ 1763.788278][ T4900] should_failslab+0x5/0x20 [ 1763.792768][ T4900] __kmalloc+0x5f/0x2c0 [ 1763.796908][ T4900] ? kmem_cache_alloc_trace+0xc3/0x270 [ 1763.802348][ T4900] kcalloc+0x32/0x60 [ 1763.806224][ T4900] alloc_pipe_info+0x1b9/0x3a0 [ 1763.810974][ T4900] splice_direct_to_actor+0x94e/0xb00 [ 1763.816327][ T4900] ? avc_has_perm+0xbd/0x260 [ 1763.820897][ T4900] ? match_file+0x120/0x120 [ 1763.825388][ T4900] ? avc_has_perm_noaudit+0x3f0/0x3f0 [ 1763.830739][ T4900] ? do_splice_direct+0x3d0/0x3d0 [ 1763.835736][ T4900] ? pipe_to_sendpage+0x300/0x300 [ 1763.840756][ T4900] ? security_file_permission+0x128/0x300 [ 1763.846462][ T4900] do_splice_direct+0x279/0x3d0 [ 1763.851303][ T4900] ? splice_direct_to_actor+0xb00/0xb00 [ 1763.856839][ T4900] ? security_file_permission+0x128/0x300 [ 1763.862541][ T4900] do_sendfile+0x89d/0x1110 [ 1763.867030][ T4900] ? compat_writev+0x390/0x390 [ 1763.871775][ T4900] ? security_file_permission+0x128/0x300 [ 1763.877477][ T4900] ? vfs_write+0x427/0x4f0 [ 1763.881872][ T4900] ? fput_many+0x42/0x1a0 [ 1763.886190][ T4900] __x64_sys_sendfile64+0x1ae/0x220 [ 1763.891367][ T4900] ? __ia32_sys_sendfile+0x240/0x240 [ 1763.896633][ T4900] ? __fdget+0x187/0x200 [ 1763.900857][ T4900] do_syscall_64+0xcb/0x150 [ 1763.905338][ T4900] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1763.911207][ T4900] RIP: 0033:0x45dd99 [ 1763.915080][ T4900] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1763.934662][ T4900] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1763.943058][ T4900] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1763.951010][ T4900] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:49 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) syz_open_dev$usbfs(&(0x7f00000010c0)='/dev/bus/usb/00#/00#\x00', 0xc7, 0x2e20c0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f00000000c0)={0x0, "e533340fac76de8f3a8bff6928a139b8"}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) mknodat(r5, &(0x7f0000000080)='./bus\x00', 0x8000, 0x1) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) 03:03:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000c000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1763.958963][ T4900] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 [ 1763.966914][ T4900] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000001 [ 1763.974861][ T4900] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c [ 1763.982816][ T4907] CPU: 0 PID: 4907 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1763.994254][ T4907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1764.004293][ T4907] Call Trace: [ 1764.007566][ T4907] dump_stack+0x1b0/0x21e [ 1764.011884][ T4907] ? devkmsg_release+0x11c/0x11c [ 1764.016812][ T4907] ? show_regs_print_info+0x12/0x12 [ 1764.021995][ T4907] ? kasan_alloc_pages+0x4a/0x60 [ 1764.026920][ T4907] should_fail+0x6fb/0x860 [ 1764.031329][ T4907] ? setup_fault_attr+0x2b0/0x2b0 [ 1764.036342][ T4907] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1764.041705][ T4907] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1764.047234][ T4907] ? find_get_entry+0x5da/0x670 [ 1764.052199][ T4907] ? xa_load+0x323/0x340 [ 1764.056432][ T4907] __do_page_cache_readahead+0x244/0x510 [ 1764.062055][ T4907] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1764.068456][ T4907] ? unwind_next_frame+0x1c07/0x22b0 [ 1764.073726][ T4907] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1764.079432][ T4907] generic_file_read_iter+0x626/0x20a0 [ 1764.084882][ T4907] ? find_get_pages_range_tag+0xae0/0xae0 [ 1764.090583][ T4907] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1764.095939][ T4907] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.101993][ T4907] ? avc_denied+0x1c0/0x1c0 [ 1764.106488][ T4907] generic_file_splice_read+0x491/0x780 [ 1764.112031][ T4907] ? splice_shrink_spd+0xb0/0xb0 [ 1764.116958][ T4907] ? security_file_permission+0x1e9/0x300 [ 1764.122653][ T4907] ? splice_shrink_spd+0xb0/0xb0 [ 1764.127555][ T4907] splice_direct_to_actor+0x3cf/0xb00 [ 1764.132894][ T4907] ? do_splice_direct+0x3d0/0x3d0 [ 1764.137885][ T4907] ? pipe_to_sendpage+0x300/0x300 [ 1764.142919][ T4907] ? security_file_permission+0x128/0x300 [ 1764.148604][ T4907] do_splice_direct+0x279/0x3d0 [ 1764.153463][ T4907] ? splice_direct_to_actor+0xb00/0xb00 [ 1764.158977][ T4907] ? security_file_permission+0x128/0x300 [ 1764.164661][ T4907] do_sendfile+0x89d/0x1110 [ 1764.169135][ T4907] ? compat_writev+0x390/0x390 [ 1764.173876][ T4907] ? security_file_permission+0x128/0x300 [ 1764.179576][ T4907] ? vfs_write+0x427/0x4f0 [ 1764.183961][ T4907] ? fput_many+0x42/0x1a0 [ 1764.188257][ T4907] __x64_sys_sendfile64+0x1ae/0x220 [ 1764.193422][ T4907] ? __ia32_sys_sendfile+0x240/0x240 [ 1764.198678][ T4907] do_syscall_64+0xcb/0x150 [ 1764.203157][ T4907] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.209029][ T4907] RIP: 0033:0x45dd99 [ 1764.212893][ T4907] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1764.232849][ T4907] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1764.241243][ T4907] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1764.249185][ T4907] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1764.257123][ T4907] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1764.265101][ T4907] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000000f [ 1764.273040][ T4907] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:50 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$SIOCGETLINKNAME(r2, 0x89e0, &(0x7f0000000080)={0x2, 0x1}) 03:03:50 executing program 1 (fault-call:9 fault-nth:2): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000d000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:50 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r1, 0x2, 0x9, 0x4}) fsetxattr$trusted_overlay_opaque(r2, &(0x7f00000000c0)='trusted.overlay.opaque\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2) r3 = dup3(r1, r0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x1f, 0xffffffff}}, 0x50) write$FUSE_POLL(r3, &(0x7f0000000140)={0x18, 0xfffffffffffffffe, r5, {0x5}}, 0x18) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f0000000180)) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) 03:03:50 executing program 2 (fault-call:8 fault-nth:16): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$BTRFS_IOC_INO_LOOKUP(r2, 0xd0009412, &(0x7f0000000a00)) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000e000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:50 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sync_file_range(r4, 0xfff, 0x8, 0x0) [ 1764.409444][ T4933] FAULT_INJECTION: forcing a failure. [ 1764.409444][ T4933] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1764.430142][ T4938] FAULT_INJECTION: forcing a failure. [ 1764.430142][ T4938] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1764.438018][ T4933] CPU: 0 PID: 4933 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1764.454761][ T4933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1764.464797][ T4933] Call Trace: [ 1764.468073][ T4933] dump_stack+0x1b0/0x21e [ 1764.472377][ T4933] ? devkmsg_release+0x11c/0x11c [ 1764.477288][ T4933] ? show_regs_print_info+0x12/0x12 [ 1764.482459][ T4933] ? unwind_get_return_address_ptr+0x130/0x130 [ 1764.488586][ T4933] should_fail+0x6fb/0x860 [ 1764.492975][ T4933] ? setup_fault_attr+0x2b0/0x2b0 [ 1764.497972][ T4933] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1764.503316][ T4933] ? xas_load+0x46f/0x4c0 [ 1764.507620][ T4933] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1764.513140][ T4933] ? find_get_entry+0x5da/0x670 [ 1764.517961][ T4933] ? xa_load+0x323/0x340 [ 1764.522175][ T4933] __do_page_cache_readahead+0x244/0x510 [ 1764.527779][ T4933] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1764.534166][ T4933] ? unwind_next_frame+0x1c07/0x22b0 [ 1764.539428][ T4933] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1764.545119][ T4933] generic_file_read_iter+0x626/0x20a0 [ 1764.550553][ T4933] ? find_get_pages_range_tag+0xae0/0xae0 [ 1764.556244][ T4933] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1764.561588][ T4933] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.567625][ T4933] ? avc_denied+0x1c0/0x1c0 [ 1764.572103][ T4933] generic_file_splice_read+0x491/0x780 [ 1764.577623][ T4933] ? splice_shrink_spd+0xb0/0xb0 [ 1764.582537][ T4933] ? security_file_permission+0x1e9/0x300 [ 1764.588225][ T4933] ? splice_shrink_spd+0xb0/0xb0 [ 1764.593133][ T4933] splice_direct_to_actor+0x3cf/0xb00 [ 1764.598485][ T4933] ? do_splice_direct+0x3d0/0x3d0 [ 1764.603486][ T4933] ? pipe_to_sendpage+0x300/0x300 [ 1764.608487][ T4933] ? security_file_permission+0x128/0x300 [ 1764.614177][ T4933] do_splice_direct+0x279/0x3d0 [ 1764.618999][ T4933] ? splice_direct_to_actor+0xb00/0xb00 [ 1764.624521][ T4933] ? security_file_permission+0x128/0x300 [ 1764.630209][ T4933] do_sendfile+0x89d/0x1110 [ 1764.634685][ T4933] ? compat_writev+0x390/0x390 [ 1764.639418][ T4933] ? security_file_permission+0x128/0x300 [ 1764.645108][ T4933] ? vfs_write+0x427/0x4f0 [ 1764.649495][ T4933] ? fput_many+0x42/0x1a0 [ 1764.653796][ T4933] __x64_sys_sendfile64+0x1ae/0x220 [ 1764.658968][ T4933] ? __ia32_sys_sendfile+0x240/0x240 [ 1764.664232][ T4933] ? __fdget+0x187/0x200 [ 1764.668461][ T4933] do_syscall_64+0xcb/0x150 [ 1764.672943][ T4933] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.678806][ T4933] RIP: 0033:0x45dd99 [ 1764.682671][ T4933] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1764.702247][ T4933] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1764.710628][ T4933] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1764.718568][ T4933] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1764.726517][ T4933] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 [ 1764.734470][ T4933] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000002 [ 1764.742414][ T4933] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c [ 1764.750373][ T4938] CPU: 1 PID: 4938 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1764.761810][ T4938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1764.771848][ T4938] Call Trace: [ 1764.775125][ T4938] dump_stack+0x1b0/0x21e [ 1764.779439][ T4938] ? devkmsg_release+0x11c/0x11c [ 1764.784365][ T4938] ? show_regs_print_info+0x12/0x12 [ 1764.789545][ T4938] ? kasan_alloc_pages+0x4a/0x60 [ 1764.794471][ T4938] should_fail+0x6fb/0x860 [ 1764.798879][ T4938] ? setup_fault_attr+0x2b0/0x2b0 [ 1764.803894][ T4938] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1764.809257][ T4938] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1764.814787][ T4938] ? find_get_entry+0x5da/0x670 [ 1764.819620][ T4938] ? xa_load+0x323/0x340 [ 1764.823848][ T4938] __do_page_cache_readahead+0x244/0x510 [ 1764.829464][ T4938] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1764.835860][ T4938] ? unwind_next_frame+0x1c07/0x22b0 [ 1764.841129][ T4938] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1764.846832][ T4938] generic_file_read_iter+0x626/0x20a0 [ 1764.852288][ T4938] ? find_get_pages_range_tag+0xae0/0xae0 03:03:50 executing program 3: ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000080)={0x3, 0x7, 0x2, 0x9, 0x8, "9a0fc943afdbcf28"}) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = signalfd4(r0, &(0x7f00000000c0)={[0x49]}, 0x8, 0xc0000) ioctl$RTC_AIE_OFF(r1, 0x7002) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x0, r0}, 0x10) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000200)=[0x9, 0x1]) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x10400202) ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000000180)={0xc, {0x1, 0x6, 0xffff, 0x4, 0x82d5, 0x1}}) r7 = openat$cgroup_type(r1, &(0x7f0000000100)='cgroup.type\x00', 0x2, 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r7, 0x8008f512, &(0x7f0000000140)) sendfile(r2, r4, 0x0, 0x200fc0) [ 1764.857993][ T4938] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1764.863348][ T4938] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.869399][ T4938] ? avc_denied+0x1c0/0x1c0 [ 1764.873894][ T4938] generic_file_splice_read+0x491/0x780 [ 1764.879430][ T4938] ? splice_shrink_spd+0xb0/0xb0 [ 1764.884355][ T4938] ? security_file_permission+0x1e9/0x300 [ 1764.890059][ T4938] ? splice_shrink_spd+0xb0/0xb0 [ 1764.894980][ T4938] splice_direct_to_actor+0x3cf/0xb00 [ 1764.900338][ T4938] ? do_splice_direct+0x3d0/0x3d0 [ 1764.905343][ T4938] ? pipe_to_sendpage+0x300/0x300 03:03:50 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x22601, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1764.910456][ T4938] ? security_file_permission+0x128/0x300 [ 1764.916163][ T4938] do_splice_direct+0x279/0x3d0 [ 1764.921002][ T4938] ? splice_direct_to_actor+0xb00/0xb00 [ 1764.926541][ T4938] ? security_file_permission+0x128/0x300 [ 1764.932244][ T4938] do_sendfile+0x89d/0x1110 [ 1764.936735][ T4938] ? compat_writev+0x390/0x390 [ 1764.941511][ T4938] ? security_file_permission+0x128/0x300 [ 1764.947214][ T4938] ? vfs_write+0x427/0x4f0 [ 1764.951620][ T4938] ? fput_many+0x42/0x1a0 [ 1764.955934][ T4938] __x64_sys_sendfile64+0x1ae/0x220 [ 1764.961111][ T4938] ? __ia32_sys_sendfile+0x240/0x240 [ 1764.966363][ T4938] do_syscall_64+0xcb/0x150 [ 1764.970833][ T4938] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1764.976692][ T4938] RIP: 0033:0x45dd99 [ 1764.980552][ T4938] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1765.000122][ T4938] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:03:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000010000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:50 executing program 1 (fault-call:9 fault-nth:3): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000011000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1765.008546][ T4938] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1765.016487][ T4938] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1765.024431][ T4938] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1765.032374][ T4938] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000010 [ 1765.040318][ T4938] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5, 0x0, 0x0, 0x7ff}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x200, 0x60) sendmsg$AUDIT_LIST_RULES(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x3f5, 0x300, 0x70bd2b, 0x25dfdbfc, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4040090}, 0xc0c1) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) 03:03:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000012000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:50 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$CHAR_RAW_ZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x6117, 0x1f}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1765.115686][ T4973] FAULT_INJECTION: forcing a failure. [ 1765.115686][ T4973] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1765.166901][ T4973] CPU: 1 PID: 4973 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1765.178368][ T4973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1765.188529][ T4973] Call Trace: [ 1765.191815][ T4973] dump_stack+0x1b0/0x21e [ 1765.196134][ T4973] ? devkmsg_release+0x11c/0x11c [ 1765.201062][ T4973] ? show_regs_print_info+0x12/0x12 [ 1765.206248][ T4973] ? kasan_alloc_pages+0x4a/0x60 [ 1765.211178][ T4973] should_fail+0x6fb/0x860 03:03:51 executing program 2 (fault-call:8 fault-nth:17): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000022000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:51 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x3) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = signalfd4(r0, &(0x7f0000000080)={[0x40]}, 0x8, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0) write$9p(r3, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0xc4, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syzkaller1\x00'}]}, @IPVS_CMD_ATTR_DEST={0x5c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x8040}, 0x40) sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xbc, r4, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xe}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x29}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x10}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xa3ff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x3ff}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20004000}, 0x10) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioperm(0x2, 0x0, 0xfffffffffffffffb) sendfile(r1, r6, 0x0, 0x200fc0) [ 1765.215584][ T4973] ? setup_fault_attr+0x2b0/0x2b0 [ 1765.220600][ T4973] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1765.225962][ T4973] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1765.231502][ T4973] ? find_get_entry+0x5da/0x670 [ 1765.236337][ T4973] ? xa_load+0x323/0x340 [ 1765.240567][ T4973] __do_page_cache_readahead+0x244/0x510 [ 1765.246186][ T4973] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1765.252588][ T4973] ? unwind_next_frame+0x1c07/0x22b0 [ 1765.257858][ T4973] ? page_cache_sync_readahead+0xa3/0x3c0 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000025000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1765.263567][ T4973] generic_file_read_iter+0x626/0x20a0 [ 1765.269021][ T4973] ? find_get_pages_range_tag+0xae0/0xae0 [ 1765.274728][ T4973] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1765.280085][ T4973] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1765.286140][ T4973] ? avc_denied+0x1c0/0x1c0 [ 1765.290633][ T4973] generic_file_splice_read+0x491/0x780 [ 1765.296166][ T4973] ? splice_shrink_spd+0xb0/0xb0 [ 1765.301091][ T4973] ? security_file_permission+0x1e9/0x300 [ 1765.306790][ T4973] ? splice_shrink_spd+0xb0/0xb0 [ 1765.311712][ T4973] splice_direct_to_actor+0x3cf/0xb00 [ 1765.317072][ T4973] ? do_splice_direct+0x3d0/0x3d0 [ 1765.322082][ T4973] ? pipe_to_sendpage+0x300/0x300 [ 1765.327096][ T4973] ? security_file_permission+0x128/0x300 [ 1765.329361][ T4990] FAULT_INJECTION: forcing a failure. [ 1765.329361][ T4990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1765.332796][ T4973] do_splice_direct+0x279/0x3d0 [ 1765.332806][ T4973] ? splice_direct_to_actor+0xb00/0xb00 [ 1765.332818][ T4973] ? security_file_permission+0x128/0x300 [ 1765.332831][ T4973] do_sendfile+0x89d/0x1110 [ 1765.366492][ T4973] ? compat_writev+0x390/0x390 [ 1765.371240][ T4973] ? security_file_permission+0x128/0x300 [ 1765.376929][ T4973] ? vfs_write+0x427/0x4f0 [ 1765.381313][ T4973] ? fput_many+0x42/0x1a0 [ 1765.385611][ T4973] __x64_sys_sendfile64+0x1ae/0x220 [ 1765.390780][ T4973] ? __ia32_sys_sendfile+0x240/0x240 [ 1765.396039][ T4973] ? __fdget+0x187/0x200 [ 1765.400253][ T4973] do_syscall_64+0xcb/0x150 [ 1765.404728][ T4973] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1765.410589][ T4973] RIP: 0033:0x45dd99 [ 1765.414462][ T4973] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1765.434046][ T4973] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1765.442426][ T4973] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1765.450372][ T4973] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1765.458317][ T4973] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000002e000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:51 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1765.466260][ T4973] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000003 [ 1765.474208][ T4973] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c [ 1765.485828][ T4990] CPU: 0 PID: 4990 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1765.497281][ T4990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1765.507317][ T4990] Call Trace: [ 1765.510593][ T4990] dump_stack+0x1b0/0x21e [ 1765.514909][ T4990] ? devkmsg_release+0x11c/0x11c [ 1765.519834][ T4990] ? show_regs_print_info+0x12/0x12 [ 1765.525020][ T4990] ? kasan_alloc_pages+0x4a/0x60 [ 1765.529946][ T4990] should_fail+0x6fb/0x860 [ 1765.534351][ T4990] ? setup_fault_attr+0x2b0/0x2b0 [ 1765.539363][ T4990] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1765.544722][ T4990] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1765.550251][ T4990] ? find_get_entry+0x5da/0x670 [ 1765.555094][ T4990] ? xa_load+0x323/0x340 [ 1765.559321][ T4990] __do_page_cache_readahead+0x244/0x510 [ 1765.564946][ T4990] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1765.571343][ T4990] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1765.577050][ T4990] generic_file_read_iter+0x626/0x20a0 [ 1765.582500][ T4990] ? find_get_pages_range_tag+0xae0/0xae0 [ 1765.588206][ T4990] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1765.593562][ T4990] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1765.599611][ T4990] ? avc_denied+0x1c0/0x1c0 [ 1765.604104][ T4990] generic_file_splice_read+0x491/0x780 [ 1765.609635][ T4990] ? splice_shrink_spd+0xb0/0xb0 [ 1765.614562][ T4990] ? security_file_permission+0x1e9/0x300 [ 1765.620266][ T4990] ? splice_shrink_spd+0xb0/0xb0 [ 1765.625184][ T4990] splice_direct_to_actor+0x3cf/0xb00 [ 1765.630544][ T4990] ? do_splice_direct+0x3d0/0x3d0 [ 1765.635549][ T4990] ? pipe_to_sendpage+0x300/0x300 [ 1765.640563][ T4990] ? security_file_permission+0x128/0x300 [ 1765.646264][ T4990] do_splice_direct+0x279/0x3d0 [ 1765.651097][ T4990] ? splice_direct_to_actor+0xb00/0xb00 [ 1765.656631][ T4990] ? security_file_permission+0x128/0x300 [ 1765.662336][ T4990] do_sendfile+0x89d/0x1110 [ 1765.666825][ T4990] ? compat_writev+0x390/0x390 [ 1765.671584][ T4990] ? security_file_permission+0x128/0x300 [ 1765.677287][ T4990] ? vfs_write+0x427/0x4f0 [ 1765.681689][ T4990] ? fput_many+0x42/0x1a0 [ 1765.686007][ T4990] __x64_sys_sendfile64+0x1ae/0x220 [ 1765.691195][ T4990] ? __ia32_sys_sendfile+0x240/0x240 [ 1765.696464][ T4990] do_syscall_64+0xcb/0x150 [ 1765.700956][ T4990] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1765.706833][ T4990] RIP: 0033:0x45dd99 03:03:51 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x8c, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x70, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1ce2f876}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x98}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3568cfd}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x77}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x33601fa6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbc}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3bdea357}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2ab11416}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6dc73057}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x67349f29}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x60}]}]}, @NLBL_CIPSOV4_A_DOI={0x8}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804c080}, 0x20000040) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000100)=@id={0x1e, 0x3, 0x1, {0x4e24}}, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000340)='devlink\x00') r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x4, 0x1f, 0x5, 0xffffffff}]}) write$hidraw(r0, &(0x7f0000000280)="fb79f59063fe0b0840faa37277f130e1590583cf675e8664072f697b90ab0eee5783950973f26aadb5d51eb3af0b47cda142aea9397052f4b422f7405efbf62217f521129b7da51e663969320b25cba6022ccc898052855a3a752df2ec0dfb51b66ff24687c2c0b0e5eb1e1860200d0cee05af82230b90af4ee65ff47091dae6480302710f34cf856d5e64faf51657a58628036434", 0x95) sendfile(r3, r3, 0x0, 0x800) 03:03:51 executing program 1 (fault-call:9 fault-nth:4): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:51 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x5, 0x0) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) clone(0x20022004bfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) clone(0x4300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = getpid() r4 = gettid() tkill(r4, 0x31) ptrace(0x10, r3) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) waitid(0x0, 0x0, 0x0, 0x1000004, 0x0) sendfile(r1, r2, 0x0, 0x200fc0) [ 1765.710712][ T4990] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1765.730295][ T4990] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1765.738694][ T4990] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1765.746661][ T4990] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1765.754617][ T4990] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1765.762573][ T4990] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000011 [ 1765.770523][ T4990] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1765.799880][ T5017] FAULT_INJECTION: forcing a failure. [ 1765.799880][ T5017] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1765.815165][ T5017] CPU: 1 PID: 5017 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1765.826623][ T5017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1765.836662][ T5017] Call Trace: [ 1765.839939][ T5017] dump_stack+0x1b0/0x21e [ 1765.844255][ T5017] ? devkmsg_release+0x11c/0x11c [ 1765.849178][ T5017] ? show_regs_print_info+0x12/0x12 [ 1765.854360][ T5017] ? kasan_alloc_pages+0x4a/0x60 [ 1765.859292][ T5017] should_fail+0x6fb/0x860 [ 1765.863687][ T5017] ? setup_fault_attr+0x2b0/0x2b0 [ 1765.868679][ T5017] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1765.874036][ T5017] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1765.879544][ T5017] ? find_get_entry+0x5da/0x670 [ 1765.884360][ T5017] ? xa_load+0x323/0x340 [ 1765.888569][ T5017] __do_page_cache_readahead+0x244/0x510 [ 1765.894165][ T5017] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1765.900541][ T5017] ? unwind_next_frame+0x1c07/0x22b0 [ 1765.905808][ T5017] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1765.911491][ T5017] generic_file_read_iter+0x626/0x20a0 [ 1765.916915][ T5017] ? find_get_pages_range_tag+0xae0/0xae0 [ 1765.922597][ T5017] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1765.927931][ T5017] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1765.933975][ T5017] ? avc_denied+0x1c0/0x1c0 [ 1765.938453][ T5017] generic_file_splice_read+0x491/0x780 [ 1765.943964][ T5017] ? splice_shrink_spd+0xb0/0xb0 [ 1765.948868][ T5017] ? security_file_permission+0x1e9/0x300 [ 1765.954563][ T5017] ? splice_shrink_spd+0xb0/0xb0 [ 1765.959465][ T5017] splice_direct_to_actor+0x3cf/0xb00 [ 1765.964817][ T5017] ? do_splice_direct+0x3d0/0x3d0 [ 1765.969805][ T5017] ? pipe_to_sendpage+0x300/0x300 [ 1765.974793][ T5017] ? security_file_permission+0x128/0x300 [ 1765.980473][ T5017] do_splice_direct+0x279/0x3d0 [ 1765.985290][ T5017] ? splice_direct_to_actor+0xb00/0xb00 [ 1765.990811][ T5017] ? security_file_permission+0x128/0x300 [ 1765.996492][ T5017] do_sendfile+0x89d/0x1110 [ 1766.000968][ T5017] ? compat_writev+0x390/0x390 [ 1766.005695][ T5017] ? security_file_permission+0x128/0x300 [ 1766.011383][ T5017] ? vfs_write+0x427/0x4f0 [ 1766.015783][ T5017] ? fput_many+0x42/0x1a0 [ 1766.020076][ T5017] __x64_sys_sendfile64+0x1ae/0x220 [ 1766.025251][ T5017] ? __ia32_sys_sendfile+0x240/0x240 [ 1766.030500][ T5017] ? __fdget+0x187/0x200 [ 1766.034760][ T5017] do_syscall_64+0xcb/0x150 [ 1766.039241][ T5017] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1766.045102][ T5017] RIP: 0033:0x45dd99 [ 1766.048962][ T5017] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x300, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x48041) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004015}, 0x80) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:51 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) prctl$PR_SET_TSC(0x1a, 0x0) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xfffffffffffffdb4) r4 = socket$inet6(0xa, 0x400000000001, 0x0) close(r4) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r4, r6, 0x0, 0x200fc0) 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000042000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1766.068538][ T5017] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1766.076916][ T5017] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1766.084855][ T5017] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1766.092848][ T5017] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 [ 1766.100786][ T5017] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000004 [ 1766.108722][ T5017] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c 03:03:51 executing program 2 (fault-call:8 fault-nth:18): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:51 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$notify(r4, 0x402, 0x6) 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000048000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000004c000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1766.198118][ T5033] FAULT_INJECTION: forcing a failure. [ 1766.198118][ T5033] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1766.232518][ T5033] CPU: 1 PID: 5033 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1766.243983][ T5033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1766.254023][ T5033] Call Trace: [ 1766.257313][ T5033] dump_stack+0x1b0/0x21e [ 1766.261632][ T5033] ? devkmsg_release+0x11c/0x11c [ 1766.266560][ T5033] ? show_regs_print_info+0x12/0x12 [ 1766.271749][ T5033] ? kasan_alloc_pages+0x4a/0x60 [ 1766.276676][ T5033] should_fail+0x6fb/0x860 [ 1766.281101][ T5033] ? setup_fault_attr+0x2b0/0x2b0 [ 1766.286112][ T5033] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1766.291473][ T5033] ? gfp_pfmemalloc_allowed+0x130/0x130 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000060000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000068000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:52 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x11, 0x800000003, 0x0) bind(r8, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r8, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r9}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) splice(r4, &(0x7f0000000080)=0x2, r7, &(0x7f00000000c0)=0x6, 0x6, 0x8) sendfile(r1, r3, 0x0, 0x200fc0) [ 1766.297007][ T5033] ? find_get_entry+0x5da/0x670 [ 1766.301841][ T5033] ? xa_load+0x323/0x340 [ 1766.306069][ T5033] __do_page_cache_readahead+0x244/0x510 [ 1766.311693][ T5033] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1766.318091][ T5033] ? unwind_next_frame+0x1c07/0x22b0 [ 1766.323365][ T5033] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1766.329073][ T5033] generic_file_read_iter+0x626/0x20a0 [ 1766.334526][ T5033] ? find_get_pages_range_tag+0xae0/0xae0 [ 1766.340227][ T5033] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1766.345580][ T5033] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1766.351634][ T5033] ? avc_denied+0x1c0/0x1c0 [ 1766.356120][ T5033] generic_file_splice_read+0x491/0x780 [ 1766.361633][ T5033] ? splice_shrink_spd+0xb0/0xb0 [ 1766.366538][ T5033] ? security_file_permission+0x1e9/0x300 [ 1766.372218][ T5033] ? splice_shrink_spd+0xb0/0xb0 [ 1766.377120][ T5033] splice_direct_to_actor+0x3cf/0xb00 [ 1766.382464][ T5033] ? do_splice_direct+0x3d0/0x3d0 [ 1766.387449][ T5033] ? pipe_to_sendpage+0x300/0x300 [ 1766.392438][ T5033] ? security_file_permission+0x128/0x300 [ 1766.398122][ T5033] do_splice_direct+0x279/0x3d0 [ 1766.402938][ T5033] ? splice_direct_to_actor+0xb00/0xb00 [ 1766.408448][ T5033] ? security_file_permission+0x128/0x300 [ 1766.414130][ T5033] do_sendfile+0x89d/0x1110 [ 1766.418610][ T5033] ? compat_writev+0x390/0x390 [ 1766.423338][ T5033] ? security_file_permission+0x128/0x300 [ 1766.429021][ T5033] ? vfs_write+0x427/0x4f0 [ 1766.433399][ T5033] ? fput_many+0x42/0x1a0 [ 1766.437694][ T5033] __x64_sys_sendfile64+0x1ae/0x220 [ 1766.442857][ T5033] ? __ia32_sys_sendfile+0x240/0x240 [ 1766.448159][ T5033] do_syscall_64+0xcb/0x150 [ 1766.452630][ T5033] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1766.458523][ T5033] RIP: 0033:0x45dd99 [ 1766.462423][ T5033] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1766.482028][ T5033] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1766.490401][ T5033] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:03:52 executing program 1 (fault-call:9 fault-nth:5): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000006c000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1766.498344][ T5033] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1766.506284][ T5033] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1766.514268][ T5033] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000012 [ 1766.522207][ T5033] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1766.618870][ T5052] FAULT_INJECTION: forcing a failure. [ 1766.618870][ T5052] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1766.660876][ T5052] CPU: 1 PID: 5052 Comm: syz-executor.1 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1766.672339][ T5052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1766.682379][ T5052] Call Trace: [ 1766.685672][ T5052] dump_stack+0x1b0/0x21e [ 1766.689990][ T5052] ? devkmsg_release+0x11c/0x11c [ 1766.694912][ T5052] ? show_regs_print_info+0x12/0x12 [ 1766.700094][ T5052] ? kasan_alloc_pages+0x4a/0x60 [ 1766.705016][ T5052] should_fail+0x6fb/0x860 [ 1766.709418][ T5052] ? setup_fault_attr+0x2b0/0x2b0 [ 1766.714432][ T5052] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1766.719792][ T5052] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1766.725322][ T5052] ? find_get_entry+0x5da/0x670 [ 1766.730154][ T5052] ? xa_load+0x323/0x340 [ 1766.734388][ T5052] __do_page_cache_readahead+0x244/0x510 [ 1766.740008][ T5052] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1766.746406][ T5052] ? unwind_next_frame+0x1c07/0x22b0 [ 1766.751675][ T5052] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1766.757382][ T5052] generic_file_read_iter+0x626/0x20a0 [ 1766.762838][ T5052] ? find_get_pages_range_tag+0xae0/0xae0 [ 1766.768550][ T5052] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1766.773910][ T5052] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1766.779960][ T5052] ? avc_denied+0x1c0/0x1c0 [ 1766.784451][ T5052] generic_file_splice_read+0x491/0x780 [ 1766.789986][ T5052] ? splice_shrink_spd+0xb0/0xb0 [ 1766.794917][ T5052] ? security_file_permission+0x1e9/0x300 [ 1766.800618][ T5052] ? splice_shrink_spd+0xb0/0xb0 [ 1766.805540][ T5052] splice_direct_to_actor+0x3cf/0xb00 [ 1766.810898][ T5052] ? do_splice_direct+0x3d0/0x3d0 [ 1766.815907][ T5052] ? pipe_to_sendpage+0x300/0x300 [ 1766.820919][ T5052] ? security_file_permission+0x128/0x300 [ 1766.826627][ T5052] do_splice_direct+0x279/0x3d0 [ 1766.831464][ T5052] ? splice_direct_to_actor+0xb00/0xb00 [ 1766.837003][ T5052] ? security_file_permission+0x128/0x300 [ 1766.842705][ T5052] do_sendfile+0x89d/0x1110 [ 1766.847206][ T5052] ? compat_writev+0x390/0x390 [ 1766.851963][ T5052] ? security_file_permission+0x128/0x300 [ 1766.857671][ T5052] ? vfs_write+0x427/0x4f0 [ 1766.862081][ T5052] ? fput_many+0x42/0x1a0 [ 1766.866398][ T5052] __x64_sys_sendfile64+0x1ae/0x220 [ 1766.871586][ T5052] ? __ia32_sys_sendfile+0x240/0x240 [ 1766.876858][ T5052] ? __fdget+0x187/0x200 [ 1766.881089][ T5052] do_syscall_64+0xcb/0x150 [ 1766.885580][ T5052] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1766.891451][ T5052] RIP: 0033:0x45dd99 [ 1766.895330][ T5052] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1766.914912][ T5052] RSP: 002b:00007f82dae6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1766.923304][ T5052] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1766.931259][ T5052] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1766.939223][ T5052] RBP: 00007f82dae6cca0 R08: 0000000000000000 R09: 0000000000000000 [ 1766.947177][ T5052] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000005 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000074000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:52 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) close(r4) write$binfmt_misc(r3, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRESOCT=r0, @ANYRES32=r2, @ANYRESOCT=r0], 0x4240a2a0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = dup2(r7, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) connect$inet(r6, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) splice(r2, 0x0, r4, 0x0, 0x100000, 0x0) close(r1) r9 = socket(0x1e, 0x4, 0x0) connect$tipc(r9, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) 03:03:52 executing program 2 (fault-call:8 fault-nth:19): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x4) r0 = getpid() setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@empty, @remote}, 0xc) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x11, 0x800000003, 0x2) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x162d1fff61ae243c}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_macvtap\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'tunl0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40060840}, 0x4010) fcntl$setpipe(r1, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) [ 1766.955131][ T5052] R13: 00007ffdeb75867f R14: 00007f82dae6d9c0 R15: 000000000118bf2c 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000007a000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fc000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1767.018456][ T5061] FAULT_INJECTION: forcing a failure. [ 1767.018456][ T5061] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1767.048141][ T5061] CPU: 1 PID: 5061 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 03:03:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000004020000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1767.059593][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1767.069641][ T5061] Call Trace: [ 1767.072924][ T5061] dump_stack+0x1b0/0x21e [ 1767.077241][ T5061] ? devkmsg_release+0x11c/0x11c [ 1767.082170][ T5061] ? show_regs_print_info+0x12/0x12 [ 1767.087358][ T5061] ? kasan_alloc_pages+0x4a/0x60 [ 1767.092284][ T5061] should_fail+0x6fb/0x860 [ 1767.096694][ T5061] ? setup_fault_attr+0x2b0/0x2b0 [ 1767.101709][ T5061] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1767.107071][ T5061] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1767.112608][ T5061] ? find_get_entry+0x5da/0x670 [ 1767.117442][ T5061] ? xa_load+0x323/0x340 [ 1767.121671][ T5061] __do_page_cache_readahead+0x244/0x510 [ 1767.127291][ T5061] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1767.133695][ T5061] ? unwind_next_frame+0x1c07/0x22b0 [ 1767.138970][ T5061] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1767.144680][ T5061] generic_file_read_iter+0x626/0x20a0 [ 1767.150134][ T5061] ? find_get_pages_range_tag+0xae0/0xae0 [ 1767.155839][ T5061] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1767.161204][ T5061] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1767.167257][ T5061] ? avc_denied+0x1c0/0x1c0 [ 1767.171780][ T5061] generic_file_splice_read+0x491/0x780 [ 1767.177316][ T5061] ? splice_shrink_spd+0xb0/0xb0 [ 1767.182247][ T5061] ? security_file_permission+0x1e9/0x300 [ 1767.187958][ T5061] ? splice_shrink_spd+0xb0/0xb0 [ 1767.192885][ T5061] splice_direct_to_actor+0x3cf/0xb00 [ 1767.198247][ T5061] ? do_splice_direct+0x3d0/0x3d0 [ 1767.203255][ T5061] ? pipe_to_sendpage+0x300/0x300 [ 1767.208269][ T5061] ? security_file_permission+0x128/0x300 [ 1767.213971][ T5061] do_splice_direct+0x279/0x3d0 [ 1767.218806][ T5061] ? splice_direct_to_actor+0xb00/0xb00 [ 1767.224336][ T5061] ? security_file_permission+0x128/0x300 [ 1767.230036][ T5061] do_sendfile+0x89d/0x1110 [ 1767.234527][ T5061] ? compat_writev+0x390/0x390 [ 1767.239278][ T5061] ? security_file_permission+0x128/0x300 [ 1767.244981][ T5061] ? vfs_write+0x427/0x4f0 [ 1767.249379][ T5061] ? fput_many+0x42/0x1a0 [ 1767.253693][ T5061] __x64_sys_sendfile64+0x1ae/0x220 [ 1767.258883][ T5061] ? __ia32_sys_sendfile+0x240/0x240 [ 1767.264155][ T5061] do_syscall_64+0xcb/0x150 [ 1767.268647][ T5061] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1767.274522][ T5061] RIP: 0033:0x45dd99 [ 1767.278401][ T5061] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1767.297985][ T5061] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1767.306379][ T5061] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000030000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1767.314347][ T5061] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1767.322302][ T5061] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1767.330259][ T5061] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000013 [ 1767.338213][ T5061] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000002040000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000006040000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:53 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000010040000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:53 executing program 2 (fault-call:8 fault-nth:20): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1767.557864][ T5089] FAULT_INJECTION: forcing a failure. [ 1767.557864][ T5089] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1767.589403][ T5089] CPU: 0 PID: 5089 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1767.600861][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1767.610898][ T5089] Call Trace: [ 1767.614180][ T5089] dump_stack+0x1b0/0x21e [ 1767.618498][ T5089] ? devkmsg_release+0x11c/0x11c [ 1767.623424][ T5089] ? show_regs_print_info+0x12/0x12 [ 1767.628613][ T5089] ? kasan_alloc_pages+0x4a/0x60 [ 1767.633540][ T5089] should_fail+0x6fb/0x860 [ 1767.637948][ T5089] ? setup_fault_attr+0x2b0/0x2b0 [ 1767.642960][ T5089] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1767.648331][ T5089] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1767.653864][ T5089] ? find_get_entry+0x5da/0x670 [ 1767.658698][ T5089] ? xa_load+0x323/0x340 [ 1767.662929][ T5089] __do_page_cache_readahead+0x244/0x510 [ 1767.668549][ T5089] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1767.674950][ T5089] ? unwind_next_frame+0x1c07/0x22b0 [ 1767.680220][ T5089] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1767.685924][ T5089] generic_file_read_iter+0x626/0x20a0 [ 1767.691374][ T5089] ? find_get_pages_range_tag+0xae0/0xae0 [ 1767.697076][ T5089] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1767.702429][ T5089] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1767.708477][ T5089] ? avc_denied+0x1c0/0x1c0 [ 1767.712965][ T5089] generic_file_splice_read+0x491/0x780 [ 1767.718492][ T5089] ? splice_shrink_spd+0xb0/0xb0 [ 1767.723416][ T5089] ? security_file_permission+0x1e9/0x300 [ 1767.729115][ T5089] ? splice_shrink_spd+0xb0/0xb0 [ 1767.734035][ T5089] splice_direct_to_actor+0x3cf/0xb00 [ 1767.739384][ T5089] ? do_splice_direct+0x3d0/0x3d0 [ 1767.744391][ T5089] ? pipe_to_sendpage+0x300/0x300 [ 1767.749392][ T5089] ? security_file_permission+0x128/0x300 [ 1767.755091][ T5089] do_splice_direct+0x279/0x3d0 [ 1767.759910][ T5089] ? splice_direct_to_actor+0xb00/0xb00 [ 1767.765422][ T5089] ? security_file_permission+0x128/0x300 [ 1767.771108][ T5089] do_sendfile+0x89d/0x1110 [ 1767.775587][ T5089] ? compat_writev+0x390/0x390 [ 1767.780320][ T5089] ? security_file_permission+0x128/0x300 [ 1767.786049][ T5089] ? vfs_write+0x427/0x4f0 [ 1767.790432][ T5089] ? fput_many+0x42/0x1a0 [ 1767.794771][ T5089] __x64_sys_sendfile64+0x1ae/0x220 [ 1767.799938][ T5089] ? __ia32_sys_sendfile+0x240/0x240 [ 1767.805192][ T5089] do_syscall_64+0xcb/0x150 [ 1767.809663][ T5089] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1767.815521][ T5089] RIP: 0033:0x45dd99 [ 1767.819382][ T5089] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1767.839001][ T5089] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1767.847377][ T5089] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1767.855380][ T5089] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1767.863323][ T5089] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1767.871261][ T5089] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000014 [ 1767.879216][ T5089] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000050000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:53 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) dup(0xffffffffffffffff) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:53 executing program 2 (fault-call:8 fault-nth:21): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:53 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x200}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0) write$9p(r4, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0xc4, r5, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syzkaller1\x00'}]}, @IPVS_CMD_ATTR_DEST={0x5c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x8040}, 0x40) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0xb10085}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)={0x168, r5, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @private=0xa010102}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5c}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x58}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x47}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffff8}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_DAEMON={0x6c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'netpci0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, [], 0x1}}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xff}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x4000055}, 0x4000) ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f0000000080)) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:03:53 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x7ffff000) 03:03:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) modify_ldt$write(0x1, &(0x7f0000000000)={0x4c4, 0x20001000, 0x4000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000060000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000004060000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1768.006352][ T5101] FAULT_INJECTION: forcing a failure. [ 1768.006352][ T5101] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1768.061232][ T5101] CPU: 0 PID: 5101 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1768.072715][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1768.082756][ T5101] Call Trace: [ 1768.086041][ T5101] dump_stack+0x1b0/0x21e [ 1768.090362][ T5101] ? devkmsg_release+0x11c/0x11c [ 1768.095290][ T5101] ? show_regs_print_info+0x12/0x12 [ 1768.100473][ T5101] ? kasan_alloc_pages+0x4a/0x60 [ 1768.105403][ T5101] should_fail+0x6fb/0x860 [ 1768.109807][ T5101] ? setup_fault_attr+0x2b0/0x2b0 [ 1768.114822][ T5101] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1768.120180][ T5101] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1768.125711][ T5101] ? find_get_entry+0x5da/0x670 [ 1768.130552][ T5101] ? xa_load+0x323/0x340 [ 1768.134784][ T5101] __do_page_cache_readahead+0x244/0x510 [ 1768.140407][ T5101] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1768.146807][ T5101] ? unwind_next_frame+0x1c07/0x22b0 [ 1768.152078][ T5101] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1768.157784][ T5101] generic_file_read_iter+0x626/0x20a0 [ 1768.163239][ T5101] ? find_get_pages_range_tag+0xae0/0xae0 [ 1768.168951][ T5101] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1768.174314][ T5101] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1768.180371][ T5101] ? avc_denied+0x1c0/0x1c0 [ 1768.184867][ T5101] generic_file_splice_read+0x491/0x780 [ 1768.190404][ T5101] ? splice_shrink_spd+0xb0/0xb0 [ 1768.195333][ T5101] ? security_file_permission+0x1e9/0x300 [ 1768.201035][ T5101] ? splice_shrink_spd+0xb0/0xb0 [ 1768.205966][ T5101] splice_direct_to_actor+0x3cf/0xb00 [ 1768.211326][ T5101] ? do_splice_direct+0x3d0/0x3d0 [ 1768.216344][ T5101] ? pipe_to_sendpage+0x300/0x300 [ 1768.221365][ T5101] ? security_file_permission+0x128/0x300 [ 1768.227075][ T5101] do_splice_direct+0x279/0x3d0 [ 1768.231913][ T5101] ? splice_direct_to_actor+0xb00/0xb00 [ 1768.237451][ T5101] ? security_file_permission+0x128/0x300 [ 1768.243156][ T5101] do_sendfile+0x89d/0x1110 [ 1768.247653][ T5101] ? compat_writev+0x390/0x390 [ 1768.252403][ T5101] ? security_file_permission+0x128/0x300 [ 1768.258105][ T5101] ? vfs_write+0x427/0x4f0 [ 1768.262508][ T5101] ? fput_many+0x42/0x1a0 [ 1768.266861][ T5101] __x64_sys_sendfile64+0x1ae/0x220 [ 1768.272051][ T5101] ? __ia32_sys_sendfile+0x240/0x240 [ 1768.277321][ T5101] do_syscall_64+0xcb/0x150 [ 1768.281811][ T5101] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1768.287692][ T5101] RIP: 0033:0x45dd99 [ 1768.291571][ T5101] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:54 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) mknodat(r3, &(0x7f0000000080)='./bus\x00', 0x200, 0x3) r4 = timerfd_create(0x7, 0x800) fcntl$getown(r4, 0x9) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000070000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() prlimit64(r0, 0x3, &(0x7f0000000000)={0xfffffffffffffffc, 0x1224}, &(0x7f0000000080)) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 1768.311155][ T5101] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1768.319548][ T5101] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1768.327505][ T5101] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1768.335460][ T5101] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1768.343416][ T5101] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000015 [ 1768.351374][ T5101] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000090000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) setsockopt$inet_opts(r2, 0x0, 0xd, &(0x7f0000000080)="73fcca029628c25aa308af9f3576d4ddf21a0540a1b819007372f1019181e072c77774fef4548fb64977cd3cc67906c8c01dc3c6d0b59daf0138152d6bea93e07601ecfe9c85fc30e864d50776ecb841e1accfce969c2d2689717f65de10e151286f6ccf1821eee56c8821821a1971240c8787f0e50378b73d3f8adb9325a8aaa51d29b5b27d80558040abfd2aa302e02763f514ac862c62bfcbf2c55044758cbe86aead4ff5d565a27dde03f296e718cbbfb5fc0acacb910cd00753dd2bf571a4eafddc4c37a4b6996888807287ee0df2f7d8c21d1339014f6a4587921e0606d593d2f19bc559c1", 0xe8) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000a0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000b0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 2 (fault-call:8 fault-nth:22): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0xfffffffffffffe5a, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x3, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:03:54 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000000c0)=@security={'security\x00', 0xe, 0x4, 0x3a8, 0xffffffff, 0xe0, 0xe0, 0x0, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x1, 0x2}, {0xffffffffffffffff, 0x0, 0xc}, {0x4, 0x5, 0x6}, 0x800, 0x4}}}, {{@ipv6={@dev={0xfe, 0x80, [], 0x24}, @loopback, [0xffffff00, 0x0, 0xffffff00, 0xffffff00], [0xffffff00, 0xffffff00, 0xff000000, 0xffffff00], 'bridge0\x00', 'vlan0\x00', {0x101}, {0xff}, 0x3b, 0x0, 0x4, 0x2}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@srh={{0x30, 'srh\x00'}, {0x32, 0x4, 0x0, 0xa0, 0xfffe, 0x2, 0x8}}, @common=@mh={{0x28, 'mh\x00'}, {"221b", 0x1}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x1, 0x0, 0x5}, {0xffffffffffffffff, 0x5}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x4, 0x4, 0x2}, {0x3, 0x4, 0x7}}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) 03:03:54 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r2}, 0x8) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r3 = socket$inet6(0xa, 0x400000000001, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NBD_CMD_RECONFIGURE(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8086afb2a1c7", @ANYRES16=0x0, @ANYBLOB="000428bd7000fcdbdf25030000000c00060002000000000000000c0004000101000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4004800) close(r3) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x200fc0) 03:03:54 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0xffffffff000) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000d0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x3) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000e0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1768.749950][ T5155] FAULT_INJECTION: forcing a failure. [ 1768.749950][ T5155] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1768.782675][ T5155] CPU: 0 PID: 5155 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1768.794146][ T5155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1768.804188][ T5155] Call Trace: [ 1768.807467][ T5155] dump_stack+0x1b0/0x21e [ 1768.811783][ T5155] ? devkmsg_release+0x11c/0x11c [ 1768.816713][ T5155] ? show_regs_print_info+0x12/0x12 [ 1768.821899][ T5155] ? kasan_alloc_pages+0x4a/0x60 [ 1768.826826][ T5155] should_fail+0x6fb/0x860 [ 1768.831233][ T5155] ? setup_fault_attr+0x2b0/0x2b0 [ 1768.836248][ T5155] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1768.841610][ T5155] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1768.847147][ T5155] ? find_get_entry+0x5da/0x670 [ 1768.851982][ T5155] ? xa_load+0x323/0x340 [ 1768.856212][ T5155] __do_page_cache_readahead+0x244/0x510 [ 1768.861846][ T5155] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1768.868245][ T5155] ? unwind_next_frame+0x1c07/0x22b0 [ 1768.873517][ T5155] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1768.879220][ T5155] generic_file_read_iter+0x626/0x20a0 [ 1768.884671][ T5155] ? find_get_pages_range_tag+0xae0/0xae0 [ 1768.890377][ T5155] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1768.895734][ T5155] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1768.901789][ T5155] ? avc_denied+0x1c0/0x1c0 [ 1768.906280][ T5155] generic_file_splice_read+0x491/0x780 [ 1768.911813][ T5155] ? splice_shrink_spd+0xb0/0xb0 [ 1768.916742][ T5155] ? security_file_permission+0x1e9/0x300 [ 1768.922448][ T5155] ? splice_shrink_spd+0xb0/0xb0 [ 1768.927370][ T5155] splice_direct_to_actor+0x3cf/0xb00 [ 1768.932728][ T5155] ? do_splice_direct+0x3d0/0x3d0 [ 1768.937735][ T5155] ? pipe_to_sendpage+0x300/0x300 [ 1768.942747][ T5155] ? security_file_permission+0x128/0x300 [ 1768.948451][ T5155] do_splice_direct+0x279/0x3d0 [ 1768.953290][ T5155] ? splice_direct_to_actor+0xb00/0xb00 [ 1768.958825][ T5155] ? security_file_permission+0x128/0x300 [ 1768.964530][ T5155] do_sendfile+0x89d/0x1110 [ 1768.969021][ T5155] ? compat_writev+0x390/0x390 [ 1768.973771][ T5155] ? security_file_permission+0x128/0x300 [ 1768.979475][ T5155] ? vfs_write+0x427/0x4f0 [ 1768.983873][ T5155] ? fput_many+0x42/0x1a0 [ 1768.988189][ T5155] __x64_sys_sendfile64+0x1ae/0x220 [ 1768.993376][ T5155] ? __ia32_sys_sendfile+0x240/0x240 03:03:54 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) add_key$fscrypt_provisioning(&(0x7f0000000080)='fscrypt-provisioning\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)={0x5, 0x0, "3d8d004163ac6129a1fa93d2a68390ccbdd2c6fcfea203a13a0af7d4c789424ac8af9df6a91b82f21ea8e8e72d128bfc09c0a82ed753642ea070e23be487a545a9cd3a57760b163e49aac25aec7fb949d362d7835a405c58a7e460d132a7c520dcbc50027283f12cb4ccc0c3c1454f58f714c1d95cb0b9d6dd280b52be33cf78cf8e49fdca9be46fb604adf8e3ec952d0440f304ceff7a978a7101936e9d53c7a35e343a639bfb5a7d9b8fde872359e674dd2d047e271ec4eaa2977f64b032683e3736bb647f51c2aef666075172bba933cefbcb489696754cbda6549372156a93112aa00908c392c7"}, 0xf1, 0xfffffffffffffff9) [ 1768.998648][ T5155] do_syscall_64+0xcb/0x150 [ 1769.003138][ T5155] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1769.009015][ T5155] RIP: 0033:0x45dd99 [ 1769.012894][ T5155] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1769.032481][ T5155] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1769.040876][ T5155] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:03:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000004100000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:54 executing program 0: r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@random={'trusted.', '/dev/loop-control\x00'}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0xe2, 0x1000000) prlimit64(r0, 0x0, &(0x7f0000000280)={0x18, 0x8d}, 0x0) r1 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x1}, 0x7) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) [ 1769.048836][ T5155] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1769.056796][ T5155] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1769.064754][ T5155] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000016 [ 1769.072709][ T5155] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:55 executing program 2 (fault-call:8 fault-nth:23): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:55 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) recvmmsg(0xffffffffffffffff, &(0x7f0000005700)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001380)=""/72, 0x48}], 0x5}}], 0x37, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000240)='maps\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x216, 0x0) r4 = open_tree(r0, &(0x7f00000000c0)='./bus\x00', 0x8801) renameat2(r2, &(0x7f0000000080)='./bus\x00', r4, &(0x7f0000000100)='./bus\x00', 0x4) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r5 = socket$inet6(0xa, 0x400000000001, 0x0) close(r5) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x0, 0x2}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x200fc0) 03:03:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) socket$inet(0x2, 0xa, 0x1ff) r3 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x40) fcntl$setownex(r3, 0xf, &(0x7f0000000000)={0x1, r0}) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) 03:03:55 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) accept4$unix(0xffffffffffffffff, &(0x7f0000001180)=@abs, &(0x7f00000000c0)=0x6e, 0x80800) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000001200)='&\x00', &(0x7f0000001240)='./bus\x00', 0xffffffffffffff9c) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0xc7da3028bcdefee5) r2 = socket(0x1f, 0x3, 0x800003fe) bind(r2, &(0x7f0000000100)=@generic={0x4, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffffff48740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) write$char_usb(0xffffffffffffffff, &(0x7f0000000180)="3cb4eca2138e929bb3b4fc96d4d6e1a5b103bb46a90f3ca074e2fceb17bf77e40febbe6e6170809a319afe58dfa30a7a0d902906b860e0317f8dc221e7451015778090a5e59ba494cbbc3b9d40b1050ded9c81bcda09e6991f31bcbc279f6821dbf384f6b6133843b0f2d0635f503180018dfa95288670c68831610bdf127c3116fea8165dfc2e99f49fedb316ce1d8a82c444f071a5f4a5fc35f9573a6c6191f83546441fd81f8c2c260911d1eca042cf3b4b90d536f7aca0d4d6887cbc72dc6e162fdf9f28773d50dc0738ae36e35aee9004ab053b50ce5f91346c2ab6b9fdcc6152a3bd216ea14ed23934cdce1251af57d75b5623eb74832fb7749bc2932d36cc884b5c3a2b3b7349599c867338c7a4650c2885f7343b20a36a3588c8358cec16d9c567d3786a1b855b0247fe15c70826bbc3fefbc6baaf3ace23447bae82531ad3d5705789c6a0608e5fb725d2adee34e825dc6e35ce72fa499e7cacff04246983cf16d0e72dc6c8aafdecc0065dc66e26d728a12ea1fc5d6e8308995efba0b05b84f1cc1e763441d83b4f71fee929edab6e5797b8cdd7b1c6410c68570c5e849ee7fc1895a4a8f99710ce405621a4cb14ad6f35cf2aba9bc8bcb324e625413cceaffcdfe1d27b982f279ab45f18e69aa4be915d0486b17c00df3ee2c73be56249e64bedabd145a3ccaae188c1cbd930be10e1dcac0d327675fedae06234fa94bbda5ba6012f632a43cee831ede3585a0e85870bb0d21706a7667d521b51dd2823ff08d51f64e82cfff449265b3880c7e09dbe197b2123a81e949b08fb8f43fec0a33f53e0b216dbc50ec8aba9563676dd0c3857e9d7b5ce6ecfc8ef930e61dbd7fbb36f09e9826e911e745d52b008dfaf2cdf53715b10c3b3c1bc63a4164984dd8748a83b5f3cfab64d2612136c8bc9b713e4d2fe9d04f663c0815f877669ba93900afb2b8489134f06f2117545a9e04178f1e3b1b4d665b5beb03762311429c1cac0a779801d8aff280ce4a5e7b33bd2f6356ca66903dda30f3a17e676168fb002bbc0f6f8269e3016ae5b6c49002953ba8b3f93a8073ffa0616431aba001f75dde90169d8333b8746eb7b22326f452590105252a20339b2bf8b5a0e5bfa873aaeadff4801af1f3e569d61ac0ae2e1d3293a59a37ef51c992aaa0323289ad36a9ebe2cbac9f35dddec62ae5aaae71b5917c62bc763e2cd5060d05bd9e023bec2394663935c200f6bf44201b637746e035cf3e8ab2a8ceca419e7aaea3ec6e2a5170057bd8de06cc5fac0d22aac3c0448db820e63ea9a0a1efac8d49467865f9f276a6e989efe92551ae5530d75aa52df70ff40ca9e7ed2b1cbb2f1169aae2caf5749d911777c8062a17eb69428a03a00ea6bee4975de8b0d07c16be045980ebfc3c253e3daabdc19f28039001064c1fd079a738dceaaece03c7f0668cacd9e114fd320e43ba19e4fc9476c64bf8515cde412b82b2374fcf73b6bd1a0646e3df52170f225ce3a32604d74eb72f4f59e46cc0bb186fa7dafff7d38649c916c2bc71e16e62ae921c1c67ab36bcefc5858e34c7b6a39ed40685bb7ccc4e2543ea3f5b5bdc85a2b8e259c3992be3f313b31434a44f635ab63c875e8475e53945f976e0c32124c93578ce0ed3f42e36b06a77f63317b78e136ff006003bb626eabfda8872f63c179c65f18e6a6722bcade636bd77f53454e6c6c611e0a78626f50824e93df09294c0d0ff1262904a21e795e598faabb34213a2f421f0423ccdead7dc14993a74e856f94d83419d5d76c0f5021a495c0f1e7d00e9c9a5207af6acaf7520803c5f716e1f9f2d24ef44b11ab0e17023284d4bba1575cff00aa9e78e847e08d8c8b3849ae7324042010b9539f40342a8d165b29abde429b655b628983a6a1018d01aaac99aec6add9a5ae9dbbbfe6535ea98f32281cc8ddbdcd25cf1cce35cd4de4436d28c8af4633eff7529a63330608106b5d6441e52793a01a39b976e0f1498df7e4cba21f124af468357632c0a865d69141b0f0b68bf0636a7d3e71453e8feb456c3e13eb620e5d664a8905146fb2f6c7a34716c0e9427f534e89a09db13a13b0665dd761a41fc0b0d6dd54de427b8b33b639b229d8d0134369001e7659e76849158d002a02f22fcf09e3f5594457f691e8908d8fa108ae3d5dcbae788c122e5fef79262981ee5f7d59bdaa675248ce6476e992c4a5c4658efa3e5b6661dc43fc513b04f8dab595d23fb3e9314c7cd60116d4bb7be66f015651625f04f77e70f10705c4d0c2d4656bc64b81ae3b751acf549879eb45b442707c3ccc0eb97342e530d078e5104a228dabe4e9b248857908b86a20031a18d453658f8f84a4f82ddfa690c58f5a13069510d8ff43eba2d0877594cb1f5877e686d5613d51d68f90bfb303776a6af6bf60c3d621bdc0a9c9d885d59acbb727f1b2a4ed7fbad1380c2255c9e34f52a881b18e80cdeae2a870bf142ed2c0a8037354106d4b601154c71f8a421a9f691ab37f4a108082a7d560497f148d612ebe559d7a068b7c88a7186f5747a974351334791bc13686f8e0577ccc5bdb4433fa50cecedc0b3d475b721a7285dab9eeaa6784085897ea101d106537817e24fdfd82737fbc7532c4f3ca5b70abadf094bc466d65a2830399b86f58c215a25f22ca83cf35bd9d89b2016d31b04d8b4b393aff541b8a53cf413e48fe86872d77e6bae89a75f2c5773fd4bec3b62b8f24242bd128f2a6c4ba12bb53578a84d260f4b5758f18b67901d0ec4d7c21235b79f8fd258441944791b0801ec2e8cfcc5428371c8e7c910bee0ba5ec37014d84e1fea61e434d082185c2e2a36a8796af0be3f3c2bb6a0460be3470a0548ab64ee50b9c6ca8ca432ef4c6e7e609cf7bf9a590cc8531bdbb55be11931bcc8892fff0708c249f277f1afb2f7f6ebcb66e0793b6b5678203bc5ee8c00b91bed9a4bc8064f4ab27ac22bb4db9d28e285324afb28902eed08527cef1d1786626f237ab81172ccd8b567515b98abb85b2ecfe3b4ff843faa438141a1015c8175ed2e83f244e8248dd8ce025efd18065e41b431231109fc9f99276f1b5ab853a99398b80082d7b8c284e5e2411f315d6d59772a676932581238a51aabc3883ac5a5d4f55953459203bdb9a64b577ebbca1159a0ea12d3a6ea1c00ea30004f3654f9360b5dc9e4ac4c7726544547485aea4a221519ff9d3f984d3dd8dc57df0c14afa4c26091eea89d2946a484b6104f816e956d5a65cf22241090894058456a7990d46e6639c4f2c4907de781667db6ba1a1235eb717613ec98da73aec343ca1c4869abe5a3b3867f502d1a7419130caa5edac656483d749bb94f883cca281f2196b6dc418cd3d8138e005a975c731c2e53b8099d93f6cca4892e2f29e61a22bdcfa957270632cbd15656f9a12f06d44e4b9ad2d721e9e5116b9981d6c4b449ad86af6fd00dc7723d251296001d2bcea711ab7af7e05afef0ce4c391e805be71468145623b32da93e7c50d554474a7dc6e70ffaf7860b82956f9782317b6e51c6defa1e548db2c8e892c14dee43e4df1ecd7c0d89b9687e53aba38dd8429334864d0314676cacafbec2a97979f80d1474ccecdad1abf937aa2890e6b1838ae81193a44cfcea4817664d551994485a2188f68d99b0e9bb8dda8db13cd84bc54136def26045d5d36a48cd1af2cfccfd8a7285b35a5a24efef4d2fa6290dbb13185555b3b917001f08013fec3ec49b3888ac195651354e4536e3ef436c3bb08e2fe4b783b710966640cf2c8acde221dd05fe14b02282926caafc0d2c4575a1e812c1e88752e9267c9c6fe3974e5d63fda6ceefc19a88702ca47a8f9201a327a39e3dda9c639c6abd33b4682fa7d1ba48a715d45bc945b7f2c7ecbfbe01d6a0c8c05ae57af23fdfaa895b5361e68f5971cc938b102d2f6e7a52621ff1dc98a6979e72a7757c8051723af3399de49d199ff09e0d777a7d99c4cee853dd453cf232d2ca49c2362e273dfcf553cedc3e203f45096b348e6fc091222367279529e37eaf2acf01eb53a596080500e1f6842096af8b58f40c5fd3057ba77695e74aaed9022a175813fc48cd7d0883c42adf1e0aa476fac31e2ed6223318a1c92c8709f5b2197087bc9afa3119d761d6d4c2a977483a06ed7f2886aa52d9a990299125ebf94e67c095c64618ebfb1927905e88be92619caeddab26ab0855af6bc40885831f3d85cc03176c4830327ada396e2643c1f1f5d42a07832751ccd287498dfbecf666bf2b82df7883d42e33a95f20ed85070bf5c8522429c4cbe4e4e548bb33932f4332eae02ae6d0a77784a601f9c4753eb02e226d6ceb5073094f72ac74e8f0a468a253ab3dab42f33b3939219c877ff9b9da44b9bc29a9c36c8ce5f0579c720613f379991c228979b4f4a515d91ec28d6c96cc8ba4bc23e9a3a88eba4917652cfc9e6d5b790c82b43e40f00fef57b34ddf06f229bfe57067a5996a75ae6a061c382b37bff866ed88707dbb6d74d13b8ea8a70a389646781ba7889ebf1087eaae272c6723450bf0e31ff49c5ff68ea05e7ef1c21acab625560ba132254b71a103f82545b5ddba2ebc4831ee205f411e2f3883d6f1515ca33c1f75e715e9fc46388985ace4c06dd3f67e47a0796b6af1eb0b26d1be153c137fd15a892f0118f046ff8358a178a0c624af7c3342bcb8da621f14cd7350579b4b37198659399d62b3195c91bec81a2f14db28f75456bd900688c46ba95330732fb2e93b1fd25547dadf24dc748966a30526ce736549c96915812410a8f79674fb99b6c14dbc70ad3534d2135cdd26f71723318d2bd3d917f32a6408eae53ddb7b181b962d02222a8d97914d2050ede265bb6475a8a5edaf0f876cb9a770898910ffa802d540f380564daa826dde2c5e7d1c898f12dfb72775f71b38b7065a879869a5dbe70ecf90ca75c715be6388332de9cfcc1133461627febb33649bffed475e016e653a54f327afb04071fb82768a9df64aa9cf5144703f66f4d57b6ab0ad901e71419f57544042dbcca7f43e281e9908eae7b7bfab61d39e60f3c823a91bd40b403bc83fc817e7db27d4ef9897ddc60142f47f8d6f54a8ed869941ff6bebf75272854033a3f6c5a4474b11e70491635c486bfd676c53d09787009e5e2297ea0c172ea8ece8bc486c144b8fc84dec704fc8bb1231bf6d53674f70483d99f066a5ee0214c48d80958e0f4686382106a4414d22b4821be457ec4b0949fab14ef29154cd4527e3c302f105c5ca0a034e1594bdebe41380ecfd1a263729f215f225ab43c83a44d414146466a1c3991eb5e959b5cb3eb21d6fd177f0c5a3d3ffd8c754457a7b49625e43366b2bdb89786db5197ee33675d3abdeb9f8d6b873ae1e033ca56b31ba0f6bac969a49d16c5dd0922c6e77c03fb5c34204e6876e299423bfcb2e365968c3938729543eadf6dfe15db23b9f8cd66f00abcedc793182d4a753ad273ce0c5b5e8da45d2470715e5ea3397cbede0322ebf2da7626c873556e5ebec8b4974fdbe5be729490fa15472d2141d4ec3d7834f07c105df64932b1374f5f698f25874e4c8b9e526078a674265295dfa34bfa4db0645013762770957e3ffef512f880c6cfb192450d46ffd0fe81d6606ae86ae3d64f72399fd5c3ef59d04e6e27a6c9148b5cf1077035e11194933b2d717a142380e882d5f5bef9f0426d17f86c7ed694fb4f11e9841b38649ab3d3cfcfb582a48e9cafcdddba5649a7815b7febfd6b6dc21566117c70316e0baa7925f8512592ff676e55da0945904b7767e0", 0x1000) sendfile(r1, r2, 0x0, 0x200fc0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x7a) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1, &(0x7f0000000080)=0xa1d, 0x4) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsgid(r4) setfsgid(r4) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000020100000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x2, 0xc006) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x25, 0x2, 0xfffffffc) getsockopt$inet_mreqn(r4, 0x0, 0x24, &(0x7f0000000240)={@multicast2, @remote, 0x0}, &(0x7f0000000280)=0xc) bind(r4, &(0x7f0000000100)=@xdp={0x2c, 0x11, r5, 0x1d}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="20000024e8c57700000000fb0000000000020040", @ANYRES32=r6, @ANYBLOB="08000200ffffffff"], 0x20}}, 0x0) sendmsg$AUDIT_TTY_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x3f8, 0x8, 0x70bd28, 0x25dfdbfb, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000040}, 0x40) close(r3) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x301000, 0x146) sendfile(r1, r7, 0x0, 0x200fc0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000180)={'wg0\x00'}) r8 = accept$unix(r7, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) sendfile(r2, r8, &(0x7f0000000140)=0xaaa, 0x7) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000110000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./bus\x00', 0x18b000, 0x1fb) sendmsg$DEVLINK_CMD_PORT_SPLIT(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="98697300", @ANYRES16=0x0, @ANYBLOB="00032dbd7000fddbdf2509000000080001007063690011000200303030303a30303a31302e300000000008000300030000000800090002000000080001007063690011000200303030303a30303a31302e3000000000080003000100000008000900080000002b422869397d5cc1bb39938525bb080001007063690011000200303030303a30303a31302e300000000008000300010000000800090006000000"], 0x98}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) sendfile(r1, r3, 0x0, 0x200fc0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = socket(0x26, 0x1, 0x240) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, 0x0, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r5}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4048001) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f00000000c0)={'ipvs\x00'}, &(0x7f0000000100)=0x1e) [ 1769.254328][ T5195] FAULT_INJECTION: forcing a failure. [ 1769.254328][ T5195] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1769.283173][ T5195] CPU: 0 PID: 5195 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1769.294623][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1769.304654][ T5195] Call Trace: [ 1769.307949][ T5195] dump_stack+0x1b0/0x21e [ 1769.312268][ T5195] ? devkmsg_release+0x11c/0x11c [ 1769.317187][ T5195] ? show_regs_print_info+0x12/0x12 [ 1769.322363][ T5195] ? kasan_alloc_pages+0x4a/0x60 [ 1769.327278][ T5195] should_fail+0x6fb/0x860 [ 1769.331666][ T5195] ? setup_fault_attr+0x2b0/0x2b0 [ 1769.336660][ T5195] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1769.342004][ T5195] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1769.347534][ T5195] ? find_get_entry+0x5da/0x670 [ 1769.352351][ T5195] ? xa_load+0x323/0x340 [ 1769.356563][ T5195] __do_page_cache_readahead+0x244/0x510 [ 1769.362165][ T5195] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1769.368549][ T5195] ? unwind_next_frame+0x1c07/0x22b0 [ 1769.373844][ T5195] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1769.379567][ T5195] generic_file_read_iter+0x626/0x20a0 [ 1769.385023][ T5195] ? find_get_pages_range_tag+0xae0/0xae0 [ 1769.390711][ T5195] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1769.396075][ T5195] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1769.402120][ T5195] generic_file_splice_read+0x491/0x780 [ 1769.407638][ T5195] ? splice_shrink_spd+0xb0/0xb0 [ 1769.412550][ T5195] ? security_file_permission+0x1e9/0x300 [ 1769.418236][ T5195] ? splice_shrink_spd+0xb0/0xb0 [ 1769.423158][ T5195] splice_direct_to_actor+0x3cf/0xb00 [ 1769.428522][ T5195] ? do_splice_direct+0x3d0/0x3d0 [ 1769.433513][ T5195] ? pipe_to_sendpage+0x300/0x300 [ 1769.438513][ T5195] ? security_file_permission+0x128/0x300 [ 1769.444206][ T5195] do_splice_direct+0x279/0x3d0 [ 1769.449031][ T5195] ? splice_direct_to_actor+0xb00/0xb00 [ 1769.454553][ T5195] ? security_file_permission+0x128/0x300 [ 1769.460255][ T5195] do_sendfile+0x89d/0x1110 [ 1769.464727][ T5195] ? compat_writev+0x390/0x390 [ 1769.469458][ T5195] ? security_file_permission+0x128/0x300 [ 1769.475144][ T5195] ? vfs_write+0x427/0x4f0 [ 1769.479527][ T5195] ? fput_many+0x42/0x1a0 [ 1769.483829][ T5195] __x64_sys_sendfile64+0x1ae/0x220 [ 1769.489015][ T5195] ? __ia32_sys_sendfile+0x240/0x240 [ 1769.494271][ T5195] do_syscall_64+0xcb/0x150 [ 1769.498746][ T5195] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1769.504606][ T5195] RIP: 0033:0x45dd99 [ 1769.508468][ T5195] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1769.528038][ T5195] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1769.536421][ T5195] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1769.544383][ T5195] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:55 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) ioctl$HIDIOCSFLAG(0xffffffffffffffff, 0x4004480f, &(0x7f0000000080)=0x3) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:55 executing program 3: fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000080)) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000120000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x200fc0) [ 1769.552324][ T5195] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1769.560279][ T5195] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000017 [ 1769.568221][ T5195] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:55 executing program 2 (fault-call:8 fault-nth:24): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000200000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r0, 0xf505, 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) ioctl$int_out(r0, 0x5460, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r0, &(0x7f0000000100)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x2}}, 0x10) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:ssh_keygen_exec_t:s0\x00', 0x27, 0x3) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r1, 0x0, 0x200fc0) 03:03:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000000)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:55 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) prctl$PR_SET_FPEXC(0xc, 0x100000) sendfile(r1, r3, 0x0, 0x200fc0) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x101, 0x0) getsockopt$IP_SET_OP_GET_BYINDEX(r4, 0x1, 0x53, &(0x7f00000000c0)={0x7, 0x7, 0x3}, &(0x7f0000000100)=0x28) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f0000000140)={0x10002014}) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000010200000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0xb6) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x7, 0xc, 0x1}]}) ioctl$BTRFS_IOC_SNAP_DESTROY(r2, 0x5000940f, &(0x7f0000000100)={{r0}, "e5c3d31c39da61eafdbd6abb9d404608a1bd15e214d48652deea34087bc2bf209f79ca0aebe21e7be0d4d63493dd77e5c6cabf062fdb8ace853bef35e8c463f60499cf08ec8acf6c8fb327c7879599ef18737d542c415dde7ef9d1df13fe47efdbee12274b7718a2cfb49ad44fe1d6f16cb687240978dfdd516b049b2c65fc9d588f4d74b02100fd5a86f1d9cf14c9ac6ea2801bc777f4106b135cf4e20ca59c7cd6762d17b1e0f9aa5814d124f4a7ed6409335ba1a7b6c6b2f646dd3968efe2111824dc356b06cb7ca3d47b07b74efedc654bcf84d61b31037a2d8cbffe388a0e0539ef3f534d620187e722e3522ef893e622fc3473dbb9b481ea8c82d6a74913dee8ddc0f09a5689d913e63da21f17e3f7547958dc97c0a6dd2f9ee1b8fdcdf3bccea9a595efa0fdc4fc506f4e76a7b6441b1e0193119f5e84240baf1ca446dfa27ba6b88a1e4c6dc8c1c667e72cc3be9b43bc26bed4bb3e7ed8a6987bf12e2768d7552c26a90048b81dacba7629521a6d23e9abbc56cfc687009e4228f5c8dcffc54f318e07aa62a8bf02a3554a29813951b7be4e1a65e21594d532538a38652649d2c331b5c4c4012d34ff848bf0fd938df5987b82ba862887bccf0db2ff8fb2c219bd1660cf586e7f38133b609741ceee622aa5de9fd1924b8baff5ede9bc633d75957f6c2e220efc22f66fd4fa276afc6f9d11da8ff5243d2fccbaffa80758390bc445c5e7da18495c7c6bf8754e76415919e27fec67d01816cf89327c6d7ad6641fc9070aa3b9bb0b7543ff145b456af4fe53a6e345c87b3986d1b5ad9275f5a3bef403a8b2f218bf90195d1d0197b2703f30f6f85625aaba701568118691b77d9787a8d179a93975e7df8492eb3d4beb29b27987ea7cc0986e7996c8cbe4780fccc93737a39dbc947cb90dbc929c05f52bbc5d8ce651dea8c6074b4ec250423d428ebaaa190adc1c6bcc43a3abe37b7513211033be95e04032467466df0fbad96db11e526e21fdd69da5ff1eb516d7cc919cf4b23a5d09ab9d10d8b8278e429e832aa33826c36b1aa078a15c8c3d7f05ed8a8fd7417f03de2f9b0c50d09d9714207d0b84e80af6612473a863b23bb3dab27a0b77de20f583c56c4d098e725376c520aefb903c4c1fce1e870ee1b84a5b3b3afb0b84d1467b09aecd0e199535aa474cb6a76b2dea5f8cb4c94894b5722a169aaeb82a9c7e9a96376370fcea757261d9877fd16a0ce75d8f2c4c09db0b0f592e484eaea8471b2de4ac774ebae7f0811853764ce7cd2fe7e5204d0de70279a3dd6996bcc8a86bb12100ec5e0e42be7f4909ca55a717458ff3ca0aea060d68fc164af828f1b075975cfb6a0c8239a89cbc2158ecdb429bb75b988ed403f96595c480e5d96fbf3ffe926edb1e7b65095a9847565afa5fad01e83959f2784601ed9e90864dba999e6d2bb10783d60f4336a24e54d96fb30263ba8c09e35e933090a33891ac70c6c56fd6733716745471f1134a64e55d5809be25038ed87cd57d1ca3c07f8ddbc8fb14bc0744721f2edfdaa7691e1981f43ceadda9f4781604d2bb21dcabcca85db7198b5dd1a1cdc0366fdb8288d073f9fb068eadb2e63d448e54e0c6ee50ea81db708f0c99c6df3f2bd96038ec086ab3bd5e2df807bdb9afe64327fc993ec72053019c93b2c3028ac06ea6861b88d48838850e3f0184107f82ee76425fefff62885bf704519ca183a4f0a4e8c3a1626697541befe6a8576e625b15440cd5ac74b0144e2464724c12c52fcdfc248296033bf90b4e0178247091c6b7252da738a226b44c37fcaa35b6888fa748a9902ad6046ab1cf5cebfe4b236447d60de9baafe648d7216c189e3801e1aef5a7b2a946636a6ef5294eee40e60de5c685c1ef09f61997de2b1d1b1b59a7bfdce643f8f66874b6199481f1241b696a7faa9d1c5f23d8f72d7a92102b244fc6a6c4b5c209812bc2ee0f0c54a773b17a5360a8c6f7be6753983b2439b409ae02db562b9c094ff9f89eed52103b7b65d56cbdbd4ee5bd6b2c3b129cf263f632f9ce67c72927ad08cbe52768362da05a1c5fb1b8076f1e70e97e3becf982e05b75f613cafbe7bf1887440e2ca8b1dcd338f3966be87d947b00923ea19047ef7bae8c91f3a2dc5b96349b314b75c5b5a39864b8ed2a01b55df9f8ad0fbbe2f0dbcf817bd5bf7e32197f562102b79db29ed9a0709b409f6d61651bdbdf24a6e8e085a0c2e92b556742e166f56f1104cec56293cf1672e845f6d94a14a4b4f79b7f553b207f219d0adf53f1d0a3631d08f738462aa0dc96649425bd9c6a91345bbeb8be5819511fc2dd640011d92641bbc8885852357c8779589efa058361c59986fcde39bd01cfb5e46be271b8fab7d0ad6e826832f3981e0c013d100c81f01523cef3853eb28bd09a1420b429a0c41e180ea59b0f24e04038659c86f4286d9c7cdda42f25b10375ac1d9b65793088d7c0216446fe4bd7584e24210aed6cd38b3d0b25fc011fa6dbc1740850f851768b167748ca5914f6def829e75f34d636345c2ab3ed8d756287c39cfb7cbe8e3dd0661d2f717b3747d92a1ed0f3c3855b8e56869c42d302d8f388504cc4324d8701fd2591756f5edc69b56646d94181d7339bc18716651aaee25145dac2381545be52a482e25922485256164f9b0559ebacb040e2d65476e001156381a89bb5b598a394c6a713c937689affd018af1127226abe2f0bfc7be0f2e74dc748f4c447d37e4c81a029c6f8e84cc297ff8cd3545e908954c661285c0cd52595be01319d597fa37991a29ed563c7c88fb3c554c514e5bed35b5d19a50b032774a9db9c9b1e16cf3d4df61c706bc94559c09f2d3a36da9c788fe3089bd050ec12731b28e83960a9c9e34ae6dc1108fd87a5425b47a885e5df0ff480c1fea9de50509561779151bbdc6bf4fd93d27042d7e775416e98465c31f96d62f65f616e2cfd9b75622ec74a1d082b509654f41b8fee547a3d02b089b685184bb9729e5197924e07367bcbff7a744067cf0bdb49f3ea7d1a06208dd42057a1d85462d1ad375153a30b8a8650b17d17f4e34166313f60cd419e951d4357b0d36830794a00f43f2ab3dfec85fe8d457de5c1d7cb32626cfdeb5fc628b96d00c2c6d0d73c3d933a62aadc4c97d6b3f5a2f88cf13193c2ff50358d5b123dfc93e2c261b3c7c7da68da06108e9d3d1108d7e493fdaafd2cf80aa035221af509fa4ec5d254d6abb611ba56fee7a55d05aa837c26a7d28efc1ff50b3e0b07542f0895d6b6772629b2b045077a60b72a80ef33d5c1f9634564457802fdf46ef5ea011df77340f00ba75018fd182fbaaba32f4444ba458482781a696f009f3aec461e27d12c58c8fd6c873fca06547af8540f990e29b29c86b0cc68843b93a67fec08e9a3ee93a7d6c5b179baeb6c3ebc459b8fe9b27e81a2a0fbd7af32621123928480efe86c92b3f572ae54439bbaafb9c60eafd2e6e090d936c102e77bae0d14f3602cc7121ca6f49a8242aab26bab9cc7230a1827ed8bd999944e568d8c79ac076b82f9a254b23c5db505cd30f0d8e50f5d1a2afbb298e08a7901297b4ccc490d84b8d77a4b714520bc5274b36f9c9632c146ae1e176daa43e50eb58e70fa2366d2df88fccd674dfe509264beae81e6d2a66a397e40b5dc77050b1c601e8b86de09d9e1c420d7ee3fe2142114c3ab43e11d8d623c8549cc467e5234f3cb323a8737df150b3296f6944351a8614904cf910504e2345650a2aee387738b395a08498f5b0cd290ecd6462de0168d4e82ebe1057d765fd57fbe3bf2e85331c870b6b3fe864913edae9f3c7039def9ad2e2bbed51743dc8821a14aeceb56f4257134d111c82270377822283df87eb27b2882555a2f37a35b109072b4886337868b023ea0776dead525dc2c3da0d9dddd3ef7c4fb4fc45fd39413099f539beb744789b9788e9374fca7d80b3e59eeaf79d912c6f3458fa2adaddd420c1c199d6ddd9c58f8921eea5caaa80dedc25a4c6523efc55e5fd1b98f8f679d33deed77fcaa14c994081e01451a1db67d159ab99e2f945ec29cd78bc14dd0f9e018363c0acda692a6efe239e83c5b869d7c3ada50d0dcbe035e87e7992fb5eb9f825dafb6790d6567bc7c095d0800e8b65de72bb5ba493b1f51557018f5324f482bd48483398308d879be666a7cd0d7390b170ddc6c9ffaf8b9cbcd9666c909ab71d918e6f34d538f01700cd9f4a9e115f33fd1ed7a80cee03b7abef7e7448bad798b243267306cf849c2df7921c10a2d9ff4a2f4cc27922752f6ee8d7520b4db6f03ea0070c277b3e4bb5613c906c25de2ef559b2d0d97694a747404d6dd990e25d59cbc8ecd72f3ba58ac49a1486085b6ce844809a4bf6311b90b7536433d5c444fe7c5122b5b485701266ccbec1da2010fdd50e1ba71e3be03d19a26a497b8a790e686e73d19169a1722fc076e8c4b55cca6d8a0ff68d9550ef9a7937f4195520babd57337af9e8b5b544fe62d067d04400b309c4bb3d0a13abcbe3a7f05f3d3bd06b73c99521500157648073514636a3f9830c61aa1963bb643b036c34e2a6dfee34017f3d7da0ec4fd638cfa0c5a53d2221db68552587236c65c7ca38c68897e792bf5c31029ed0e0babcd2d716bc306daa61d4936e96fa8985e385cb3f280d1bd12aa7f25187066e39d2db291edba69b0192c2e978ff7c04478b413f3adb4d715c6cfff1f608bbbabec27fe1a928cd850c53ee328a22a5db3bcda14fde8e9ee54104b484437d0fc8e31526280dd35212d25bcd627ab0cb7d5ba80d58b713eed8324d99a32ff763200787231e2f1a6560ac098ae305fa53cc4d0da497ba964f2398375f9f8faf73f6ba450a06d03f09e70cfc539950f6f44eae3b78460e46b7b3cb64565e0bceea37fd6dcf1fd1a8e8d5c364c9a5cefec8cd6c31800152d9aa64965d658c19179759e800cbd61ca64484fb41dd5f63561f65e2d1877998fb703899c2a1bed0fd47b94ce5d6459e950b434347530e2617f5d2700de1c769c404889132a2622b0a7d613142e0f95bf098ead2ab1a478dee33dfc4966365d02c6d34fa46780be99ff049a38219628e6ed85c48f479ee05ada4ab29330b2ac941eb10ab8f6aadb71640ad7d47de4419cdd8be22138dd6f972dbf8a0451063ef0e020229ee834890b6763ca9ec042326e609388b13271047c74ea37d6550c4008c64312988d0aa1ebb7518666193bcf3277e93a4327355c0ab402b5a1e88dfcb152d86482fa2081ed1195b1b6cfd42762f348cb1d70b7489ebfbf3da67b74a9a4ab7413437465b0f6060f89dd32a54b6af9407fea653e3116a0721c31ff4d53b3d50f1dc3ebcc738290b546455a1ef59dcfc33426e8deeb8e49903ace4e62582da7576c70cdc845e376f5a52e35f380e0dcd878502eccbd5d66eb874ad87d3903beedcec51d897f86a3e1a189447391b1d5e9f00629bad930d0c56116dbadfeb26467b1b95258c8cd69e6f680c1a21e6f9bf85728012d944b19fc680f3131d6c16d9b9e8da15ef5e0fe115cb7b7e3f4f85991394fcc80c381ccabdb7fb2b3f0e745765a58b051d190381fd75ed4709fcce01609517bb5accb496a0e607a1623b920ccfa858b6c6c2d0643330804686a32d37ffd215922cb8ea5e64f318b5b466550766da4b8a2b6bfd1bf37b0d85e6550fab534abf1a4c45633cbe06327ad4eaf5d33c4f4e35d3928560b176cd26d51435246dee2fc81dbe3c77b99fdcabb0360190b7a798cc89ada32c96716bf4c7de6ba048db80a29b7"}) close(r1) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000001100)='/dev/zero\x00', 0x0, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001180)='nl80211\x00') sendmsg$NL80211_CMD_SET_MPATH(r5, &(0x7f0000001240)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001200)={&(0x7f00000012c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00042cbd7000ffdfdf25160000000a001a00080211000001625f118005bd7debcffffc572711d6203f8c45bbb3014403ed3262fb049aec9147850f43594b52f61de556e22e32f26f851073bec9a7f9d828a015bd1f2baa09968dbd18662c940d4dc2b692907ca8b931f99ef7e0c6999876eb294068ed2b0bacfff9ce1ea31cb6c9d9037e6fec78783169d2f11df6a9e429ea30d4665a996f6fe28a69f0295acd47011ebb20be41f82aeb6379b6195b0610a38ddb05fda9ef356be15bed1dad68d08cb80e975096c34869d9"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040000) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000220000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f00000000c0)=0xfff, 0x4) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KDGETMODE(r3, 0x4b3b, &(0x7f0000000080)) close(r1) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x44000, 0x0) ioctl$KDSETMODE(r5, 0x4b3a, 0x0) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) [ 1769.819709][ T5241] FAULT_INJECTION: forcing a failure. [ 1769.819709][ T5241] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1769.872025][ T5241] CPU: 0 PID: 5241 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1769.883494][ T5241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1769.893535][ T5241] Call Trace: [ 1769.896816][ T5241] dump_stack+0x1b0/0x21e [ 1769.901135][ T5241] ? devkmsg_release+0x11c/0x11c [ 1769.906064][ T5241] ? show_regs_print_info+0x12/0x12 [ 1769.911246][ T5241] ? kasan_alloc_pages+0x4a/0x60 [ 1769.916177][ T5241] should_fail+0x6fb/0x860 [ 1769.920585][ T5241] ? setup_fault_attr+0x2b0/0x2b0 [ 1769.925600][ T5241] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1769.930962][ T5241] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1769.936496][ T5241] ? find_get_entry+0x5da/0x670 [ 1769.941339][ T5241] ? xa_load+0x323/0x340 [ 1769.945571][ T5241] __do_page_cache_readahead+0x244/0x510 [ 1769.951193][ T5241] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1769.957597][ T5241] ? unwind_next_frame+0x1c07/0x22b0 [ 1769.962868][ T5241] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1769.968577][ T5241] generic_file_read_iter+0x626/0x20a0 [ 1769.974030][ T5241] ? find_get_pages_range_tag+0xae0/0xae0 [ 1769.979733][ T5241] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1769.985091][ T5241] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1769.991148][ T5241] ? avc_denied+0x1c0/0x1c0 [ 1769.995643][ T5241] generic_file_splice_read+0x491/0x780 [ 1770.001182][ T5241] ? splice_shrink_spd+0xb0/0xb0 [ 1770.006115][ T5241] ? security_file_permission+0x1e9/0x300 [ 1770.011822][ T5241] ? splice_shrink_spd+0xb0/0xb0 [ 1770.016750][ T5241] splice_direct_to_actor+0x3cf/0xb00 [ 1770.022108][ T5241] ? do_splice_direct+0x3d0/0x3d0 [ 1770.027120][ T5241] ? pipe_to_sendpage+0x300/0x300 [ 1770.032132][ T5241] ? security_file_permission+0x128/0x300 [ 1770.037835][ T5241] do_splice_direct+0x279/0x3d0 [ 1770.042676][ T5241] ? splice_direct_to_actor+0xb00/0xb00 [ 1770.048213][ T5241] ? security_file_permission+0x128/0x300 [ 1770.053918][ T5241] do_sendfile+0x89d/0x1110 [ 1770.058420][ T5241] ? compat_writev+0x390/0x390 [ 1770.063175][ T5241] ? security_file_permission+0x128/0x300 [ 1770.068882][ T5241] ? vfs_write+0x427/0x4f0 [ 1770.073285][ T5241] ? fput_many+0x42/0x1a0 [ 1770.077602][ T5241] __x64_sys_sendfile64+0x1ae/0x220 [ 1770.082796][ T5241] ? __ia32_sys_sendfile+0x240/0x240 [ 1770.088070][ T5241] do_syscall_64+0xcb/0x150 [ 1770.092559][ T5241] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1770.098440][ T5241] RIP: 0033:0x45dd99 [ 1770.102324][ T5241] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:55 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0xc0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x6938) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000180)) sendfile(r1, r3, 0x0, 0x200fc0) r5 = socket(0x11, 0x800000003, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="0003295500aa14cdf14415f4ff0800"], 0x1c}, 0x1, 0x0, 0x0, 0x4084}, 0x4000004) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x4000010) 03:03:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000250000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:55 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x800, 0xffffffff) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@private2, @in=@loopback}}, {{@in=@private}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8) [ 1770.121907][ T5241] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1770.130299][ T5241] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1770.138255][ T5241] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1770.146213][ T5241] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1770.154170][ T5241] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000018 [ 1770.162125][ T5241] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:56 executing program 2 (fault-call:8 fault-nth:25): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000002e0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000a00)="7c629729743b231d7a45d7dfacac1ebe47b926255d97ceb78364c80ed50c32b5fc24795012fee8d3f5e4cae59e0393e0d28f3b92966108e77a6c4a59860bd8b4bbe4e258f5b6ff27c7fe7f7ed7d9a3b06cb8458bfd305c5dc916a255ce84fb7c1deb0198c7c75a0ff0a9297f5a6289f17515af698a3628b99ca0ab3a034cd45fccc9f21c53d1fa8a0236a6c96451f7fe5090cb2759cbe068b963a2b16d3b6d6373bfe1d1fe2899178b8a5e8266c0a3a32b7c97698610d607089aeaa52670955cdb61e61382cc748bb4f7d64128992eb6691a862ab47e107e76976c1788f2d5d5713e204aed68ff14610f223ec36ba2d2176b421b92aabc42ea11d679e191e28695d1c8f6c44a7ef07f2f8352a401fece8b74842c1389b8299094c07cdad86608fe55549fb52996859af61d5b56b52318debcc8629e7692290574e23db9a4202baaad6d0dc42dd9e92015a0769da5c3db2b3079770d499270f43c54992aea90c57ae321da6cf8eae18667f4e68989826d2bd40b879bba54c609cbd8edd9c6216c375315fac09414b6eae05f2f473521d78377da3150d23e5e478c45d81939e42ea4328e1ec18471aadadbde1f6194f6fa93b0d1a97bbf2862033c90a38423e930a1a0becaac95393b74409091fafdb5e5a4f77e40e1fea8301b28fa2c8cccc9b070a899d2963a90bd6bca156aefd40f626efc165b0f1e1d2d7a029c8c57365b17374152df6498a1b3c3b59cb6a388a04c3119b818b8ba07fbc5d6e6a8288fc16668e0046f77a05fdf7739cfef48d0e8d453969dea73c5f683fd630e717be4dc9fec04c20034bcdaca01d7f202a4914858eee437c8e4c4564d440acaed5cca083f3ec259eeb330660cb6cc1c014549a9d87fa0087e723baf6e464e76caf2bc3f7e91a5241d86848d4aaad3b076f16ca6f4fb73e6ab5cc97c8f223439e53a20e9dcbc66cfd0e850f9065dc60b1db1bcea50e7eabd8b4f1ee13ac07c30ada35c1113e594499870d5cf180b2dbceb060e145f4650094901d44ed5db207a94ddce5d82ae9714d211dc89ab66c1f25f7e83ca1a413bd0f29d77a249200e7b82a55c3782214fce1484a936a8b8d984034cfada8693cfabd8f03ba0aa4eae5bc32739e47cae182c3be42d46bcf29c180e4157462a81ef0bb8ee881fd576e35157e21ea55a1273e08a5373da58931fa1d1dd1eb7f30b2f1f54aaf0fec5dcd750d3948718dd2ab7dafc1263b5d57cc75d6eee5a9894b4c3ee6d776b5af7a17748f7daab51a72dd33fbea808c04a6463aacd7f15d51d3a5a08c39318ad93be8d106a1a119851a16981aad935b29ca5c2abd78bfefc140c35dedd197bc0ee42b25f36084182643309c4298439ff67a2b562ba3625ca3de8f11ce553c59cd8e3e41b95b1287a4cb35b4bcade158b39b53b4fc2c9fea6e0f989c864a54f3ad038ac990b9862b26f4ccf5a92760e217d25ff2ddd179b57ca33f3f849d4ad0b3ae5497c0927362b7b275299576d297615eade3f55c0dc1e89732d590e3a8d5d61e5edc8a4da0b08b6d21ac1a1f37f468ba08b4d402bf280135629cff0a971a1545a30acf9083935ef355d0f84ed4ca3c27a788ef35c35d34af7e2cf93b71a5e7bac637086feafc00174b932660ed64bd130706691c7c27fa53dcbbeb3839e8cbdae72d525b25cb5c222fd5a3c806ee3af6ab08fb5fb636a8636d931656f2f83f7a66fb007a1943e3bd76624910d808877bb5eb4a57fb11902043c88376533a846b5197f557676a45be20c0ea369e00f47ab945a0c02581c76c09907a7935aa5ad6eef218ae3b3db6246c95ab1b49f56989743c94ac782b299590a5baab05849e2fa56acd13a28af3d5f7c8b691ea3c51668a23483173c9571cc319b9a2cbcfe513565731d241d5fcd2087ff6aeac338c323d74c4728a52649f2a30c5f1996c967991b0ef29d6375a263243d5499e01a5a2dde33f8f4e3c0c9bee136ffbf8ef7f270d63bb62d41b18262241eb4c0fdd65117c471b1dd44d941f07f7121ef2dacc1b481c749af6c1d92191e5612265df71fdd4f44b243694fc0f14152052d7e33bf87ba84243c1341943d10d644c92505ffbe04de9e613a28f2fec6d39bfc687829ee03558e51d05947d544fa303f257e0caa60e6fe6b4c93dfb6ead0a2bb1674cdd5bcfe751e9aaabee04144e0dd46f64a6f19c6ac88dfc7e89825a6742d758d984af679d28c4ae7e5a31e34dfe4b0bfeb975c11e3f70465972e7c61de2ebb7ca9fa8338e5ab928948cc17fc7ab0b7f6b48c84273d1ccbfe5957e9eca4ba2594706fbde2e5a9db1473184c35836e3a14ee66c7f9268ef42ea8955b6e1101a41b00a3aae85b2e1f5ee81b5838a42935a3e1d0af2cfb934cca24afbb3258411d5fbb3ee0694cbde6faac5bb22165a035b94c4d02c2f33b308073bbe90e0083c8b1515089494dec7958851d00c54052d141ae3715aee059105d38770da38d5e27a0b1632f8adc4e223b9cab302ce272473aa99955951d51d075961294f87dcfcbe32c7f7f85985a200eb6dc102750119ec6de7d6472fad98821e09812a7b30f603d9dba1f216840c61a9e4ebcb6b4f4b5ec49f7fe9cf883a54cec212b5699138cf6750416b288599b6048a33d1fcabf3d02273d55903b3ec80949e2d3be90d4556464a3ad0f0af0f72d4522b19aa04310bd2cb33908aa685b756e7d73f6e5dbb81c0e451298334e3d328e2521c48db5c7bb83a2d72d0097c4902b19b7f365602887d84744cd5019f219eaacaf261d1c7ae182928b2791f1e32fec4f68123afb699c53685bf45f56b1d2e398f93da7e09d22df3084823d30ac421767540085ce49c3b18573ccdb210a93c05c95c1648a3479b875d5e1682128632b1c1d521b101f09ef2b619f44896e638fb569a61edbc6ebc17cc432c902aae000f72f1654cf455d4d980289af0d1a1c5ff16e5670d81460fca298be83a269b918642258b21d6ddfdb4c4d8cedc8dced22301b5b95bf9199a0d5eb141dd4ed7a163374dfdbe1330bd7e43ccbaed6e886ea8b26b49cd7cba0d47e695a97eab8e0c66ac925c815d1a907222c0b94f44f40188cb252da959ba4b36b56f58f37b4d4600a8600f3483170b607dbbcd892200d5d431631a31d57dc135d6f81e91c184b71d39854e142b1ea513f7471d16d0556473985eb81740f58021a618182548559683f070a3f4cfc9dc58a19dfb05c8f945e70a0f82aba712b9461b16e5f27eb2f437c8fed0381eaefb799de219e4e1cd5bfde3d82f251c96c56f1ed55da750ae21f78c36929e68c183c4ac5111e425a30fd00bd6f682510f3956347e2e2c06b53936d94fbb49879c6c32b2c750da5dd0564499104cbfa57167831e16adebe3e7300b628992b61a2be18205b836f3de2a357275ac4f079a812893c5736a536f8c91efc32dac3fc14685af4a0d19b5e04562f83207e1a7d021aa106bf248f3a403b6243e24c65668c10a8ca1dde4f2a98fc789e2a51c0314b59ae0b9716fba09c6aef3101a605f981bb7fc16c7a71e04a5d6e226e3998f2ffdd9e8b471fda2ce273d4bb306ac639911e9d15b294d0c087137e890494c006087f409cb7197775edbaae1563055952424a72d82e02885241d5dcf2a3ac0a7d626c8243c17012827e092528f1787e5bed1dd4b2e64dab8b47ed7a18b56b4ac6086c49c0cd0342cb8572975201423db1e9c179082f2203ed532cb0292ff886e912313b980c959635090922829bad14eb034641dad026f44c21cd28695c4774f24d633add532585191de29b863eaf9336d7f5aa8bc60644bf5358ba8d53a3b3d85c110bf3b3237404171dbb51dcd39b885cde67ef93aced6c27636c7d9f780bf7002ce694df3ab33ca5ae30ec7d0533f43c233dead745ede32786f516e59e7ed0995639e81c046429c010c73848364f6a9b0700ca97db132a6dfa00860d0a0061dd4589f40a42cc8494e81d0589f7dcf177be861b5990ab97824afec4470722b02e56a8e159171ea09db3a9754784eebb68b3acf7b492dd18d8c542aa1372ec8eb3f037363369a231e5af2c8223f5b84664cef662a07d5fd25fe3e2374a2cfdafdd7d232a778f4aef1c97a83f16327a70d8c9ca1abaabe4b20bc9e85f048efede575a382f2fab9cfe2e4145ecd3862e010b8aae00ef7267e04a1be358f5a6d5a32a6d59f16da8c7b013e6c54f89073c2c9e203d3768c0c9510a7c674d56a8cef29ed50f495a716a2cdf28199516cadaadb5184d42174e7896dffcd68ab06e7fdb06c56095217c7ce5ad468227f1a99a9339f44ad9bab7626980ef94e8b663b352843d0ebfef26165466cf3de3d273718c72860fa6d3596c64810d8648574928274b25ca1e3154314701727bff6b4d00a46bae17145bcaf868fe0cd517aedf76ee98063ef3168fbec08cad817215daac7eac5105eacb0429294464393016e3fcc0c5a46aae7c17f34c8d0ef9463da37e3ffa4f55512c00e18cc5f98a4cec21b0dddd5b0d8b8bcc2d62bb30f1d9d783e9ecfb2c0c1e7cdb37e3eca95afb581d4d376d544a7b03313ded53e16de59b3358be65a375881471951adcc30ff4480ff04e5edab849cdfff6d25b2cfe02fa6b93d139e0b0df704fbd8cf9089276dd8bbc2711f0f6a0679d6896787b82143a43a457d1b051269b653ccf3d67d3d5cba482f7a444e7fdfd2ebb7a863c4170bc51eb1030ec2ca16bdd923eb7d24ddd5bdd6a71b9591aeee186961113b1fa034d8a3d654b8910a2631f3859cef688609eea1e9afaa5973319bff3b979c6441e4dfe4912f598d1d6cf2ab92cba8c338f7d153c8ac33645102c9789be116269c328f2d5737f4cbfc33f28ae75978bd2404d5f53ad95a230ae694ba07f3f6e6ed1d0dbdc19908952c21e68e50528feda044cc4119ddc33623f871f0c1c93182b7ef11064b10564b7eaf963039dd03519b81199e3353b88cded185f61b2b185032627c280c91829f472f4b1b2019b448c0390f94aeb2b710fdf8a0c4eebce3ff465fc0b8cc7b2c0f0e513cf7eb3b25cd378ba0fe7cec42aa2bfce62154fb602b65cdd07d12017e17c50bec680c6f6ed8998188a448ae63f368713d6097266d16863a7368b208a069b323d5a1c760ee93caa72cd66442bab1e311edf04e59f501e790a387d578e457f51eb7c2874a90daefb810150ce4f0358c1fce67f1ffbf8700602efa1af10d3dc186a99fc0acc97aac00d501a2099496bf117716fb0e7128b3e8d4e04bf5badb78c7862b39e8c15851db146c97520cf7d6951dd2971b2a971efdff843beeee21d2e44b1485080cd494162edd12a5570133302ecb091abc97b565b90d8dd8490dafaedf9ec26ac3bd1f048d79f5e2525b57f3f21146e328c1d64867ae5451738908cbac1f03a95283b4c834943fa1cfc3bf41650bcd19420426fab13ce4c713ab2b730647df213c6f6fe6cce5630fbcf2b4a50b498dcf2f5f08403ac5b7d6b961fa6d6d062037af94745ef645e9d1080a703d0a6f095f190fe76ee172437f57cd1b9975baf424c7226ea1e8c2f219c76437c80a7f6afb0eb7d6a4d6d1181bb7ca5c39e8f2436f248d5cbe46d615a082bc2be9f01ab0fbcc69bf84b4bb665a9aaebce1050ca3ea770732928abe9ff64f2e1d04c6c1b2c64d133d21cfb58bf0ef1a64d930a09e3fee638ef051b8206f434f34ac6cd6f5ab2ea907134376150771533525bb162471c7e0ac9b6ae3e6e80b53f44458e792c941a0da1cb25f130e777e8d3e825273c6d0d9169299818c2787a7717abc7de8453c0a62c5de8fa485ed4e735571aed8c06aed8", 0x1000) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x4004, 0x0, 0x0, 0x8000009049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) getsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f00000002c0), &(0x7f0000000380)=0x10) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32, @ANYBLOB="14000400"], 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="04000000", @ANYRES16=r6, @ANYBLOB="10002abd7000fedbdf254c00000008000300", @ANYRES32=r7, @ANYBLOB="0c009900080000003e0000000c0058002a000000000000000c00580075000000000000000c0058004e000000000000000c0058006c000000000000000c00580014000000000000000c00580078000000000000000c00580041000000000000000c0058000900000000000000"], 0x88}, 0x1, 0x0, 0x0, 0x40}, 0x4090) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x66, 0x2) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000003f0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000400000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000080)=0x0) syz_open_procfs$namespace(r2, &(0x7f00000000c0)='ns/user\x00') close(r1) r3 = socket(0x1e, 0x4, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) setsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, &(0x7f0000000100)=0x20, 0x4) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:03:56 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x9, 0x6, &(0x7f00000006c0)=[{&(0x7f0000000200)="ac69bc5415b3e5a4a2d00769fcf2e1a8c5741a458a2a64d774f5fc8354d2fc24bf03fc4869864025ffe4f35de7726fe5ff8b0db0e07b02615d097c487136b0be04cbf7460d4ad80cf7dae273701b888905cf27a9a8c56a8311a23b0081cf82747e16c96d451d919a4e3c2ef26ba293532f97bb4042353c1bf2862be62cd7a5121b71dc618241a4a5887e5d24748454f6435149f4dfae45937b59bd6c9b038bb3931ef7c4414f36e248352e169e24628b542963ebcc99a36e01a666ee99f4919202a88243a9d5c2ec30f315b38b451ac961f33cb7f931541d0964f6e2d2fd6966bd3562e5b8c40585349c256afd81eadcf023d13b3a94b44ce1", 0xf9, 0x1}, {&(0x7f0000000300)="65b7918dc68620c38acaaacb00b66aac7b99b50cc8ecec1f43ecf1943198c54458cac5b033a7f3d97d6022541c1b83fbe4594251e4df3ddb01a3859b24172aec84c683ddf03af10778e14f40e2dee36ea054a7bea4676cb38701fe7236ae59df434994ab27cfaa780e5366c1fdcf55627e8f4f12c7f098fa2e251de0d92da5ac47d29dca6a4413ca7b6d4e905e", 0x8d, 0x8d}, {&(0x7f00000003c0)="4d95238515199866b0887e7b36db700e0dd3b18f14a404e3a719d454af6c072626ebac99d1ef2486c38ef31d4f968d98e7401540a70c9617a13efb23d77c4ecc258abae0cadd0c82d3a645fa69cc13898eeff55da2b100e0c76c5fea628615b332a2ec4bee1616237f4f054ef37b5614966163b1c39b7bcb1bea95a0ab83c55e17f5ecdf4910e7e01109fd0aeaed3576539099", 0x93, 0x1}, {&(0x7f0000000480)="c75042f0ed097f3bb6cfccb39a3d2e24c4dad74ea3a57438c07374c59df0f247bf064fc0d7f1fc3376775f6fb96cd890d75da8bc72890c0f848e6bfb6417561f535e8f1fd58ba71f6e0bd7bb93faf414667bd7b898071697df218304524812a53855837e466da570d3f8b5c0c70f4bb6c75a4b8519049f447006f9853520f0b658a624dfa0da911f75ec909673875826309ec1f58999c07428db8c3c91b8d9f326ae5e92cbcab4d9c64027d4e43b29bcb0d7845abef272ae0817053f62607817f78eee487b59", 0xc6, 0x9}, {&(0x7f0000000580)="8b945a8b56aea4d64c957bd81a628d3a78afd3796839bf14fa829707ca9f5d8f0c5e1e9217e35458884a48e80193d45601aa73fd39c2e41f8a935cf58f06156f37a343fb2936fbb4f28fb4d8db3ac934851a1f48951612e257f1557c3ee1830b7a7e58fe50941647f7b586fd20436025231853298d6970a95fa950fb75229c932a5caee9190ec2c7c865257f915ff3d616f5d86ea8cdbb98d6e3173a64bca81c7d34976bbb3274b838741d512238989fab7deb0a6e", 0xb5, 0x5}, {&(0x7f0000000640)="6f782f338fff3400ec514baf4b53a072dcad8d65c9e9d7b57fb089e52294ee9945bb6569376421c6c379c8d6df942f4614d1856196378cc228a6b1ed0b8795331d319ea613e9", 0x46, 0x6}], 0x200c0, &(0x7f0000000780)={[{@noload='noload'}, {@noinit_itable='noinit_itable'}, {@grpquota='grpquota'}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}], [{@audit='audit'}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@smackfshat={'smackfshat'}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@subj_user={'subj_user', 0x3d, '$#@)'}}, {@fowner_eq={'fowner', 0x3d, 0xee01}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@smackfsdef={'smackfsdef', 0x3d, '\x97+$*%{^/'}}]}) r2 = open(&(0x7f0000001940)='./file0\x00', 0x8708a0, 0x2c) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = open(&(0x7f0000001380)='./file0\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40086602, 0x400007) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000180)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_RM_DEV_V2(r3, 0x5000943a, &(0x7f0000002480)={{r4}, r5, 0xe, @inherit={0x70, &(0x7f00000000c0)={0x0, 0x5, 0x8, 0x0, {0x0, 0x6, 0xcd66}, [0x0, 0x7fffffff, 0x0, 0x6a7f, 0x1]}}, @subvolid=0xc3b3}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000900)={{r1}, r5, 0x10, @inherit={0x70, &(0x7f0000000880)={0x0, 0x5, 0x8, 0x9d6, {0x2e, 0xe5bd, 0x7edf, 0x3f, 0x2}, [0x1, 0xfff6, 0x1, 0x2, 0xe89b]}}, @subvolid=0xb8}) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r6 = socket$inet6(0xa, 0x400000000001, 0x0) close(r6) r7 = socket(0x1e, 0x4, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="fa6e9c661752f0ac26fe65285ecfa91ad902ac17cf7f1e0dbdd40c073af4f1379790d528557f661be05b9f508f5138", 0x2f, 0x0, &(0x7f0000000140)={0xa, 0x4e20, 0x3, @private1, 0x8}, 0x1c) utime(&(0x7f0000001900)='./file0\x00', &(0x7f00000000c0)={0x1, 0x9}) connect$tipc(r7, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r8 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r6, r8, 0x0, 0x200fc0) [ 1770.327471][ T5285] FAULT_INJECTION: forcing a failure. [ 1770.327471][ T5285] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1770.353904][ T5285] CPU: 0 PID: 5285 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1770.365371][ T5285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x1000000) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x17) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r3, 0x0, 0x200fc0) [ 1770.375415][ T5285] Call Trace: [ 1770.378697][ T5285] dump_stack+0x1b0/0x21e [ 1770.383017][ T5285] ? devkmsg_release+0x11c/0x11c [ 1770.387945][ T5285] ? show_regs_print_info+0x12/0x12 [ 1770.393131][ T5285] ? kasan_alloc_pages+0x4a/0x60 [ 1770.398059][ T5285] should_fail+0x6fb/0x860 [ 1770.402473][ T5285] ? setup_fault_attr+0x2b0/0x2b0 [ 1770.407489][ T5285] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1770.412858][ T5285] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1770.418392][ T5285] ? find_get_entry+0x5da/0x670 [ 1770.423231][ T5285] ? xa_load+0x323/0x340 [ 1770.427462][ T5285] __do_page_cache_readahead+0x244/0x510 [ 1770.433089][ T5285] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1770.439497][ T5285] ? unwind_next_frame+0x1c07/0x22b0 [ 1770.444769][ T5285] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1770.450475][ T5285] generic_file_read_iter+0x626/0x20a0 [ 1770.455930][ T5285] ? find_get_pages_range_tag+0xae0/0xae0 [ 1770.461635][ T5285] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1770.466998][ T5285] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1770.473056][ T5285] generic_file_splice_read+0x491/0x780 [ 1770.478591][ T5285] ? splice_shrink_spd+0xb0/0xb0 [ 1770.483522][ T5285] ? security_file_permission+0x1e9/0x300 [ 1770.489225][ T5285] ? splice_shrink_spd+0xb0/0xb0 [ 1770.494146][ T5285] splice_direct_to_actor+0x3cf/0xb00 [ 1770.499506][ T5285] ? do_splice_direct+0x3d0/0x3d0 [ 1770.504513][ T5285] ? pipe_to_sendpage+0x300/0x300 [ 1770.509528][ T5285] ? security_file_permission+0x128/0x300 [ 1770.515232][ T5285] do_splice_direct+0x279/0x3d0 [ 1770.520071][ T5285] ? splice_direct_to_actor+0xb00/0xb00 03:03:56 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) fsetxattr$security_capability(r0, &(0x7f0000000080)='security.capability\x00', &(0x7f00000000c0)=@v2={0x2000000, [{}, {0x6a, 0x20}]}, 0x14, 0x0) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r5 = openat$cgroup_procs(r3, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000140)={0x0, r5, 0x100000000, 0x4, 0x5, 0x8}) 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x4, 0x0) connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x3}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x200fc0) [ 1770.525606][ T5285] ? security_file_permission+0x128/0x300 [ 1770.531309][ T5285] do_sendfile+0x89d/0x1110 [ 1770.535803][ T5285] ? compat_writev+0x390/0x390 [ 1770.540551][ T5285] ? security_file_permission+0x128/0x300 [ 1770.546255][ T5285] ? vfs_write+0x427/0x4f0 [ 1770.550658][ T5285] ? fput_many+0x42/0x1a0 [ 1770.554984][ T5285] __x64_sys_sendfile64+0x1ae/0x220 [ 1770.560169][ T5285] ? __ia32_sys_sendfile+0x240/0x240 [ 1770.565446][ T5285] do_syscall_64+0xcb/0x150 [ 1770.569943][ T5285] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1770.575822][ T5285] RIP: 0033:0x45dd99 [ 1770.579703][ T5285] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1770.599291][ T5285] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1770.607685][ T5285] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1770.615640][ T5285] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000420000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1770.623595][ T5285] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1770.631550][ T5285] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000019 [ 1770.639507][ T5285] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:56 executing program 2 (fault-call:8 fault-nth:26): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:56 executing program 0: ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)=0x8000) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = dup2(r2, r2) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') dup2(r2, r4) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x38, r5, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", ""]}, 0x1c}}, 0x8000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r9 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82) ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r9) 03:03:56 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) unlink(&(0x7f0000000240)='./bus\x00') getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="2000000015000100000000000000000002001010", @ANYRES32=r3, @ANYBLOB="08000200ffffffff"], 0x20}}, 0x0) lseek(r1, 0x7ffffd, 0x2) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r4 = socket$inet6(0xa, 0x400000000001, 0x0) close(r4) r5 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x400, 0x0) getpeername$packet(r6, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000200)=0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000280), 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x200fc0) 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000000080)=0x3) r3 = open(&(0x7f0000002000)='./bus\x00', 0xc0840, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000480000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000004c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1770.773710][ T5328] FAULT_INJECTION: forcing a failure. [ 1770.773710][ T5328] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1770.791389][ T5328] CPU: 1 PID: 5328 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1770.802835][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1770.812877][ T5328] Call Trace: [ 1770.816159][ T5328] dump_stack+0x1b0/0x21e [ 1770.820478][ T5328] ? devkmsg_release+0x11c/0x11c [ 1770.825402][ T5328] ? show_regs_print_info+0x12/0x12 [ 1770.830583][ T5328] ? kasan_alloc_pages+0x4a/0x60 [ 1770.835507][ T5328] should_fail+0x6fb/0x860 [ 1770.839911][ T5328] ? setup_fault_attr+0x2b0/0x2b0 [ 1770.844923][ T5328] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1770.850282][ T5328] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1770.855813][ T5328] ? find_get_entry+0x5da/0x670 [ 1770.860651][ T5328] ? xa_load+0x323/0x340 [ 1770.864879][ T5328] __do_page_cache_readahead+0x244/0x510 [ 1770.870510][ T5328] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1770.876911][ T5328] ? unwind_next_frame+0x1c07/0x22b0 [ 1770.882183][ T5328] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1770.887883][ T5328] generic_file_read_iter+0x626/0x20a0 [ 1770.893311][ T5328] ? find_get_pages_range_tag+0xae0/0xae0 [ 1770.899002][ T5328] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1770.904368][ T5328] ? avc_denied+0x1c0/0x1c0 [ 1770.908847][ T5328] generic_file_splice_read+0x491/0x780 [ 1770.914362][ T5328] ? splice_shrink_spd+0xb0/0xb0 [ 1770.919280][ T5328] ? security_file_permission+0x1e9/0x300 [ 1770.924965][ T5328] ? splice_shrink_spd+0xb0/0xb0 [ 1770.929883][ T5328] splice_direct_to_actor+0x3cf/0xb00 [ 1770.935222][ T5328] ? do_splice_direct+0x3d0/0x3d0 [ 1770.940260][ T5328] ? pipe_to_sendpage+0x300/0x300 [ 1770.945255][ T5328] ? security_file_permission+0x128/0x300 [ 1770.950981][ T5328] do_splice_direct+0x279/0x3d0 [ 1770.955798][ T5328] ? splice_direct_to_actor+0xb00/0xb00 [ 1770.961361][ T5328] ? security_file_permission+0x128/0x300 [ 1770.967049][ T5328] do_sendfile+0x89d/0x1110 [ 1770.971520][ T5328] ? compat_writev+0x390/0x390 [ 1770.976253][ T5328] ? security_file_permission+0x128/0x300 [ 1770.981937][ T5328] ? vfs_write+0x427/0x4f0 [ 1770.986321][ T5328] ? fput_many+0x42/0x1a0 [ 1770.990617][ T5328] __x64_sys_sendfile64+0x1ae/0x220 [ 1770.995785][ T5328] ? __ia32_sys_sendfile+0x240/0x240 [ 1771.001035][ T5328] do_syscall_64+0xcb/0x150 [ 1771.005507][ T5328] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1771.011409][ T5328] RIP: 0033:0x45dd99 [ 1771.015277][ T5328] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1771.034867][ T5328] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1771.043267][ T5328] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1771.051206][ T5328] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1771.059144][ T5328] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1771.067084][ T5328] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001a 03:03:56 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) sendfile(r4, r3, 0x0, 0x200fc0) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000600000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:56 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x161) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x9c, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x38, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_DAEMON={0x50, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x80}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_1\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2={0xfc, 0x2, [], 0x1}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1771.075037][ T5328] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0)={0x5, 0x5, 0x101, 0x9, 0x5, 0x9d76}) prctl$PR_SET_PTRACER(0x59616d61, r0) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x1, 0x0, 0x10000010, 0x10000, 0x1000000000, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) pipe(&(0x7f0000000200)={0xffffffffffffffff}) sendmsg$unix(r5, &(0x7f0000000500)={&(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000340)="75d2e6f4416acb84171ec0e7d092242207782cb881391321339536a21ba06f83f530595601cc23013f9aab5123813d715c8f9008bca357b73b0874180e96c0610df20450e2c85a04ad04564d6b963a7792d32b230035d6a91a86ae96a2eb32a85152ba59abe40932f67fd08f86be2ce8", 0x70}, {&(0x7f0000000240)="6e7a17e5c9bc0ac75bbaa0b7c0b1aed0d1f78a0eeb0b734c332e75b3820280b0baa70132c18f3f4e1416411d385fc8dd38711d", 0x33}, {&(0x7f00000003c0)="7567fd854df92cb649130127edad3ebf808509f0f30bc60aa02aaad6857e6ca25dea03fa1dd79a4b253a1b447b8167863cc7c96ce8e64d08613eccd8fcd3400ab7367f630983fa9ed6b7eae7639cc334f6a8adbbc90b64c7dce9527dac1ccf13eeeceeb6aaf36525144100c91e96c1953769f34befd6ef2313f7d00ce5ce3a71ff8b4375c850de124b181998ab646c3dbe9c99c4c278dd8b5fa4bfe9f018c994439c7054fc8e95c39120d2cf29cd7da03fe24b4cdbc78b72174053acedc50af5ec23", 0xc2}], 0x3, 0x0, 0x0, 0x4001}, 0x20000001) 03:03:56 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) socket(0x8, 0x80000, 0x80) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000680000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 2 (fault-call:8 fault-nth:27): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:57 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$UI_SET_SWBIT(r2, 0x4004556d, 0x7) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r3 = socket$inet6(0xa, 0x400000000001, 0x0) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x200, 0x2000) close(r3) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x120) sendfile(r3, r5, 0x0, 0x200fc0) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000006c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000740000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x111) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}, 0x4}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) lookup_dcookie(0x9, &(0x7f0000000080)=""/223, 0xdf) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000007a0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.285303][ T5370] FAULT_INJECTION: forcing a failure. [ 1771.285303][ T5370] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1771.317943][ T5370] CPU: 1 PID: 5370 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000c0ed0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.329399][ T5370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1771.339441][ T5370] Call Trace: [ 1771.342733][ T5370] dump_stack+0x1b0/0x21e [ 1771.347053][ T5370] ? devkmsg_release+0x11c/0x11c [ 1771.351987][ T5370] ? show_regs_print_info+0x12/0x12 [ 1771.357172][ T5370] ? kasan_alloc_pages+0x4a/0x60 [ 1771.362097][ T5370] should_fail+0x6fb/0x860 [ 1771.366505][ T5370] ? setup_fault_attr+0x2b0/0x2b0 [ 1771.371526][ T5370] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1771.376892][ T5370] ? gfp_pfmemalloc_allowed+0x130/0x130 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fc0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.382433][ T5370] ? find_get_entry+0x5da/0x670 [ 1771.387271][ T5370] ? xa_load+0x323/0x340 [ 1771.391505][ T5370] __do_page_cache_readahead+0x244/0x510 [ 1771.397128][ T5370] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1771.403530][ T5370] ? unwind_next_frame+0x1c07/0x22b0 [ 1771.408804][ T5370] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1771.414512][ T5370] generic_file_read_iter+0x626/0x20a0 [ 1771.419964][ T5370] ? find_get_pages_range_tag+0xae0/0xae0 [ 1771.425671][ T5370] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1771.431029][ T5370] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1771.437085][ T5370] ? avc_denied+0x1c0/0x1c0 [ 1771.441581][ T5370] generic_file_splice_read+0x491/0x780 [ 1771.447108][ T5370] ? splice_shrink_spd+0xb0/0xb0 [ 1771.452017][ T5370] ? security_file_permission+0x1e9/0x300 [ 1771.457719][ T5370] ? splice_shrink_spd+0xb0/0xb0 [ 1771.462630][ T5370] splice_direct_to_actor+0x3cf/0xb00 [ 1771.467972][ T5370] ? do_splice_direct+0x3d0/0x3d0 [ 1771.472962][ T5370] ? pipe_to_sendpage+0x300/0x300 [ 1771.478029][ T5370] ? security_file_permission+0x128/0x300 [ 1771.483726][ T5370] do_splice_direct+0x279/0x3d0 [ 1771.488546][ T5370] ? splice_direct_to_actor+0xb00/0xb00 [ 1771.494069][ T5370] ? security_file_permission+0x128/0x300 [ 1771.499761][ T5370] do_sendfile+0x89d/0x1110 [ 1771.504244][ T5370] ? compat_writev+0x390/0x390 [ 1771.508982][ T5370] ? security_file_permission+0x128/0x300 [ 1771.514675][ T5370] ? vfs_write+0x427/0x4f0 [ 1771.519067][ T5370] ? fput_many+0x42/0x1a0 [ 1771.523376][ T5370] __x64_sys_sendfile64+0x1ae/0x220 [ 1771.528565][ T5370] ? __ia32_sys_sendfile+0x240/0x240 [ 1771.533828][ T5370] do_syscall_64+0xcb/0x150 [ 1771.538310][ T5370] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1771.544191][ T5370] RIP: 0033:0x45dd99 [ 1771.548068][ T5370] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1771.567655][ T5370] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1771.576043][ T5370] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1771.583990][ T5370] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1771.591933][ T5370] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1771.599878][ T5370] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001b [ 1771.607829][ T5370] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:57 executing program 4: lseek(0xffffffffffffffff, 0x800002, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x8a) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) statfs(&(0x7f0000001040)='./bus\x00', &(0x7f0000001140)=""/136) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001200)=ANY=[@ANYBLOB="440000004ad82ed4a6afdfd3d93700"/30, @ANYRES32=0x0, @ANYBLOB="4f0a0000145f484882d5000100ff010000000000000000000000f9ff7f1400010020010000000000000000006bfa96c2e64bce07b802629011004496916654d69fd79f55e625812a719341e61c95744a3c98f128c5e65f62f69f0f76a4d341070d357fed94fd539d"], 0x44}}, 0x4000) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$BTRFS_IOC_SUBVOL_CREATE(r1, 0x5000940e, &(0x7f0000000040)={{r4}, "2d2e197139e2c0cb939d4d8ed47abb4a7552d9d4089eca2d25ff5b1a0594bc252527871dc3ad5b8e34f8269b06eecc5f9035c7751a20c3e07d4c117ec21e45188d99df871433cfc7b014a439078c1df17234fbdff452dd6c72da35555e93c99856ff7391f6ea3c9a2c0ea7605def78724f3314c692586bd243759c22d93d44953f7f953c20f35b650e202c2a9194c9afebce8950f0dbcf7205206ec7eb0ab13a83db6b95a99972a6b24f11af50eb4d6795c605e35a9381aa6f788f319de5e433bf2b7764f90bd1d5cd330f395348471d883ef66fe151b0a7fd49b70f5d04f043767ee6b9222b761d47a6747a0ebef82d356edc1360740aaf359ba0a345929cc4b86cc981c90763268b8fefa45a400d1c080c53aa34d4aa69099ea04b6763d20f943bd412f51f8126abba2ebe914a54b4d6feb1a3cd2f731d10afb543e75ad6d497554fddb3fa81cba9eb34d3b4e975de3a129c1b97f555050893d3c3e28bb0ef016d82acb6a74ab1fedb4452a641150af6770ebfccddfae1cbcceb1009f190e95ab7b238f02c7b6d3a9e344bccef5b25e4546bd5a3780a0a2bf17726483dff9557c33e4d381b51bea76ca24d51144b077e1d6d258320280abf1873a6ecdd353e6ba5f1517a34e2dfcc34f8d605b5808693990778969b4536fc9bf79ccd6798b159bf1973c8fa1b64ab6acfcf5126f541f23cecb11b4b6c1b195180eeeefe1f34ef9f4c5c00aca6d53ebc587594adceb9b0739db9c3efb166d78909a82a33699516449bffe4513c434b2498e1236c1e0da712b3901967365df2fc10ae8f16e02962ffc84ad566f92315cba7442abc3bebe390614ba6cbe722292d26944ae7aaa20c5384d6fd57c1e8a25621a73e9dd62541da418b4b80d470b059f64ae763663b317d95d16c286b2fdaf268f1fed551201f212dcd58b40df9ba4b1cf76a1107e9bfc3dc7f09733fba1ed02a7eb3662e72ca53a232a01687c499ddc101e11baca206f2af630fc0ba55196779d195654f8571806b83aae60625546857d2144a4bc00528d5286cf201545628c6893196168380e30f094e986c20851a32bada0261791c5ed1964b8ef21e6a2b00d0da3b65b4faf482a6f08156154dceedf55a79e08de428d897c495c57f9ae6c25cf17251f2d40db47c5095f9398c0233f6e513b0948b8dccd5bc90847e0367771e6c884315983e1328bedf162fbfb56fedd7c780f357ac122a5309f173b119d180d45704b2af5ffdb8aaa7c1ca8643a2890a10ac6b6116ed36aacca6802ade1887943b173d39e3216201e0467cde8f354f4cd5aae9766effe1c7da7fb7e4ef1ed0e0dfef42fb5bdf73755e78484df1940d0a635530df4d0059d9eac7859fdd306742f625a21915b17b4109a18622047782c3254fa93d24b85cb0265340c388b423c1706f301570fd79a076fc2c46ce4f0fc6302c6d46be314825a056148c286883cf2509df96898355b67399b136ded1edae107ad15aeb46fddad260234946a4f3abdbff7427eca16f330accc11a918390c38923abb1ee807d776cfaa5a45cd2851cdb54a3d1783fe72128ab9ecf8456661d8cbc33b4e49b13d464b455eb182a039aa5803167f565d61a046fc9fcbac2fcb43eed1af74b5fe20ae7ea0cef1f24c5f5291d537e14a7079de129997d3b8da79d74657a3d012df6c9fa045b4786d4600b87c08d79d7baa6acaffca8e40b8368b88a82fc957f32ddcb37461a9e6f99d2aae089970b21d84bd9ae5a77df952817caa8315720afe71ea4ad397b788af6765814466ecb6af11110bd1f0e8ce0801e34c9592ef3f1f007ece0311bfd704c0275f5a2f7c1e9f0d15eac64eff24e29499f7bc810d246ed921571c9b218afaf6653fd95eb51c66ff0e3e1f8b58ca018b93df79b059cfd140e61345e23eae11ab427d90da48fc0f7cf15e48c7fbfd616ac877d547101a30e8a76134616c9d05531a18341b728368b8b942b790223d80e857d7b33645a3f8d296bdf8309afbf17b36f0630c128abc7af770320770f231509d9a6bda9e14aea6497225f2d00f459f92fe189feb9512aecd5df29c310b674ab278c7b18398c010daf9e22aec2b58c58c0bc3d315b9238dd848d02cd5d41f8a4e2574beaaef8578317802f8556f71dbd53e2e66b3a4212e8feea29180badda424b03fdbdddcb4bb9eb8f7404fdaab060fe240b558ad365666564287e0d917e5665cb258245c142cabb253204cd23b66b3fc41ee22584c22e9cb7f7ebb68f32728ca2a6d2100a221f163622bc3e40c4da29ad27b0759a76b5855e61a4f139f0e0e553475462c0091d6f6bf919a8275ae5d2915debfa85f8c4fe0fc57cf49abd03411c549ba26e34655ef54ec348c8cbb9607cef5a51fbaec03438a19e9b334fdb3c93b2e1afa8283f1c71a9c4d4e1a831e52e498f2220320b8c43c02eb1575a7686ec143ee35464ff508a3414db3bba0f51a8bee30e9f621c121f671e6984b24096add7347cba7443c46f99f2ed8206eecd00abc9fe5600f5644119adc0e39fba31b95c236c6838dbe20345709ee00de6ca0c9177949771f868e838580f801369eb8020a1d5bdb0309dac7fc7eea6632837ef6331a31d0c1c79169d1299f53a8114711b3f910ca266dbd5336f75ac068b86d310723d021c32dd3645ae9cbe5ff8a382db1ba266a16295b6795e153d3b66d6874b093e539267c9d45beb67d271f9619aa22f31e7170e36c7c1de2ca3011100d708a661125f174656aada64618109b1fb818c57650910f5925b8b80b5e776b44a3742a2a7773d23a8f1689bea8e30af399f4a3230aba81fd35989ff0688fcf9c7a33c756ee0f92aca8c58edeac0378a840d18239cc9cefb962917dd80372147c76fffe0446aec47e5e7a915028ce0948baa8c14e8ba9717c36f1aa119ddcf9cbbb7157497540ebb0bc65627128b34724624cb0396a521968a97fb0e9bd9d42629b27b330e9a35bea07add08e64a457f83d9122afba0249ca99bf40ab6b38e64fbdc5681a3f4a15004ed3e1c50ef518e8490ed3d89bb08c2513a42594d1e5e1cafd866ee07cc07c7bd3586ef9494a132fb0a90ca801e4e8dfcd8280e1e3eb0be807cc7b3f315b4c52db2776e5e158eb3a7a918b08331764e6812e81b283baab6d8acf727ce1a8e6f56374cc57096cccafc9e9902abc4e7a91cc29990f6d061c20c259acf2bf5a9b7e5504e24bd09ca184e6246aba9d33eee798ed420b9a321b47adf5e13d25cfd069d34c44a2d5b74b4faa81fa80883875df0aabb8abe34710edd1accad47f447dad8f22071fc9064bbb1f99a6ad996a598ef20a292e221dcdc302a336a66b2b741fda9007fc1dc7081fd5d2e36a8515fa55792675f0ed517462b4dd8682af00566b5565bd8a971e448c01e49beba7ed6a496758c1f2936ba5d1ffc2585ae8123f0faaa49c36db60ade3d50ad239e386ab34684232d52bccc90952daeadd79d98642b0e721e499f5222d9bf0ed4565af189f89c282474e99c61c419e61accb60eac9317afa67b21df2d92f44e5dc830af45e9b54d8a00d76c541506dced95128ebb05082a6b01f031fc643b5682e7392b7079c37cf225ce09a121f4c4580ac01a959954f336a2c3551c360736c31de251906229b47a31a310beec3c4bc61f46a62f4f5946a619eee3abad284cfc59ef141b3462f127faf9892b5fee6f084bd3c07025480e8c531aac61e9494dcf3334ae4e6a148780b7e32337f0fc3e73a19599458c01a769ecee69a2f0b861c022c208c8d5cff874b6790da0ffd693e013c839e26bed9c9eaa5ea90082ea00bc2ad017ae87f5b9e49c41dd3390b884bcbed4f60a2d248c0a77983c4f6aa757aa4efb3941ff201829d1d8034efe2f41b1c8f7aaf57737b97814c67821f2b15670d6d47860e7d570fcc5d93e8f06f8e25629cff86d7a70a4e11fa209685fa6d05d0be3a08b942e1648a9b2aeb1792cef4a989bff5923f132db07b481b14a39a4478a810e83a7816f1c714d7a2dc92d2e05deac52a8c8aeee2510fe6d0d5d853ff68b07f0c3f2e8ea3d767bb0f0d048f877f202a7f96b8286ae30c412d78ea69918dc8ac139fffa68c83074ce2740475c1f2c303b4b832f5fb4db2b981ee00fa546f628f289ef488b659e5dfd47bdbc65a9b56a9ce0bbf641f4041a34be9a9a416d76b96129030e807fc0873bda2ab655666fe211155887757ac10cc2da91bfef2d0e1d794e9c94839bdf8fde679c4210819a5362ef975af8c29ab620c46c47eefb309f9c416a0357e3aece23981d183705f1f9c5730a3098deb3d0b87bdfb31b818f94833ef19d9df79eeb339f950d54a7faa347cb9a064c60e7fcd58871870045a48925f8f64b15a6c5a41645ca315471fd982da29a5628eb3d507a0c21188af7368df13b5d1539effd7c5283133973d4091ac3f5cb1d54ec2da877152c27cadfb11e7321bde874ac7d3a6633cb52fea4d8f71f5b8df2300a8b8591042e770b7a027ec09d7537aa9058ecea845a2bd6c48c9d5841e235eea5548109ab7009b9bf99c985d143ac1d3bee8e4694ac09a38d4036298671129bd3996de925237885889b1d307c2adf082c5de443b3d7cf3291c2a762054f44fe708a4932ce1ffe023243a31c38bf90cfaf3ba857209b002702c46a82082e07a2024257cea6821ed462d609a84d69c415351f900349346470da55869eb0637ea7158fdb3a9d47ecb7a2a334e446ebb22f1e38eb4ad3b8b339c93d4f7e9c2fafc4296c3dc608f721a22a4576f914770b53eec57cdf8005046eb4c72efa6bab02f7589107e4b129e4977eb8a9a55723e265fe9edc5af1411b72627bb0779712efc47c61feebb16c709a8925e77ac7ddfd0ea15706b35a315d7ce9265426884c635dba8fc6f9470a992162cc7c604b2acd7265200572d9f36881abc141c3f153ca5b4e000066d43a4621801702702881dadbcb486795296d8097b2b9d769b3ac8994e458f50324c37c1629bab530524edbaa9ccd8791ef8b85a7b89de084d82e0085d3c97067f1badd6d9dbb25948616af8663897d31f95cd8854344e71f00d5de3fd642e16b950924917ef7ced43b45e71986a46e43d7df576d52f606237ca1e475cad559afb71ba7af6968da90e99f869373f890d5e4212f2793240ae9044510e907be7ef8bf342186fe494a6dec0848f99644c4a77abf7d8c9222ff753f5e70424dfb7365cc78426016eba0a86de3289689217744b6e3c1e19821538a151e05e94cf2d212d572bc54b2771890849e86525b37e1490d817d6e2b7c8f722c687fb9a00e981b9e00bd4833c9356280dac877d8886633322639eafa77365dfe1bb1e56651d96cc3a078fa9a307975deeb561aecd0427a5d4f9a41a3c612f713883d81ff1ed63201f84444408122b1c7844c3c73620f0514fa5e6aadd4e5ac0598b1821fd073a35571e1602061756449e0dd0b9dbb869542643bb654255ad424804457a3cfd63d63d5e28ab1f6133ee20d7093b0722c794ab842a974d3ebe2bff04188d5cac7365802f591fd9dcd5852c85b460897c1c72d23a4fbdb84e8fbd06aaf5e89717f62ee6677202fc6074661f28e8f7b3845471e7fb20b9e666a3dd81da75202c7e77f3cd785eb270e1b68022171f4afc9d25317d9e1711be171833b8696dfe4621c9373f119fc26d522e7950ecd7d587d68895cb97220c3e440cd746f9e44d8d77417a0a2c1c210e2f1fe3afc29533d6c04349e211d6221ef5702c2424911a9b3ca8a84f771fc0e1f275e22e0fba3a10491b026697aef068244140592e09a"}) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0) 03:03:57 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'wg2\x00'}) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000fff0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, 0x0}) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000004}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x8, 0x6, 0x6, 0xfffffffffffff000, 0x7, 0xfffffffffffffffe}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) vmsplice(r2, &(0x7f0000000080)=[{&(0x7f0000000140)="6926eebcbdb7528bf36403c5bf7cebac2527e278d2a62e0a204badd50c69fb163c6e03fe937874b9c7a9494f647d09bdf01328db684a07035d1159a85acf010d0e68dfd4996113ee31bf4566f75f106a7c8042376df950697d6e61ec1dec0ddfb6dd559d9794a40a9e463a5d37a46c3a3ce2f0d9f521a56e4cfd5c2c2926add10ab15a2a3315b3940a8267432cd96677b512ec6d0368aa86613d9baee49b6126b3dd71fdcf049ed0c28cc00ef99f2b8e3f41880a819233f94a3c88cfadc60bc0ca033f1e0ba4d842b108b1b618fb0eea429a", 0xd2}, {&(0x7f00000002c0)="1e7b61f3e4bfb0a9019910600325e064292313537b8dacd07a5d35cb2fdbc86e80df8f6cfe03fb0412cca30bf3bc293683b29a54c20e0bf84269158d0adeaf6e6c8823837e72efd033c91fda9bdb647b5256e8b1227d6e654bb8102c7e8b3b5e5b56ad2be5d2a311dae407423d0d5591b15e082b4bbf9767db550bfd0274a5de3a8cbec5b63db208554913649957dc8293346caef9efc87259b3d74c9ec4a3a6f8d270e39b197a67efdbeb9d4566ea77ccd89056b09a1f6120cf5b8dd3bdbef20ffe0511b69e36561ac6552d6005519318a9ab4f80d45c431c055572a2b46120e3fc6fdda85afa80f82b6e040792671dcd", 0xf1}], 0x2, 0x1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:57 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./bus\x00', 0x108100) ioctl$KDMKTONE(r1, 0x4b30, 0x4) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1a, 0xa, 0x2) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:03:57 executing program 2 (fault-call:8 fault-nth:28): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000a00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.741637][ T5398] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55370 sclass=netlink_route_socket pid=5398 comm=syz-executor.4 [ 1771.756978][ T5401] FAULT_INJECTION: forcing a failure. [ 1771.756978][ T5401] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1771.772842][ T5401] CPU: 1 PID: 5401 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1771.784284][ T5401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1771.794314][ T5401] Call Trace: [ 1771.797594][ T5401] dump_stack+0x1b0/0x21e [ 1771.801915][ T5401] ? devkmsg_release+0x11c/0x11c [ 1771.806843][ T5401] ? show_regs_print_info+0x12/0x12 [ 1771.812026][ T5401] ? kasan_alloc_pages+0x4a/0x60 [ 1771.816955][ T5401] should_fail+0x6fb/0x860 [ 1771.821357][ T5401] ? setup_fault_attr+0x2b0/0x2b0 [ 1771.826380][ T5401] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1771.831742][ T5401] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1771.837275][ T5401] ? find_get_entry+0x5da/0x670 [ 1771.842113][ T5401] ? xa_load+0x323/0x340 [ 1771.846346][ T5401] __do_page_cache_readahead+0x244/0x510 [ 1771.851973][ T5401] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1771.858376][ T5401] ? unwind_next_frame+0x1c07/0x22b0 [ 1771.863645][ T5401] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1771.869353][ T5401] generic_file_read_iter+0x626/0x20a0 [ 1771.874809][ T5401] ? find_get_pages_range_tag+0xae0/0xae0 [ 1771.880515][ T5401] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1771.885872][ T5401] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:03:57 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x1, 0x8) sendfile(r1, r3, 0x0, 0x200fc0) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0xa, 0x0, 0x2}, ["", ""]}, 0x14}}, 0x20000080) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000fc00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000001000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000002000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.891927][ T5401] ? avc_denied+0x1c0/0x1c0 [ 1771.896424][ T5401] generic_file_splice_read+0x491/0x780 [ 1771.901959][ T5401] ? splice_shrink_spd+0xb0/0xb0 [ 1771.906888][ T5401] ? security_file_permission+0x1e9/0x300 [ 1771.912596][ T5401] ? splice_shrink_spd+0xb0/0xb0 [ 1771.917519][ T5401] splice_direct_to_actor+0x3cf/0xb00 [ 1771.922879][ T5401] ? do_splice_direct+0x3d0/0x3d0 [ 1771.927889][ T5401] ? pipe_to_sendpage+0x300/0x300 [ 1771.932903][ T5401] ? security_file_permission+0x128/0x300 03:03:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000402000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1771.938608][ T5401] do_splice_direct+0x279/0x3d0 [ 1771.943457][ T5401] ? splice_direct_to_actor+0xb00/0xb00 [ 1771.948992][ T5401] ? security_file_permission+0x128/0x300 [ 1771.954696][ T5401] do_sendfile+0x89d/0x1110 [ 1771.959192][ T5401] ? compat_writev+0x390/0x390 [ 1771.963935][ T5401] ? security_file_permission+0x128/0x300 [ 1771.969636][ T5401] ? vfs_write+0x427/0x4f0 [ 1771.974079][ T5401] ? fput_many+0x42/0x1a0 [ 1771.978379][ T5401] __x64_sys_sendfile64+0x1ae/0x220 [ 1771.983557][ T5401] ? __ia32_sys_sendfile+0x240/0x240 [ 1771.988822][ T5401] do_syscall_64+0xcb/0x150 [ 1771.993296][ T5401] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1771.999156][ T5401] RIP: 0033:0x45dd99 [ 1772.003018][ T5401] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1772.022638][ T5401] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1772.031024][ T5401] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1772.038967][ T5401] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1772.046907][ T5401] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1772.054854][ T5401] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001c [ 1772.062805][ T5401] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1772.132638][ T5435] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55370 sclass=netlink_route_socket pid=5435 comm=syz-executor.4 03:03:58 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) getsockname$netlink(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xc) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000003000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:58 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) signalfd4(r1, &(0x7f0000000080)={[0x65]}, 0x8, 0x40000) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='comm\x00') ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f00000000c0)) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, &(0x7f0000000140)=""/157, &(0x7f0000000200)=0x9d) close(r1) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:03:58 executing program 2 (fault-call:8 fault-nth:29): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:58 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x200fc0) 03:03:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x4, 0x4, 0x0, 0x0, 0x904c, 0xaa0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x100010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000004000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:58 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x40) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) pread64(r2, &(0x7f00000001c0)=""/152, 0x98, 0x7) r3 = socket(0x1e, 0x4, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="205e4f00003e4b0200", @ANYRES32=r6, @ANYBLOB="08000200e541ffff"], 0x20}}, 0x0) r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) tee(r4, r7, 0x0, 0x8) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x1}}, 0x10) r8 = open(&(0x7f0000002000)='./bus\x00', 0x240082, 0xe2) sendfile(r1, r8, 0x0, 0x200fc0) [ 1772.284355][ T5444] FAULT_INJECTION: forcing a failure. [ 1772.284355][ T5444] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1772.331033][ T5444] CPU: 1 PID: 5444 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1772.342504][ T5444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1772.352543][ T5444] Call Trace: [ 1772.355833][ T5444] dump_stack+0x1b0/0x21e [ 1772.360151][ T5444] ? devkmsg_release+0x11c/0x11c [ 1772.365082][ T5444] ? show_regs_print_info+0x12/0x12 [ 1772.370267][ T5444] ? kasan_alloc_pages+0x4a/0x60 [ 1772.375190][ T5444] should_fail+0x6fb/0x860 [ 1772.379598][ T5444] ? setup_fault_attr+0x2b0/0x2b0 [ 1772.384611][ T5444] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1772.389977][ T5444] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1772.395509][ T5444] ? find_get_entry+0x5da/0x670 [ 1772.400347][ T5444] ? xa_load+0x323/0x340 [ 1772.404575][ T5444] __do_page_cache_readahead+0x244/0x510 [ 1772.410197][ T5444] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1772.416604][ T5444] ? unwind_next_frame+0x1c07/0x22b0 [ 1772.421879][ T5444] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1772.427586][ T5444] generic_file_read_iter+0x626/0x20a0 [ 1772.433037][ T5444] ? find_get_pages_range_tag+0xae0/0xae0 [ 1772.438751][ T5444] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1772.444107][ T5444] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1772.450163][ T5444] ? avc_denied+0x1c0/0x1c0 [ 1772.454657][ T5444] generic_file_splice_read+0x491/0x780 [ 1772.460194][ T5444] ? splice_shrink_spd+0xb0/0xb0 [ 1772.465125][ T5444] ? security_file_permission+0x1e9/0x300 [ 1772.470833][ T5444] ? splice_shrink_spd+0xb0/0xb0 [ 1772.475752][ T5444] splice_direct_to_actor+0x3cf/0xb00 03:03:58 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) sendfile(r4, r3, 0x0, 0x200fc1) r5 = syz_mount_image$tmpfs(&(0x7f0000000100)='tmpfs\x00', &(0x7f0000000140)='./bus\x00', 0x1ff, 0x6, &(0x7f0000000480)=[{&(0x7f0000000180)="72ec514ac9f589af2c77c70fb5c7a793862a73904794a2e76b9045859ca360deee82f78e58e4b7c9ce0fe38129ade5d39ae0e411e86224258f83b76dcb1da2ca1893d21b95cb445867961e3ca4e90202a0ffb55b8300774bd52a0ae6f7dc3aae6f63075b8554f28b3761f360ebe123bc382da82a8b3d6c0d87309a6ef80faf8d4e6b56889a776a3e032774b8e0e0f9d3db9dde1c99e879af15343aaf61106b076ef350af9df0701600078d88de3aed", 0xaf, 0x8}, {&(0x7f0000000240)="508914cdd0f77e4ab896", 0xa, 0x3}, {&(0x7f0000000280)="f0a91aaa6ff0e6471314ba9102165c6d19540946e98c2e06accfd42cf0eb523d4de708ec3449217523ee05a664fc8b4dc3872d8422849fb1c29bdc907b", 0x3d, 0x58e0}, {&(0x7f00000002c0)="c547b4b33fb82ef54c1063375da94d79ed115dbfe27e974584aa69f7a02de433e504077837c0132b48ff0c077afdcf4ed9261f6a66a3a4e37f2b2676ae562065b52354b26a2458b5acfdc1a84bd3f7ebbfc963d1f647a2c8bd7a8b8e0a793133817f10f51203f3038894d9cacd2d4176b6eaad67e43e396a22", 0x79, 0x6}, {&(0x7f0000000340)="63f3ee3edcb8fd910ef374b12451b95d712b8af205af901b8a02df68170fa958eddc5ec9b4558c7e43f72dcef88375fdd43d590b3783669a618a5963615e", 0x3e, 0x3}, {&(0x7f0000000380)="8b555fae83ea00c704643184ac05e357e875be64b8647feabccd3614e14ec1c1b435ef8e0de8395cd128c7804f35aa69b7d7238f9ecbc221af36d6819d1182828b2c1b9f45883eec0c1e7a225b965fe5e3e023b03e15fbf808641e0612bf22f8f24df4d1368f8530c1a946e9105149f50fc0971600a363abe50654f25a44a6b37f17b1ad0f465207133cd0d7a1759e7c60ad07e123c4d05d137b8b72ea3cf4198be989334ebf112aadd9102103769f4df6babdd297785af47b12151096cfbe4f47625ef9a6d0e414a6c93057f7c509d4a8fd", 0xd2, 0x7}], 0x80002, &(0x7f0000000540)={[{@mode={'mode'}}, {@size={'size', 0x3d, [0x39, 0x30, 0x34, 0x70, 0x31, 0x6d]}}, {@huge_advise='huge=advise'}, {@uid={'uid'}}], [{@uid_lt={'uid<'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@measure='measure'}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]}) ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f0000000600)={0x0, 0x6, 0x9, 0x1}) ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000000a00)={0x1, 0x401, @start={r6, 0x0, "be897757b7c91dc5b9f0f82ed354318edded98754251fa77b985ff87270f11edda3fb00e4a309adcda22c4cf5237cc34efb7b645815d841e4385c6e74a97c8f0ceebbf2ca269d1dea3e5325bec8d02188b55b556aa55f918455a2279ab8c699cd0a91e72b1d16e339d45603f0fe1bf14287cae60612202bcdf9ff258c4c9ec3b2f013561f32ae189201d7e3b350b7e54abaa302d2c5da953b94d5d844dfa13856143d72d17cee4567d43183f9227cad7d846f6bc420dd0ab8f70b8bbfb505d1be369cbc3d0df138c99dcadeec2ae72545e02a1722bdb0487d6871cf49b046e63971490d10e5bed27b4010a228b5315b102d1e653eb3067431e6493f48c959458ad8e053a140e6aeb91c0d022148ebf3c9a525c02ac1677a0afbab7fc9304d8dd93c14481eb01b5b2db3970bb545d23f23b9c0064433abea7c4137f96f81ab81b6999206d1da5ec23e906a6751e20186602506d4b59be091667e1d23e7967af5dafea3b9837cd05382e40532adec9927b5cf2a111bfa5a3a5c3227622e855cbd0657272bd20f8380360424ad85e19bb4680d5b4b479a5d8f1d07224917706e220c94a2790da343fcc178aab7000d86cfdc1555c6317a10233168e6ec619a248ce4d7894ed77ffdf6723e96433ce1060f3eaa2b912252ed8b95c7ef154b7f3056a1a67d64a6f81d3aa9987dd2b485702e0457d8a96f8e94ca2357a61fe6ce31b6694bc20ef9b03e50c2dac1e6d9abdcb963e31257a2a8831fd10581d413075fe83015480a5f841784d99529b5ff9cb11fa68b53e83e310d54ea6ef1a6be329022b243afcb2898f2b5441352a1756136d3bea204894767edd4991ad4713ddec88d7f079a725147683c2075f10a593abf58d4b475f7de93145bebe2dc77b3aefb66dbb0c00ec415a817dc887f1c85ab48aba871bb7f31aa5177c89272a956f27098a323f02571e4a847bd703ce111f791e6d757fa1d2e5d44c84263a0457fc69753da7e0c80d3586d59f7876cd7da8d8b6714afbd8f6107abcbe07154129fdba4c8ff52004ad3c07b8f9d7dbb9275f3648b1154a9403a719d58df7f60c2a255cdc63231daba265dd40cae64dbaf32537baf4ad8b7962fc6bae747ce6671abdf7d9af000af5f55a3d14cadabe47dff0a3c95c85a3c6ab80fdc84ed4b6473664682fa90ff8864cded1388a4fb012a5bff8da04fc0b8de8e2f1d249b8d529b7acea6b1acaf05a5ca2e1696e0a62cf5ca19c2923294c7c543b8c17337dbf5ba3a96c88894e8fc94b7f9fe421f72ee81cd85de2f20abb714427ff014690481ee9e312d0f454a789d59806c801832f9c49b5888e0bdba08a5b152761eb5ca9424879cfd7ce58b117d8a0eb0d7ac47a65e3218ee5d22f48f188b3d82c98c2ef99b6d373a91ce3bcb9f9ef487d1d0152eea042b901cc65a9d57d5214f8896cfb6d302d425611fb", "37e7e5ec17a3670c0391599db97f80c344671056585413d4956e05086c4278f062dcd3d25ee11a352a1debc452b91c1a2433f77148cb12ffd3f50de3c35ced362d54a761d6b1e1908e664874269a8f7f362b736d04b1af7e88db5f6fc01cfb29ebc8fe00f5d642c4757881aa4cef6a84e4d4df7ac727a300d19f202a77a9f27595b3d9b085191e556ebb66f03e8d13ad5b54ee8a11129acc46da89072d066efbd45253437bbb5f74fd504eba149c3b0053754f5aaeca4379363e607e8583c59fd298ea684a6d4ed5f36e5c2215b82f010ae5a9cba78cf59fd2d8fca0df303532e23456f420b4b8f36a5e2e30389bb0d39e06c506442ce75dc84c43330c6700f4c8d68fcf8c3a0d8caa4cafcc919c0ec044836b0c271bfa637579cf007e828db64a190789cc26d2bbad4ce04f044438886a1f9adae8a00b18f077ade0e456675822dc2cce4d01f271351ba7222e585f955002e19f58e2dc06ec6aca6c91d23df55c76f559bbbfa4d5b543cf0cfa3a7ff8959a3d7be65df000bc4f2781b441e5c4c2f99eb9380e0693a39bfba6ce3e5572725e01ae66cd5082bd9e6476e9c4daf27e93de3d3b23b759c520df8513bbef51eca69c0b19a4730c5e686b19aa6ef9dee2bde459bd7e26e4165f6189ca01d7002be9cb6727a610f8417cf7aab2df03aea1ef07a1fa90a8cefdb5ca065c51755c32e47be73c3e9e9b063b5283d7c27048da67084836e1759ce656571fd497c3151b2ac2ec78ce83865b811a087da875aeab51fe30878cfe1bf25a4cff496f0a408e76b1ca7966dca62f5669c40cbd3e28d1e83c9b2dd6414ed1f144128abad4ba6d1a6598caba3220b38c2da25e09c8967c35eff942bfeee098460884ec1296815c6dcc4eaece933a43ba4b3c4f722ae2d4686d9c5d01931b1da7137a3bd05c09f7b96be7844a0ed989b07fbf02bc7583c71ac0d760485ddee906128b117943101df100e3eeeaa24035248fa0a10ee4da19eaa791e25b68e984df13b80815f3deb2c137ab80607ef8833689d833bc766db3059a518146fb7fb3a86c3537c58c5e038f7a18b3945deea986bcf80dca4c49af8628f6a29cb39bec54f5661f13c2c4be2ac1b613795babdb46d4dda2993695ae06920d5ac7a377f5b7a430c0adaa7f93551ca5bc7c2bd1f3effb2c2f7fa2ed75e56ad17f325947045e86a160bc91dc2e96ef81c71434099a1525507a8bae9c91fdeaf2d3d846dd6d6358be3f6dca0c1ae84216143d23645a6747860679c8e09a64f79975818a4187240a4f8187fa95016f43553c68198393cb88f8d0a3297ee62488b8e977bc43f531d3ad186251c585a8b918ba3c4e4948b372a45d4e6ea087134bbba393bf578305318ada2107797557658defd35b2538ac61c8faeedab6d7517a6fba87f421937fdc5817892fe9cbb5b3001ed1c8b91d171e56fa11b70af2"}, [0x3, 0xdcfc, 0x0, 0x7, 0x2, 0x6, 0x1, 0x91c5, 0x7, 0x5, 0x7f, 0x80000001, 0x4, 0x4, 0xff, 0x2, 0x81, 0x1f, 0x7, 0x1, 0x8, 0x200, 0x101, 0x2, 0x7f, 0xffc00000, 0x800, 0x6, 0x0, 0x1, 0x0, 0x3, 0x80000000, 0x800, 0x1, 0x8, 0x7ff, 0x101, 0x8, 0x1, 0x1f, 0x3, 0x0, 0x100000001, 0x2, 0x6, 0x6f9e28fd, 0xe4, 0x9, 0x9, 0x1, 0x9, 0x8, 0x9, 0x7, 0x1, 0x400, 0x3, 0xfffffffffffffffe, 0xffffffffffffffff, 0xffffffff, 0xf415, 0x3, 0x9]}) [ 1772.481108][ T5444] ? do_splice_direct+0x3d0/0x3d0 [ 1772.486116][ T5444] ? pipe_to_sendpage+0x300/0x300 [ 1772.491128][ T5444] ? security_file_permission+0x128/0x300 [ 1772.496822][ T5444] do_splice_direct+0x279/0x3d0 [ 1772.501646][ T5444] ? splice_direct_to_actor+0xb00/0xb00 [ 1772.507177][ T5444] ? security_file_permission+0x128/0x300 [ 1772.512873][ T5444] do_sendfile+0x89d/0x1110 [ 1772.517406][ T5444] ? compat_writev+0x390/0x390 [ 1772.522148][ T5444] ? security_file_permission+0x128/0x300 [ 1772.527839][ T5444] ? vfs_write+0x427/0x4f0 [ 1772.532222][ T5444] ? fput_many+0x42/0x1a0 [ 1772.536529][ T5444] __x64_sys_sendfile64+0x1ae/0x220 [ 1772.541701][ T5444] ? __ia32_sys_sendfile+0x240/0x240 [ 1772.546957][ T5444] do_syscall_64+0xcb/0x150 [ 1772.551430][ T5444] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1772.557291][ T5444] RIP: 0033:0x45dd99 [ 1772.561159][ T5444] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:58 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) symlink(&(0x7f00000000c0)='./bus/file0\x00', &(0x7f0000000100)='./bus\x00') open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000080)={0x0, 0x5}) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000005000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1772.580735][ T5444] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1772.589113][ T5444] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1772.597098][ T5444] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1772.605036][ T5444] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1772.612975][ T5444] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001d [ 1772.620924][ T5444] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0xffffffffffffffff, &(0x7f0000000080)={0x38, 0x5, 0x1, 0x26e, 0x1000, 0x0, 0x3, 0x0, 0x7fffffff, 0x1}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000006000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:58 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x121080, 0x8) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:58 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = inotify_init1(0x800) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=0x0) fcntl$setownex(r2, 0xf, &(0x7f00000000c0)={0x2, r3}) close(r1) r4 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:03:58 executing program 2 (fault-call:8 fault-nth:30): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000406000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:58 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = signalfd4(r1, &(0x7f0000000080)={[0xeb5]}, 0x8, 0x80800) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f00000000c0)={0x26, 0xa, 0x6, 0x14, 0x7, 0x401000, 0x2, 0x120}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCOUTQNSD(r4, 0x894b, &(0x7f0000000240)) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, &(0x7f00000001c0)) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) accept4$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14, 0x800) ioctl$sock_inet6_SIOCDIFADDR(r6, 0x8936, &(0x7f0000000180)={@ipv4={[], [], @multicast1}, 0x20, r7}) 03:03:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0)='nl80211\x00') sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x104, r2, 0x2, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x55, 0x75}}}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0xfd, 0xe}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x50}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x7fff}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x2}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x3}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x4}]}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x4}, @NL80211_ATTR_MESH_CONFIG={0x34, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0x7b}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0x8001}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0xfffd}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0x40}, @NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME={0x6, 0xd, 0x400}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x4}]}, @NL80211_ATTR_MESH_CONFIG={0x54, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT={0x6, 0xa, 0xfff}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x8}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x1}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xc0}, @NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT={0x6, 0xa, 0xa13}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0x2f}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x8}, @NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT={0x6, 0xa, 0x9}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x1}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x4}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x69}}]}, 0x104}}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000340)) fcntl$setpipe(r4, 0x407, 0x0) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xc002800}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x88, 0x0, 0x10, 0x70bd25, 0x25dfdbfb, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000004}, 0x40040000) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="020028bd7000fbdbdf2501000000000000000c410000000c001473797a3100000000"], 0x28}, 0x1, 0x0, 0x0, 0x400}, 0x4004000) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000007000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000008000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1772.851533][ T5497] FAULT_INJECTION: forcing a failure. [ 1772.851533][ T5497] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1772.890135][ T5497] CPU: 1 PID: 5497 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1772.901615][ T5497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1772.911655][ T5497] Call Trace: [ 1772.914946][ T5497] dump_stack+0x1b0/0x21e [ 1772.919265][ T5497] ? devkmsg_release+0x11c/0x11c [ 1772.924194][ T5497] ? show_regs_print_info+0x12/0x12 [ 1772.929382][ T5497] ? kasan_alloc_pages+0x4a/0x60 [ 1772.934311][ T5497] should_fail+0x6fb/0x860 [ 1772.938720][ T5497] ? setup_fault_attr+0x2b0/0x2b0 [ 1772.943737][ T5497] __alloc_pages_nodemask+0x1ee/0x7c0 03:03:58 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f0000000100)) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x1e, 0x4, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) copy_file_range(r5, &(0x7f0000000140)=0x3, r1, &(0x7f0000000180)=0x2, 0x1, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f00000000c0)={0x400000, 0x28, [], 0x1, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0]}) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x200fc0) [ 1772.949102][ T5497] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1772.954640][ T5497] ? find_get_entry+0x5da/0x670 [ 1772.959483][ T5497] ? xa_load+0x323/0x340 [ 1772.963717][ T5497] __do_page_cache_readahead+0x244/0x510 [ 1772.969341][ T5497] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1772.975743][ T5497] ? unwind_next_frame+0x1c07/0x22b0 [ 1772.981020][ T5497] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1772.986723][ T5497] generic_file_read_iter+0x626/0x20a0 [ 1772.992181][ T5497] ? find_get_pages_range_tag+0xae0/0xae0 [ 1772.997888][ T5497] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1773.003250][ T5497] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1773.009305][ T5497] ? avc_denied+0x1c0/0x1c0 [ 1773.013805][ T5497] generic_file_splice_read+0x491/0x780 [ 1773.019335][ T5497] ? splice_shrink_spd+0xb0/0xb0 [ 1773.024267][ T5497] ? security_file_permission+0x1e9/0x300 [ 1773.029966][ T5497] ? splice_shrink_spd+0xb0/0xb0 [ 1773.034881][ T5497] splice_direct_to_actor+0x3cf/0xb00 [ 1773.040224][ T5497] ? do_splice_direct+0x3d0/0x3d0 [ 1773.045226][ T5497] ? pipe_to_sendpage+0x300/0x300 [ 1773.050242][ T5497] ? security_file_permission+0x128/0x300 [ 1773.055951][ T5497] do_splice_direct+0x279/0x3d0 [ 1773.060911][ T5497] ? splice_direct_to_actor+0xb00/0xb00 [ 1773.066474][ T5497] ? security_file_permission+0x128/0x300 [ 1773.072178][ T5497] do_sendfile+0x89d/0x1110 [ 1773.076684][ T5497] ? compat_writev+0x390/0x390 [ 1773.081436][ T5497] ? security_file_permission+0x128/0x300 [ 1773.087252][ T5497] ? vfs_write+0x427/0x4f0 [ 1773.091653][ T5497] ? fput_many+0x42/0x1a0 [ 1773.095973][ T5497] __x64_sys_sendfile64+0x1ae/0x220 [ 1773.101156][ T5497] ? __ia32_sys_sendfile+0x240/0x240 [ 1773.106430][ T5497] do_syscall_64+0xcb/0x150 [ 1773.110920][ T5497] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1773.116793][ T5497] RIP: 0033:0x45dd99 [ 1773.120677][ T5497] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1773.140383][ T5497] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:03:58 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xaf, 0x2480) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0, @ANYRESOCT], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000140)={'hsr0\x00', &(0x7f0000000100)=@ethtool_modinfo={0x42, 0x8, 0x1000}}) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) chmod(&(0x7f0000000180)='./bus\x00', 0x28) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x200fc0) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000009000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1773.148765][ T5497] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1773.156720][ T5497] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1773.164673][ T5497] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1773.172616][ T5497] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001e [ 1773.180565][ T5497] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000a000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000b000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x2, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x3c) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r4, 0x0, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000000)=0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:03:59 executing program 2 (fault-call:8 fault-nth:31): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000c000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x1b8, 0x2, 0x1, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@CTA_LABELS={0xc, 0x16, 0x1, 0x0, [0x9, 0x99c]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'H.245\x00'}}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_NAT_DST={0xf4, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @empty}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @rand_addr=0x64010100}, @CTA_NAT_PROTO={0x24, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}]}, @CTA_NAT_PROTO={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @remote}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x11}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @local}, @CTA_NAT_PROTO={0x54, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @private0}]}, @CTA_LABELS={0x2c, 0x16, 0x1, 0x0, [0x1, 0x0, 0x0, 0x8, 0x6, 0xffff, 0x10001, 0x7687aea1, 0x5, 0x4]}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x401}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xc13b}]}, @CTA_LABELS={0x1c, 0x16, 0x1, 0x0, [0xfbc, 0x6, 0x0, 0x2, 0x1, 0x5]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x4}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x8000}, 0x400c0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:03:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x1000000, 0x904a, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5, 0x0, 0x3, 0x0, 0x0, 0x1}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r6 = accept4(r1, &(0x7f00000002c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x80, 0x1800) getsockopt$inet6_tcp_buf(r6, 0x6, 0xd, &(0x7f0000000a00)=""/4096, &(0x7f0000000140)=0x1000) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:59 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f00000000c0)) syz_genetlink_get_family_id$nbd(&(0x7f0000000080)='nbd\x00') 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000d000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1773.395437][ T5536] FAULT_INJECTION: forcing a failure. [ 1773.395437][ T5536] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1773.436767][ T5536] CPU: 0 PID: 5536 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1773.448235][ T5536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1773.458275][ T5536] Call Trace: [ 1773.461562][ T5536] dump_stack+0x1b0/0x21e [ 1773.465878][ T5536] ? devkmsg_release+0x11c/0x11c [ 1773.470808][ T5536] ? show_regs_print_info+0x12/0x12 [ 1773.475996][ T5536] ? kasan_alloc_pages+0x4a/0x60 [ 1773.480926][ T5536] should_fail+0x6fb/0x860 [ 1773.485331][ T5536] ? setup_fault_attr+0x2b0/0x2b0 [ 1773.490349][ T5536] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1773.495715][ T5536] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1773.501250][ T5536] ? find_get_entry+0x5da/0x670 [ 1773.506089][ T5536] ? xa_load+0x323/0x340 [ 1773.510319][ T5536] __do_page_cache_readahead+0x244/0x510 [ 1773.515942][ T5536] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1773.522341][ T5536] ? unwind_next_frame+0x1c07/0x22b0 [ 1773.527629][ T5536] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1773.533335][ T5536] generic_file_read_iter+0x626/0x20a0 [ 1773.538788][ T5536] ? find_get_pages_range_tag+0xae0/0xae0 [ 1773.544491][ T5536] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1773.549848][ T5536] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1773.555900][ T5536] ? avc_denied+0x1c0/0x1c0 [ 1773.560394][ T5536] generic_file_splice_read+0x491/0x780 [ 1773.565927][ T5536] ? splice_shrink_spd+0xb0/0xb0 [ 1773.570861][ T5536] ? security_file_permission+0x1e9/0x300 [ 1773.576564][ T5536] ? splice_shrink_spd+0xb0/0xb0 [ 1773.581487][ T5536] splice_direct_to_actor+0x3cf/0xb00 [ 1773.586836][ T5536] ? do_splice_direct+0x3d0/0x3d0 [ 1773.591826][ T5536] ? pipe_to_sendpage+0x300/0x300 [ 1773.596821][ T5536] ? security_file_permission+0x128/0x300 [ 1773.602505][ T5536] do_splice_direct+0x279/0x3d0 [ 1773.607321][ T5536] ? splice_direct_to_actor+0xb00/0xb00 [ 1773.612837][ T5536] ? security_file_permission+0x128/0x300 [ 1773.618578][ T5536] do_sendfile+0x89d/0x1110 [ 1773.623063][ T5536] ? compat_writev+0x390/0x390 [ 1773.627799][ T5536] ? security_file_permission+0x128/0x300 [ 1773.633486][ T5536] ? vfs_write+0x427/0x4f0 [ 1773.637870][ T5536] ? fput_many+0x42/0x1a0 [ 1773.642166][ T5536] __x64_sys_sendfile64+0x1ae/0x220 [ 1773.647346][ T5536] ? __ia32_sys_sendfile+0x240/0x240 [ 1773.652601][ T5536] do_syscall_64+0xcb/0x150 [ 1773.657071][ T5536] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1773.662929][ T5536] RIP: 0033:0x45dd99 [ 1773.666791][ T5536] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000e000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x2, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:59 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0xb2) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1773.686360][ T5536] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1773.694734][ T5536] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1773.702687][ T5536] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1773.710630][ T5536] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1773.718569][ T5536] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000001f [ 1773.726509][ T5536] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000010000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000410000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRES32=r3, @ANYRES16=r4, @ANYRESDEC], 0x8a) r5 = socket$inet6(0xa, 0x400000000001, 0x0) close(r5) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x200fc0) 03:03:59 executing program 2 (fault-call:8 fault-nth:32): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000011000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:03:59 executing program 0: sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="3bb9e10d54c1801c2f38931214ff706031ebf6a2ef177458134cc03938fe0eb9433df7a2f005a4904a26fa48aa8210ae89f9888bd0b353e7f1c0a82d6522f50eff05694f856ef12cdb9fd357d1eec98643dec767830495798b1ec070e47e9b2fe25c28841e5e88c34eda5851c74ec1dd", @ANYRES16, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32, @ANYBLOB="14000400"], 0x38}}, 0x0) sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="7a02b41363b6baa83eb8a3083b13370e74892897c45a30f79c04af2fb9a3ae033b45e2d6f902c3c6bf7743a2c7d6fbf72bdc4407d988ec136ca9e1b0e924542c44937f13f455691498694404a8dbaca0a1ed6ce7", @ANYRES16=0x0, @ANYBLOB="000025bd7000fddbdf25730000000500ee00cb0000000800ef00140000000500ee00d00000000500ee00690000000800ef00020000000500ee00060000000800ef000b0000000500ee007f0000000800ef00080000000500ee00f8000000"], 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x8018) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x1f, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) capget(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000080)={0x18, 0x1, 0x8, 0x1, 0xffffffe1, 0x9}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SVE_SET_VL(0x32, 0x915e) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:03:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000012000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1773.969218][ T5576] FAULT_INJECTION: forcing a failure. [ 1773.969218][ T5576] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1773.996817][ T5576] CPU: 0 PID: 5576 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1774.008274][ T5576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1774.018315][ T5576] Call Trace: [ 1774.021603][ T5576] dump_stack+0x1b0/0x21e [ 1774.025922][ T5576] ? devkmsg_release+0x11c/0x11c [ 1774.030846][ T5576] ? show_regs_print_info+0x12/0x12 [ 1774.036029][ T5576] ? kasan_alloc_pages+0x4a/0x60 [ 1774.040958][ T5576] should_fail+0x6fb/0x860 [ 1774.045365][ T5576] ? setup_fault_attr+0x2b0/0x2b0 [ 1774.050381][ T5576] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1774.055745][ T5576] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1774.061282][ T5576] ? find_get_entry+0x5da/0x670 [ 1774.066118][ T5576] ? xa_load+0x323/0x340 [ 1774.070349][ T5576] __do_page_cache_readahead+0x244/0x510 [ 1774.075978][ T5576] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1774.082377][ T5576] ? unwind_next_frame+0x1c07/0x22b0 [ 1774.087657][ T5576] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1774.093366][ T5576] generic_file_read_iter+0x626/0x20a0 [ 1774.098820][ T5576] ? find_get_pages_range_tag+0xae0/0xae0 [ 1774.104529][ T5576] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1774.109897][ T5576] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:03:59 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) lseek(r1, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = fcntl$dupfd(r0, 0x406, r0) sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@ipv4_getnetconf={0x1c, 0x52, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x75}]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x4) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f0000000080)={{0xa, 0x4e21, 0x10000, @loopback, 0x3f}, {0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2000000}, 0xcc, [0x40, 0x6, 0xfffffc00, 0xfffffffd, 0x8, 0x6, 0x1]}, 0x5c) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x200fc0) [ 1774.115952][ T5576] ? avc_denied+0x1c0/0x1c0 [ 1774.120447][ T5576] generic_file_splice_read+0x491/0x780 [ 1774.125985][ T5576] ? splice_shrink_spd+0xb0/0xb0 [ 1774.130914][ T5576] ? security_file_permission+0x1e9/0x300 [ 1774.136619][ T5576] ? splice_shrink_spd+0xb0/0xb0 [ 1774.141548][ T5576] splice_direct_to_actor+0x3cf/0xb00 [ 1774.146907][ T5576] ? do_splice_direct+0x3d0/0x3d0 [ 1774.151914][ T5576] ? pipe_to_sendpage+0x300/0x300 [ 1774.156927][ T5576] ? security_file_permission+0x128/0x300 [ 1774.162629][ T5576] do_splice_direct+0x279/0x3d0 [ 1774.167470][ T5576] ? splice_direct_to_actor+0xb00/0xb00 [ 1774.173007][ T5576] ? security_file_permission+0x128/0x300 [ 1774.178716][ T5576] do_sendfile+0x89d/0x1110 [ 1774.183213][ T5576] ? compat_writev+0x390/0x390 [ 1774.187967][ T5576] ? security_file_permission+0x128/0x300 [ 1774.193672][ T5576] ? vfs_write+0x427/0x4f0 [ 1774.198076][ T5576] ? fput_many+0x42/0x1a0 [ 1774.202396][ T5576] __x64_sys_sendfile64+0x1ae/0x220 [ 1774.207599][ T5576] ? __ia32_sys_sendfile+0x240/0x240 [ 1774.212873][ T5576] do_syscall_64+0xcb/0x150 [ 1774.217364][ T5576] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1774.223241][ T5576] RIP: 0033:0x45dd99 [ 1774.227120][ T5576] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1774.246708][ T5576] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1774.255103][ T5576] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:00 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x28, 0x9, 0x8, 0xfffffffffffffff7, 0x42d, 0x5, 0x83a8, 0x2}, 0x0) lseek(r0, 0x800002, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r1, &(0x7f00000015c0)=[{{&(0x7f0000000140)=@ll={0x11, 0xd, 0x0, 0x1, 0x6, 0x6, @dev={[], 0x3f}}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="d8000000000000009b010000b4040000ac23d9d6b94facb79ca9ba7fe3168354a991890ec4cbf9c1e78cc75a35bce022b364740017b61ce765e04439afb3e835364e432d410ae8812ae9b5766e2246fd4bf1113de82ba35595c3bf3ce1a2fa9cad161f6811353f050b570fe73ccdf22edbff41920fe2d65255e2500ff2705886f503ce2e7cbcabe1b421ea0e524df685b99d4f197a9d2cf866a2dd97bd05ecbdb173babace6f99b1781658830946da0dd502a56d1b12f1bc601e1c82d8b4637d090bf9453609fe6085c3aacfa0b7d23ded5a121d5cbcab6148000000000000000e01000001040000164b1bcf8544f0fb0cffaea25ab5f566648d7ef8a73e2036a6763de593e30d85d0e53c7d57e4213b4e773fe88318ea105b4416000000000040000000000000001601000006000000e604ccd555e5780fef6cc8744323e9647d663ce7ae051d11bb9373ebf6ca074322a430ef47331473e1070c76060c00001010000000000000070100002f000000e74ef1af47c34ea90b67fb80d17cb72968992dac178263dc7195caf44ce1b512a3d0c86e18b4aa642030da100b500fbc29f3a8124aa07e09942e5dabe21237ed8fd0c6ff2dc9067d44cbdb6d78cecddf38e00a3652847ef1af35803a493ef5f805a68b8d037ce4a9df3a66f57f5b089b73c24516dcc8e7184fb3144244a960e4b23c1fcd1274e67c6881f34df869378d7f5b15176085b8b5fa475d19a27a5a20eb29ac83cf2fa47ae8e51bca8034f3a2d45736ec9791ae6d9989f7e81c281bb501b032d155603bf2a90f35741599a01917b907151f8a8e66ad1a6370c45a703138bf8ceb875d25b4de6847edadc72dea6fff0c25022fd19c39bb50b0a834049498ea8be5b25bcf701b9661ec5fb6e141a1ce67ba5b6a9c25635a13b21c7b37360d7f1c8155a80b71a03c8f8bdbd9a910485fb0eb217c28aa7bd64dc176ec95486bdcdbdd4898e3ac4b9e17dfd5cbc8ae5cb216c34b1edb43656f6f30033b8d0ac0dadaa6e368a3e702e4758545a04ddd34d399b96903bd76b9c210b94b62ab188ee31bcb0be09715950b5ef5f765946f360033a586afc300f706adecb49a47cf4a8447d2c9d43f73846ae00e91b8d3de293204b958d1d41296fad6d82b9f50767b89bab4f6a28bf499a387576ee0d2ea55b88270bfaf72584f65ba961717bd456e9728ee5514d6c27df93533f5084b6b3d376d2e463d528c186be64095ebe76491e63df1b8e53d566d1ff8cd078d5540e20f2a7369cb46dfcb60ad26a4405abe22ca0085e8426f69fab83f8cc20ce700ab50a205e6d20f47594e41ad9d976c1cfc3e29b82f4420599ac309613557f3a1bf72e93f8c6e87b07cb9cd1fee59a8b0fc4d615e8799c8e6ab61f040adba64f6a3ee87f1284744157dcdd8c267fbb3f0adfc41b16d1368dda793d31c095a1ed50b36f6656c8aea2b44f2b641082e53233ffdff606f8d2d08cbd27426ba827a7fb055ba9a5747c5eea904a4294c87b1d984b4c008353d7ab44cfcf05633333bc339c19f977cddbbdaa7b8e5cb01cfc58427758695e5a62cdbda42b3b2004fa53ca184af89730ec9d109da12d8ad50293795eabb3c5eeab83a7134356775898ebcbbc8d3d4836653d7df640715f6234357f015e180d4a5bdefef01d4c3bf4459717829e0200f77a81d835e2803e7333d1fbf383c2a620c87edb0a13bef74cb82dc1b08642ce800e15a14ea73b29639ec8b8c4a589c9a5bdfa246dea52cd5cf9a4a7f6307bdc923bf2b40bf130cbbe4f17275c070dc9a34b9e5510c58b49b100cfb4f5ee8632d96bde4b3f55449089ea38ab1e7143efd4f3736ca5bd18c0cd1ddafd656c14a7f4ad192773a027761488c3b5a8bfb9e03fb2ec8d21e8aeaca9964e5ac1d6e290bf3b333765db63bb8df4cc9a7548dab7814f350e606aedd31953efb845a1b0d45a8a623e2882f674d471fefc1e857785db2814d3beae9a491812e526999a3130e32fc4e35470d6006c5ff0a46757cc9770e5af67a67bc76f5c90d98107386a13047fd0c55a997ecda7d8ac809a0183634e6392616b8911e0c329e7b572d668267b498a05996e1d0db5c2f14c259fa1c1125574e790cb87b3fec7ace9bb7bec267e13bab03f304496d2f8ebd157fe9ef00388cb9e3804bd619a3e59cc318c656afa97c123393baf64c072c083a791717a84eef58a7bd5689a1fc4063fd9b26a1ad84ffb4ef977abfe5b581d9fc38b448e447317df3677baf32c63e3029e27c24e54710ac95abe0f1e67d8a12e2eecfdc3c73d15bc74979bf96d7b457009db9f936623f37429d47b60b84b97ef984bb8a9b72b072f557aeeae9c8c7cf447b83aec023a12b52e013362b425ab30729a1d95188e7484b259e4194418938cbe60df9a632e902af5f32bd45ba4e340e96086b475d23d84f085c973b7fba2b4db82a8c44fdb8430129903f6f35693465126ac56d20ef0ad48efe565a6919eadc952d7d8364fc37b38121ae9f82436be47c37936725d12bacd7b6c48ec7a106e6f59ff967a95610180c84320a57c2a5d4ff42286336972cb36f822fc1cfe448119ea5ff1789a804421b6fecc38d88ccae5537c1fc8d27469295c3508f7fff003d04f57e6ca373723c077437942338b4f199be17589f2d61b9ee5f7c01f378d971ca52fc72fa5784501b92825e3962663f15dcb7496d98099314295487e9348fd4bbcf3bd56d0428adf8ce10337603225a401986a9efeb7349dccbddcf902707d07652accc05bc5da601615620e00b308d5991850d9a83cf095d3c635384b6d28f29a44d14ee8005607f6faadf5b6f7b14a431883fc64bf42deacd21c19d88d3cd092678f8696e2451e2ef041c59745f60595ea48cde5b769e6ff71777ac1b53de6a1d67da653226d444c391411890aba7ff2bd4e0a0cf6cc8aa2b9065a9d319d23b81aaddfcd6f0c395405d8bf0e3a6a20bbbb6256ed72210fa97afd93d5c24836d179fa238382a3a97df31801d3d148026f3f6b7f95d56f288de8eda79bffccdb7f06dc0d5b161f473e4ac842efcb35389e1fa4a6252ff42a7a5337e9e9d5f0165b68a3c482188a00ed40e0909c231c78903b38307eaf79028a800d672a72d04d764ffceb99b801f2aceb25b59a30af5a0528e209d6083a61fc1f72ed4380cce4652c7e84cd1c66c511448e80c02af574bb43fc0c460765c0e6a5972a62ab4f79752f1abe0f19dd44120f8641b5090fc6fe37701dfb2b94af0238445a5923f466d5205d775e10ad6d02d3dd1c5e129eae7d665c5fd3d822e31dcff11fc43dd64d18b70d198e4d09559ea9ac6cfdd382c3d00efcacd06ab7fc1ec9ac7a5dabf3ccf893e1b21a58ba332a836311ca940a0bb007fc57363e502f05b6df82124230a1f205a9f0d09756376bbe8e59c1e94fb10df53a3580165d077a2a57b68770d51f888f983f366941ab29469c0076b4bb43926b317638fb41d645e648e090a0035bd087056f67927ff045f3d240f2698c7c2eebd9efb1b546e7fa7cfa5d43314d4479cc5887722b19f39a11f31903b7722aafe9b35815665da96a59c311d9bd76a268689acc4ed0d6f2b1e9dd076c984f4111efce197543b7aa01ef0898b2321064e1cb07cbe3c58bbab46436451d61f99d7f25f9f5a45ea68133480c1879871538f35ea5445039e019edcbb5a807757819559ca361d8c12bb627bab384fa2ab4252b6f85839f2588d6ec609f43b053a189b74161c769844fa9b4920e34d7087abbe23dae5f79a3829c5829d8688cccb2335f300fb6e79d2208e072091b8b6f1d07dbabd507948c5fb11d42e955e0f19190dafae675b15778eb2616da71d2befb8ccd9c9ec508ec94bfc96de81cb1d8a2729b3bf69b44d6bafdd923ab7e40bf44fb730af92505c10c8532b2bfea187869eb641e727da776558456d20beceef3dddd8343ae45609f773afa4afa5f44e62616ed9099097bc7d36182cf50f77a3cd5c5810ecb67c18736548527a4a2c9618c259dd3c4ddd42e3787ca374189d5da466eb9fdaac7120b23c7c5c1c8cc437efbd07cff5afb4bc60ad6cf84e6285346eefd38705ab27bb6153dc5bdfc789df9f1a25cab7d70bf23c48b0f20bae877b4ba76ba14b8bfd816f1428d81be5c5775b6f8124e8d82279c86a05c59399ca65309caea5c598e03f0f2b0a29cdf06ef1e22ed06c858b5625c787e7ac9cd3701e4be9a34bcbcf0de6b9aa37e8938a505dccabb94c9e3d503590baa76a8e00a6ef28aa478452cc732ab0e26ac678d6d67807042f0bd40794b52d876af8a69475afd97f27afc5da8e6e9117ecae2e282a1aa476048c4c9e730b275cd21333b8aff4841f69df30000abebb819655500536106b904a16afe8d1d186f20d18f84e7d416a5f5e1e65b4708ee21c1a9bd40554157f4e6587d45c02d6fb48e1188e3a289ca21644917bba9cc22b8bcb09c8c52b0a29800dd0689cff62350272cce46beaabe6ed37d546761464aee88ff4575d84a714229aca41a6d1e8e98249a89aa37e36caeaa56b782edbc17b6646c020141121e6c6f679dce325f2fb72a7b5611c921a3335e4c9c5be7daeb2364df0a0d7d8ab37e75db968416852e154f357cce0fad8098bce942195d7895e563c44f117cd71125e9d477fc146454a3fe98b57308dc74884bfed5c4e4f5ab03f5c988e05a38fc9e62fd51721f006fd447959554b5419d3714fcd799d2c3c5624f2b095fed6391cadd22949e44d766d9914d00c34102b5f23c1f9a8ff45e299da1e38169ad504df21a14645402bd6e6278a3b5aa3f491f258839f6b2b65fa4aabed91be82898afd11ef4e22127619f843b8c1194069f9668290f986e5b473c87e54ec161101026d3fcb742323b9f7dc2a8b030df5ba280e00c27577b2c7842466de66355fdb6ef4d2b99b1b2dea3c6ee75f9523a5498011ba4efb24039e8646d7ce867ceafc323459ff9ca1d0b1baf76329599f28532353a288a94566c3d766092d0f3d915756478bafb76c540f9ff3631cd0debb7dfd0ec10463df600056715468b67bc6216ff619f04478b27317e198ebf86bff24ef786c31faa52507a9b0342d0ce3a6a920c48cbded0bc9d2bdf6fd8f81b13beefee4633125f5bc0efe58d85f8ca7e3ad172f8f2f95013db5736903d2c5cc8c4aae8406d06721d4afbdedd3d6b86384bd9908f6e5d03edf368d561cbe21496e770daa67f1204e2cd1329b8f9908c65051d48ab19840e258b73b65d5964d3a94526c62cc5d312894b29b14f6c66009610a3a77738797d17a89c3cd067f6da05dfb7d8438633555b7ef16c83af1275a4eb072001e8ab6982466d488b9a3b2f26695e3206c2f4513b6355fa2865781b623cf6746ee6dc94f174fad5ab0b2c8b2bbc82241edf728e548158b063a243ce4f0dc64c4053ae0460452fbc8180ac9d30ee055a5dbe3b503f561264e2e898cd044aa5cd6d6269a3c0d77e9fea48cf9edde7eb2ac9320ee83e2533113334280987ead005d81aab1e63c02593d4163b7bd34aaf69cee7c8be3519766b2c69c61ca701c1395b3dbe88811daad01662c2c03b79e910a57c45f6d6a1b8db149cd542020a893bb7d903a059ba23eccb060a63dd77bb1f74bab413f273a5015830eade71099318d0412a371546a98c39e312004fef2fc93fa13f3c33774d46ebb973def29e8f88f74868648ccd1e85a80fb0a68c34816f49118119c4d972e52dda5bac4f3690222ebe05269ccae118a2e8a6576714cdd680963e57c179b73133916e7278d2abcf4fb881255d084837265cf47e22d71ee1e12015fe4e58b99d3969f87b4d04015afa4788586b5b05889788828b42367fdff5e7f6b00ffe5def32bb3c98b4435c63e5c4a8d42938246953003213b157cbbc161e58a11e79273aea6f8de7ddea4a1108c33f43e566979ff9dbe0860ef5f9480c7ad800d90bb8be12e7310d2add8631dc745cf293f28128b40ca7e8f0e1f8cf7eda285f6149afb162b3c0789ebefaa4027e0ac7ef59aa454e848da3a32bf1e385e6b33782111586b995795a5c297faf278cb51d2f9c4cbf02cdce1ab6737925f8094d4b319fe6c77f389c15bb998d2c78dd1fa695389fd04e92be04f165fccce801c08e71b67c208508f93c680abc350efa0355f06da687a92a6b744220baef45731ddc945e74cbd648d2a96929f710ca9c999834ab91452764991ee4ab36081deea8b3bbb1452dfe1f93e4c838baeeb6c28cf824fac3f8ea5f36585536776b3358430d5571e8981b96de712187940c0fc412c8f64e35b8cb870cced5e34497cf34237ea9f7cb7a8882a8f4c0b4b356b38000000000000000f0100000800000060ef516084f63eb5c9b17c713c46cec063fc3c0e7c0ea19e88c2f96dd73d7ae3f93c33e18b99bcb2d000000000000000ae0000000200000098c65b4d4353a152b7d738bced877614be80fc0253fbf20fefba99705558cb1cd79ac698d66a901d72ce1122a4a39e81129713f0e947edd0e1238d5d51b42b613a719391b97d3fbe64e2636cd4da482411cf96e02c1a9a227ade79a99a2d41cdb86ef5eddfa9940324bb65e71a790cf1f8310d85574cd64b61315357e9cd9e8169466faf9861f3b74f51a4e71ec3bf79a58c1af3af105b713b47da005adb91ee50014f1583069853c15b25111afdb6f22c3f249d2d73e3eef478c9ec9af80600"], 0x1278}}], 0x1, 0x810) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = accept4$tipc(r0, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10, 0x80000) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000100)) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x200fc3) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000020000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1774.263058][ T5576] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1774.271015][ T5576] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1774.278970][ T5576] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000020 [ 1774.286924][ T5576] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000001020000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000022000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000025000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000002e000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) prctl$PR_GET_KEEPCAPS(0x7) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:00 executing program 2 (fault-call:8 fault-nth:33): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000003f000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) fsync(r1) 03:04:00 executing program 3: ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000200)={0x0, "e1b50d1d4f8f33aaa609b22201ff390b"}) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f0000001300)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000012c0)={&(0x7f0000001280)={0x3, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x6, 0x37}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4c0c0) connect$tipc(r2, &(0x7f0000001200)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x70, 0x13, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}, 0x70}, 0x1, 0x0, 0x0, 0x4010011}, 0x81b0375ca1349bb7) r5 = socket(0x11, 0x800000003, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)=ANY=[@ANYBLOB="8000adae", @ANYRES16=0x0, @ANYBLOB="040029bd7000ffdbdf250100000024000480050003000100000000000300060000000500030005000000050003000000000048000c8044000b8008000900a36f912908000900cf6ecd6208000a007d68000008000a001e5d000008000a001004000008000900ad338f7208000a0091ab00000800090088a9ad36"], 0x80}, 0x1, 0x0, 0x0, 0x24000000}, 0xa824856694e352c7) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) bind$tipc(r5, &(0x7f00000001c0)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x4}}, 0x10) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:00 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) read$FUSE(r0, &(0x7f0000002040)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000000180)={0x10, 0x0, r2}, 0x10) r3 = socket(0x1e, 0x4, 0x0) ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f0000000080)="6ecd1f41ce1bd3b6711a904bde55217f751f85bfc1ef8f6454a4669b03359f9a4c574296cd04ebb9847da812d715a48737956d1f118a6cf14fd50201cc3d36fdf6e5b541406e118f8897da6904573ffd0c4a03dbb5bc1d96787ccbbbfc36f1c9b5ac4a37524d359153490fbb0fd67a2dcf39ec8177614389f590c105513d37a6e15bdddb3d2741f869c927e49ccf5fd87550b3ae84875e826756ae35f3d96d752f5d96c102ed6ebc727c0028c751fd1451a5ff91962138fbdf39d4d5c497029fb258ea370ffb4e288bbbf7af3f69844817a763903a91bbc975e65a29e94bd14d312bc9cf3e3233386b6579c034cd2975a506109c5bbf3f1da4237b6fe587926a") connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000040000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000042000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1774.701622][ T5616] FAULT_INJECTION: forcing a failure. [ 1774.701622][ T5616] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1774.716465][ T5616] CPU: 0 PID: 5616 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1774.727913][ T5616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1774.737951][ T5616] Call Trace: [ 1774.741231][ T5616] dump_stack+0x1b0/0x21e [ 1774.745553][ T5616] ? devkmsg_release+0x11c/0x11c [ 1774.750481][ T5616] ? show_regs_print_info+0x12/0x12 [ 1774.755667][ T5616] ? kasan_alloc_pages+0x4a/0x60 [ 1774.760593][ T5616] should_fail+0x6fb/0x860 [ 1774.765000][ T5616] ? setup_fault_attr+0x2b0/0x2b0 [ 1774.770015][ T5616] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1774.775376][ T5616] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1774.780912][ T5616] ? find_get_entry+0x5da/0x670 [ 1774.785751][ T5616] ? xa_load+0x323/0x340 [ 1774.789982][ T5616] __do_page_cache_readahead+0x244/0x510 [ 1774.795604][ T5616] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000048000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1774.802009][ T5616] ? unwind_next_frame+0x1c07/0x22b0 [ 1774.807281][ T5616] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1774.812986][ T5616] generic_file_read_iter+0x626/0x20a0 [ 1774.818442][ T5616] ? find_get_pages_range_tag+0xae0/0xae0 [ 1774.824152][ T5616] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1774.829513][ T5616] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1774.835565][ T5616] ? avc_denied+0x1c0/0x1c0 [ 1774.840061][ T5616] generic_file_splice_read+0x491/0x780 [ 1774.845596][ T5616] ? splice_shrink_spd+0xb0/0xb0 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000004c000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1774.850525][ T5616] ? security_file_permission+0x1e9/0x300 [ 1774.856229][ T5616] ? splice_shrink_spd+0xb0/0xb0 [ 1774.861157][ T5616] splice_direct_to_actor+0x3cf/0xb00 [ 1774.866523][ T5616] ? do_splice_direct+0x3d0/0x3d0 [ 1774.871536][ T5616] ? pipe_to_sendpage+0x300/0x300 [ 1774.876563][ T5616] ? security_file_permission+0x128/0x300 [ 1774.882268][ T5616] do_splice_direct+0x279/0x3d0 [ 1774.887109][ T5616] ? splice_direct_to_actor+0xb00/0xb00 [ 1774.892649][ T5616] ? security_file_permission+0x128/0x300 [ 1774.898353][ T5616] do_sendfile+0x89d/0x1110 [ 1774.902844][ T5616] ? compat_writev+0x390/0x390 [ 1774.907595][ T5616] ? security_file_permission+0x128/0x300 [ 1774.913303][ T5616] ? vfs_write+0x427/0x4f0 [ 1774.917714][ T5616] ? fput_many+0x42/0x1a0 [ 1774.922034][ T5616] __x64_sys_sendfile64+0x1ae/0x220 [ 1774.927222][ T5616] ? __ia32_sys_sendfile+0x240/0x240 [ 1774.932496][ T5616] do_syscall_64+0xcb/0x150 [ 1774.936993][ T5616] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1774.942867][ T5616] RIP: 0033:0x45dd99 [ 1774.946750][ T5616] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1774.966338][ T5616] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1774.974735][ T5616] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1774.982691][ T5616] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1774.990648][ T5616] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000060000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1774.998727][ T5616] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000021 [ 1775.006689][ T5616] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:00 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) listxattr(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)=""/82, 0x52) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x3) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x2, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000068000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:00 executing program 2 (fault-call:8 fault-nth:34): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:00 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x80000800002, 0x2) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x1, 0x7) syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') close(r1) socket(0xf, 0x4, 0x2) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0xaa21, 0x4) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0xbdd) ioctl$BLKROSET(r3, 0x125d, &(0x7f0000000100)=0x4) connect$tipc(r0, &(0x7f0000000240)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x4}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x13b) r5 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x400000000000007, 0x100) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={r5, 0x14, 0x1, 0x1, &(0x7f00000001c0)=[0x0, 0x0, 0x0], 0x3}, 0x20) write$FUSE_NOTIFY_POLL(r0, &(0x7f00000000c0)={0x18, 0x1, 0x0, {0x2}}, 0x18) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000080)=0x6) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000006c000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1775.236015][ T5649] FAULT_INJECTION: forcing a failure. [ 1775.236015][ T5649] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1775.253673][ T5649] CPU: 0 PID: 5649 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1775.265125][ T5649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1775.275162][ T5649] Call Trace: [ 1775.278441][ T5649] dump_stack+0x1b0/0x21e [ 1775.282757][ T5649] ? devkmsg_release+0x11c/0x11c [ 1775.287680][ T5649] ? show_regs_print_info+0x12/0x12 [ 1775.292864][ T5649] ? kasan_alloc_pages+0x4a/0x60 [ 1775.297791][ T5649] should_fail+0x6fb/0x860 [ 1775.302195][ T5649] ? setup_fault_attr+0x2b0/0x2b0 [ 1775.307209][ T5649] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1775.312570][ T5649] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1775.318100][ T5649] ? find_get_entry+0x5da/0x670 [ 1775.322936][ T5649] ? xa_load+0x323/0x340 [ 1775.327166][ T5649] __do_page_cache_readahead+0x244/0x510 [ 1775.332787][ T5649] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1775.339214][ T5649] ? unwind_next_frame+0x1c07/0x22b0 [ 1775.344482][ T5649] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1775.350185][ T5649] generic_file_read_iter+0x626/0x20a0 [ 1775.355637][ T5649] ? find_get_pages_range_tag+0xae0/0xae0 [ 1775.361342][ T5649] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1775.366704][ T5649] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1775.372758][ T5649] ? avc_denied+0x1c0/0x1c0 [ 1775.377248][ T5649] generic_file_splice_read+0x491/0x780 [ 1775.382780][ T5649] ? splice_shrink_spd+0xb0/0xb0 [ 1775.387711][ T5649] ? security_file_permission+0x1e9/0x300 [ 1775.393413][ T5649] ? splice_shrink_spd+0xb0/0xb0 [ 1775.398335][ T5649] splice_direct_to_actor+0x3cf/0xb00 [ 1775.403697][ T5649] ? do_splice_direct+0x3d0/0x3d0 [ 1775.408702][ T5649] ? pipe_to_sendpage+0x300/0x300 [ 1775.413714][ T5649] ? security_file_permission+0x128/0x300 [ 1775.419417][ T5649] do_splice_direct+0x279/0x3d0 [ 1775.424254][ T5649] ? splice_direct_to_actor+0xb00/0xb00 [ 1775.429786][ T5649] ? security_file_permission+0x128/0x300 [ 1775.435488][ T5649] do_sendfile+0x89d/0x1110 [ 1775.439980][ T5649] ? compat_writev+0x390/0x390 [ 1775.444729][ T5649] ? security_file_permission+0x128/0x300 [ 1775.450436][ T5649] ? vfs_write+0x427/0x4f0 [ 1775.454836][ T5649] ? fput_many+0x42/0x1a0 [ 1775.459155][ T5649] __x64_sys_sendfile64+0x1ae/0x220 [ 1775.464339][ T5649] ? __ia32_sys_sendfile+0x240/0x240 [ 1775.469612][ T5649] do_syscall_64+0xcb/0x150 [ 1775.474102][ T5649] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1775.479976][ T5649] RIP: 0033:0x45dd99 [ 1775.483858][ T5649] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1775.503444][ T5649] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1775.511840][ T5649] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1775.519799][ T5649] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1775.527755][ T5649] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1775.535710][ T5649] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000022 [ 1775.543667][ T5649] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:01 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000080)) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) pipe(&(0x7f0000000200)={0xffffffffffffffff}) sendmsg$NL80211_CMD_SET_BSS(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x20}, @NL80211_ATTR_BSS_HT_OPMODE={0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x4001) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x200fc0) 03:04:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000074000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:01 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = syz_mount_image$f2fs(&(0x7f0000000080)='f2fs\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x6, &(0x7f0000000500)=[{&(0x7f0000000100)="b013255386e7a8037155fd333acd2269ff1e1c7a6285ecdc2425e9d5a3c8442902f77ce02c9c83f7b93607c0d978d5fa597f16299b5b8ab664233be2852583e2a81b6388156c5b8549fc899ca00105de967c1dd7a06adb668dbe4d78a644c00ca1bef6ea4c10ba132c42e6e9f17fd7d4610c3cf5076c316aef5bb405b2e2f6c61929219d0d63d49b8c65b7d7f730ed1f59a8c8dcb03fdaf72c618eb84684bb4dcc684604bbeb2923e22e01ee81e45e749477c679e60c1071bfc093", 0xbb, 0x3}, {&(0x7f00000001c0)="1dd874c39c2750ee935fee88b39f71f53f17ae610c61fdf16160fe8c607672d00812b1ee7f4e09a5e9a47afa3015c615e282ba19c5f642495c51f8e37b7e5a74d7c81a0532d6268afeb4ef9c56974a1467c9b921eadea20ba25575d19a2655b9a29a22755c0280ac5c7f42c3dacf95f44751e32e68c12db62cec761ab9440be808ae04055fe2f6623085e561db40003f93e053d168917712b136e7d754521328d067e65b79b1e1bb8e876527bc21502ab487ac5162f74ad32441c7cdbcff155a76061deb0900c9c8d105b861667e259b91774b4257ad", 0xd6, 0x6}, {&(0x7f00000002c0)="da8d151a44dcd8062cf440b234b8d71adc86c8487fd891afc12681e15ad8b9f459c2bd028171954b7af608d73ad2ef914fbb98", 0x33, 0x4}, {&(0x7f0000000300)="9e1fbf28bec7e6d2aa61a4906f95d98a739668709ae81fb690752b8e20d307e174bf2e8c0e73bc22f0b23d1fe28e56279448f6ac1ed21f0e775ead98e5e548bf68297e079204f288fc9867db857307f6e4801d08c36fe3e5080b6d30f53a48d8612556bca50faee0090cd7a4155180aeb18fce9ad9a177aab871c202850a6a6b8bcc0d1a8e1c8b53269219c7fcd4d9e77545ec040941537130a332ecd3389ed7ca903150aa50bf19cc0be12330481b2d5294feba9cc7157f2c831261a7a26d2305aa572b3c440f998823a6e3a7c8a0a9929e36167396ca56abecbaafb83f94ea42b9597979e4bb9b7cb3948f93a4dc040c6bd2d9af8d5665", 0xf8}, {&(0x7f0000000400), 0x0, 0x8}, {&(0x7f0000000440)="aa79dd3559670739384eaf7516ef16dd218e9a8611e36b66c23b192bdcec2ce7b588fc943016b743b535e3624013ea820733e86a984a30534e17bb03a74d6a1fa1f52b50d370350c363652c71807ba3176e8c71347c9e8e770f958457faa693ae2b4ed1abc5cb04444edc1059f51ecbad6c3c38bc7f16a0c94ca0a0387b11557fbec82808cc7345c30f46940bba9712567a0bbef4b3ab2db76e58acabbbd9e30970d13cac6a749d5b84a3349d2f42a79e6b3601eef", 0xb5, 0x3}], 0x80, &(0x7f00000005c0)={[{@discard='discard'}, {@nouser_xattr='nouser_xattr'}], [{@permit_directio='permit_directio'}, {@smackfsroot={'smackfsroot', 0x3d, '%--\\)!$\\'}}, {@obj_role={'obj_role', 0x3d, ']'}}]}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) utimensat(r2, &(0x7f0000000640)='./bus\x00', &(0x7f00000006c0)={{r3, r4/1000+60000}, {0x77359400}}, 0x100) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000007a000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:01 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0x90080, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000180)={0x0, 0x0}) sendmsg$AUDIT_SET(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x3e9, 0x400, 0x70bd26, 0x25dfdbfd, {0x12, 0x0, 0x3, r3, 0xdc4d, 0x9, 0x6, 0x6, 0x0, 0x2}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x26040040) close(r2) r4 = socket(0x1e, 0x4, 0x0) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f00000000c0)) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x200fc0) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r4, 0x8010661b, &(0x7f0000000080)) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x11, 0x800000003, 0x0) bind(r7, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x10, 0x0, 0x0, r8}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) bind(r6, &(0x7f0000000280)=@generic={0x4, "5de5bfe0fa2e8a70d7449d94e4b45fd9ceed63a1a3e6659b08e4f8908be58192393d57f487286b193dd3fc1c7619f56294e7dd8735d6ac75bbcc71a4685823b38f09d47c99f1b453583b9f1731657792f198a6b57a7809d0074b927114ac6c3c12baec29ab951bfca9e0cd1e0ff2a47fc1a06645b072812c7b1ada56c028"}, 0x80) 03:04:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000ffffff8c000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:01 executing program 2 (fault-call:8 fault-nth:35): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000edc0000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffffff6000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1775.860005][ T5668] FAULT_INJECTION: forcing a failure. [ 1775.860005][ T5668] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1775.910278][ T5668] CPU: 1 PID: 5668 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1775.921744][ T5668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1775.931787][ T5668] Call Trace: [ 1775.935068][ T5668] dump_stack+0x1b0/0x21e [ 1775.939390][ T5668] ? devkmsg_release+0x11c/0x11c [ 1775.944320][ T5668] ? show_regs_print_info+0x12/0x12 [ 1775.949503][ T5668] ? kasan_alloc_pages+0x4a/0x60 [ 1775.954428][ T5668] should_fail+0x6fb/0x860 [ 1775.958841][ T5668] ? setup_fault_attr+0x2b0/0x2b0 [ 1775.963860][ T5668] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1775.969226][ T5668] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1775.974762][ T5668] ? find_get_entry+0x5da/0x670 [ 1775.979601][ T5668] ? xa_load+0x323/0x340 [ 1775.983831][ T5668] __do_page_cache_readahead+0x244/0x510 [ 1775.989452][ T5668] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1775.995850][ T5668] ? unwind_next_frame+0x1c07/0x22b0 [ 1776.001122][ T5668] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1776.006824][ T5668] generic_file_read_iter+0x626/0x20a0 [ 1776.012272][ T5668] ? find_get_pages_range_tag+0xae0/0xae0 [ 1776.018012][ T5668] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1776.023371][ T5668] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1776.029422][ T5668] ? avc_denied+0x1c0/0x1c0 [ 1776.033914][ T5668] generic_file_splice_read+0x491/0x780 [ 1776.039450][ T5668] ? splice_shrink_spd+0xb0/0xb0 [ 1776.044375][ T5668] ? security_file_permission+0x1e9/0x300 [ 1776.050079][ T5668] ? splice_shrink_spd+0xb0/0xb0 [ 1776.055001][ T5668] splice_direct_to_actor+0x3cf/0xb00 [ 1776.060360][ T5668] ? do_splice_direct+0x3d0/0x3d0 [ 1776.065369][ T5668] ? pipe_to_sendpage+0x300/0x300 [ 1776.070386][ T5668] ? security_file_permission+0x128/0x300 [ 1776.076087][ T5668] do_splice_direct+0x279/0x3d0 [ 1776.080921][ T5668] ? splice_direct_to_actor+0xb00/0xb00 [ 1776.086456][ T5668] ? security_file_permission+0x128/0x300 [ 1776.092158][ T5668] do_sendfile+0x89d/0x1110 [ 1776.096650][ T5668] ? compat_writev+0x390/0x390 [ 1776.101400][ T5668] ? security_file_permission+0x128/0x300 [ 1776.107102][ T5668] ? vfs_write+0x427/0x4f0 [ 1776.111546][ T5668] ? fput_many+0x42/0x1a0 [ 1776.115870][ T5668] __x64_sys_sendfile64+0x1ae/0x220 [ 1776.121053][ T5668] ? __ia32_sys_sendfile+0x240/0x240 [ 1776.126325][ T5668] do_syscall_64+0xcb/0x150 [ 1776.130815][ T5668] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1776.136691][ T5668] RIP: 0033:0x45dd99 [ 1776.140562][ T5668] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffffdf9000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1776.160141][ T5668] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1776.168521][ T5668] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1776.176470][ T5668] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1776.184415][ T5668] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1776.192355][ T5668] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000023 [ 1776.200295][ T5668] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:02 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x4040, 0x42) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffffdfd000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, &(0x7f00000007c0)) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x2d, &(0x7f0000000780), 0x0) close(r1) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) rename(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='./bus/file0\x00') setsockopt$inet_tcp_int(r3, 0x6, 0x7, &(0x7f0000000080)=0x1f, 0x4) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000500)={{{@in=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000600)=0xe8) quotactl(0xfff, &(0x7f00000004c0)='./bus\x00', r4, &(0x7f0000000640)="0d9b400ce039a34b2b9d4284d095d44728d53e40d5ed97e30b0134712fee6b09d2de6e2490c662b87e81200131afd856815de1da8113333066ea40071c51e071e2f86aac7391cac9ccb511acc98019914ecb5e6348e37ef84dad376873cf1beb40b116e9785ab96eeef59fe3832c71d4644344c3d0a05a6ca9bec6a6e41d30c2c4356294d84c4ca16946e5bdb5e517a2960b1725fb535ee4b75c") syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000180)='./bus/file0\x00', 0x5, 0x3, &(0x7f0000000400)=[{&(0x7f00000001c0)="e439efc87df8bb066e6d0187e8d146dfe8b8105cbce7303b8f4f6da167c0d4b6bb58795b3feb6354c27a51bd6c1be0eb12274630cf6a80a8e43b032315942eadd12a84bb73e8c30b78d93b93c72b49ab168eb6d53861bf0a6f8d762f66d14f4e252f9e3aa4989c2087cb86d9e144404ff64e6b869f03f7c6e244081f9a83448f4123ddfdfd70d2dde26e8fa73bcbe1e504a2d3d2b98255a9a6e225af28f1c21a50b268c598c06f398d1d270a460ad00267d2a2579884e1f73394b52b803e937a0047845b97c4263270ef62bc1b18b6efb1365928e857bf2e87705217b9f8", 0xde}, {&(0x7f00000002c0)="edef952cd54cee743ed0e99bdf7c0f98506cd18e387e0b6ec0b551fc27dc78e11641312a35d773f5f6b287661cafaef970a67c103fdadf40409556051e3d755a7c566aeec91d025616fbfa47a097d7502a3277479cc52c164c10229780b20db89b3b0a60e4a34f5e14bfd175ff9080d3e5fb2c0c13573a9a5abb921b40869da05a44f7bb34d77f0037dc8b91a5f585cc9aa88e80200108b0db509037505096b007f31a7e39cc4653666106e12fcc1f59456797a765a2802ae5b33b15dfd84a0975aa04d79bf792f99559c8ae7392d0d6af9320b9d735a4380bc220826effdf8b658e905b23a9408b111948cbc0c836123f4e54358e26c8f7", 0xf8, 0x2}, {&(0x7f00000003c0)="5f3b71c0715cee3339380e324f966ec1dc9389a67ee88c9177f4ad7106299985bf3139a5f9806ba660277a946ad84f652f01fa51bba3aa5a6567", 0x3a, 0x7ff}], 0x1008840, &(0x7f0000000480)={[{@jqfmt_vfsold='jqfmt=vfsold'}, {@noauto_da_alloc='noauto_da_alloc'}], [{@pcr={'pcr', 0x3d, 0x2}}]}) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) r6 = creat(&(0x7f0000000700)='./bus/file0\x00', 0xa0) ioctl$CHAR_RAW_PBSZGET(r6, 0x127b, &(0x7f0000000740)) 03:04:02 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x154, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5, 0x83, 0x1}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5, 0x83, 0x1}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5, 0x83, 0x1}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0xd, 0x87, 'l2_drops\x00'}, {0x5, 0x83, 0x1}}]}, 0x154}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x8000, 0x0) sendto(r2, &(0x7f00000000c0)="6087e11f5cfb07a40510feea11b2c9ac7761a46a259cec2c840ceea586e014cb44a55582c45f270da4eb2ebae2b33c639b8c1b9a28cb7ea875640274ac39e259bc054b2cdf3b3113e216134983e0c2ab", 0x50, 0x10, &(0x7f0000000140)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x3ffe}, 0x80) close(r1) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffffffe000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000fff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffffbff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 2 (fault-call:8 fault-nth:36): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fffbffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000f9fdffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1776.498442][ T5698] FAULT_INJECTION: forcing a failure. [ 1776.498442][ T5698] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1776.525048][ T5698] CPU: 1 PID: 5698 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1776.536504][ T5698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1776.546551][ T5698] Call Trace: [ 1776.549837][ T5698] dump_stack+0x1b0/0x21e [ 1776.554160][ T5698] ? devkmsg_release+0x11c/0x11c [ 1776.559089][ T5698] ? show_regs_print_info+0x12/0x12 [ 1776.564277][ T5698] ? kasan_alloc_pages+0x4a/0x60 [ 1776.569205][ T5698] should_fail+0x6fb/0x860 [ 1776.573614][ T5698] ? setup_fault_attr+0x2b0/0x2b0 [ 1776.578634][ T5698] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1776.584004][ T5698] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1776.589536][ T5698] ? find_get_entry+0x5da/0x670 [ 1776.594373][ T5698] ? xa_load+0x323/0x340 [ 1776.598606][ T5698] __do_page_cache_readahead+0x244/0x510 [ 1776.604239][ T5698] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1776.610638][ T5698] ? unwind_next_frame+0x1c07/0x22b0 [ 1776.615909][ T5698] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1776.621628][ T5698] generic_file_read_iter+0x626/0x20a0 [ 1776.627080][ T5698] ? find_get_pages_range_tag+0xae0/0xae0 [ 1776.632785][ T5698] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1776.638148][ T5698] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1776.644202][ T5698] ? avc_denied+0x1c0/0x1c0 [ 1776.648695][ T5698] generic_file_splice_read+0x491/0x780 [ 1776.654231][ T5698] ? splice_shrink_spd+0xb0/0xb0 [ 1776.659163][ T5698] ? security_file_permission+0x1e9/0x300 [ 1776.664868][ T5698] ? splice_shrink_spd+0xb0/0xb0 [ 1776.669792][ T5698] splice_direct_to_actor+0x3cf/0xb00 [ 1776.675157][ T5698] ? do_splice_direct+0x3d0/0x3d0 [ 1776.680166][ T5698] ? pipe_to_sendpage+0x300/0x300 [ 1776.685181][ T5698] ? security_file_permission+0x128/0x300 [ 1776.690882][ T5698] do_splice_direct+0x279/0x3d0 [ 1776.695721][ T5698] ? splice_direct_to_actor+0xb00/0xb00 [ 1776.701256][ T5698] ? security_file_permission+0x128/0x300 [ 1776.706959][ T5698] do_sendfile+0x89d/0x1110 [ 1776.711460][ T5698] ? compat_writev+0x390/0x390 [ 1776.716209][ T5698] ? security_file_permission+0x128/0x300 [ 1776.721915][ T5698] ? vfs_write+0x427/0x4f0 [ 1776.726318][ T5698] ? fput_many+0x42/0x1a0 [ 1776.730633][ T5698] __x64_sys_sendfile64+0x1ae/0x220 [ 1776.735817][ T5698] ? __ia32_sys_sendfile+0x240/0x240 [ 1776.741091][ T5698] do_syscall_64+0xcb/0x150 [ 1776.745582][ T5698] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1776.751457][ T5698] RIP: 0033:0x45dd99 [ 1776.755337][ T5698] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1776.774927][ T5698] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1776.783326][ T5698] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1776.791281][ T5698] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:04:02 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sched_getparam(0xffffffffffffffff, &(0x7f00000018c0)) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x100) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000100)={0x208, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x5c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x58, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7fff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffb}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfff}]}, @TIPC_NLA_BEARER={0xe4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x13, 0x1, @l2={'eth', 0x3a, 'netdevsim0\x00'}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x9b92, @mcast1, 0x7}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xf5d2, @dev={0xfe, 0x80, [], 0x3b}, 0xffffffff}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x6, @private1, 0x6}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x8, @private2}}, {0x14, 0x2, @in={0x2, 0x4e24, @broadcast}}}}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}]}]}, 0x208}, 0x1, 0x0, 0x0, 0x4084}, 0x1) close(r1) sendmsg$sock(r1, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f00000003c0)="4dfc8a5551a6c5d589ad99290e854b48335121f7d529a42b6595e627ce3d0def38563eec9150782d3b24f71e26d97e0b463aa67823eadaf31fb4eb6fc5e368751bf4d98a1d044655e70bc17791122f0c3be2874625c7e402512dd4a05e6cc14690bf6c83b8087f500cbda3844596e11a374a742c0342ea56ffe4c5aa84601b63b10d6326de2b5fb2be9f9b10a1111f2631", 0x91}, {&(0x7f0000000480)="1deaaddb915f23a028233f266dbf8e84eb3e47aba5b97cf1a06bae26fe309e201e7052523333eed585e3cc9f19e3d92a2181ff3b2ba31c9ca8684ce1e5a0c223cd423c", 0x43}, {&(0x7f0000000500)="693dc718ff86ca2754f754d17cff5c8d7451e1c254fe5573ab82590a0269ed770254e877c8279ec77dc736afa480a29bf1adcc9b2416227c0a439695cecfa4f159c7f84372b2c0cab6e7c683297f2f9528c78c38ed45189db59dc1696b5284a1113f344a3d0d2670b82816df32a151b8768f5af649737582975701bfee5d3f6e696bbc0a50888a69b3093a8a40f6a29eb60758cd0859d03b16d83703758156c0add323edf23129546c71b812ae9739002bd7978bba4ac4d2f3502ff8196230f06c77d5d21f6b032e79c63249a5fcf556844d31eb43e174eba341f24b7536ae25ddc96717eb9ad9b84f524abf56a48fec4425d73fb9aa4a190a58", 0xfa}, {&(0x7f0000000600)="db2d5f7eb8ba23f0760ef5959acff92d17476db0424cd4141098347a7556b8288716a1caa6dd3cefd5e2a436b62cd8be08d5ad5ece9f8dd4c96f1ace8e3c6c6244c4e4549ac2eb7d64caa521ea5616e40e4d552c027da20078dbc2faeb021fc1e161b00b09d4591915cb7942c7575dc89397a0b0f2ae5c41b7c4acbb87227db9fb9d4a841f834888967000d7e9fdc69477", 0x91}, {&(0x7f00000006c0)="78f0075284d9ab608833dfb5a58c88c6844465bd41b00f28a729af30b1a54edfd3aca2f8386bcfcd905c9206ce4b2470f1baff01d63e9d5c1054764e006df267fd8905de5b4d8b759e8d164cf629c9f7e3b9f332d3a0e16e5c4a729b82f451a92360483122e54ee45295341655885596c885f2a36ab8ad40e883f9f4507bc86f1fcad94a2221fb39b3847cd5be766b0ed8668cfa81cf26b9", 0x98}, {&(0x7f0000000780)="64cd4093926a128c62ee0681c454267f2bf23bc482e4b26b2cedad4844ef103ca78ee7e081fc020fcc62058cc9ef2d926f1709b792f31a7c29caa030ba4fbc7f1e1e6fd601edcc29586e8976fb9bd259c7b50b9af499697683df7f4273f236c7fe5c978ff851bba85eaa137a436e7ecb95396964a190bb63b9134f9093260c5c5fe53bb45052bc32abd5de65ace9119402b452b78d131eeaaf1ea824f8e46f8e335886c2b4cae704737658d6f55dd043d38d6fd75d2307da8d69c50194b029cd0cee94dfd14fb1c24c020fb6b9a65fbff4f243a125cd10527a5b7751bf9d6544cc4f55b42c2d543f3c673dabfe6fe19d5c2441e73f44f1ea444d509ac26bfc2a79cb15fbb840c4a96d6f6d7367abb029d412f21e5cfa82fe263ba655d30e137c23bbde7fe959246b167607b8a0de31a217d4ed65993b1ff385da589b2698e95aaab785b9f9dec72f8dc1fe1aa51107e50735bf397ddf29bbff3a12bf2c287391619d62696894263e40f3fa4dd0b05e990bc240eb29ba3d380d294f3464998463dae28e95661e33bbdb95d54a7b9646ce3ec19547be25abd648764f212d0347d928995502aa3b705fa173cb64ab1a61298ad1a30be238126f9be3772fbff32465badf67074f4e2b5a5e6715268ac78fde7399775a6415b56f03fc12385ee3558f7099402275d270088ae52a45e11b2f6c121773c6a5e62d55157b059abc53e5309ec916a8e5c949d04691d8c5394f814820a2950ddf7233f77d0e50dccfb11e4cabc8649c42bc43b3210c8a8ba8684329d2ac1075486f4cc7d6ce2447a124d725f3939d5c8564156915a7d6924eab15bf19212393925f6ac2b15de8b77f5aaf6cb247c852a48f6c8baa05bbd71453a79f839d61e44d1a00522bee3b3f3de1ec0627f3a3c1e72cc90a9b12b61824912cf47ae3992089819b5c857cc59099381665ecad9797348a4e0344d2ec4bbc005d0f8f33334a9b14b2f33f20b53f56e2e15f8521609b5d9de1711aae5dba9d3ebfba9e244308980ab1e46daef7a84d9624eec3ae4dc7ac20486044e262be226f775844c251ce3693bc1f273309232951aa63c599da28908ceba0cc6e52faf78d96b9bd0da174cceda3d7390b926d75621d8e36b582665d91347ff98dc509822f71123eee6a896a520fbd0e985d49280eac0f7828603ca39cae892e137a23b682c23349347adda1764e59b7664199fd4bd58e8a2f1ddbd45609d8311ed04f633083837ea566254d268d92c7505b8ee628d0cb5a621d4b3e718516c933a6dc1d6e8303da14593cfd071f4fe4f3adddb10eecd6ac009d93fe51b0291d84966ba1a11d1d9aace715775d464d3e579218743091bfadf29c9cdec152f2e6396e86efb57bed22c60c89569ad6ee9b69e3c15422a1999d2cb9aa27cbc68d7a43f8733f936462af59f60bec58f691d7940390c26a489ff19ac5fb09a6f35d93f298b53d8a7a343568a5bc60a3fc8683439e11ed1cf251992515f0c2f747023e4e311d3505419027ae10e67c1200387c0cc523edd8bfe2ac7f11df5bda5b99a339dd3f65587bbf26ecee0523d0f1c40533ad37769cb360fd60dc5fa6eb4795eb8f2c7be87f93f630203cfc4e074d86e781fba001827c2f4ce342a8e190daae9e51db04f72951a2776ad765ba8b385be5ee7a4701f59476967871dea1127035f6bb86fc89c6cd06f7cf942ff369136286063b16c5500dd06563ff8ba4e3e9f052f92fa66b1cd0155c0fd6e9b6de147ee02279ac68dbbba2e0c588f3b61fa471015182075380161c7d364c432cc3284c0940d391ab55f8511047f02a963a5c3b63c3e0c0901f7ad7d325e46110bb9a327e4931ef971fea00559604025a41151635e1fe3c4facd69175dc2daefb73dcb5b035f77fb359f3053f7575bc07c573451adfcae892643003a5fe4d477318fa82cdad5c079010bc415901147e920e71be32572ea5c40d56706e9ed5a84c4ac280a07efda1dd050dcaabb387998d83874714ac8b7ecf7395ba1db66dadfaf04ee947fc9b0413a338cacad7a77b016914676e5f1131cac329deaa11551355f06c289c385483475f54583514aa6885fc42458057559f4749d48c76cb894cb23275b040ad8815ce3be72a77795a155b3bf5ddb187ff961bebdf96b7390285fad66f8965af2e33164056c31c1aca4b94ddec46d0a0ab7432c97393fef75c6787dc879a93f5dc54f122df27c96fc1c32262ae816cecd021a4120c0cc6621f5a9c3130b08018a2525ef14673bd2f875579c10156f8a9a8361218bca35e35806115fe564ad91d6f8d53db04229e6afa57ee66768d7566629a910b45f1a9febe75228f95f402d1681cc1b75eef96838f979f944d01cfd29b32a71e963578bb9a03ac8dbb0353dad078578e55423a2f96c987568af122253b015c8e635fb7b8ddcb4bf32d199b1c9788cd7d24263f8771fcfe9c8557b7c8b33d03db5585787211f96fd38329c67cf85721c378206fb8736bdd8ce114021cb2803e20dd5f954fdf14a09497dacb2bce018baf62750e2917a3986b0c6644ebabb7fae3464e92b049bdb5a83f734c0cb771c54099d8f7fd82014a70ccda94c29b4871c1373b36a05977a237e08fa4e59938fc60b5edd24e56d67a40a232010320f6d3750dc3aa0a72b319a20e0a96cc3b548c0b69ccea4e5f169b7139b90ebade00adcdb3d74882cb0a138899f4d7a755faba7c0b9b87ae0118b737a5cad5000db7c89748d3ccc4318a0b7b49fd36c6514e8c9a24d5aaee78a1c91fd2d5e21ec262dd8892fb40887609e182d8589e7f2ccc1119cfbc60cc3770d9bdb16070c9c15c9523ee92c5142fbd47c11d26d6b56a914311a60138000c9e7cf61b97d651fac7cbb77e96d6dc656e5c2b7529109d20c52476eaa7373ccae07db5fb063add5c99c4b48e0d87643c6d930493a89e996ff2164e3c7c623d19cfbaf7edbfcba2acfebb99cc0fa3804a3433c0210d881dd76a8359ecafb590b6b4b397149116a37cb424dbf66d26d4d351aceaca08e1303736362a382ade7456079006e8deab42406e1dff9f67c447b6e7f3230cccafea0fcf228cf47d470946ee6cc10905e1a7c8fa0cc789d1fda7099d49e7e726e278536ba80f0b06025319ab4c0cd242a7dffd6467493e820b2b4f8e9f1f6aacf352ab153de2aa30653bdf6470570f4ebe011abed7570a79bb1e4159ff6fb2b331d8e58313f313841555abcf5294c2ecf971e711b0d9461ebdd204b82c38fa6f71a6ca525620f9b8c56da5edc4e61d984e4c9f7d5487d5a160140716d3abce9622d1652a16e8dbcd94f8613a09185c4b7052d773cd6cd3b5ee733688a33e21b43cc3f9cec234b93cc817eb28c015d523293a9d158a61b881fe94a557484b71e0bde5a40764865105963e776cbcb8500ff48de8311a7d78cadb28320bb0cf7935eb63b305aeb7d8966546480157bffda08f4b32809159c82b1ea181e8254d50adeb7adfc45ac2b45b1f537d84deec19e92a036f27e1b6d3b5117506334d5a17680ee2338a6fd01529d16b42ebffd9d97866d15258e2f1b9f3b33145f2ed094be6f514fbd53ae2f29228bc37f891a53a88b43f90ae1a5cc7df4847dfb64b9b92f9b34ac074acd4aff10d3673cdd8ff0ddc8d3408a7dae91c39413c76876f9d3fbc177a18b1962444356e9785e1d4850c3f5fe42dfa4e057ba1e1c4b6a8fc263e3200dbe31a84746e0cb5fa12b37fbed5f706378bc48540ca90182e864753363ee6c14a00c18c7509efbec975220c4451abbd197f69bcf294d86ad2ab0b705060efa8647fff7f56f9db07f4f7ec039e8f45d797616f9f7ac77c17b07b7cc179cc85be66b5b6d97d097ebcd45635803adf6751672f03a0512fdb2ff3a4296ea8f4fb196139a55119e0b129687c96393639c2ab4e50518a0e38da708852350f0ba6886376a174e4d76e01fcfa1fb2b4f60f2d8ebd0e089cc4b4ef39315a81e079cc1d0007aa39bd2563ca3262f22bc31dde39d9b1af27bdeb56bb1c5cc413ec43ac012f394a4689851a817520a1e6de7febfebd3238f008a19dff54aff1845186383d18456741ee618990f68d94083cbe1337a4e8ed93f3cb922bdeb9b33feb792e479dd089e2e57ef990fdbe1b4b2e71ce8d3260c8544962176a04c6e048cedbda747d2244955298bf29d1cb0cb423cd9cd14280d74d6c530be74e3e7c9b2a2452cb08d16523a358b68f9403d83c91979cf5c05b7c401791ff0812612c9e80f11a9c4df66f938af156c519a76061e2bfb7e98802925323c9e4bbda5b742c65b36b24255e54fe0862a59e21b889aaf40cac35d496f632cead038ca27ee3450004a4faa86d8268ca511fd443b7b5386dfa62f620702f8bf090da743f38954086da86ec1b0c3b1ff8d31428265e48c4ecc6bb13d381912d384378ceb2ba138ef02a66e112b90773d3fa33c5bc8ba8822a8b0eec7ca8f3829db640d2d8d643dfa4ceb8c682655c9967a3bda06252868c3ff956bb7ca67763cb01b83acd74458be86e2de6074b115e788d98850189a7b4cdda1a3a59ab1d929bcd3aa0ee877309db62ff9dac259a5cc1da5fc1e261f1fb5a001b59029396ea646ee9cfbe1a4a2c72d07d5d40c01d09b52181bdd1888438e3d29dd8b6cc602c861fcac097c4b3d0b242af604d080212aa1ca4ecb0d24877caf5f843bc87cef379cfdebc4e9c344b23c1926a9c8a4ccfb0d72bbf61f8b4637fdf6cf662d77122b9fa2c4fc8e8e023e162f57c57591680a5d04204ddbccfce77bf9c313b6c5ec52e31ad84b0789457d0934f1f8974f67604a64475c8d26dc785ff57f49e20c1a43788e96cf6160c89fcf6a80ff427e2b1a801807334cb0207fd82089177328d1984be5ed9fd266573cfebfa85f5c6ed01e8e6832d5b6e5b230ad46ceb18403c1900168dec35f30ef93a06183280c1ec0cf3245e302d8290afc8ef9aa4859ab98e2754063d7a96a1dd758848b9298b767c695efee68ed965799d415db0be0814666bcd8b8583b2d15213be471bfbfa62b2c545489b8ba479d69e4f14f1e024556e66b504f32a2c6d729c1dc0001422ab714c305f72c027d9c6e2c0b753c619ca6461afdf3d218d9735559a7cb9edd26bfb1410bf45f7284ac3e3994b7d7eeaad39498a8c1c6051e93582e3e3c290906b6628d3cfce3c392388647cc823b57fa7c5230732e7f3ab186dcc2afa006121898cf5575c2d23ac4f7a835eecc87f23b3d2428376c0abca0c88e1836e249eb35185ec99e6843845eb52398bfece0686f3254461b436e86efd4b4e71b57fa420b30f1433db4978dd76388449f395db74438ac233f636077161347e80b51d09e2332131e5f468900122e0d6cb44c55fa1ef417d2199cc5bd3654ee8cb2765fbd0678df403528d0f2b679f2c2ef8a0c6188dfd80ffe63623ffad55399decc1177b801748c577e7551c28c773b876c394aa0d10df36001d8d0a544c965f1df713e4238086e36db1c6a5c57a08f27333854dfef11bded1570aaaf9fc0692f9988580fd5755ee763ceea8c9b42a7a26a04a5e84e53606901e6a7184464af7e765ad014f589c4ec693dfa80f984d38205dd7d244438621a6241504cf30dc79da442295a359a38587537d7b9983477eb4aa91fc797fb6991d96fdcc9dbbe589aa8843fdfdf8cb89d67d095536824ba66553a066c4eb98fea0d25f8466722e2d58e7bcbd25eb8b43a62b0209785eb787122d4f96fcb8df90bef28ff674f2cbd150398b4ca2d828014ef43bb6f7702255b73fa538ea67a381f087801d25a2a544607861b3258021df3014", 0x1000}], 0x6, &(0x7f0000001800)=[@txtime={{0x18, 0x1, 0x3d, 0x1}}, @mark={{0x14, 0x1, 0x24, 0xd32}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}], 0x48}, 0x0) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:02 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) setxattr$security_ima(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@md5={0x1, "0a239a1735ba5cdfd626e656d5673687"}, 0x11, 0x1) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) fcntl$getownex(r4, 0x10, &(0x7f0000000140)) getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=0x0) setfsuid(r5) 03:04:02 executing program 1: r0 = fsmount(0xffffffffffffffff, 0x0, 0x74) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x10, &(0x7f00000002c0)={&(0x7f0000000280)=""/41, 0x29, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000080)=@raw=[@alu={0x4, 0x0, 0x4, 0x7, 0x9, 0xffffffffffffffe0}, @ldst={0x2, 0x3, 0x3, 0xa, 0x3, 0xfffffffffffffff0}, @call={0x85, 0x0, 0x0, 0x86}, @call={0x85, 0x0, 0x0, 0x5b}, @jmp={0x5, 0x1, 0x1, 0x3, 0x8, 0xffffffffffffffc0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_val={0x18, 0x9, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x8}, @map={0x18, 0xb, 0x1, 0x0, 0x1}], &(0x7f0000000100)='syzkaller\x00', 0x5, 0x9a, &(0x7f0000000140)=""/154, 0x41100, 0x4, [], r3, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0x2, 0x6, 0x100}, 0x10, r4}, 0x78) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r5, 0x800002, 0x0) write$binfmt_aout(r5, &(0x7f0000000080)=ANY=[], 0x8a) r6 = socket$inet6(0xa, 0x400000000001, 0x0) close(r6) r7 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) socket(0x2a, 0x2, 0x6) connect$tipc(r7, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r8 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r6, r8, 0x0, 0x200fc0) [ 1776.799238][ T5698] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1776.807192][ T5698] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000024 [ 1776.815147][ T5698] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000fdfdffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) connect(r0, &(0x7f0000000080)=@vsock={0x28, 0x0, 0x2710, @host}, 0x80) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) exit_group(0x80) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000007fffffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000008cffffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000f6ffffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:03 executing program 2 (fault-call:8 fault-nth:37): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000feffffff000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:03 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) close(r0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:03 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0xd, 0x81) close(r1) r2 = socket(0x1e, 0x4, 0x0) signalfd(r1, &(0x7f0000000080)={[0x3]}, 0x8) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:03 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f00000000c0)={0x0, 0x0, {0x3, 0x1e, 0xc, 0x7, 0xa, 0x80000001, 0x3, 0xbd}}) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000680)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000640)={&(0x7f0000000140)={0x4fc, r3, 0x20, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0xc0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x73, 0x3, "f9f79bf0a8a78fbcb05bb8f6ecc86d55b8f5adc2a017f6933b10f981016077d9496d412d0ab158daf79583b57c529e324c3af56dcf954ee92c539941af9cb75748d180c1c0444cb281bed7e1f6e7e2b2e40337097238e6cfab0251fb68983708178ac7b067c63ed56d023527fb1050"}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "2ba9e2d57ca3f72fade4c7143b370d1e27d04a723ba469f765c401abb2fc"}}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xbe52}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x45a}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xeec}]}, @TIPC_NLA_NODE={0x274, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x92, 0x3, "e90f3610812e14d268804f340192ae4086f769fb454718fef8a739b1276889c1706fc92934b4ee5a644bc70459eb205416438d2d0eb842dfee6ec76929ec37cfc0b76080801507c2003763cfbd1264eb63e2debb7f7c8bbddb3cdea47d6a2015c1958a2680ca49861f8c6ecb393a60dff16d5aba9f8aacfa28957aae9a35cde3996a48db8c495c9817735c07c255"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "47ca68979ba473cf600d7391afc2cf1fbd2033bfc272988e596bc4c8b8b74cae9d716d72"}}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "544732e1f9dfd89c6d538e04057ed488a8f8a3fd20048a112399de1769299d"}}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "3f3afbc1afa2ed15faf24932ecfacab09de9a62bc39656e4744233b88b"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xbe}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ID={0x20, 0x3, "0a5cfb806ac06baa1f5304c712cec7e074fc4f6d9805440b5cc22573"}, @TIPC_NLA_NODE_ID={0x4c, 0x3, "b12134c99fc57e96dff325a2e6a87fd1c4a5df321a2c0c5b87548b854b3c2ce776d229a712d22316c38335a21d14065980a08dcf431383ce201f770b127a82417ddd12cc4dcd8108"}, @TIPC_NLA_NODE_ID={0x79, 0x3, "76af325822f8bf199d0409057ddc0e7ac6514fc22d47049ce54a01710ad38a427b635e6efa48f9d83647e7e42688b16dfb5ca1ebc4c8078c5808c48fa4465b1801fbdb9fe54b76dfc6c0f414d47a71b5d44ff10f2d12ef08c221af3d0d061631fef0531d8f144e42244b41a6bae1b504a88861816d"}]}, @TIPC_NLA_MEDIA={0x64, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa89}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0xac, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3a32}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}]}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "0725220867d0138433435b57ff1f27a90b64ce8032"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}]}]}, 0x4fc}, 0x1, 0x0, 0x0, 0x80}, 0x4004880) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000010000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:03 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) recvfrom$unix(r0, &(0x7f0000000080)=""/34, 0x22, 0x2160, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) 03:04:03 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = dup2(r3, r3) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') dup2(r3, r5) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x38, r6, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x18140008}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x7, 0x24, [{0x16}, {0x18, 0x1}, {0x48, 0x1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x20008000) close(r1) r8 = socket(0x1e, 0x4, 0x0) connect$tipc(r8, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r9 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r9, 0x0, 0x200fc0) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000004010000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1777.264759][ T5744] FAULT_INJECTION: forcing a failure. [ 1777.264759][ T5744] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1777.334290][ T5744] CPU: 0 PID: 5744 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1777.345755][ T5744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1777.355795][ T5744] Call Trace: [ 1777.359078][ T5744] dump_stack+0x1b0/0x21e [ 1777.363398][ T5744] ? devkmsg_release+0x11c/0x11c [ 1777.368326][ T5744] ? show_regs_print_info+0x12/0x12 [ 1777.373519][ T5744] ? kasan_alloc_pages+0x4a/0x60 [ 1777.378445][ T5744] should_fail+0x6fb/0x860 [ 1777.382854][ T5744] ? setup_fault_attr+0x2b0/0x2b0 [ 1777.387868][ T5744] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1777.393228][ T5744] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1777.398765][ T5744] ? find_get_entry+0x5da/0x670 [ 1777.403601][ T5744] ? xa_load+0x323/0x340 [ 1777.407833][ T5744] __do_page_cache_readahead+0x244/0x510 [ 1777.413457][ T5744] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1777.419859][ T5744] ? unwind_next_frame+0x1c07/0x22b0 [ 1777.425134][ T5744] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1777.430841][ T5744] generic_file_read_iter+0x626/0x20a0 [ 1777.436298][ T5744] ? find_get_pages_range_tag+0xae0/0xae0 [ 1777.442005][ T5744] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1777.447360][ T5744] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1777.453413][ T5744] ? avc_denied+0x1c0/0x1c0 [ 1777.457910][ T5744] generic_file_splice_read+0x491/0x780 [ 1777.463445][ T5744] ? splice_shrink_spd+0xb0/0xb0 [ 1777.468370][ T5744] ? security_file_permission+0x1e9/0x300 [ 1777.474072][ T5744] ? splice_shrink_spd+0xb0/0xb0 [ 1777.478996][ T5744] splice_direct_to_actor+0x3cf/0xb00 [ 1777.484357][ T5744] ? do_splice_direct+0x3d0/0x3d0 [ 1777.489367][ T5744] ? pipe_to_sendpage+0x300/0x300 [ 1777.494382][ T5744] ? security_file_permission+0x128/0x300 [ 1777.500090][ T5744] do_splice_direct+0x279/0x3d0 [ 1777.504932][ T5744] ? splice_direct_to_actor+0xb00/0xb00 [ 1777.510471][ T5744] ? security_file_permission+0x128/0x300 [ 1777.516178][ T5744] do_sendfile+0x89d/0x1110 [ 1777.520671][ T5744] ? compat_writev+0x390/0x390 [ 1777.525422][ T5744] ? security_file_permission+0x128/0x300 [ 1777.531128][ T5744] ? vfs_write+0x427/0x4f0 [ 1777.535529][ T5744] ? fput_many+0x42/0x1a0 [ 1777.539848][ T5744] __x64_sys_sendfile64+0x1ae/0x220 [ 1777.545033][ T5744] ? __ia32_sys_sendfile+0x240/0x240 [ 1777.550308][ T5744] do_syscall_64+0xcb/0x150 [ 1777.554803][ T5744] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1777.560683][ T5744] RIP: 0033:0x45dd99 [ 1777.564565][ T5744] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000010010000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1777.584150][ T5744] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1777.592545][ T5744] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1777.600503][ T5744] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1777.608460][ T5744] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1777.616419][ T5744] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000025 [ 1777.624379][ T5744] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:03 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) sendmsg$NFNL_MSG_ACCT_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x7c, 0x1, 0x7, 0x801, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x2}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0xffffffff}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x5}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xd8e}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xa96c}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xfffffffffffff4a5}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x8}]}, 0x7c}, 0x1, 0x0, 0x0, 0x200400c4}, 0x4004841) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000001400000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:03 executing program 2 (fault-call:8 fault-nth:38): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:03 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0xe0af10f8d7ae2b22, &(0x7f0000000180), &(0x7f00000001c0)=0x4) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x620940, 0x0) ioctl$EVIOCGVERSION(r3, 0x80044501, &(0x7f00000000c0)=""/177) r4 = open(&(0x7f0000002000)='./bus\x00', 0x10002, 0x1d) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000002400000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:03 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000100"/18, @ANYRES32=r4, @ANYBLOB="0800050004000000140004006970766c616e31000000000000000000"], 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f0000000a00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="a00000006417dfaeaf7cfbdb171fbe476894c6e06f4433aad95507797e35358e6fb8657c138341f451c2215967ed44916dd0402c3e1ace79e4fbd03c6c38edbb6b47a58854095f7412807c2fd012b5944891969a2dbafcab18a69ca51220df4663db418948ab3f54d85275458221b617af6878dde9135e1c67d0c40fedcb2889cc97ef563c298b4718d4a7281d5ee84977b11df8a7bcc3ff65b5057243270ae5a8599d11caa374b424a580e04aa77162681a2113d6fcd3c59bb900"/198, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fddbdf251601000008000300", @ANYRES64=r4, @ANYBLOB="0c00990008000000410000000a001a0008021100000100000a001a0008021100000000000a001a0008021100000100000a00060008021100000000000a00060008021100000100000a001a0008021100000100000a000600ffffffffffff00000a001a00ffffffffffff00000a00060008021100000000000a001a000802110000010000"], 0xa0}, 0x1, 0x0, 0x0, 0x4000884}, 0x10) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x11, 0x800000003, 0x0) bind(r7, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) write$binfmt_aout(r6, &(0x7f0000000080)={{0x10b, 0x6, 0x0, 0x187, 0x1d9, 0x1ff, 0x2ec, 0x44}, "1d6a5d94c969711af602cfd69ee5f9c80921392232549b699498af7d8c50b7af9d2a75b6ead517fdea15eb323b8f9ba04b6ff4bd10934da477b9d540600dfe72cadfa5568078022b212ab9b1d85653c87424b3c445bf11d17fb605dec8c1dfde2884d53630b6eba221e47f81913775dac8b91a9983d26d8258ba001aef9253c5fdc0e1d345880e049f09d330192e9a7a49394b1d1efce280b2bf76319e6939973f4144cc6bf3ef84d4375c8d158cfbd9f01c39b985b3c0016709637c02b63983af544b65b7168a2214ef08034b5ef74abe6fc7b0c00d44", [[], [], [], [], [], [], [], []]}, 0x8f7) 03:04:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003400000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1777.890897][ T5776] FAULT_INJECTION: forcing a failure. [ 1777.890897][ T5776] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1777.921746][ T5776] CPU: 1 PID: 5776 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1777.933204][ T5776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1777.943242][ T5776] Call Trace: [ 1777.946527][ T5776] dump_stack+0x1b0/0x21e [ 1777.950847][ T5776] ? devkmsg_release+0x11c/0x11c [ 1777.955774][ T5776] ? show_regs_print_info+0x12/0x12 [ 1777.960959][ T5776] ? kasan_alloc_pages+0x4a/0x60 [ 1777.965886][ T5776] should_fail+0x6fb/0x860 [ 1777.970292][ T5776] ? setup_fault_attr+0x2b0/0x2b0 [ 1777.975310][ T5776] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1777.980675][ T5776] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1777.986208][ T5776] ? find_get_entry+0x5da/0x670 [ 1777.991045][ T5776] ? xa_load+0x323/0x340 [ 1777.995273][ T5776] __do_page_cache_readahead+0x244/0x510 [ 1778.000895][ T5776] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1778.007296][ T5776] ? unwind_next_frame+0x1c07/0x22b0 [ 1778.012568][ T5776] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1778.018279][ T5776] generic_file_read_iter+0x626/0x20a0 [ 1778.023736][ T5776] ? find_get_pages_range_tag+0xae0/0xae0 [ 1778.029440][ T5776] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1778.034796][ T5776] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1778.040856][ T5776] ? avc_denied+0x1c0/0x1c0 [ 1778.045350][ T5776] generic_file_splice_read+0x491/0x780 [ 1778.050883][ T5776] ? splice_shrink_spd+0xb0/0xb0 [ 1778.055815][ T5776] ? security_file_permission+0x1e9/0x300 [ 1778.061517][ T5776] ? splice_shrink_spd+0xb0/0xb0 [ 1778.066438][ T5776] splice_direct_to_actor+0x3cf/0xb00 [ 1778.071793][ T5776] ? do_splice_direct+0x3d0/0x3d0 [ 1778.076800][ T5776] ? pipe_to_sendpage+0x300/0x300 [ 1778.081825][ T5776] ? security_file_permission+0x128/0x300 [ 1778.087523][ T5776] do_splice_direct+0x279/0x3d0 [ 1778.092356][ T5776] ? splice_direct_to_actor+0xb00/0xb00 [ 1778.097887][ T5776] ? security_file_permission+0x128/0x300 [ 1778.103588][ T5776] do_sendfile+0x89d/0x1110 [ 1778.108083][ T5776] ? compat_writev+0x390/0x390 [ 1778.112830][ T5776] ? security_file_permission+0x128/0x300 [ 1778.118533][ T5776] ? vfs_write+0x427/0x4f0 [ 1778.122934][ T5776] ? fput_many+0x42/0x1a0 [ 1778.127253][ T5776] __x64_sys_sendfile64+0x1ae/0x220 [ 1778.132435][ T5776] ? __ia32_sys_sendfile+0x240/0x240 [ 1778.137710][ T5776] do_syscall_64+0xcb/0x150 [ 1778.142200][ T5776] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1778.148073][ T5776] RIP: 0033:0x45dd99 [ 1778.151951][ T5776] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1778.171535][ T5776] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1778.179927][ T5776] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket(0x11, 0x800000003, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2800000015675d1c2930535d92e5d3c9432b78e5de4097fa40ebe015daf96b853bc941a16ec27ac072564d476cbe12534c098fd896208734a10f77b876ec43c654b5e80b115653d084c8c9b79aaa7e91c346954657a03112670c79387925a8d6ffd1393f4eb58d2708e3aeb357218524a691e6a054e4e420398c593f42a98a00efd2f98c9fc63c18bc328987aa1c430541d36abd7959ec26aa6a8183fda28c57a6ef3c79f41fef91583b03fd7a4d62935e635f47c0d579aec4bf3c827f78650809a674", @ANYRES16=r3, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="0800050004000000140004006970766c616e31000000000000000000"], 0x38}}, 0x0) sendmsg$NL80211_CMD_TDLS_MGMT(r1, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x2d8, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x1, 0xa}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3f}, @NL80211_ATTR_IE={0x284, 0x2a, [@random={0xff, 0x54, "ddfd5b998f7da7fa1a81c30806d188c54e316af3c647399fec771d7658815bbfca8702858399ac72934e03f2c9d5996a95f649dc51d76219af358eb7348cdcf59d96855ac1fab09b769c22fc71d24301cc21a4c7"}, @random={0x6, 0xea, "5029577355cbd99a4208c80b6a894dbef67752ef2952cf5c71078c60163cf8802040729a2de9c950527b14d3e8c7fbb9dcb6709d1fa3620364386912f1981b44164453f0e5698e9c10e6ac8866f766cdb2400c451f6697c1ee541af184a06e1542d7ee512ed3b8fddd4d28153affe3b506e567ede2b21167eb5e382d64df23dfc90c8770ad5f338127f84b26f921dd2192a05c875c154a1c5d9a59a0b1d6ca0bb7b67a00b26e72857fd5017d706a0e7ae439fd849447c0e5abbf8b91dde35ac5157308dfd284ee6ede6c2447073ce9db6f35e85e3a44c491df2b4dccf9d3c937efeb9971eb8b9af06f3b"}, @random={0x0, 0x5e, "998a1e5f9794dcebf5bcedefc53167df5a7b08a1bc2295b56f96657e6110c8e740f0aa046ba68afddb287c0de9f0611a260a613ada1ec632850ee493f52de51fa7f83af7f87546d9934c2481e9ef000b97b38a51175853eead5e41a2c0c2"}, @random={0x0, 0xdc, "7fe276260bb1c2111b053f9bfa328f2392c256c95c6aa45824ee47781756f6e9e8ddb10dd3521f4859d18c0792816179548b60330a529c9f931c90423218d05b51a3c11e6f783ef98face11e29d03451c90db0e65202a2badabde8d73ff41b3e9b60b68d045abb5383d22b6c51769d645ae9f43261bf5138a49997e6e311881442a3e1d823bbf4bd5f405018d121994603b73e1ea851e835dcdc10921789a1559323ef252050a23d5cf423aedd3e8ef66cb8c4f3c14ef6b510c56fcfe8f5c2812c8d0dbe00bcd0926f42762e9d17191e4cdf1b45e3835af71070e6b2"}]}, @NL80211_ATTR_TDLS_ACTION={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x4}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x1e}]}, 0x2d8}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000a9a393ff768a1e66404de3bdf86be2db8b5c0079020000003ccf69b92a0bff1e39a4efeeabca7ce5370f3a0565807cc44f86f2750dec4a93ea41b153119039bc05cbbd6d72afb201bb2019cade7d25218dd9639fc269020267557c48017e5c629878bfd50bd11c1b50f232ef8ce80f92b5a16f8da5b1d310da89c31b271a4dd7ae8a8825f73e34ebb679d2fdb4c8867ee77d8b58cdb415f976dd2c578d450acd2a56cff8df99b802d263d1e4165ec421806c9fee8c37e7a67b4b274ca578f331e7ca3033bf5c19b2d123933e78e08f9342464cda6e8409bd8db031826a291fc500be3e56675bbe701d10b805c62cf4bc4283a9b7816673266fb8004c045866020ad78627be0eb7f78a37dd77387907df212b7b5d3f0bc772a4d81d78d7e020f87b72746ab9ae6d927cc36c85b24dd1987d43f9e6dca96f56792d9314cb6fcf4321edba367ddbc60ef1c3c55065f194a9c7e0c0bf0a4e61", @ANYRES16=0x0, @ANYBLOB="880427bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000010) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="45000000ec63ea61b0a38792a6608b437709cf04d141ed3f99f42b29dfb0e4968dc443ef3febbbd4f140fb9352116fd077785d43820922b8a129dea03653b771745f7cbd5e602f6ed0734308b9f13722f2be4054d08e92bac625670a553e7e15bd726c489d05943a16ca89a301447dc8be3ee930ff97d81bbfde2f3782351fc47378804250d2aa5daeb32bc14b1dcec3f6d423519aa44f629068190611c0a19ed45f1dd536851cdace6d68d06cdac67dda66ca2dc939ff334d3c0d3dc9bd16687cf3e81b0ad733d3565aebe412f115170a307df54682ab6056ed3eaf225cb44e33", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250a000000080005000700000028000380060007004e20000014000600000000000000000000000000000000000600040000010000"], 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x4008888) 03:04:04 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NL80211_CMD_SET_BSS(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x59}}}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x81}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0xe1}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x1) close(r1) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000080)={0x2, 'veth0_macvtap\x00', 0x4}, 0x18) 03:04:04 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x8) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000005d0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1778.187881][ T5776] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1778.195837][ T5776] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1778.203793][ T5776] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000026 [ 1778.211747][ T5776] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000660000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003770000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x12) close(r1) ustat(0x6, &(0x7f0000000100)) r2 = socket(0x1e, 0x4, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'virt_wifi0\x00'}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioctl$HIDIOCAPPLICATION(r3, 0x4802, 0x916a) sendfile(r1, r3, 0x0, 0x200fc0) write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x8001}}, 0x18) 03:04:04 executing program 2 (fault-call:8 fault-nth:39): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003780000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0xffff, 0x0, 0x10001, 0xffffffffffffffe1, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x40040) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 1778.462381][ T5807] FAULT_INJECTION: forcing a failure. [ 1778.462381][ T5807] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1778.489956][ T5807] CPU: 1 PID: 5807 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1778.501421][ T5807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1778.511464][ T5807] Call Trace: [ 1778.514742][ T5807] dump_stack+0x1b0/0x21e [ 1778.519058][ T5807] ? devkmsg_release+0x11c/0x11c [ 1778.523983][ T5807] ? show_regs_print_info+0x12/0x12 [ 1778.529166][ T5807] ? kasan_alloc_pages+0x4a/0x60 [ 1778.534090][ T5807] should_fail+0x6fb/0x860 [ 1778.538493][ T5807] ? setup_fault_attr+0x2b0/0x2b0 [ 1778.543508][ T5807] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1778.548873][ T5807] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1778.554406][ T5807] ? find_get_entry+0x5da/0x670 [ 1778.559241][ T5807] ? xa_load+0x323/0x340 [ 1778.563466][ T5807] __do_page_cache_readahead+0x244/0x510 [ 1778.569089][ T5807] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1778.575488][ T5807] ? unwind_next_frame+0x1c07/0x22b0 [ 1778.580761][ T5807] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1778.586465][ T5807] generic_file_read_iter+0x626/0x20a0 [ 1778.591922][ T5807] ? find_get_pages_range_tag+0xae0/0xae0 [ 1778.597633][ T5807] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1778.602989][ T5807] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1778.609042][ T5807] ? avc_denied+0x1c0/0x1c0 [ 1778.613531][ T5807] generic_file_splice_read+0x491/0x780 [ 1778.619076][ T5807] ? splice_shrink_spd+0xb0/0xb0 [ 1778.624010][ T5807] ? security_file_permission+0x1e9/0x300 [ 1778.629715][ T5807] ? splice_shrink_spd+0xb0/0xb0 [ 1778.634645][ T5807] splice_direct_to_actor+0x3cf/0xb00 [ 1778.640008][ T5807] ? do_splice_direct+0x3d0/0x3d0 [ 1778.645017][ T5807] ? pipe_to_sendpage+0x300/0x300 [ 1778.650034][ T5807] ? security_file_permission+0x128/0x300 [ 1778.655738][ T5807] do_splice_direct+0x279/0x3d0 [ 1778.660572][ T5807] ? splice_direct_to_actor+0xb00/0xb00 [ 1778.666106][ T5807] ? security_file_permission+0x128/0x300 [ 1778.671840][ T5807] do_sendfile+0x89d/0x1110 [ 1778.676333][ T5807] ? compat_writev+0x390/0x390 [ 1778.681082][ T5807] ? security_file_permission+0x128/0x300 [ 1778.686784][ T5807] ? vfs_write+0x427/0x4f0 [ 1778.691184][ T5807] ? fput_many+0x42/0x1a0 [ 1778.695500][ T5807] __x64_sys_sendfile64+0x1ae/0x220 [ 1778.700681][ T5807] ? __ia32_sys_sendfile+0x240/0x240 [ 1778.705959][ T5807] do_syscall_64+0xcb/0x150 [ 1778.710447][ T5807] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1778.716326][ T5807] RIP: 0033:0x45dd99 [ 1778.720205][ T5807] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1778.739787][ T5807] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1778.748181][ T5807] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000800000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 4: gettid() r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendfile(r0, r1, &(0x7f0000000180)=0x5, 0x1ff) r2 = socket$inet6(0xa, 0x400000000001, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x101400, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) fcntl$setown(r0, 0x8, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = signalfd(r3, &(0x7f0000000100)={[0x8]}, 0x8) ioctl$PPPIOCGNPMODE(r4, 0xc008744c, &(0x7f0000000140)={0x408f}) r5 = open(&(0x7f00000000c0)='./bus/file0\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x200fc0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r3, 0xf502, 0x0) [ 1778.756132][ T5807] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1778.764088][ T5807] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1778.772043][ T5807] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000027 [ 1778.779997][ T5807] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:04 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x92) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[@ANYRES16], 0x8c) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='cubic\x00', 0x6) r3 = socket(0x0, 0x5, 0x400801) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, &(0x7f00000000c0)) r4 = open(&(0x7f0000002000)='./bus\x00', 0x2000, 0xf0) sendfile(r1, r4, 0x0, 0x200fc0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000180)={'batadv0\x00'}) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000001800000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) socket$inet6(0xa, 0x4, 0x6) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0xc400, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:04 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) link(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./bus\x00') sendfile(r1, r3, 0x0, 0x200fc0) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000002800000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x2, 0x0) ftruncate(r1, 0xfffffffffffffffb) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:04:04 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x2, 0x0) close(r1) r2 = open(&(0x7f00000002c0)='./bus\x00', 0x408702, 0x11) ioctl$PPPIOCGIDLE(r2, 0x8010743f, &(0x7f00000000c0)) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r6 = eventfd2(0x7, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x11, 0x800000003, 0x0) bind(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x4, 0x2, 0x3, 0x3, {0xa, 0x4e22, 0x3ff, @loopback, 0x3}}}, 0xdb) getsockname$packet(r8, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="68000000160000042bbd7000fbdbdf250a3f3ac8", @ANYRES32=r5, @ANYBLOB="140001000000000000000000000000000000000014000100000000000000b400000000000000000014000100ff020000000013e52f76a6484e0500371b056e611f564b0114000600040000008a000000"], 0x68}}, 0x0) io_submit(0x0, 0x2, &(0x7f0000000280)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x1, 0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x4, 0x0, 0x2, r6}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x1, r7, &(0x7f00000001c0)="94eb1ffb7738ca92e778931175034fa63501a905ccd9f4d7efb2b5e517f03524bd0bc9e3c44a456c7756f274c64e57a92f8a894718731e9ae5768783c095d158bf2b6a6d3ca68f2b9ac6fb48fc57c774c1f385da39e790121cd04ab8590aafebf0da2056e248a46e8b", 0x69, 0xa, 0x0, 0x0, r4}]) 03:04:04 executing program 2 (fault-call:8 fault-nth:40): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003800000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) bind$xdp(r1, &(0x7f00000000c0)={0x2c, 0x5, 0x0, 0x1}, 0x10) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x20010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'L-', 0x3}, 0x16, 0x1) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:04:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000c00000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1779.092982][ T5857] FAULT_INJECTION: forcing a failure. [ 1779.092982][ T5857] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1779.152299][ T5857] CPU: 0 PID: 5857 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1779.163765][ T5857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1779.173807][ T5857] Call Trace: [ 1779.177093][ T5857] dump_stack+0x1b0/0x21e [ 1779.181414][ T5857] ? devkmsg_release+0x11c/0x11c [ 1779.186342][ T5857] ? show_regs_print_info+0x12/0x12 [ 1779.191528][ T5857] ? kasan_alloc_pages+0x4a/0x60 [ 1779.196458][ T5857] should_fail+0x6fb/0x860 [ 1779.200864][ T5857] ? setup_fault_attr+0x2b0/0x2b0 [ 1779.205876][ T5857] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1779.211240][ T5857] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1779.216778][ T5857] ? find_get_entry+0x5da/0x670 [ 1779.221621][ T5857] ? xa_load+0x323/0x340 [ 1779.225851][ T5857] __do_page_cache_readahead+0x244/0x510 [ 1779.231474][ T5857] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1779.237874][ T5857] ? unwind_next_frame+0x1c07/0x22b0 [ 1779.243144][ T5857] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1779.248858][ T5857] generic_file_read_iter+0x626/0x20a0 [ 1779.254320][ T5857] ? find_get_pages_range_tag+0xae0/0xae0 [ 1779.260024][ T5857] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1779.265390][ T5857] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1779.271442][ T5857] ? avc_denied+0x1c0/0x1c0 [ 1779.275934][ T5857] generic_file_splice_read+0x491/0x780 [ 1779.281466][ T5857] ? splice_shrink_spd+0xb0/0xb0 [ 1779.286394][ T5857] ? security_file_permission+0x1e9/0x300 [ 1779.292095][ T5857] ? splice_shrink_spd+0xb0/0xb0 [ 1779.297014][ T5857] splice_direct_to_actor+0x3cf/0xb00 [ 1779.302374][ T5857] ? do_splice_direct+0x3d0/0x3d0 [ 1779.307387][ T5857] ? pipe_to_sendpage+0x300/0x300 [ 1779.312394][ T5857] ? security_file_permission+0x128/0x300 [ 1779.318079][ T5857] do_splice_direct+0x279/0x3d0 [ 1779.322896][ T5857] ? splice_direct_to_actor+0xb00/0xb00 [ 1779.328451][ T5857] ? security_file_permission+0x128/0x300 [ 1779.334140][ T5857] do_sendfile+0x89d/0x1110 [ 1779.338610][ T5857] ? compat_writev+0x390/0x390 [ 1779.343341][ T5857] ? security_file_permission+0x128/0x300 [ 1779.349024][ T5857] ? vfs_write+0x427/0x4f0 [ 1779.353408][ T5857] ? fput_many+0x42/0x1a0 [ 1779.357704][ T5857] __x64_sys_sendfile64+0x1ae/0x220 [ 1779.362870][ T5857] ? __ia32_sys_sendfile+0x240/0x240 [ 1779.368171][ T5857] do_syscall_64+0xcb/0x150 [ 1779.372644][ T5857] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1779.378542][ T5857] RIP: 0033:0x45dd99 [ 1779.382402][ T5857] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:04:05 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x9) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:05 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@ipv6_delrule={0x58, 0x21, 0x10, 0x70bd25, 0x25dfdbfe, {0xa, 0x0, 0x80, 0x7, 0x1f, 0x0, 0x0, 0x2, 0x2}, [@FRA_SRC={0x14, 0x2, @empty}, @FRA_DST={0x14, 0x1, @private0}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}]}, 0x58}}, 0x20040894) ioctl$BTRFS_IOC_SET_FEATURES(r3, 0x40309439, &(0x7f0000000080)={0x0, 0x1, 0xe}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000001c00000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x40200, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 1779.401973][ T5857] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1779.410351][ T5857] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1779.418347][ T5857] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1779.426288][ T5857] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1779.434227][ T5857] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000028 [ 1779.442164][ T5857] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:05 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={0x0, 0x100, 0x8}, 0xc) fcntl$setstatus(r6, 0x4, 0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) ftruncate(r3, 0x9) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) setsockopt$packet_buf(r7, 0x107, 0x1, &(0x7f0000000080)="79d851dba1d96a9216650b29e342417f26e73ccb63307c91f6d4229654ecbbc731aff04829efc65b906230c52b56d0b23a900d6713f96b3aacd2740c7dd1f217a45d3294", 0x44) sendfile(r1, r7, 0x0, 0x200fc0) setsockopt$IP_VS_SO_SET_EDIT(r4, 0x0, 0x483, &(0x7f00000001c0)={0x29, @multicast2, 0x4e23, 0x2, 'sed\x00', 0x40, 0x400, 0x42}, 0x2c) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000002c00000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x180) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c8, 0x0, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x200}, {0xc, 0x90, 0x1}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x8e, 0x3}, {0xc}, {0xc, 0x90, 0x1}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}, {0xc, 0x8f, 0x2}, {0xc, 0x90, 0x6}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x81}, {0xc}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x8fa}, {0xc, 0x90, 0x5}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x800}, {0xc, 0x90, 0xa044}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0xb9}, {0xc, 0x90, 0x1}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x240400a1}, 0x4014) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmstat\x00', 0x0, 0x0) ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f00000005c0)=@urb_type_control={0x2, {0x2, 0x1}, 0x6, 0xc, &(0x7f00000004c0)={0x4, 0x8, 0x2, 0x401, 0x7}, 0x8, 0x0, 0x24, 0x0, 0x1000, 0x3b7, &(0x7f0000000500)="bc2728003740364a60fae6fb3421a70b449732754c9bef02cb0c9fec4d389751819d4baa454eea6adff4ab5f063cc94a6d358c986bff875c4fae9fbee0068b3b13a0a93719e9feae28bd618af55029aae6bca6ec37f6e36bff2afe9db759bd36c68baef60b34faa53e25005de1c4c11759f4117745001ab6c731e0593ed52e843f41b016742d0980174f85e54b216073f279ad8a0fd14c8e824c2dcd21dea69f7d4e8c77df5abddef6a7032f3edb08b7eee6037fb123657bc4c50548fc8fc5"}) keyctl$update(0x2, 0x0, &(0x7f0000000140)="ff9b1f9a607b1cde15a5a66a5f87284888b8160efa7ce4e36aac83ae49e910f446d947a3e2179e09a973af8f8affe1dbcd041f8f540e6159989dfe586d6db6cf9e0ed99427689240e1c624518ab87357d387f7362bad82d911fddac4245335f6fd6ec50c2f0b905f21c24f63046864a1a7ecfaa25041f6cacecba9e82254ccf8cbcb5cc6c10d869d7f151c914d4d599a915947bc785cd0bd4052e825d32d834fca299558884755a24486f06fcd9c0f39a3ea17ef2b7b5e451bd80488a71475089159b796fd7beb993943d11ebf3eac6bbc930823da", 0xd5) 03:04:05 executing program 2 (fault-call:8 fault-nth:41): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000003c00000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000001ff0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000000000fff0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1779.677072][ T5894] FAULT_INJECTION: forcing a failure. [ 1779.677072][ T5894] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1779.726207][ T5894] CPU: 1 PID: 5894 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1779.737674][ T5894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1779.747713][ T5894] Call Trace: [ 1779.750995][ T5894] dump_stack+0x1b0/0x21e [ 1779.755314][ T5894] ? devkmsg_release+0x11c/0x11c [ 1779.760240][ T5894] ? show_regs_print_info+0x12/0x12 [ 1779.765422][ T5894] ? kasan_alloc_pages+0x4a/0x60 [ 1779.770346][ T5894] should_fail+0x6fb/0x860 03:04:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x6, 0x5, 0x5, 0x0, 0xffffffff}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f00000000c0)='async\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) bind(0xffffffffffffffff, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000200)={@local}, 0xfffffd89) fcntl$setpipe(r2, 0x407, 0x0) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x1, 'vlan0\x00', {}, 0x4}) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000140)=[@timestamp, @sack_perm, @mss={0x2, 0x6}, @timestamp, @window={0x3, 0x0, 0x3}, @timestamp, @window={0x3, 0x0, 0x5}, @timestamp, @sack_perm, @window={0x3, 0x7, 0x1}], 0xa) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'vlan0\x00', {0x2, 0x0, @dev}}) r5 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r5) [ 1779.774752][ T5894] ? setup_fault_attr+0x2b0/0x2b0 [ 1779.779768][ T5894] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1779.785133][ T5894] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1779.790668][ T5894] ? find_get_entry+0x5da/0x670 [ 1779.795514][ T5894] ? xa_load+0x323/0x340 [ 1779.799743][ T5894] __do_page_cache_readahead+0x244/0x510 [ 1779.805363][ T5894] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1779.811767][ T5894] ? unwind_next_frame+0x1c07/0x22b0 [ 1779.817041][ T5894] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1779.822748][ T5894] generic_file_read_iter+0x626/0x20a0 [ 1779.828201][ T5894] ? find_get_pages_range_tag+0xae0/0xae0 [ 1779.833904][ T5894] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1779.839263][ T5894] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1779.845317][ T5894] ? avc_denied+0x1c0/0x1c0 [ 1779.849809][ T5894] generic_file_splice_read+0x491/0x780 [ 1779.855344][ T5894] ? splice_shrink_spd+0xb0/0xb0 [ 1779.860274][ T5894] ? security_file_permission+0x1e9/0x300 [ 1779.865980][ T5894] ? splice_shrink_spd+0xb0/0xb0 [ 1779.870902][ T5894] splice_direct_to_actor+0x3cf/0xb00 [ 1779.876263][ T5894] ? do_splice_direct+0x3d0/0x3d0 [ 1779.881270][ T5894] ? pipe_to_sendpage+0x300/0x300 [ 1779.886285][ T5894] ? security_file_permission+0x128/0x300 [ 1779.891994][ T5894] do_splice_direct+0x279/0x3d0 [ 1779.896831][ T5894] ? splice_direct_to_actor+0xb00/0xb00 [ 1779.902357][ T5894] ? security_file_permission+0x128/0x300 [ 1779.908044][ T5894] do_sendfile+0x89d/0x1110 [ 1779.912575][ T5894] ? compat_writev+0x390/0x390 [ 1779.917307][ T5894] ? security_file_permission+0x128/0x300 [ 1779.922995][ T5894] ? vfs_write+0x427/0x4f0 [ 1779.927377][ T5894] ? fput_many+0x42/0x1a0 [ 1779.931695][ T5894] __x64_sys_sendfile64+0x1ae/0x220 [ 1779.936864][ T5894] ? __ia32_sys_sendfile+0x240/0x240 [ 1779.942133][ T5894] do_syscall_64+0xcb/0x150 [ 1779.946656][ T5894] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1779.952518][ T5894] RIP: 0033:0x45dd99 [ 1779.956388][ T5894] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1779.975959][ T5894] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1779.984334][ T5894] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1779.992289][ T5894] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1780.000272][ T5894] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1780.008213][ T5894] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000029 [ 1780.016151][ T5894] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:05 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000020000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x11, 0x800000003, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) recvmmsg(r4, &(0x7f0000001d40)=[{{&(0x7f0000001380)=@hci, 0x80, &(0x7f0000001500)=[{&(0x7f0000001400)=""/170, 0xaa}, {&(0x7f00000014c0)=""/45, 0x2d}], 0x2, &(0x7f0000001540)=""/241, 0xf1}, 0xfffffff9}, {{&(0x7f0000001640)=@sco={0x1f, @none}, 0x80, &(0x7f0000001780)=[{&(0x7f00000016c0)=""/135, 0x87}], 0x1, &(0x7f0000002040)=""/4096, 0x1000}, 0x101}, {{&(0x7f00000017c0)=@l2tp6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001840)=""/93, 0x5d}, {&(0x7f00000018c0)=""/165, 0xa5}, {&(0x7f0000001980)=""/19, 0x13}, {&(0x7f0000003040)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/37, 0x25}, {&(0x7f0000001a00)=""/247, 0xf7}, {&(0x7f0000001b00)=""/215, 0xd7}], 0x7, &(0x7f0000001c80)=""/160, 0xa0}, 0x1ff}], 0x3, 0x10000, &(0x7f0000001e00)={0x77359400}) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000001340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001300)={&(0x7f00000000c0)={0x123c, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfbbc, 0x1b}}}}, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x10, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_SCAN_SUPP_RATES={0x11e8, 0x7d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x60, 0x1, "758bc12b863f8688cd37114fac1bd1331934063ed203c01f1641986d181dd0ff3169c036ce7d2bf16c497afbf31f842ed84cb981af3841f9ac9972c94d9afc66babc9e4a5bd6e56822035d453a7a0205eb8900de9828bd242b5d09e2"}, @NL80211_BAND_5GHZ={0xe3, 0x1, "4a4d01c24a23a1fe61dd6677b7457b0bcc5e027023ad323c76b8fc4ab47a39cd3d45363ddf2099bd9e306ac286765bb490cf3330a64f7a1717bfa091b4fdf56f1aaa473bcb689834e8844b9f0d70b3f53660093c58b379b962c0a384b1ecdf687071fe144131f20dd31ebbf642d885421e92c9927f6cbc293c263e2e3da7f5db57996557e786c2ee51d138a9ed45251281296c0b58d053483603449634a40ab2d7c1bf50cf26c402a8b2c67693ae7648a79795425b5ff03884fc5bffa674f428eafdd9086156c376ec141be1c3e640717fccd57c84992bae6cb11ab728a571"}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_2GHZ={0x97, 0x0, "b474a1418f5cac68243c5b2b2ff60ba0812dd97d09cf2cd66ddc57640a6e6435ed32ab61d6a3cdeaaec28705c7d1567cd1434fbbe79abbeb3b895117ac31b3f5ce96784cd06f9084f5ce7714efd4280887175f1d4e36d959ec988ae07195406f32fad9aa71c900ec5538c7ff5de3618041c6f64c5ccc86ddae237edc6d93212ea74e1ad64a04b1690297867baa6cd34b7e6cdf"}, @NL80211_BAND_2GHZ={0x1004, 0x0, "680420ce5286fd3bb9710e3737f2b0d21daa754b5a42e3f2de5f5827eb452dcdd12489d78b52ac9e28db0a911c2e42ac47d3f2f0f31d5711a72ea1722d0949e749942ab749d3e8e827d1676bdda5f193838a3cd8e219ecd8b522e6296f7f9c6954d1095f190b526bebb497680e616670359416f5dd39384110ea2d03bbe3eceeac0a933d7fa32772b4460d8447a130968df399fc78868205ed6314220d724b169f2fd080c2c57500ff1b9b746849f32d3536ea89767f4ef2345135ea1bcb67695df17b71340fa20a8c03e81d2cce011610c3e7e953a24e88147fb9f5bfcac23779dac6613a4ad83886410118bbcef6015c55ba5225906ce32188e8148f3bef4922314419dad795d2f5c7941ce723c5c391e31b388df217b139afe028e27f2d7c3bb5de5dcfa5e1f06392558f88f58285814adeec982ed65e8a08437b021a4283de39e0c50fae1399e92c70c005f69cc95405be66dd880125901dadbf0443fdd91946798daa1ac2da1edb356752db8bf43aa8193f625da1870ff5666f29cdb23596fa96bea7a4afccf08732d49a5025474d9c42173adaa2cde6a96ef88220a992ed51698510936845eb2dd494eee2eecfafcbdd3c32dd7d9da671218ca5d3a64002f2a927f50933c39375e1929783efa3c58921727cd491d0e40a0cb74a033cde6e74cd564e898f813375555dc2aa7884be7fa197b7b61c1c8741289cd3a60a80537402ec061b5e025c6e5957a41330bdc036201942e25fad311215caf5400f5d4e7255b179fd25128be320aa28cfd566443b12c2be50e6a7e6afee211565a4a5035db8720ec7d525796152482c6b1cda0a59e34d985b2d7f7975436055223904cd74d410eddbc3ba979f55e4b1b5151a838e91d3d08d0da039760220ad7fa95c19c480a4910ffbc9621a87829d6b7af90989eb8adbffb556fa92f95fdee4386fdc78548beb22c3ca9f4e154c9d73b42d1d29294c9ffd6b1d68d25644138b4b43a1b82af747854868513dd92fee0b43dcd418e787602e4b44adc0799c7583719bad59c7a015a3464616f18e54597b9acad1077145ddd08f7de5489763cf0ec118b48eff645c2cb71b3723b691e5c7d33fb63dfe796b540d9254925974220c7d8eaf3ca85428e5ececb11a304299f7572020365ca953c886399245d8e074ea064e400a9c4d0d97886de9e8c8aaf00c6701fbbeb0de027aabf6ad6175e1831bb53f0b4e73be252e2d22470d922b831ae6cbe8e9ad6203058dfd6978c73863de3151d062eb6179b17e70328f068a162f052ba7f7b018d2686e86d1a595899ce0ef5833ea4efa39ee989f826a52ff567bad8c759adf3113ec4854e84c0d198f9b4dce7396b7d46761d889f99d39a9209f7f85ebbaf88d55e80c585eb7ad03fda041dad66bd68f2b0ffa3bcce09513ed9bcbbf38f071017bb8712df085e91175030d871b3b8d81d945167aaab9dc8645bddd71e392cb3241d9ca5e8d59b05b648c07d5316065f3839e17a0083524f0f812af4317d0ae2429bab5d0f6bed27b45d6d5c595ee8caa32e349baafe8a29b8aed6fc4cee2a1530429b310ae11849c51fa8cba75feaab6f9617d076406b91af5b3d976762b67b5a084dc5f355cd8886c9378343d3d9b2660291719e18a22f0073844758ce325aab16059641f21b01cf0bbd409885f6abedfa78de7e823eec1f5b9bafab11637e655666e1115c6cba8218f807b014aabcc0dd7a7dff33d31becea5b5d05d056a876174021200fcbee628cafb99496b5e899d51b26f72e53a4a6f779a4a63c2f5b18ee065f4cdc54074f7250aa7378c7b5c233e83107b05d2878529302ab045872c7f44627e4c01fef01191017f2a0e8912b78a411b9b66899e67a869dced19e7c521cee3c46181d29a7369ad5d9cde70c4c87000ccc285122cf6e0a1a7cc06336a7bc2602e03474b71a94b052453cd46fd80bc45eb3465a26a63243a43f77377150a06f4d199bd7bdb26734188b21e80909b8d708d7a659f727fc3b3986b99e7eeeee662aa5eb96a97db0e87857f283032413acd424de8cca02857bcd0c7393d6c398a9e3b495d0571ddaaf8c54924d55d158388b51fa7f24fc3075a6864aeacafd19ad41158ba75959d00f686334866e339dfe434a10786d5152ef5a391fa8331f10cd78415086ed72a5ed0cd35b2bc2ea0277fe85f20c596efa4b2804116bd8f486b936b5d881f6122d2f8a4c16819ef8e57ce5c1b86ab1e8f9117ec39229cdefbc4e3a0d3496a863fa8834047c4a912d41c09afa5f695bf353e29e54d0ddfec7d399df152ac96872f0467bce25a880caf913c0be8dfce902f87bce9b61e0087d64a1ad244e4c107f76bfa6ca35c66fab421a6fd06bead73edd6b659586043a94b515e674b4de1e54855884986f8431ad238a012920055f5844bd35567217c345bf54b7c53d2851d9bb41131ce72ef36ceb69203420278fa25b6206ff0b0da75e1f1e3be12f7305ee23b3c97a600d50cd8e9b3b59b7aab7dcee276836958f318439244045651237790ea377e02fbb963d97ff4bfa803c96490e45981e46c9912950e3995af2bc9e6266f20b3caede2ca66f04b86a98f47ee07d8a355a92bf07b639069cf58da6dd4e98b2a605898ac3a2fae3356850e93d9fdd9f3e7023c7637f23a10d775e56b8de540e56071c969032a004a18f624341bb1602f18026a8607511210890de6d0df223006e6f84031b7121866b639cd8328af6048e8868a2288c998e6077fd95821dd9b345238c9250b194c1d21ec5e79d7c5eafd554fba62bfdc3366a359de72fe408a6f2623ad1efdf0a0e07fe1f63ce841d6f809a54587f93cc2872bc1bdde9e6e673fd28d70417503527e5e23b16ab02196d4a8318deec4f33a93126f0611868b5568f6ac998a345211d492ed22f24bce4cbaffb73f68f2ee77ba3d1dad74a70e89a9a2a6b9c9ae961ec4583ca17a8cee80d88462779cb4653b01a3411e24e5eefe5ed69e0f0f295a48c40ad6dfaf8202de2fbc5bdbc99e460732485ef4e5bd38cda62899be6b165f722370f73a7c5a3297c127762f58b26fbe6ba8a1158657eea905f1801b59145f206e2c10b8056071391d3f09941f2d7cf5b83affa354c2d032a08fac2f9cf7a5d2478bfe14988e5f0680826018b5a245b63d70cd83e5a9dc2ca6dfafd7c71150193e4f83286fa286fd7425452335f5480b722564a2fd34543c429c660c403c1be2bf8eea6f30cc7524c09833d11a8dc762b9caab0596b205aae05ba074a7c1fc944d2613c4fc96d25fabcf1729cee5299d8d2864723f8e00e07e8871a67536a8807bfc3f95a89a5e2ff89a53812fab9f79dcd6506d005dc82a187e843783749d18f19d1eec9bf2c86581c82e912753bb9f4c1b5cf9563f6d395c31b7143fa21d3ac7da4b275875a2914f8a9532d100259807d39bc021a2ca524a8b1559fabea2bb441437e9038e2f91feae1c7096bda4c8efc6067d8ceeec9c9a75d8b5cf4fdbaf4b3e48927c529cc319a3cc22678f32b6a9bd7169a27ecf4566f24bc91be0a28fcf3394029e970a0c44a94a36df192360a34c36540791d38ce46c6677db480eafc1acf2e7caad949c24c826889409d401ea3e6742900e67a977f86158dc33d9e583a52825dd5b9c03002f15033383f46338a70485c33d214186ce7d3526bf860a1d6e1ea15a8164f9e923cef9a0b1f82fab3cb91e3416019d02860b95f732fd1ed80087ba1d21f49cd3490b73fb77af312a60a430732748305b2d61b9c67a649032393e4f45258c283813701f062d1ad877e488c0cf67ff4b33f6445fe1671ee9f14475164d0f23a2d7ad03b10e5ffaa35f85335ccff28c8e679cbe2c99f10569d3c6a5b5008fcd1b58f551a15415560ef8aa322e50b42042ecb3613739c6015526a1f8edc4d415906ddd21a47c8b9e0e3871491b598d400ffdc4c4a44b3e39928db3053bb579caf0ccee0185a4573ec7eac04f47aa9be0352cd1f8c37f3adc1c8de85300d1f014e82bd71017fa21ea165551280eceb98843e3af07dd14849c32b2bccf7328493a9567cbf2b32b6fcaf92f81111cd5afbda79550300f35bb94b8be95abeaeaa93bc13536572522be94b6e883051e6d23ccd4f773beb335f80bfc573e25a0c64586f3007257309eef18f2b896ab7dde45050ab0aabae656afad95d4b77a315a2d96f7e68777730a80e1fac042b17573153a3c215ce48726ab78eb417d72cf4e97570e57962de57f5591528530c0fcf56ec8294c100a9044724f1ee944d28ba4f2466fcd81e533385f5f0929c26119908e27601c82371b621e46e3236f5b4ca9891e3ebd1a355b61f00729589331912aa1156466a4a4d0d480078a053352cb99475ff9d8f8f35f53b2f086d9ff52f57ea0357adb77a12cf89db1ba49ea53c7a5d9c6ccec2de6e7f738e53f7fe910d705fcd61f02cd43cefb3a1e8ba52268dbc96a4ce270bcd8c4190abd7ff726d83bf85252b2ba978f3359fba3185c11a9e2790a26cc040d76f237295c43a45cc3e8dde8870cc27da87df025fa3561d73706fe433eef2e7fa35a984fdf59d28ed5ae485ccb997df21c6ea5089fb9fb47fdce9768b10d852cd0e0fed6dca34be5ade6f797c7b23cb84ff360e4e5c38cc38005218196013dbd3011be5f4ac7027205a1f2a33e7a6511e0c79a5748514e9ed8ae28b431fe0d1f34457b5cc2a56956cb2a3f361885db7b46ce4c6759dbf0fe493121f7bd6e59b746f8e62b8f00343861a280b98a4bad3a302d2555071627d2ed16ca9330a358fc1b1db796abe92c9305ac54e6e8c391b1d1312531ca72f38424c550cfeda30d0353e8263901084cf4691377a9a078b3687f58fff5264b674a26a92c0c3a7e8acbae8a554411f8698520789c024e097c0cea8b76d35c0eff73cfec32187eeed8b531d4edba1e29b672f30db6bcebd4405e8fd9162c079def7d79c058831d00cfd5183e2c3abf883d00666bf1633da88044e005d909d233e17185742c7e8bc72593e9eee378d69e5937415f4b278c46acf7a386c06bf51f7f7da35fcf899b2401dd84eb477c510994ff134cc362f0525af2a65af1f3480322db261ac296446f1c0961c624deb9df0cb0fa3e9fe9210a7e64488a6a3649784406c30595c72857cd936e698c855e31d989eb7da4f1f44d2590187d3bfd7acf5987dfaf367325a6ddc60c33212d5a230624154f6766345348b1d428682dc3073b9fc0025ad6a37871a7c7d30aef7c004aba40a549618716f52cf7a62707fe5be3bc4dc55162ce3a3662f3e2c45c13dbf7104ad5e8083780bc1b832c0e0b46c34b1f4ebd77039e5b901923a8e4d3abfec3c7b97112aa36d8985e09713acf531b99e6e2e075172f41b5f736172e354d768fa55a625db38a4d45cd11d913ddad3775913e3fa28a17bbc650523bd59fc5c7ad542bebbb9a2219171e4b2af4e6364c5191ceaab4756f767f2ad3a430cd9694e9d0c21db1894980286bfcc1aa0aa145a28db51cc035eb5fc8ae7506e9b5fd4cea4aa7b5a8d3418e69ae5a09c0d5d6accfb1381331d6ef026c59d593dafea3e32625b21fe54ef900212494599a7b094a214f56374724d48d0b8eaaba53f72ef7409d4241bbe42150b3a2d4ed281206a4d237d00a397a04e0131049af3dd3f12beee869a2ab39255fec089419138fcf065f1cd69ba4d6ac45841003a966101493b8b432c566177c51c41072229e0b1e1349ea71e57e4d29c1a446e85eb64bc8bca1b95e7fe2c421ac4ea083adeb8a444dea5f918c7adba2630377a1fe94310763a9699ff5fc8e5e571a55"}]}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x7fffffff}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}]}, 0x123c}, 0x1, 0x0, 0x0, 0x24000800}, 0x20008000) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:05 executing program 2 (fault-call:8 fault-nth:42): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000030000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:05 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) lseek(r2, 0xc, 0x3) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r4 = socket$inet6(0xa, 0x400000000001, 0x0) close(r4) r5 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r4, r6, 0x0, 0x200fc0) 03:04:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000040000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1780.162630][ T5918] FAULT_INJECTION: forcing a failure. [ 1780.162630][ T5918] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1780.197409][ T5918] CPU: 0 PID: 5918 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1780.208877][ T5918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1780.218922][ T5918] Call Trace: [ 1780.222204][ T5918] dump_stack+0x1b0/0x21e [ 1780.226641][ T5918] ? devkmsg_release+0x11c/0x11c [ 1780.231568][ T5918] ? show_regs_print_info+0x12/0x12 [ 1780.236754][ T5918] ? kasan_alloc_pages+0x4a/0x60 [ 1780.241691][ T5918] should_fail+0x6fb/0x860 [ 1780.246100][ T5918] ? setup_fault_attr+0x2b0/0x2b0 [ 1780.251117][ T5918] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1780.256488][ T5918] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1780.262022][ T5918] ? find_get_entry+0x5da/0x670 [ 1780.266859][ T5918] ? xa_load+0x323/0x340 [ 1780.271095][ T5918] __do_page_cache_readahead+0x244/0x510 [ 1780.276719][ T5918] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1780.283120][ T5918] ? unwind_next_frame+0x1c07/0x22b0 [ 1780.288391][ T5918] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1780.294100][ T5918] generic_file_read_iter+0x626/0x20a0 [ 1780.299551][ T5918] ? find_get_pages_range_tag+0xae0/0xae0 [ 1780.305259][ T5918] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1780.310617][ T5918] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1780.316673][ T5918] ? avc_denied+0x1c0/0x1c0 [ 1780.321164][ T5918] generic_file_splice_read+0x491/0x780 [ 1780.326706][ T5918] ? splice_shrink_spd+0xb0/0xb0 [ 1780.331628][ T5918] ? security_file_permission+0x1e9/0x300 [ 1780.337315][ T5918] ? splice_shrink_spd+0xb0/0xb0 [ 1780.342218][ T5918] splice_direct_to_actor+0x3cf/0xb00 [ 1780.347558][ T5918] ? do_splice_direct+0x3d0/0x3d0 [ 1780.352547][ T5918] ? pipe_to_sendpage+0x300/0x300 [ 1780.357578][ T5918] ? security_file_permission+0x128/0x300 [ 1780.363265][ T5918] do_splice_direct+0x279/0x3d0 [ 1780.368086][ T5918] ? splice_direct_to_actor+0xb00/0xb00 [ 1780.373620][ T5918] ? security_file_permission+0x128/0x300 [ 1780.379305][ T5918] do_sendfile+0x89d/0x1110 [ 1780.383779][ T5918] ? compat_writev+0x390/0x390 [ 1780.388508][ T5918] ? security_file_permission+0x128/0x300 [ 1780.394229][ T5918] ? vfs_write+0x427/0x4f0 [ 1780.398648][ T5918] ? fput_many+0x42/0x1a0 [ 1780.402946][ T5918] __x64_sys_sendfile64+0x1ae/0x220 [ 1780.408113][ T5918] ? __ia32_sys_sendfile+0x240/0x240 [ 1780.413402][ T5918] do_syscall_64+0xcb/0x150 [ 1780.417876][ T5918] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1780.423756][ T5918] RIP: 0033:0x45dd99 [ 1780.427617][ T5918] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1780.447192][ T5918] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1780.455569][ T5918] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000050000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:06 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) getsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f0000000080)={@multicast2}, &(0x7f00000000c0)=0x8) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000060000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000070000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1780.463509][ T5918] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1780.471463][ T5918] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1780.479404][ T5918] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002a [ 1780.487341][ T5918] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000080000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x8) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fstat(r8, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$tmpfs(&(0x7f0000000080)='tmpfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@uid={'uid', 0x3d, r9}}]}) r10 = syz_io_uring_complete(r1) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0x6, &(0x7f0000000540)=ANY=[@ANYBLOB="950000000000000019401000000000008500000086000000850000006600000015b9e0ff0000000040750c00fcffff7f"], &(0x7f0000000580)='syzkaller\x00', 0x400, 0x8e, &(0x7f00000005c0)=""/142, 0x41000, 0x2, [], 0x0, 0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x2, 0x3, 0x8, 0x4e1}, 0x10, 0xffffffffffffffff, r7}, 0x78) sendmsg$unix(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000200), 0x0, &(0x7f0000000780)=[@rights={{0x1c, 0x1, 0x1, [r6, 0xffffffffffffffff, r6]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r3, r3, r4, r7, r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0x0, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {r0, r9, 0xee00}}}, @rights={{0x2c, 0x1, 0x1, [r10, r2, 0xffffffffffffffff, r3, r3, r11, r7]}}], 0x120, 0x44080}, 0xc041) r12 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$TIOCGSID(r12, 0x5429, &(0x7f0000000000)) 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000090000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:06 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) lseek(r1, 0x800002, 0x3) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:04:06 executing program 2 (fault-call:8 fault-nth:43): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000a0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:06 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_NAME_TABLE_GET(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, r5, 0xc46dfc707e1df77d}, 0x14}}, 0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="a500e80709977d2ec855ff3debe717ff3c9cb5da1a99c083d205b30106f44ea310356f25123d9e3ca3cab517a4cafe4f9a1ab05d9a1075503602a62323a1d31274b74b81bd1b49a676f8bc0d6ebe45df7552138e39206eb488361c75d1201bbac96fb0d9d9487cf613b9a1f4b24b1798a8392a679e79616620f5a72bf1ed4405c1ee17c5ee43709b77180cbbb780098f1d5ca38237e375c5efbb5dce096f5bbf3b2b8fbc4bcbfa37a04d0cd00bbcd30e35e7a66f447c2556b4fad7d8679b28275c924a54a9de1b13fbfc73e47dd4c79a7f28de", @ANYRES16=r5, @ANYBLOB="10002bbd7000ffdbdf25160000001800078008000100090000000c00040005000000000000005c00028004000400080001000400000008000100030000000800010005000000040004001c00038008000100010000000800020003000000080001000b83cf381c000380080001000000000008000100ff0000000800010000000000100005800c0002800800030001000000"], 0x98}, 0x1, 0x0, 0x0, 0x8000}, 0x40010) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:06 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$UI_GET_SYSNAME(r0, 0x8040552c, &(0x7f0000000100)) r2 = socket(0x1e, 0x4, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000140)={0xffffffffffffffff, 0xf3c, 0x2, 0x857}) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, &(0x7f0000000080)={{0x2, 0x0, @descriptor="73e934ade1a4dd17"}}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:06 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x9) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x40007, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x9) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) utime(&(0x7f0000000040)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) 03:04:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000b0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1781.189217][ T5965] FAULT_INJECTION: forcing a failure. [ 1781.189217][ T5965] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1781.226172][ T5965] CPU: 1 PID: 5965 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1781.237642][ T5965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1781.247689][ T5965] Call Trace: [ 1781.250972][ T5965] dump_stack+0x1b0/0x21e [ 1781.255292][ T5965] ? devkmsg_release+0x11c/0x11c [ 1781.260219][ T5965] ? show_regs_print_info+0x12/0x12 [ 1781.265402][ T5965] ? kasan_alloc_pages+0x4a/0x60 [ 1781.270329][ T5965] should_fail+0x6fb/0x860 [ 1781.274733][ T5965] ? setup_fault_attr+0x2b0/0x2b0 [ 1781.279747][ T5965] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1781.285112][ T5965] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1781.290644][ T5965] ? find_get_entry+0x5da/0x670 [ 1781.295482][ T5965] ? xa_load+0x323/0x340 [ 1781.299709][ T5965] __do_page_cache_readahead+0x244/0x510 [ 1781.305332][ T5965] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1781.311733][ T5965] ? unwind_next_frame+0x1c07/0x22b0 [ 1781.317002][ T5965] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1781.322705][ T5965] generic_file_read_iter+0x626/0x20a0 [ 1781.328154][ T5965] ? find_get_pages_range_tag+0xae0/0xae0 [ 1781.333862][ T5965] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1781.339222][ T5965] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1781.345273][ T5965] ? avc_denied+0x1c0/0x1c0 [ 1781.349766][ T5965] generic_file_splice_read+0x491/0x780 [ 1781.355300][ T5965] ? splice_shrink_spd+0xb0/0xb0 [ 1781.360234][ T5965] ? security_file_permission+0x1e9/0x300 [ 1781.365937][ T5965] ? splice_shrink_spd+0xb0/0xb0 [ 1781.370859][ T5965] splice_direct_to_actor+0x3cf/0xb00 [ 1781.376304][ T5965] ? do_splice_direct+0x3d0/0x3d0 [ 1781.381312][ T5965] ? pipe_to_sendpage+0x300/0x300 [ 1781.386324][ T5965] ? security_file_permission+0x128/0x300 [ 1781.392034][ T5965] do_splice_direct+0x279/0x3d0 [ 1781.396880][ T5965] ? splice_direct_to_actor+0xb00/0xb00 [ 1781.402420][ T5965] ? security_file_permission+0x128/0x300 [ 1781.408126][ T5965] do_sendfile+0x89d/0x1110 [ 1781.412615][ T5965] ? compat_writev+0x390/0x390 [ 1781.417363][ T5965] ? security_file_permission+0x128/0x300 [ 1781.423073][ T5965] ? vfs_write+0x427/0x4f0 [ 1781.427476][ T5965] ? fput_many+0x42/0x1a0 [ 1781.431791][ T5965] __x64_sys_sendfile64+0x1ae/0x220 [ 1781.436975][ T5965] ? __ia32_sys_sendfile+0x240/0x240 [ 1781.442245][ T5965] do_syscall_64+0xcb/0x150 [ 1781.446741][ T5965] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1781.452617][ T5965] RIP: 0033:0x45dd99 [ 1781.456495][ T5965] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1781.476080][ T5965] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000d0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000e0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000100000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x1, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x23, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) connect$tipc(r2, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1781.484475][ T5965] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1781.492432][ T5965] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1781.500393][ T5965] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1781.508350][ T5965] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002b [ 1781.516306][ T5965] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:07 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000080)={0xff, 0x27cd0b7f, 0x2, 0x0, 0x0, [{{r1}, 0x3cb}, {{r4}, 0x6}]}) 03:04:07 executing program 2 (fault-call:8 fault-nth:44): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x38, 0x6, 0x1000000e, 0x0, 0x4, 0xfffffffffffffffd, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) timer_create(0x5, &(0x7f0000000240)={0x0, 0x30, 0x0, @tid=r1}, &(0x7f00000002c0)) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x98, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}, {0x6, 0x4, 0x2}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x3}}, {0x6, 0x4, 0x2}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x6, 0x4, 0x1}}]}, 0x98}, 0x1, 0x0, 0x0, 0x4008816}, 0x10) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r5) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000110000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000080)={0x3ff, {{0x2, 0x4e21, @broadcast}}, 0x0, 0x3, [{{0x2, 0x4e21, @loopback}}, {{0x2, 0x4e20, @remote}}, {{0x2, 0x4e23, @broadcast}}]}, 0x210) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:07 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f0000000080)) close(r1) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x200fc0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000480)={'icmp\x00'}, &(0x7f00000004c0)=0x1e) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000120000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0xff}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 1781.705565][ T6004] FAULT_INJECTION: forcing a failure. [ 1781.705565][ T6004] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1781.752844][ T6004] CPU: 1 PID: 6004 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1781.764312][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1781.774353][ T6004] Call Trace: [ 1781.777635][ T6004] dump_stack+0x1b0/0x21e [ 1781.781951][ T6004] ? devkmsg_release+0x11c/0x11c [ 1781.786884][ T6004] ? show_regs_print_info+0x12/0x12 [ 1781.792068][ T6004] ? kasan_alloc_pages+0x4a/0x60 [ 1781.796997][ T6004] should_fail+0x6fb/0x860 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000220000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000250000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000002e0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1781.801407][ T6004] ? setup_fault_attr+0x2b0/0x2b0 [ 1781.806425][ T6004] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1781.811786][ T6004] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1781.817321][ T6004] ? find_get_entry+0x5da/0x670 [ 1781.822160][ T6004] ? xa_load+0x323/0x340 [ 1781.826391][ T6004] __do_page_cache_readahead+0x244/0x510 [ 1781.832018][ T6004] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1781.838421][ T6004] ? unwind_next_frame+0x1c07/0x22b0 [ 1781.843692][ T6004] ? page_cache_sync_readahead+0xa3/0x3c0 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000420000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1781.849401][ T6004] generic_file_read_iter+0x626/0x20a0 [ 1781.854855][ T6004] ? find_get_pages_range_tag+0xae0/0xae0 [ 1781.860572][ T6004] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1781.865937][ T6004] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1781.871994][ T6004] ? avc_denied+0x1c0/0x1c0 [ 1781.876487][ T6004] generic_file_splice_read+0x491/0x780 [ 1781.882013][ T6004] ? splice_shrink_spd+0xb0/0xb0 [ 1781.886920][ T6004] ? security_file_permission+0x1e9/0x300 [ 1781.892650][ T6004] ? splice_shrink_spd+0xb0/0xb0 [ 1781.897555][ T6004] splice_direct_to_actor+0x3cf/0xb00 [ 1781.902909][ T6004] ? do_splice_direct+0x3d0/0x3d0 [ 1781.907901][ T6004] ? pipe_to_sendpage+0x300/0x300 [ 1781.912893][ T6004] ? security_file_permission+0x128/0x300 [ 1781.918577][ T6004] do_splice_direct+0x279/0x3d0 [ 1781.923396][ T6004] ? splice_direct_to_actor+0xb00/0xb00 [ 1781.928908][ T6004] ? security_file_permission+0x128/0x300 [ 1781.934593][ T6004] do_sendfile+0x89d/0x1110 [ 1781.939062][ T6004] ? compat_writev+0x390/0x390 [ 1781.943799][ T6004] ? security_file_permission+0x128/0x300 [ 1781.949489][ T6004] ? vfs_write+0x427/0x4f0 [ 1781.953871][ T6004] ? fput_many+0x42/0x1a0 [ 1781.958229][ T6004] __x64_sys_sendfile64+0x1ae/0x220 [ 1781.963403][ T6004] ? __ia32_sys_sendfile+0x240/0x240 [ 1781.968659][ T6004] do_syscall_64+0xcb/0x150 [ 1781.973188][ T6004] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1781.979047][ T6004] RIP: 0033:0x45dd99 [ 1781.982917][ T6004] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1782.002494][ T6004] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1782.010929][ T6004] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1782.018872][ T6004] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1782.026825][ T6004] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1782.034763][ T6004] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002c [ 1782.042705][ T6004] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:07 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mdstat\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000180)={0x2, 0xae, 0x6, 0x5}, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) renameat2(r4, &(0x7f0000000080)='./bus\x00', r5, &(0x7f0000000100)='./bus\x00', 0x0) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) 03:04:07 executing program 2 (fault-call:8 fault-nth:45): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000480000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:07 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x7, 0x1, 0x101, 0x0, 0x0, {0x1, 0x0, 0xa}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004801) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff00000000000000f400800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0xfffffdb3) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r3, &(0x7f0000001040)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0xa4, 0x0, 0x100, 0x70bd25, 0x7ff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010101}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:bin_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_SECCTX={0x2d, 0x7, 'system_u:object_r:dhcpd_initrc_exec_t:s0\x00'}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20044000}, 0x4) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@can_delroute={0x34, 0x19, 0x800, 0x70bd26, 0x25dfdbfc, {0x1d, 0x1, 0x2}, [@CGW_DST_IF={0x8}, @CGW_MOD_OR={0x15, 0x2, {{{0x2}, 0x2, 0x1, 0x0, 0x0, "6664f7281d45d9ca"}, 0x4}}]}, 0x34}}, 0x0) r6 = memfd_create(&(0x7f0000000500)='+\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0) pwritev(r6, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000540)="43f6b2aaca034e4f8aed102be197ae84b30dbfa024c94ee0254bf137c1e7a4ccf88ac63ea23edf2cd25b49a73a76e3cf040411e879f08f341dac510ecafd056cde1539229bc055d75e77d802e08da8aca82f0b4c01e0a04ecb47ddedf08f6f6857feaf290ed91c3244dcc6d11bb7632503d74cc37c3d5dc8be147be4fa49d71624e3f7c89fb33d32f7684427d851cc90f9cd441fa6193ad5b967c6b07e6fed2552023fb6a6d44f14a639778f038f932b24d11ab3ffd2918dd6c8fbb8955537e9e4fdc9321a15cf8cd50ae0df0ba977ecd10feb2841f4c180803e232fb03d563b0088e6cd619da9ebe67cd6062776fea484d3c07657e928ce48983e2ea1289a3c5ca83439870188e97ae04ecdff43483b98044e362c0b74abd948b9287b9fe09129d8a396c62b7b3f080a1822c623cbcc045b059d9a5739876edc7ef2b6a719e7209b5f4049791d42cc357e7795a1eda7d1adc0bd3b2317388c6b4b18e02a6a76a08a9432886c49290b8ecfa47e68cc79a62f5161221e98733b944c4004fe4624a7dde162abb043258cf148ba737bb22a1848fc928e581d96139300a94d4d30e0c7aa2ae570efccc9a2aa77dbc52180446630023cfde8b22545a8deb9dc69071ef16bcb4d3277cdf0a8f2cccce8d11dcdf871d7b72f38d5d3a3d2b623093c5731b8027d93a0e8533b2c51f45fea94d947d5772487e85b56ed4b84f6dd12928c18ba01cc46427f80cd77e81c43c12294a6244b7856db8b866111cffb9ac43e3becf9ab369d278c4bb95518207a986b4c7db7feccca45dc0d3d5e8f16bc75d0b5db66495f6ccd473b002e2259b7a8b0350a286512f55bcc39e1291f33eb5b6a13319d84588bc08972a1269d972cb08fae1e84602bb9fbd64c6f75fdc5908c2234c5046c6df39f014a6ace853c87b7e7ce4a29b9c55b533be460d1de0012b778e8913f516b9752e32f7b0eeb96e136f6f9d810d2f62cc5113e97118098676a348ad842165a1116191bf7010c7afa703f8f0bf53d2e488a8f3f8c0523d7c716c0e842b0ef3a776a6c6bcd3ce7fa8e75d5cd51fefd2123acdbbd0ca2f30173cfd8b92b49142ecb5c3870fc27c314f96ca5beb1e9d4b5cb18d30c579572a1b199f90b78a3ed7d936caa175b6cf1ae07443c2a0cfce5d37892e90ccbf77948d1b8eea64d069ecc2d68efc8f3ba35953d3373753aaf27bfb656f51683996d50fae043ed92b35c9e9af6e3b5b3c278ed322ea3a6ab36ebbb849735354ceae0c512cc9120d8f728f7f1e5761655798e1f8cb457ef3820090a084ad988b8464c78f32ed0ceefe588f90ed5707db195505595b4a51fba3f000ea6bb6a1bbce75903760ba16d9a63a5047e980f3a4925e02416d037ae300794777c2fae8c578c4e4d7ff9b76437e8d7a0d9f9cdb5cc7e4edd4a42c8ea008bac82c8d088037e613c9148dba5b694fb29e3921279a460b71acec7944f1c205c4c502bb40e5db5a5067df06373c4af1cb522e743e6c4b44a623f8a83b7c604ea7aa5adcc427eba2e2215b8439b6de30f79797460e524391cecd8336591367bc52a25b489bedd1477b012a8d0c08c2f3c7b6d0236d6c38d6cb5b1111c74e911dd2cb37a257d45c782be13b1716a90a0576d89e310e2ef8a640a5b5d7e190ed8d7c4f23ccef2b375e4904a945c6a3356828076d85086d9b7db9f0320a364dbf755f77e54da0e52a7d1c83bb100c7d7bd3e978bcf302e0c425a7e86b406bac0f2fa8e5eff55e57eb046eb71b03904fdb29d7588177d79185bdcc8d60466c8018ef0ad33f314de2d86ab7e6195c22b592a51f644d4acff031169f71dc83fd47ec766f155a8a45110b5e04f8239fc1e275f36b65d6645cf065fc22000ed30f27ebaec4bfead778373c9d82129554a6cf976f425f2101a370fbba229b08a8e10ed6ce0309d264f1df2c72c1e5fa70b1fbc808ff3f681edf9ba04d78caa7e4e8f717604f14786d5422e58000e674b0b28ed8cff5bbf1f253dd9b1b930c557ee9b768d862be51bcc1daee703acdc134c24671576a3f25b2b97e66eaa7ace7e08d1a4e27d4236cccd660a73242b9ae46390f68e53f392753890c11420befb6a55a7730da9f91b2205667af6221f9152452792b71af17f43766c3af83e66772608283d1ebca77dd3f106325fa754bb04d535b7e717e9bc09649290c3d70013153be2e5982a609d003fc8bcea6b6d6e2969ac6ee16c6b70eeb8df9a369604655271aa4e2ff3ae328d14d12792ae0f9ffaa4952966928c24f87a2c4ff117b66b6c1e356c842376eec2981db671f734728b3045a5e896c4c3af9ff47ea9e1fbe5f4f6273f18cce01faa904aaf600b547c0ef2133e8e2c26d88a6d99f779ba3f99eb02d12cd807a4098b61a4f708d3cfe908f35b7e8606ff9f4501f156cbd4dbe041a483a02c3f9c587b1909ab5e1fbd229f3e9500e05deb446ca391f47728d63db6584ca2d4ba066eb7f27d5844d233706cd4e547ca7a32dd2c05f4f0df017d7d0f6c54ff697c0d2e4e362ae11e8989fbd4903b7fc09e327fce59cbbd0dffab755f69b02c0cdf953e9717b639618b12b214dd13a0232fb530ce2e4b0a1668f12275e42a9f696fcb6ac5d3378fe12107b59f576e5deba47cc5b0072d2d035a841406c2a6231a14c68039d7a8b3fa6f794b2e97785fbe7b684b9ac29c2f1f6815fcb160ae0c0cdaec6d6701afaa5ef96434e2121e8675cf2a46647a96a971800b42ad0070cd2bd92bd3500de063d09ae395e457fc4821fdf9b423c3715f9a3284597719e0c85fb6a325ef63f4b883e93483eb6161033020361d4575d40d83eac93b712eb00b05d2a5711aafd1e9f4868f2148df46d9a1307a2693f4cc2f1275988a5e084b72cdf5604ea949b3dbf48cdd91ca33d369750d6f685ae51c988c98570704a6351dfc02d5fe4d34643ee239998fd9f0603f8000710a7727d9cb5a20877d07bb5120491d4bd83534a8412d36f944679c76e2b95bef0fe1320d2fcd48992dbdc7948c1993224fb7b6398dd4581689ea3b798e3a04d0cfe4cb676b8afb838f87117c10891f19688a627e879a8dd73e665ecf8f79774ada25469ce540625fb6a68c614d7a2402b75b36a12958812005e7422ad760b8fe234e7d5dd17b860650b319c3816c97ebbc4d4179e257cea4108abcbfc95f237a53c5e3e19e9a7ecf287912a07ad0103fe0ae8f243418d867d82d846c3e382bab2fdeb4a74ba3341f7b241a0c1ee04539058837ecd403e15ea17dba87d179cd95a6509ba07eafd06c1f364dd400a91265eb8263917bb749bbf64599a7157be74741a1de28dc66b87750e8269234fa876e29fdf47f1e9e8d91f352ec021c9b7cfb78dd29258742abb409b0bc9be05ec6893d450b142cb856446dbef846552b4b13f0a98274478c80ce75f29b68866ed04268e79b05c9f79dae986c9ab1a0403f4fe797d56d95f08baf4c2290fd38ff45e210ad5cd67e074817fe0d14e94df2f6e9b2be8963a584dc9526c88d6645eb273837faf6305841f4d234e72b7981fdd4e3867eea70984b6cca567038c9cba34b90e155748e4097feb3b13b9898164afa57a35b453996b5241a14d89e52981863fefb3dbf1877e587ca03d220622d1cdafa5cc8f9968606873ad6ba5e83e6881df2840944542368e353578098510420df2faa605671146581852c25f5a5ace7205962f173c81d62f6dac0302fff336474ad011dc92492933618f0fb9d5fd012fccaa4c291051914203c7f3d842511eecd2fe32262a3a0c4105e4813f3164358004a61240ec057812610a76552dae886dfdbba8fc1675fea7e1ab553bebbfabe8c17841b3f169accead017e99972b794ee54c342bb8ca4c6a076d5c6a2a103e01445a069f81638fd9a658061411ca049bc", 0xac1}, {&(0x7f0000000380)="89", 0x1}], 0x3, 0x0, 0x0) read(r4, &(0x7f0000000080)=""/189, 0xbd) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:07 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f00000000c0)=""/168) unlink(&(0x7f0000000080)='./bus\x00') r2 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ashmem\x00', 0x183b00, 0x0) fsync(r3) r4 = add_key$keyring(&(0x7f0000000540)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x6, r4, 0xffffffffffffffff, r2, 0x0) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000180)={r4, 0x5f, 0x7d}, &(0x7f00000001c0)={'enc=', 'raw', ' hash=', {'sha384-arm64\x00'}}, &(0x7f0000000240)="82c6f9df93c68feba23015ce5e1abf41959b812c7719f17e85a556ba9a6e247c38ba5423359a247b789dd4d2ea5a361dc5fb092116776685c815f3751daa5c19f573035886d36bbb37e576761c0e5f0274af8a26fc5dfee3b949610cef595e", &(0x7f00000002c0)=""/125) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = signalfd4(r5, &(0x7f0000000340)={[0xf90]}, 0x8, 0x80000) setsockopt$TIPC_IMPORTANCE(r6, 0x10f, 0x7f, &(0x7f0000000380)=0x7f, 0x4) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000004c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:07 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x80000, 0x0) close(r1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$TIOCL_SETVESABLANK(r3, 0x541c, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = dup(r1) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@map=r3, r0, 0xb, 0x4, r4}, 0x14) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x8, 0x55) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000000140)=""/163) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x101000, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000380)={0x0, 0x1, 0x2, 0x1}) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x500}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x48041}, 0x0) sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x20000000) getsockname$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) 03:04:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000600000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1782.203752][ T6043] FAULT_INJECTION: forcing a failure. [ 1782.203752][ T6043] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1782.225249][ T6043] CPU: 0 PID: 6043 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1782.236704][ T6043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1782.246742][ T6043] Call Trace: [ 1782.250036][ T6043] dump_stack+0x1b0/0x21e [ 1782.254354][ T6043] ? devkmsg_release+0x11c/0x11c [ 1782.259279][ T6043] ? show_regs_print_info+0x12/0x12 [ 1782.264463][ T6043] ? kasan_alloc_pages+0x4a/0x60 [ 1782.269386][ T6043] should_fail+0x6fb/0x860 [ 1782.273792][ T6043] ? setup_fault_attr+0x2b0/0x2b0 [ 1782.278806][ T6043] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1782.284168][ T6043] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1782.289700][ T6043] ? find_get_entry+0x5da/0x670 [ 1782.294538][ T6043] ? xa_load+0x323/0x340 [ 1782.298772][ T6043] __do_page_cache_readahead+0x244/0x510 [ 1782.304392][ T6043] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1782.310794][ T6043] ? unwind_next_frame+0x1c07/0x22b0 [ 1782.316067][ T6043] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1782.321773][ T6043] generic_file_read_iter+0x626/0x20a0 [ 1782.327229][ T6043] ? find_get_pages_range_tag+0xae0/0xae0 [ 1782.332938][ T6043] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1782.338303][ T6043] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1782.344357][ T6043] ? avc_denied+0x1c0/0x1c0 [ 1782.348850][ T6043] generic_file_splice_read+0x491/0x780 03:04:08 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={r2, 0x1, 0x3, 0x3beb116c}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00') [ 1782.354386][ T6043] ? splice_shrink_spd+0xb0/0xb0 [ 1782.359315][ T6043] ? security_file_permission+0x1e9/0x300 [ 1782.365024][ T6043] ? splice_shrink_spd+0xb0/0xb0 [ 1782.369954][ T6043] splice_direct_to_actor+0x3cf/0xb00 [ 1782.375314][ T6043] ? do_splice_direct+0x3d0/0x3d0 [ 1782.380326][ T6043] ? pipe_to_sendpage+0x300/0x300 [ 1782.385341][ T6043] ? security_file_permission+0x128/0x300 [ 1782.391047][ T6043] do_splice_direct+0x279/0x3d0 [ 1782.395887][ T6043] ? splice_direct_to_actor+0xb00/0xb00 [ 1782.401420][ T6043] ? security_file_permission+0x128/0x300 [ 1782.407129][ T6043] do_sendfile+0x89d/0x1110 [ 1782.411622][ T6043] ? compat_writev+0x390/0x390 [ 1782.416369][ T6043] ? security_file_permission+0x128/0x300 [ 1782.422072][ T6043] ? vfs_write+0x427/0x4f0 [ 1782.426472][ T6043] ? fput_many+0x42/0x1a0 [ 1782.430805][ T6043] __x64_sys_sendfile64+0x1ae/0x220 [ 1782.435987][ T6043] ? __ia32_sys_sendfile+0x240/0x240 [ 1782.441257][ T6043] do_syscall_64+0xcb/0x150 [ 1782.445747][ T6043] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1782.451622][ T6043] RIP: 0033:0x45dd99 [ 1782.455501][ T6043] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1782.475088][ T6043] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1782.483483][ T6043] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1782.491431][ T6043] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 sendmsg$NL80211_CMD_SET_WOWLAN(r4, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f000000d400)=ANY=[@ANYBLOB="68b30000da0017c97d98c7d323932da62fc6c70bcec10c11ebf600f143336ab5e8f7754bf492033c7e1ee17f00"/57, @ANYRES16=r5, @ANYBLOB="00042dbd7000fedbdf254a0000000c009900018000001c000000281775808816048028020080080003000800000021000100492f86b052e3689a8657bb151180bf8049a640e6d74877e64c6c67b8f900000047000200bc169c0aae6b55fb9c580369665b8c63bdc037ac7a0e9408e259169d04635e75a4607aab185a31c1f258e8d37df7dbca3535f383f8bd7ce58816fd5d83e6b11a9c024a00d30001007cafbbc4458b13b34b67cd53041904bdb345bd59525577a3c2cbb9ed99283378778fb19ac53fdacc8535479a4a74caf8bdc82e4b0466050dc9a88e0c5c41f7584aa0c11ab39d9147e4d05ce851e1e9949bb6524ebe577becfd5115dc1095200caa367e494f7899dcdb9ee73c41d1b48baae456de935699fb12e6aaa1577a9e8d8c4b42fe2a4e62a9785f446718e16edd9b8e6756f37188dc1bf2b02186e28970d61178756c43717a9f57a688a728a8ed91a5c8ef2ae9c4ee672e7d9e01dda881d76886f5afeb7e24b6342d4eedbe500008000300ff030000080003000900000008000300060000000800030002000000b1000100af071f7518fe27150e686324de6554099a8240523ad896241469efdd656215ded3bed49aaa8fb275da6c78868fb234bb20da34c1228ba2b356bd5f66bf45fa9730d4c07ab68e9bcc21d968f58692a8042fc74145deef6dabadc62f67357443383dccd20bdef0177187977290445d00560edab6d7065918444d9f7560226085822fc513b00b1ad95f301e7bda8e79d1e0e25dbdcb90d337e52dac45bc682da821ceab04a46637cbd53e4b7bf12100000008000300000200001c10008004100200e4b651f66f1e73c3a7420a6ec948815df07d1bea025dd4484ad58c6d60002ae7b4f2159007abaeb07c2fe9f89ed64e1bad47eef82188649fcff8d9c66dab6479fa6a69df12f8d1158a32e9f0d5067784f77f06c18565e00e79ffc40bd9a8111f368ceebd8fd4327c17d25538f1c5d29e0a6b4fa93f9894cff00a7deaee27d81c9a854d1c544d940c3e91dc5e9a102fcc2358b937337324e21e37ebdb37ac44077a274a0752ea3d275d82f3adc187f683a5992610f7f5d525cd54cbe29ad5a318d993a4702e8c91bcdd501025623b5107650cadfa80e4d21df94cc7dff57edea98aebc928d2ca9030cd6d606f05bef0069e08edf648215f71f49ec9b0787bbd3def93da3d7176999a47d626518ff38cb67dcbf393c824a91da7fe219ec5634394439b1e7365a1eb61938dd4b7bbc3aaa347f85a2e717689493fe385dd6927b3690d5e6874daabf93bb0476e4509de2604d1a0f21108bae663ba532113da99f4deb3751d089f2de6b777fff573f658ccc75464dadc7bdfbd5ca6b9e14783f79c7614ef644c2618e0908b6d48a29d143edaebf2408ad757570875e6c0a2ef47bf36eb9971b75e48828c46431650304047c648cc61229d77fea6173ae756c29f5ab5584044b5c26dcf429d54e47d1656f57d4d9bb63012e1e24e1b430f551ff96b26c8dfc33c964c05ac85efd25988faada6ead0c9b9967e78575f35a3d4b33efcbcd8aae6de0ebaa8f6e384e227b0cf8998f4c7993456b5c4380fa8f887d6112352ca2dd70d6c2854c899828c9a6fa545a0510f2cf2ab4bce97a74ff5015fdc9156a8eb5f92f947b4d5c4300485aea9c530673a3abe01cabc5017b25ec8f6e5bd0abb2297622f7b7d8ea6c5c1eb5b5cf6e55ccf5f20657375318d046c5574203f81ba69f4e2882a903a8b90b1801ed2124abd02e786d58bb8b0896434b54d028d394554d25283a96ce13a5fd695a867ccb7b5f25af61d3e57fb8b0a4eeff941607d52378af1f6cff416796d73d91c953e6520a7e9834e563dc04c1b3ed2a5ef728f039bb70a7da7ee21dff8a2aa654fc68f7e8117f6afba2e24e371ca0906cc0127cd34d71ca3d4a6d5d953e2645baac2a256ffbaded3e3df764bae677dfd54e8632c9837c7c0e771a1891fcd5bc22819895e782857f13f454e14606281194e4ed08c1b37febd3c7b9c0507befbc050e3305e95e2a8b359b8a8738ee07d006ce7b4c44278ab349a6403263e04eebb839c3ad6aeb55f86d998258cc763874e9ff03a807b42c4c151d409be61bb28181fc48779149765591274cf1d116d1ba7d13c1fa92677c231cfc669f7f7aa3e9473065eda3766da0c690d26345c72b12f9d46802cd3fafa2303f6cffb817d4548c509b4e12d1306d0b42b9acf5bb4f7d0b90c525485f4109c2fe6c82e95bddce6e4c95e8243268f61d5af63089f9a91f22586b128ef39753f32477567f9c2fb4a4d9249f42f577594a27abd10c0aaa503b65f1ae29ab47c4ba3267dca302c7ed3f2d236ffe2c94aa9a3358de59974ed542d4ee26821b4bfa3f7ebca3de6baea7cc7f438a155d4ce7d3593dad1a8db713abd0dbcda4573f0625b509c2d56b6914c8a04db7b5d76ce61f8d374ab1fc5dbffdfd56668adbb2287dba132a71862d22c94404149ad6dee0f90e97b58b4621b05aa756c73d9a691ad0de739ff21961cc46c02a45ae3e4788ded1fde1b56bfa023517ec181719a96558af7b3ebf647ce0d2683a24f8cf3606d993583d368d6f2668846c31ed5109c3060eeb72b80dbd2c9e303c9543c0bca9b54df6f2d624a0bde741d0fb35496aa39cdb6eac2de3543f8bfdd3ca483e556b4972dd37fb6e9bb3cabcae5817e204d4488b9f42a839ac63b421b80c2cb1e03d3886372980802d26d4682d5d1b6ec47f298c515868744da3d1abdcc637f186479d21bce3c08f0c0b67deec26d797278a2240b6c2eb40d371cfc5f63bb942347d442d29c4a95d3b3e634ed3074b32537b5d3995d93797a8803196833de9005ad61cc29b6920a9a7b217b65cc5d80ab2a2a8b2cee8217b0236be8dad302558259ea66b65bc7e09f9788ab21c6e6d28f1813f2f1461c20447b23bf8c546f36d1206feeaf847b4e7d966efd60041d9251b4b241a2f3e48f90ef112a0fc0d7b63b69aea4300bc8989b83a30503adf0ccff3c9961bdd667d7a1de7ee4d3f746192ea31346f4eb46358f64e13f3f090f9f7d095aaa662854fdfb31804560ac139484f1027023884fdf7a6a7f48946f05b7dcba32ba51910856e5e9b637a40519f8464e1ca2fbcdb521193600c3cce5bc9df55896c14783c8fe043b0e49c7e3f2c4ee061b1de21b2dd85a11ed7b1742fe70116eeafabf9ccc7713a6a6b86aec123efecfdaeb607ff60867cfb651fbd0559250a8a44d97679c4cf4164216b30622314f2960bd66fd975e89eae079a4b5187546e5b53b02e4b17e71eb218c879d235ca0f111e7669c65e2fb445af925f4022a5958fb1120579cdd21aa2bae3fa9b18b8061459bbdfba847aa95998697829a7d47e97796dd2f2d5eb560efa5a95d91d4448c2ab93fd92c2778c430fca55469e0af842d0bfadfe18e049d8a64e18f9602ffeaa38f2d3a902aef61b9c7097e822331b552f0274e092ab1434e8312e9ac1082770f112a7ef45261c35ed4465759afa27f1cd28cbeaceb6412f5ddff7169a2f3a9efc494c63ab2b940e7d92f48611312328fd4110c9fc79f955308fcda0e1d73e4f74d6d58a5cf4980ec298e3ca3ff85f167a001e7073ae3a4ea731e5f506ef7c97bc01cd3708d0dab9431d8218095a9f14d6c2a94b2a495a5e640dd604a3bbc1a2787d74d79853157200ebdfc50499356c4aa44fa15df6afe5dc22d048507d8bb2525c7b36137594225917a9c2a5cb6aaec71894012586a167e745999d71cd7324f2ef1a510cdf53d0c116b8f2f21ed587e1bff5cfa71a29c84bc51148b3a011f73dd8f752e5e25729beb68ff21e7b7b12c468212c9211a008cc987e035bd8de05982fcefe7a5ad5549513002b5ab4d1cd8cde891559531e0a831cc8c708852b6c610bdd3f43c50465135e60f10e6ab4d5456ece8c436e33986478542dde60415a3b35c61ec19321edee7780191ead8a69e48de75ae8ab800b7912ea835ea4ea193636eb7082071e367b759dafc46c78d8bc344e4d174c91cf45c15cbe56e9bc40f2f87576d0cb68220fe82dcd05baaa614e723a4c48c2bd8108bfbcf3a4f186e41252a3b037caf215058938397d5b07c08bd8d6400554e9c58d9989dce79861668526f219e9b424b8f2329720f1e018d6d5112a32381b817ca94ae8fecd012fe3fe5b7643ef5b5fc95aab0533fe593fc3094342c524f085121da94198aa148fc4dea412a5973b7b486244b225e7ca6057637b22a4e9d059dfaf3afc1d7f93777d518a715b8ce5a61dd4d86366d200d80c1c0f09f61f8d9dbaa32c47c1210d14fdd81907d13b3989d018fc608660e9b5705cb02668b9d5d80a2f0d024121361e8b7c8c7d3c80f4e16d5fee88857d86a6a731f211aa26d3367c06728c27cefefb7511f8a7e978bb5b0f524a476def8a12b99203c261f0ca2098b1cd891f9443fa2f4823fc9730e0d18019fc89fcfc0407f0f430c3176e62199946eb8e4f18e9e2b3d2591fdf20e00e3cd31fa1832786bd48292e722c53340298c6c8373aecc382814459e8b2855d9d8268791ffd87f26d7a984e0cd44a9f412bfc2ae355a18a0b822f8489664ac922ee29b77bf76414c356ed62a5383c4893528e0bd233e36aff63367ddc2f744da12ae6683dfe2c452b693d474a1865a6adf1e2e6211706e3f815d51351efd876b74c61332e564c9c2fe956093599e2eb325668970fbc5f4eef5d902bbea0b39f3a7d2d3f285cf602f3ab5a05a1d68f9eff648a28b5911aa8e307a31f31656f2b3849ca77739a9283d430d3e084eb57ac43cf87b67825de30d44dff5812940512b80f1031e697bd1eadeebd3f7ed532c0fc4a93047fd891d61d4e37dfa1552e7ca8950ee49b42ab91c2aee810a6372bb2af53fe2fde086ce3d7a040aea542e7bb661280f4954cf58734d0f38e96318542de9642157cc4ef0ee68fcd4bfe34af3ca446b5345460a0a94a976af5c48ecb348eb077b394638fd58b587def7c8efc51019585252cd413fc31d47450b0044b05ba5a65cf56faff5c3919c4b39b2973b57ff89ce81a2f6036b7015927d886d06d88c4f5a2cbd87adc60fe8d78bedcd55e23a49b1abcf786cf9652d8c2d098711d7ed9a8294c97f07d805525cb512ebc35bcc44ced8f8791f2a50f16ad0540e2fcd5db7612489497b771ac59ebb1c014d18c6ccbe83ce91f93a130fe15c0dc69dd2cd70c128317dddb9a2a7b2a6bffda243e5c392b89fd5f387d5f404979c82854e8af179b0c5a31a706e497800a1ee276c201ae459dbd827fad69b40310a60d185417d00a042990ffb68cf4f015d71256d2e892cc1268c8f70fdab090535ca6b8d5fb2233737d4a936d2ce07ad4e56ed96151c01936bbea4d1db486e00bdfc2fef9c86dcc6009a7a68d762e5d133561d89822d375cceefd6cc6c157c187e5c8b4d17c23804dcba97bc8e685e28e2340035bb28c719a3fed4e234e5122b0eb2568b0b1a07d5e90527622dcd0a4e254e622485541d61778ed2be6bdac6fe3b6d55a279fba7e04967b8a088a12789cedc79a49371e94788520b790d7a59f75a4ab5727f4f3cba49c280ee1416cacb6847b944a5a16347f891ad176f4201cf0fb9ed988b884eebca4964240206e71bee8e350aeb3268b25aeee15e7eac52c7b51cb363649c8166b7bfe66cd9cc1d69715b8c5176459c6a1b1484ede63bc73d558981ea175ed0294a44ed64547aa61f581d94f5de4dfcd762f0f1d32553d86a200a81e2d5f819e21939fb1fd5e532c22e39b29017accf3196590ec7780f4c49e9888307eda48403abbfde3ec941d55f637127cfb96a087e0fe74f40323ec4a615957ceb3c36610d52a056896913dddb1ad4c370e45e6dd41629c844aa72d80b93d5aa07cae24a8c106c52645ab613799577c5542c487c49d74dd328b61a1faff7d5b406f3ee9da7ce35191a61e50547c4b02df0bb31fa0b33b6bce51ca144d453791ea7de27362cc7ff69b269ccf713bad314badd5a604664e974b4156dd73c291e5c93c14d56f1fcd566fb241c686ec90334792f23204ff8b0fafa7bbb282b300e2e5ac2386dcde8f8ce269599e1873af7cc66ada9176fff3eccc258591242a1de6c1fe657fec17b7c615f1d9e5379584776a1fdba52f5bb4133d2ba16163c23ffbff30e174c12cba5547697c711aaba0ff5b2901965ab903a2fdbead3470a29cffe8682dca13f53b81d210e3aec13fd022b92083ec9cccbf77131d1d8139bd749c360f6c1256e6f9092a0a790440c61b15e2c34023f187ce639bf7ad7cf91d620c5dc17654c59046e096190144302e4f70a6f2eba0841a5a3184e00741013f91b3b390bc206e4105a18e9b327ef6922b59ea4fbfc88adbb99bed48d30ca33810f758eb5843aaaae1d8afd563cf6a518a3c2ef04ab94df44074e74757d14c2b97e75b3c86cdd6912789f0e1046879072ea53d4fb2580655e95103d699668f140289058eefb94e2b96462cec93f7400d1d6e857514e0a58b05cdadf0c706509950cabda3d7e2109b4a1ad0c9ed8808798af513538ab8268264f933bb15f0466333bf90d116143aff07d9e835690f29f28bec4dcd47eb30430448c4375e7a50c1d7ee5018b2120e305c7164717049b42d489d9db0cc6f2bbc708000300010000000a000100ead75a25020000000c000080080003000000008034040080cc0002005be2fc2c8161dd502ae7bc8c1f9778971d0dd99fc25c8b32833fcdbd68874588991a0dfd188ba0aa5faa4664a2d632ce12f78246411876ecee7acca9b6dea25263155d22b0597bc5d972e76f31e4c377101fce5ebbb0541bda0a919232fb31524865c8487a0961a923c455e26db24f42f9cb2d19773ca07c9d1e2d6aa9a5a83f062d1658fffb74de2e0cc985dbfd5dcd19b9ae9b29c8c703b196c70a136ea6786a61f47628d493e63f5e00a2a6b628d043edbc40f7dc68d3937d94ddab34d3402f8091a4aae1c960c0000200de17db253999d05d2e41be42947de8f358d8bd601cf4f0d2c19d933c8a97496535659624073510d6475a60020284725ae95e37145e76bd778c68b85ac3f3eb856f5b9452542efd5975792773ab1c83e0bde607ad9f794652a09894349ef9f16bc65e058054cc77f05a32808070227b07238bd38001e4d7565b78d0e5853cd871e6e3f8062dab2225698ebff4ae207af4eaa7886b38b811e2a0be3e8fa8368e2e84de0de1239cd5abd4942a333ae398f1edf9f117562b6fb4334594418b000200830e7c8bce7c0f3798ad827d4e47dbc7df9259bdac704f58769bea9b0538ef0bd7007131dfbe3d842767ee5891a24b0b89a7508b09375069a56a65ec2ef93e2bf08c5b70b01a47d2f60aff6e5c60dde7cb7dd24638a8ddb6d96e93c9b69375c1fe0df457a54fd728d1cf3697a9aaa9e55514c38b8ca0c8e6821fc7df58f10eed8e7ca1a1eba41c00830002000ca553615b689b4602f4b74eb14d862949d378ae8506aa293a2bce2d79edeacaab71b0355fa657ccc7278d367e70ee6a9aeb7ecc272f3e842c11b40f31c8cce2673942c6f533af0c007593767c81cdb8f38c07b4610afa149d1523fd0b4c11bdd4b71ef91bdf3c287655343f7198dcbacac0fff1735d9743e6a021c061ea9700e4000100302de44942e9a97f1db36211bfebe6aef0146d018b2a62072e1c97368a37709f48ec3b406861497d495b0be0e545d6b7c1c7c7a9b3ee87d2d40f91d639455907e45a6c24f976dfc090da6bba2ef7a17a18fc0effac8e4ca178a7385c0ce022f3831c2c39361686d272dd4ed27becd31254ba68f5745c6416fc72132b313d6d20214b83b5051aec1a5522815d2480789bf539f87443b3f9e22e367a822291d9ca79f67cead8bf0bb7113650001108d53c95b62d132188903802e34953f923932a9eecb51095c90fd325b35152c3cd941a23300982799c07219904ae75da93b554ad000200579c053e7c8332bc9f4de8572c83a9d6b4af9314e4dd56937ff35734ed9f5e7107469dc208e2f4a0a3cb8c52524dd801dd589f97a84cb948571f6602f70dbfcab90b3dbc4b1c159819943c1d970fd592948361e14df8dad65c2de2307cfaee472f68f04364ca5ebc53d692b2d77c5b9124613dde2247810e89fa38c56c5e57222a373d7edf2768e3e0942563db6abe5e7d742a037f9add0494239d5df1b85e19c7c9022a6b525722c900000098000e8008000900ffffffff0800090006000000060005004001000008000100ffffffff630008000700000000000000175bd4574088a034cb8991d1a91bff4f98a5c0f6a52529fcb56a32fe39c74d54a8c24e81ee8818bcff038b798362234486cfeaee34671c45a5b51e5411df54259efeafd05c22bbaf31dc61fe536ea3cf12802a4124ba95001000070022280000060000000500000004000800ac7375800400060004000100703d04808401008003010200ec530b67fc9d840377fb1965051141159ff0e23368bd7a0fa6c6f888ba2a5854d5b46a5ed982288060a343cb07dbc7cf36e365dfb3bc55eb6406a5a7e6ec9cd99301a497b12aae23fdf65f4167bbb4c5f46db156e66a1647f02d8e6577be9b34e441d5cf661421ea4f587c6a987b011f9e8d5ce6b87970532f16cb535ebaa3c92b860695ada8c1804e3e96eb953555721a02e4771ec01e36aede76b133aa7c8a22447012c75391b27cee63398e1a357bd7cffbf609a4b1fcd2c840dca1175708e751a8f3ef4c599ce6edf7c86341c98364d2ed0eb9d4b907831bcc64e8701663d3ce65c80ac284b26730d4b68859db459a7fc3bfda5d9c50fce83dc4f8c598007c000200bfa1eeb2c5758e23f546dd07cf48ab0ac72ad655c5d41b435eb0d9bdeca92a8a88237c06b486c342c668159ff1ca03786dbf46187079d6608b3ca91d2ebe3b3be19f86675ff5ecd74edddf3d5e6061eb87bd60fb7952f165c8f993e83befbfdfe1a3dcb34e85b090aefb19140ca9b9affb3984c6b916dae7a40200801b000100ce45e875e51a28bcce357dde295e773993e719c6921080000800030007000000080003001f0000000800030001000080f40001005cd0b56313a26cd354c8c3e384f92fb2dd3f9131942417e22eb89613c7b3da6e445b781237b68a233a825594b23d19d9b155bcede0c6c2883ee1b337dacde0ab3088b32bdb2002516f50f91c181d6496f01455245b27f17e50b119e332f208c60849f40241e142c3291da62298a2830964f24117d4eca29f1c13e5439948e363a6a22dd9b7713d24da05b48fda8deb58552a278a85f5a5c69d847ba595f24ec93349c55cff6f8a345c15de5802a6de9883ca6e587c5af049a2acd640dbe902d0cd7f6b823cd87c9a2809851db6afdcdde804171e1ecfc77cd5ea905bd1b70250d0da1590530d9a3689465a2d4dc546b290000100b0917aa6ea7f516ff53aa12ae2eea5d280c508753a9989c9ee077db8b66edc84f69be91f1c229e27c35a38e4d43fd956a56621c4a42b491d25f57129d297d356ec3801b034883e2ec83c1d2268844172793e76a21a42511048b77b2c7fbccf8d1cd41aaf2d9a346f264be799084471b5c4d86b48797d25fb766c99f657aed7fae8c5dff6818e93af0657d7c90e000200d0f1ca6e9d748e7ee26900003e0001000c17c9ad5472cf305158cb9f4927e4578b12139e9adbd055997bf5d0242946e0f9303022b6b37f9c852cf4f9e0a0d6f7fd286f180643fea1c2970000980002000ba2e0e5a8f258f90ca63f53ffbd552fdbcbd767a9ae963fae313b0017106d96b0dc37bff646582eee6466af0fe26864e000567b2d4d880a474be392e9df57467e1f5022a730ce8d3fe71a314af4533c845f05364b5bf6f8d8170d33b613e98c7fe856b4ab07251a6eb9fe480074a304bd0a430849948e1c4ea5b3191ab723710e77afe211bb01a488308f935f3b60709ddd93b1940000808d00020097f290025b4130006abac711088f64611e2348348b33ccac88b8ac93b79b129ce1ddeb8328a53b7e20be0795943e2738a4328a0534e2cab908bf44a67d27c63aa53509a5f64691a3a1d89e8e7e36b266ec70fd9f53c9c439bce38ec644c9e58240f30be36c0861eaa7a444ef7139552c1ff99ac032ba73944bae243330c449a483f3b357706c5af878000000f810008008000300ff00000004100100e30a002c0a10b6403264301d5689b2cd1f6b657a8050043c06d1830db692570638011170282614bad6ee4dabc7d2eda76140514973d3d915a47af2ba9ac03fe83dd4b1061eaaa88994783ecf3046319459eb9a7c2ce7481139ac00c27e5d3f9e6c1755d74a90b90032d957be5ae85eb8a4f30eefb9b6342da45e55f5dce499a9dbe5509a1fd47cbcc96194e8a6da1517f80e8bda587f06c57ab683359bea875263cb440dbee2b8a06852f104f0594deaeedc8a12117d82221c42070f3acef63c56309a2ccb667e2ee679ca9193ac49121e21848d10e4d6510a7def68890da6f7a78d17672c11636d872d42c49c06efd27aec2dfc0f05c7f50b472a4d12457d45b263b6823efadcb1eaede6716408ed559d84e1f8293380cf477562d2e0ee0b96bc1b8afa852330e9e5f92a7d195dd1ab05f657404bf4fe7c6485848d5af90eeebf72ade7f94f0a990cead220a8ff27eff8203c15e71e0124b7e20048177b2ac47e3943e1fb4b376ab8697b8e02667870e9606a915ba995f04b8dd04f9672f6916eb7dd9b6ea10de9d9ac846f6495e2e2a9508955582a1784055ef0b0374c8e2e31af31fde9cf2fe9d735b728becc791ab29f2bb5aa9c756934cc74f58f6823ea5477747ca313d8c3521cacc2d64cd786a0b74ebe74fff2b2fa9201833e2764e525bb036279940d7c8c889ead701fa1e51fe03149f1314646384036020842841799b5916205b5fc0e86aee902eca0c4b4f71950267fde4da67524a9c9002b4cb73b1fc4d4030da08930311c0616d05f45ebe93b83944555eb5d7a44d9a24c8d96f4aa7a4af4a2656ad65cfd4e15ce87485e61b77793888344ffe1caae1905bc0af9f84c47269d5e3388e8ff57d1c9494a2fe4b3c431ff883d3c3c7731215a6cb071fad093b870646cde98389722841a57d2bf01506e48b7b263cb661e30a37d20b65a57a7ff01b4acfc442e21f768e0e81acc2b5ee531e16895d8f73685fd6ae53207767646649ca8428c8bcfdded20c7dd63672d33d8417d22a81188a770f5b36bf1526e92f0bcbc148e7ba85d533f5cf3b1965be17f5a873210be3997f77205b064edf02baad2af982944265b562d72f324c7a3df88d718508ebe23d0e3dc1ae591451c8dfe0d341f40b53d76493e6bd8bfadd5b8d95eaa07209aa614bdc706d202506795f8b3dc199f3ee0e0911f078222a68a50bc9870b200aa0f9493133aac15e4f6726f396e31e5522eb6075a598fdaf0767ba76da6a9ebbae045dd5f0565b9de38e762e96e3666ba908ef20571a7c83b1c87b7edc8f2632593903072daca7fa7faa079e1c49d36ec0e1e57927541f2703ec600256b8efd8c459c212d5f215dad27a91c9c9ad11067fa9cfd6e53469c99d21fdc55e73513dc2241d37f8f7fbafed6cf41c21a29a617761e89529f03f546aa99aa75c11a053fb2f4ec81710b25af7f2b106832bce9387c05111124a4dc19988ca113077b0c1ed38f7e4081ea67a16bb7b84b2a34fc519470a8697dd23350b91c80b107c621c3f464da2f6326dc212669c655eb33a5ce0ac6b6a2e6e6044b4299db3eeb1c4fa1472364a8b8bc1484ac3f4cca1e1f9b0397b058480a53fc3c64d4c015af92dbaf535a03be967954aef4831b309ed7c6f1d0b0a4234befa13d727e3d4d47e87b3f5cdd1c88f91b221330bfec22c425efb23b621879d13b81f73a8324bee1a567e40613da628b6e8e3a97dc2534ae538e545e0fe56c5c43d422df273159d8d64942885509aee04e16305243844834806eaafea65c2b514f800b6c1e87f326e68fc548199caa08fa5b9c46ac4d5671064926361bd5d49b3d378394b00c79fe0bb420be7a70f7432c1b525ffd2949569307dbfbc1b0461de45295d443f8356ed24685f804665bd56f24a2e2aad83cc69642c92147a3372215bc3703a5c44d88fbf1de660238bb534ad4f477ed6b8ad7146175fc9d50d79cdc84b7643416641aaddebfd37a8d722d9c9819ca63e1f435f04818269d986e9755262967cee2c637be726c068e77abf54d4008d26b321966e6265b1feefc240b1bc2ac63ed575dd4c5d0ff46cf755225e720776aaabd92efc6f8959b0e6e33f2665f04b53e49cbdd990e6e993c6febd215210d0941109f903f91d9d17b5a7b56a98a33b709314d3a97a6013b2f1936f5d1f67babe6004b905cd29ee3a0ac12ebfb6a996247d1b8e56f938ec3584834f5f9eb5f2cb04da64b0f73afbdbce9c43de0c6ee723b52107e696f291dcf413fc5d7e328641606135e14e9bca38257055fcab6cf3b8c1f9a57cbd5f4bd0dc9144247c43b62140ef60a71346ee477145d6030646c8118007206e33334057bddd2c2037df06f1c80409917fe722f7ce40b4461ed52354a14e9ba56b43c7c01ccfc9574774c932d23cdf9dc8d7d33bc305e92f99983a1aea91d36b6886d7e8497b5e11fa06febafb7767d70c867b09e1780a52223844c2ac06c25cb764cf09ecd04ac46145388d06fe8a2a38bde1f3e5fbadb7352948b478e57870b7fedb7ee04549778bcbaf2a42bf5722a49e16354a8eb7177c931ffcfa4e1f1f741d9b1be02388079350275877b7f0c73c3f19ea9c4a477ca1bca865e0a267d9452fb04c66bca1354111831f6848691ec146ecf79fb938e46e34f46eb092cfaeed931d63f2c60ffba67fc7b88e390a0a0f20c1093e265527acb58ec6f8d0c02be92f2e9546f588a7b83c469aa6157060dbf2ef6b5c1fab6149852346851ee12e09df77796d7b97a6903d0fc0d87db7ffc1fd5842038ee1151ab7bf1587bacc8ebbbf37f6c7784a966ee10700d398032972b850bcf5b339166d705a40214d2245b2f9ce23d11441d3e3beee72d1ef55d6de39ce9880d645ad3707c216a97a6a71510916d97e955071c7b24ffbe60f53eae679fdbb3120f705a241fa74a0200ba422a90b1d9a6ced292ee33dbbc6194a8ea8ddce720f1f59ee07eeb40bf5358181be25d2e0d9596ba99d7250b97fe9a650e6d23775e42c1739d87c9216243bf1e37ee509de9aff06484c18e3547369a89cd8cbdd28352175b6a54ca434d41c8ff332fb66459c7d75e3ed9f8083a16d81b756d4faed219ac385069f5ffbcbae0c17636dcfe37f487d2993cfd683a7bb003fc9c4079cf9b368431383f5c1ba7dea654f1dde34e357b36d58d0e8f004f851efc599f6b94cad8b40ed36f2871803f6465cb3100e8a11d360f5647212443ade923ce5f18c64856a50b907038fc16d94c11aa609db584a2d9d21f04a9453891833492434d9df57c4fa1a01dd3a9db96abc71ce5237268f42f11c90fcf5fc17f7082aada2ec85a4cf0f5173a5d9c29865f1e367d7bb4259e3bb33407bcafa8f5fca4fa019b8ec7710a0c2e636c9aef86a6e4fc24127bb3d93930587a6d4d58b6e9681951a445d421682eb6c05ed9282892caa63e7bd5bcd291916cc952bfcc4e3cc325cd6029fe3fa17a0860561360936c6e717115199d2c0049699bec83424ccdd5e40656f9ca82ceb5e983e87267759edd2e7380a52f9bf0eb2eb4c840ac487e99600271c5b388f5012e7a7d1c0c5143b0ef42f4daec545337d23d198ac9864d2494c1e6c2e35832cf618baf7313568d861a46f5ef80c3bfa9db8d7ebfd795d56ce72f81d5a496f4844d115c25f1017c3e2812b0c5229fe23db1112a0c2a0e2ed74c27b57fa6fa5a07166d12e331e5daa01e8d183f0d778a2ce3fe687b9186f443ba1f0688197f71ac30557253564f0b0d35679885e3cf8e85312e21cd8f2e340d83d8d8248b24335e5000c46f4d12f914f8ca2a4b13a6b35761917dbf6ed01220a68d5e6dca5bb30f7cad89a518e56a1e2053dbf6c0b8d8799f14f755aec5a2d992e8d057db10c988128bfe30436183bb2681f005ea2f078f441fca1f0df0432a9a00f7d3bd8a0544b572010a08ac7bae50c55b389d12c6cffa36b493f428c6b1ff9e150d8624a5bd2dd1f9d46b8afc840092f9da4ab6f26ecccac52a2316522ac79415912604f4f8e938a8269e7eeac74acb7db751db6c8292dc11abaa0ffdd5dd93a67a9dd6adb6acda82ab4b8e73fa084d10569cdc09b14e389255911b08a9ff37536096b2821b9d1cfb7f54de989fa358d58b2bf25291b0da9baae4d9839e5183058e0133702ea304d7fd643bf551f3a74b4019bb35fd6e1f5f85efbd95a4ef27938597049cca92bf2da646cdee489e2141840b050ee717385d319a148a6420bce2a268cac507dd0cafe6db54aa9ffea46484311441220280d856e62dc99c0dcac7c427525dbd50a2f9f3479fbae96916d5b3a54f1c720e0731ce59456fa17cb1ee59773f8ccf30504a15276096372314b7b239876e0e5919553c203860e18a578cc35d186cdbf1b53c2ca0c2f3819e483a442c17ef22acb178546e1d184bc9bb91313f47dc9afc10f81efceebfed18d16d92cef10d7ff3c6654c3198b207bcee10f4aecfac6a3cfdaba5ab1fa223eff526d323555c5ea81bdcd3152a4a7fce242d79211f769fa20cff8dab6017acb10148272de470223fce11010b92124179a826f13b73c24b6a8003916bc95db3310767a0fc223080c9fa3bbf2d3b10a968a4aa5b037db23e3d898cb381a621bfcbb942c572f64ff735fed93e1410622e78d6c9efa865729122c6f02668e041c2673815db6bdaa9bf4fce6267c35ac06076c8839f0e595f982098ac49b4c36390f457a7ae1250b82be327a6f8daca3a2920f46c93c3030f81995749989da4f486627b5d76f265a8b0fbbcd54a1ce3ed8e81951bf7cf325ba594aebc8101eacb681125f32e430517d7d1b1a3ed46c2a0bf8b2edff4b774af3a51ec9ad0d62e1db39ab5c95baba03d79350128cfbcfe496ab704874cd8174e459651427a51fff2944b4cdb7f548ea1097cb4b8a99da936f53f577be6fddb9a1dfdc2795c907e8c1a8f8affc3ce44241183fcd595ad74735dea8468fd537f3ece9dc5798f9ec5dab4013d30d54d560e6219d933708c05447242d04743f9e224f3fc0dfb3d7a0a6155d5c317e2abdd62e1b1824cdfe3fd8431e9fabdaddf07a53b7e7d74a834b2a25e82b84c8fa51d4076d17dca475e3e27844dd7fa0f79d7579537920e814c856939cd84789ea80425110272ad30c5674101502a3f84c94f22f953f4af1dead7cd56a55749c147eba56aacc57d15c6708b4719007f6b6dd0d547271bc6ca4eddfac3d343e1187b26820854a629bb08360fa80a26782673177c2f2f712ec991b07fe8b3f149b363c83afbf70ea6b1976a4bbc4fdc7d1bc631289e1975d2b4985d964ec7acea4ad80b5a8ee3620eabf542864809a07eae927aaf600e2fa280b45097625311588b53afdee7e979988ebae845a8d92fb652f4c4f5b16f1866dfd1a4b1f5738bf77528690564c10d0e07cf8c4cdbfefcb452556d29cd61b514b8a941b1b538509bbad010876f36b93da2e4455c0a032c134f0d575c7dff5d304bed7ffdf33d8f9d6c06c9cf8d9411d12392aeb3e110967420031b9648d8f29816100729a8396605aa5f720e72c7b55b7277aa37431e28f7571ba683c503590f31d92a01809fc1ae91bc26fbb86ecd13a19588061ab740d6a41b8ba81c609e3fc75ffdbc7223679d6b8b1cc877eb04bc4bac7e3e017ecfe918e6bf6dcea9b390a79b63d25ce1430ac121dd08f950bd621977381c217da6a1a2be8846ab7b7e32e4da12f621fdd2fb2a4ed0f4e46237fe5e7efebb4e67da5e31a3a1f574382bf4ea8eac7d90f4b5ae0be096ce716527c20388079af04def71f550c38702263b6a9e865ca7db65febf83977a7f080003000100000008000300faffffff08000300f400000008000300faffffffc700020084d3964f2bbccb9a904e4b2df40489a527791ffd65fc48cb25d17c14953813a3f614e5b205ae8df03c5e90251909bafc6ab89d745b1c5442cda06d7000ae4e5799d1286913bc334b7d4f5f26ffc2d49e30de7ea9419caa8f0ece052fa0fe0d9c62ec66bbae151c6b9a21a6227ad4e358c79130038b2a1a9426c9571827abec5c60ae7891f62430151788b0f672fbf0655ebe1cc941919a52a4393b1beaba004876f86f41cbff235691008f0ffee66e40b18ec2f9dd9cec83dedc8c54d968cd6c72d07500140200802200010056619d383a4a01ab526b6435e660e10ca4b17ce4ac52fd46da8ddc6cb8fe0000970001002ca09e18f6c89fcd3e04c4ad66d28dfe86f6259bcd298dbd129e62012866cbbbfafc00548f7ed8a9971ed879cf03855a7ace8d26335dfde0dd7abec54a71633eb1e4f53974e4462dde42d681240de70fbac5f5d0d91cb173188eed6ef3ecdef505d7f138a150451da0e10edae1d26a1350e299408a759d2724df0c59493874a10d4bd9ca21ddd1c70d98505abef20c501eacd7005c000200a28119a84aae0bf26a9f8daf93fe28b91d39fd8cb3303b02daa8715df138926c9938d85cde68e6e1848b0a42ea2712dcad0e4eff643e29c9748166ac46a0138678f027364a107733f152440285a4495054927d40d3083edaee000100971ac172d72ea283770efb22f22b3dc4dacb37fdce12e6cd0cc4d042948c2ff493b7ccb0413d5b873b09668df30d33514fc19aa6fcf175553db14bbf8757b6b942481d7a8055340244dd12490cd3fd9447a30a975d628512b12debf3d45fa99390094600cfdf6d41e87060e2af4630507f3069c1dfaeb770b18b5403ad033be19369ced6136386fae3334e489588569a6ea43975456cec2f8886bf5087571119305832b25914ba5dc4ed9307f4dc94fb1411c8a2306800e37f335c7e5bc1fb104d88e01cfcd12be30fbaac1c441cedff07979b3a37e6f840554c9d33a126ae8548b8ff27e332582ccf5a000008000300a30a0000a00200801b0002009c2dfa47c68e6da531c75ba33a63e1aa7224d335ab2dd800ca000200211581cec56ada35e33d52975ccebeaede800f0ed1200ba6190eaace58b1466fc2dbf46b2ea922b9fc5d8ead8f88b2f711f2bbeba0a2292a1f32d118ae97da59239aaf694c46b6ce165010183e52cb03e99cfe76d294cdf367a26c6cc7df96fbafd9d3ee621e926ae9457a736bad8ba9922bdbe478b24247a517e8e075b2c0757bf3853778e962ffbfb6d02ae06d7cf9c56b9e3ef8722eb4d766fcca178ae264e1118e0714a3ff36961c46f5e85724941fac0618b02f97bafdce3c3e34f254eca7b9b91524e700009e0001004da02667547ef87692e1095ae5d63ea84b7b315552daf5e6c50bedb748e5c29f9d2a8f52970a7340564a344553419ee134a1031597551a3cdebd0c0e070b415dfa01725a090b3c94ab72782834487b7c61d150255a242023944a1032dd641f21014a038b7248803dbc833ca0facf65cd88885af94edfdd530561150158c1b54926a9b9cc84615f8a34834384e0fd1e1cdd0e945f8f1991912e9f0000ac000100762d6d8908e32a22affdc48f5c5e9bb824b66d120049e41e2c962cc29dda192dbd87fbcd487888cdda8280c06145c88257cb6051586eff2e483f73fe9344a7e43b776c92aa12610d387d64dee54e8df7803d5bd2985b8d99817e05aa1e84c82071823aea74fe5428b95d5ce9606f9ee2210df1adbf659828cec593636f9f330396de832531e6d609f88dae1d1f49c842d2f9a9ea13921ac0c8366730177e25ae9be0be4831855421040002001700020081b791854daa995b5a8d754ad62ed2fca69c91004a000200700fde12c6327b0089e5ad380449ca0da0012d282cc2bedbf95201263b0c43dacfda3230766fdae2062f24f40fb827c133957aea9bbc73e09f2762b239455e1edb918259bc9d00000423008008000300001000003900020085c056c04bf56ff3c7c498e11f68f8e1d41490519710725d07d423ce4aed56e5d2c21532dba000b06fc4d1731c6b7e00c42ccbe84e0000000f000200e7edfe7440064cc3c6abc200fb000200b6ddfa35cd111b5d1ca0319a7e4f9d06b7195da4919bfd7a6aca6b6a4a8e78436536bfeeeaadf7c4453a653eb199f78ec99719abcbf05ff065fe53bd5aa0f0cd6602eb9a7909786e7bb34e9b9a37d0ff88927a2d236656047e319935c0c6088324d79b8257957bea3391080fac09a118ca8573ca3bf76c499d0cac8135cf2c415a13f53530be3249144f1c2cd533a3d179e61f9bdb966d37ed703db0f64b3bc0179801c3bbacc26c23c33dfd93cc5d470f78e43a0bdc0872b19152b895b49bd0fc5ee20f3ae6d658190daab91a717d656581c7821658581532942f8e3b1669835e637fe813710725639ecaa8269c325b7b0096a0b0c2f00004100100b0121ee737e3926d9c78866485db3522c5cf00402e65c80f5092dbbe6169b3f249b0ee5e25198cecd00ffb0eae7150a5c1fb0bed7798cd266812d6a993c85dbfeff4ca262424b32c49f60a0ee9c7742fdcdbda4164561353d76562cfeb5130bca7297ebeee2aa2fce9fab9731e659dcc9f4a2eb50aada57ae544990a7c594ae2a6b28c2c5d9f3492715e9d601b325a1d158d7473df681709abb6763d149cb2d66d68b7523077a4e88530c9927ae58887251d3766b42a8b51ee966eb293d21c0f59fed847995e92720f26d27f519280e1c17659abf6b0e33676f21932e9e7dde991e158476cb1eb7626117fd76529a979d6d2dc64fd8ae19a4db666443f304d02e23a62c0784fef6d8279b1472fb9eb58bd5d9124a36c6853c35cc47bd379a3f9bba6ef6838103adca0a129ec30bf71871518fadcb50bec4f0202ea9c0e5fe114773518766b785cf9f25060fa0955c102cad6e2c89b642afff010a1cc164e054762d491b73c9923256f3481020085d0805aaee0981c92bb3ef9636583de88af2b44e2af6575f9985272a989d470ba0be4da347b2346086b25f262c49bb4d98cfb0de2f4765e7ae120821931298baf36eaa66cf149cc5e9b0b3e8aaefa2bb0a54e8fa9420f02368121cdd8caffbba37f26b172c95ebb639989df59c3df2cd3c74f0d03d16ca12be1a268bf07684e16bc118c625a3e66078c82e45dfff0141520f5b496ea7565c0468e5db9da2a823cc3195f2a49daa5b35acc76f42b429ae84f9ff38e5af006b3a74e291c76d2268c931577200c702fba279334b6d3be1bbffa87f199765e5c9d1e5d5727668967b7857e46d2b0180c0c281eea4c950dba213c7215e9be1aab2ed2c678777527a84b71ca166214c01d05a974b84af3e36cb3771a31490d06b1a97e8c4ef57114f52e2e71264fd027fd421f006548531d9dcd79fad9a45ba048f935b51bfc71ad63280868d7e72458cd72cdb986e4e91c7bbc6cde14242bdf746f5a8406f7fecd5fc87c4498bd5f4dbca7b1666567e24659068625d83d9f26feeff60be87cbadf1187f0dddc8277b1d5b8358c58dffc1b0401ec297943b58ab60bef12b2adf07ad69c9d4613ecfd9e9ff1123425cb6c6efc9e4c1d183872e33837266af248747cd51aca11164d3a50a0eae91d41434e5fba047624f6d06878211b314da4b48d39e8c539d05acefd73e93d376b14bd6ca5b9b4b968b8a8922967fc7aaa989c94c5c7a579f9cfa70d6286138195233df348a14c452c7106ca4cd058e14a15e23724a2dd3b8d322c26c2119df8808e38928073d643a5a63ec63c9f593c1151c5425c725fd044d1bc6cf60573f926c5bdc987fc686f6b3c699f61f2f1973ced07e7e9a24c3dc68cf4bc477130ae54e86b7bdd560ff4c1274822d44654fa2410ef3b520064ea605a5461e52f6914e86dac186eb89d83fec0d0f8d52bb6d9b7a68a0888cb3bec93966b8d82e952172e9c61a81c2b7ceb2cf055fcffd52113df0cefcb27117cc4fd90e1962d46d2c105c3b627a0509c69d714e8badb7c828d52dc48ac9d7577150387500fcf80ae9e15aba4a5a24f09baee67444363342fcc9425eee7eee17dce1992028338ddc2c9f09fc3de2ead16456c872a9713152d62abb2990f19d53462bc4d7d76fa07f8ec1601e8a053e39c652c27a98a825f30fb4fa8f4c2fa37f8548a785757d349c878265ee6d3fd7daed1e52d8fd61824d73a729d3ae572d26d3386cd5129bd669b655087e1ea549d1a666e1099fb6ef0efbcfc4a5a7f700c85811b11f770201766555f6c630cd8207a5fc405b5f4a9df651e30e5de5a7b96c1055ae6e529c548f9705f9c90a78445381a00b8c14a01f244d71d259b2f08e5a8c084ea4fa2b8a787887947ef35242d98a19d3a2f08941d3cdda9827d953927417a465a8b998f94b20fe631d964b09f62a08f463cdbc5da70c051c29b1e7b3fec4fcedb65e3e3554663f160915ce48d2d9ae65204e5bc6f032dbb391340b34978275bbac27b38feff4aa3ee01f8c91e4c59588db5f69815394591cb8f2188181d6dbffb241c73bf969c0f0d149a7caff0600d330b81bfd0c37210c2f2ac9aa3f7a8a18d3af15c2ba66d5daf918386bf179aa48d979efa1648e67a32bf058d31d8a8999a365b0d0ce9704b35dddaf246502b275ad8330f7a5377a624afc07f37f0be318072acf91cd88be4edae6556e3062c42c386461bb7df355d67837949d082ffa7f57509bb31a098bf88a0788517d969e8cc0d23e80da1ab98698242368918f9fbf19b1437fd31254a569aec4ed6ab3f3a175261c5466e6ab6703a622fec8bf537fad3bec518f19e5db26ab749f72a184023d764b804682670e02bb96e60512b2ac7e8312c8e3009f17161b49050b2503c44749df8ba8b5227eb9a9e6e40334fe0a99c847747b34ff03570317192d30bd5043e8851a38c2bc1fef4027cf97d0af20fb7435e8299b412d3a12059b1e86430cb244e078a8d511ff7beab59bb21d4e7220491a5f2025ee763d212e92a9705cf4225b8bb3d08381840f7d711ea9bdaa37fb1ab7dd7f279d68df8ac3e2e09d6ecc0568ad1d0574a291ed32137c4178dfa93ed43acb61c2fbd3e52d7176336f10f40f1e4faabee9ce3190711850a98f57bdf3c2d3a4e630017fc755b62b0e8dcfeb1e545f39d1c620a28b115820fdc05261f4018a9beb6cd064617bea768068caef944d5b009ef0ec4f8e2739df2b8ae038fc5900b408ce26d5f164fe70602ef6559d07d4e696bda8b6f079adcd1caf9aac8dd0332aac9718300504b3ed0e1c3961c85625fe70704118c54ec705de1a1e63ae721dd97067d8b535ad98faa94635cf7f473b362af54ed25145569d2d9441ef2475c4d07d5313f20f087c9a5157a619c189ca7df38932a76855b2b06975600f45f987851d917452dda7486024ba80eaf00717b404a033cc839924f35d6aa6326b2b3b6773db4f9baa25ae14f5ebb1a9132e859f59d96627c43df09f00bd08b469cfef1e41b39d2c0f4f958d536c04f53134ca78ec60a25c7bdf593536f1a5c705edf61cc290050b98e08f9893c1ec9ac655bcf89f413358abf618e2967ad822303000751a2ae976571678a765ba07b11b3ae9dadeb254bf0a14cd9fffffee0016e087b808eb631255b557087110410fd2aa349a0157fe2be628037cac518be69db4a7a518664b77c449ee39b7621c5bd9fa02646be775eb70dc839e1d5be2b45292001e36ba1c64fdaa4a61c22168892904017d859fc1ddabf5ec8fcf5f523fe2190e35b2e28c89ba8f6edff116d5a3f7cb03c047d9b153a30566d040c3eb7c5f35ff314f55dd7dee99344389906768875ba3d43c95dacb865fb15022345de1e23d7da5c5384fa348e2d09a0f5da12b0fe573bf91c3479c99705e4f3b0d93f01ff91249a089d971d74fb239c295bdbb3fb2fb0b916521e23dac6cc101637b2b6ef1212ecb9b1528761d7c5c51a76ee7308feabf5ee85c89e76f672236bd780b73eeefd01ad0321c14c04fdc1dcfeafc64661a597e398dee23bde654c8c37245115d461006e1bc6fa7c0ae83e567412033f8c5369604b5d99efe1909c4979b18b4dabe0b2292cd77407f4cf3cd13a18fcc277896dbef610cde9b6767015ccde6696c2eae14addfd6d25fd2ea9c08b12a8608078eb6040b51d871853cfa1f7a842615948428209ef7013bf0002686835ac38a6c1a369e382eb3353651d7cb7f9bde4c2c21275097d9c402fa12b7c84e2f6bbcbb613ef7efb7f90b933a1f7f6cf724977a915116162533e1e072f9cbe8940727ad26f9d4465d1b0c330f9478d828e66b1a6ee6e100dc17dbc152bcc31c9e49e4907b0831b2d96666bc7d096a6bc8b72f9e2c72fc046bc98cfcba8e4bb2b9404e67cc40bd3cadfb6e0576cdc396f0ea6a82ece9733516dea3567a26b56e489ade55e5613a3a5855c0b344fecd997150346ddf518f7b1ce017a58ec3cc48a6539eb58cbd8741d79c1e0f4cf3ab23c86043ef81823ef1c6b225a3e887526c90909df6300612d9b60ed5dc7f4c27ef4eef2dbd1ff5017bdf9bb6bb3c9f166b547e287a006bae0c0fc394da1d5c093ae5ecd3a8a2d442f325d90d96f8733044a89fdfc9b1b0e92e33cfb082b9620a08203879f26e53cb819a3767eb9440e52364b22857c27b1279c92aaac22136d54847da0668fc7cc74224f65f4fbca00bd15f748a4f5704b1ac973bd93be3971aa4fecbc79a65b347d50bcc36f0bbdaba957bbe3aef3fefca88addc27cc27b8224bc2a2529808461a3f03edada7d80c8b7ec6a3d56614521b6572c33b7467ed91e0cd39cc0d11707662a075d21d14ec6da4da013af3ccb7be19528c5749ec4c3bd7cc95336ed06cffa366a7dbea2d0cdea7983e8a9d5dbb002d2574a88a7cbc09977dfdd6bdfd21b2728176ad59c1e68d482347a4645314aadb1adda4b07fd43a3f103f3c23ac9339155c7f008897210d98f70d657a7492454fd1c14074a8554126be04ce8dde6f80cff093a29b2ec213348e383ff8a8625f1d5a0bbc94e5a3cb69497a56ac8fe30a097af52abae8a7ca300bd236109f8aa4f6056a2cb127881fa7afab90ab66a79c8b709a25fbf3bbe53a10ab7738c95d930fde176f61002b47a1ba1338dc304605ffcc8fcc9ac5f3a0c642fa4f7981ec9c775a1020bd4c40e4a45531ce444cf552e78d4e849e212afa203ab1da470543335fd907224f267f58266bf99f6776b8cc19e2ef7901d827fee5181b0d0fbf8d99ad9ed4ad42b7e0a3df81f2b17776d0f026fbd8cb22a1321a42324c53bc2f375c1ad84239e2488f800ea857b583c5d29fc7cb327333743c2ce082bef4b8e123e500a16a7e5d7c4244d6094afcf6fca3940c01f76528fc0ab1d1b75c0b0e83e13936cec67021e746b16213bbe55fedb9ee2ea900b6f933fc0f2fe761e457183dff09dd0fdf3816f1e2a01cdf7ae8f4d27dcacf0301253467dcc8478f65526c5fc5c05b212cef5dfdb405729aade58c84ef2d3735f2f3b1f54eac63d27afb4752bfcf2a7741edd1ab3be89049533bf6493ec16da96fed5d48123418ef7115490ea1fa23568a78254bdff8fbf25c3ffa5d284f2c0007ee19d104d3e496d8cf47414169f60aaba0ca0a63c1877aa31545c9ccad8b3c7c755f335f6a736768d5c9824662fa374d23003312e78c0e59653c95aa0c80aa5f4edea6345a0fe35b724b73fbf244128c5f7fa013f985b62dc525d0c74bb87d549b6a5ae9dd0493d85ab1fcc0b980aa81e1d4f5a23fcf9e09f8204653cabd7c103208749ed4b9b8103874988508fc5dc126dd7e2b2f5f139590fa51435b78ed987669148ae9bd7249ff8b3a224f8c1f77a98a758e8acd061d33b1ed2fb6640dcc4bb17122424db2835657dba23938f3dad8978d6e9816ba8f0aee416c2ac445222a95abdb37bad669e2c69b4f342b9a5a87657cefc1efb98ae7bcd58a128449428e340a75f0a4733b259d9d5cf6568b7118095182bee71d6319155d311de9b29571947ac0b6bbd6f424f1e23116bdbbe9b8b633d7a4ac41abb5db2c79c3b18ed57e5e0a634da966455eb86ff57313a2e975ce36dc9043af4ad23b079dded1bd2454876e953c0482b5dd42bf7e662055c00c7c0e2a6bdfc60b5f2ba223cc925bdd2313ff47d48c235a293f8c512c0ce75e68c18873473c6f4be61b0450503b6f813562fa5ebdde43dc76b4df61e4c5f73b14b8bdfa8424aa7936931f362446f13863b44c4745d6c814a124fb13ee8cd42fb39262e335fe3302710035fa4b49fffd0ed4a6ad45fd9000100b393a938d391c884bf81735cf5ec534661e473ccf8eef42352751450bf73782a5e543b138a07be81fe88b4258b7ba7cca843c598f331d580df6915218aa7bc51c6b853ba0771cc05361001f12ea7e20a3aeb02da93700d877f0841d56f4b47d16ad1a4bf6faba3df35f4ff5a64fbbe0af11831b910356c30ac1272c7e92138c7193d98d6dfe5eeb302ca6a7980b970f5d09929cdb2f4fcb78adc3389bc4e162051df3df8edd6636d6c3e2d59886cee988e1d66c363d1ef5e2832a87d1875a06f69462c7cef0e576e3d463fc08f2578c2b1a621a82900000004100100cf52b3363d8b6dec8e31d69567c16d3e0c044f778b5d15aad06382821379cfe1e6b7709954ee6a91b16ca8d0fc5fc699f9c0bf87c38c416d319e65da772097a61254a88e783f22dbee64a047dccf23d6e88cdd4574909e31ffcea11ae3a6d9b1e98a0935cb5f388072216b07bf014a1205cf6fbd7ffe0a0b7564612f8081e3769f1d985cd64df391aa51eb3f09a57aa1ef513ca4e9faaf65cca2b05303e97c27b2b33ed08e705ad0433aa64e981e1de9a3583ef549a6b567efef2692fa1ebf3aadc89edd8261ab58c558153177014ef7eee66e15b25c69cd95ddcd7c984803a383440f6c46c9c94bfe1f463fb963632755a1c9ef7e5c851971c566f8ab2f86729c95bb1c5e24b6022270ea39a0e5ab5235c20cd67306b12bbfbf71cb12b083a3e1a0fc158a4c2c8b905d7b09b7873fc39f4868b69e57a562a5089c4dbbda440460650db6a50fecb51e7c2a4483ba6b3e3a7c859cf1bdaf366229a865bb3a3ca521fadb8f845c5de02c39f5d04e43890ad8fa8e68da80fe3751606cd5dc1ea2fb2c785e447013a842df072de5ee01f43f6c8c71debdbac0bf8a99450e927ebacb6063c967023d35c2f0d36132528b9ea2b32d5b0a79d135f2c3740f262d01343e744a1590bb02f9706e61bb2bc80a20b16955aba8176e6386ec35669db0804224663a2e407f8400293d4181adb18c475d087e031a5d5efb825c348c76ebccd52a1077d99008bbf45bf857b41afa769afff25606b1edf84e84b4166ca1c47d19350f83d92d275344a9189523de3751dddc2c4d8e94a3a7b3efee624cda32e92fbddc15e9d720e5842252b4600b8b0119059486ded0674c3194de757552f4753a3a90edb3c3285faa3d6739be1027297848a9707267ec9a062e43aebc09491d2470c24993e2574412b0a3f9306835a3b89bbcecff21d1b280d9e144e1a40685a70694151bea1edf96ae232be022deb655a2573ea93df7a06e359191ee45d82c3d882cbc62276ab151a8142f7bcf2878133a0ee308948ec60e6fd4d0903cadac81bfce01b182f50aff0ed7d7756f432b213275a3de173a2eeacccced9484972eb4f911464f918ab82f3ebc0283249509b579834f6d2336bd23e44b1eeaae39bab047c891338812995013dcca47e4a21374081b7e998b899120d987e611bb263af461213bb9d45d6df3b20f35a1053d9510855ea6056734a5fef5e7b9ac0b3a1174b69a4fa23cf51e4e5304c9af1638a0c86ffd9cc426c9d98a69fdd804d0c0aacd59e8a585fdb41926978bbfb8739089e1c4b82aff313afda7b7b84047eb427aa71901c9a2a531bd679e550b89645e71c3e2821ab10ca7cd16f8d7cc909c5c1a5b769d33cd2d9955819a6e86613c8862361582bb243da869e9a208800558edca7440b26c2778a83708ed7601b67e3da1eced4c40e06f3db5ca8aa81ce507edfdf682963f0ae05470f1daa02e20e71035d067276c51c962c0aaf3b2cc29b125ca4829c498df2825302d9145074ab2b8596b199d74394af6761f3c494368f864e537db424abe191089ba5d1a0894c3486e98fce02556173359ef50e69bac8dd212bf21fc38360d232801f64d9bd3a681d511670ca000903443a20369716a739352d5d7f3d6caeb790d82a3ff20b73c229e87f9a7773a29a5670814f9d899ea5cc046bed9a1011f16be1ffa6b194bd3ed5c7f3b9fdf9a0af262524614cb5e7eda99ac53d035ddda6c520b7d3295dcb7c6d46204e7109bbac8a084c5492a8fab59acd2f85f159d7c81bb1a8c9c39e93bfba666302cb28ef92b2810ea3258a6bc03e5a78003672afe4fd364edb5893ec4bd439f4ec03f7c0281c3a5836c8e73f9134dbdfd248a94bc7bb468bf232e9b51293904560dcc2d6eee349f0261d643f75f39183a1b4ff62f55f685f613beb2ab238618ad7e2061f848fa56874baf8d2bf2fc68a9432fb6e1d06397ac5269bf4196878b4370695b6dcb460d4c15374a0c61311dd9f84028132985567fceb1550d86085af1558c62537d9ae6098a11dcde7716ffa935614c98969819184a9bded77f6d45a564de0935c515b407b3182486e46212198a421c8f2840b5560fc3e1971ea208a9f0945ca6b3f7bb085636669d62932d4baa6c0d4fd3ee371084019d20343b708a225f47d8792972d3cce3242cb5a3bf67facf58bfb692c765f6bcbd052dc7c72a9ab474d2cc65cb3bba46269ade18b93d818e6d1658035e1309cdcafb5b496340b948c73d25645670402886891b9d79b7c33545d6a5f7211604175480984b27657afbbe33e51f812e13f9c5a0a81a08aeec8901b66839d4f6b56b969e61c3648f1594f918a17a564a787c1ae50bdeb14fdc4f92819df9d853535fea0265cc4bba4d318a1f8a48c1a0c236a9baf3bee39c3b13a572dd38f701121ed4244d0f13dfce8c787ff185e800b3f629b0e93f8e42dd9bec2c5ec70b01a387bfa55bf6c91fba8bd251d2cb441fc87a3675e9f47afc7fbb7fd5b4369abb290e72883bea8dd5c2e495b2b7dc0331e81eebfae07af94a2c247f5e969923deec18b7128934de5e4694da4a2108d8db31553a979ed91b9760788fe024d7e3fdd097fdec6f411da04d1c4936b7dcc8a73e997924a82d42c35556c549f840f1f3a92a63822f81cda669512e70feb5e2536eabd4586540cb2acca4fa0e07490d36b752be83e34868c9ee698c827a0ebc41852864aaeb1ec18819aa5075cc0a3a797814cd441e1035bf1c0abe81b53dfc3a299657493c7e0666094461e0150f3fd55e74e1cd400c6b62bd9d0cee6d33bf42b19f49c721b5b8560f856d49e388323b6a7337bf387582ffac3909b8736c132038ed9420d778cfc15fe39efbd6294a12d11e87bd7d44e5d089e20efd6f9b4025cc05ecea9f3a94c2360e7c2c4bd0f54dcdc7f56a6825205e28355a44734aa1d7f6109e9b749c4e69a06223038bd75fe89e13ec593aa7820b2bbc1e42d8e0e0393437345f809d8dc70d5b6c1d24efec4da9dcb9ad6018b765229c2e3f726b13bed7ce561825efe9c776c210e503c61bd90f2cb0011f2d6b65df4077c673d385c77cddec9c9c9d85ea585b80e485d822c60e5024bff44f5e7ad1e1e876d9237b7aa2ff9ee9e198c7f8f461e06379d65301527d17ef9463e38162c87846ff963d52cf23158ae749ba58ebbe537527422a74ae483daa8a8645ceea099d0fc339d2abb88459439ee9c55e4f3fbaa6b24bbf678023f0f9ed23331df2ea02284398c90d497ad87b7c61e121e42f54ec35679d5243a0293af9b31a624eae8e6db134d1a943f677dfaaf768fef91562b80c7e4b455fb5b6fa923dbb08f473b3f6ced0f72762d589d64db4a302c6ab92d378739b0948a7bf6f490d7250aca30e23fa2821d56b94d699285a62e489a1fbc5d8964900d68ee1e04d034d305c500d32eddca14d2e4ac34edb3bc4cbde6e219b9e56d1565e7ac95cdeb93ed307a19137c04e80605f8775ccec3612b4d1972ae0b6ca1724a40581ce6baf3e304a23d1de195c2ac2ac26d67d305f8db0265cd67f8f0ccdf5a48da7f8d25012a9c27840cd83e483b09d12f229c94b0e5f793b7e6a19feb34bbf85c97753d3a9e1680dc06fe4ae85e8fed76c2c78f3893d6253cb1838826e27822a481887e8c39ebef01dc220f4aa4ef28d674bf0b10929e8bcf771f6e4703b1c7bb6b0552cf6143702cdd5241f9f8432f3d68e7261ff1beb936e8a2019e2c845ea93061b33842ce5d5a8026eb998670e35915faaddd0a85f28cf59f4ef75ee9c61ff3fbf48b88b1ae4e66e0f7a6e4011752a567c9b6dee938054980a4dc440601ba3fef55e46f087fcb1f97c7e90058d93d94af96b814b2e73beb626ad9b293c1935d5e4a49b3551ffd69c4bca88eef3fb1ea6bd5477b5f35b08d5a435353aee5c28f6aa9bc56df09d234a5315d44ad2912a4396583a6a04425cc6a6a5ab9200c1d2e77928c5e04061b1578e9578554a5e6faa101acc9d4348713a4637b0d76615c7008f5c75ec05da9acaae76d53e4b97b430614240af5c126645044b6958973038f2d13680f43285cbbbabc88f28c075bf549a1b8b4553f1a98020e4871fa723edc3b1a57ff106eebbb222e9262b431d650f68fc54685b39c2dd690b0bdc08386f8b12c4401f57ed96818ec598b9e51441aa362746b1a07c9cf2ec5bbfcdf5c86fbc9438a462614776226802742615e9f2f0b298610d9b1ad02a6d1788d8ad4d0223586bbb2eee3c97b9de478207be13b35d2f478925d74cc5ae3394cb5f7dd5db6caa0a85d306008ef6b146826384b2aa03316f67a3db1239c2a0246b33c49ced08fcd42c410c96791c1426060a19758dbf1d8cdd96776a416822a5b91d5bcb2cda5a4f4b16c015278a9670fa5cfe3c92f8601d0c9b48dc5a2ad77c6b79cbf290878074eb02279ddfe92987fb066b8a5a023ddf95f92fb0f0e5ba5f144eae89ed122843fdf45314608d2ea6cc85f7144f66b73be2e145d106f4349111a8568b36ecf72c9a135979fce2d2135afe6970835f3c1ced28db4f5f8c65ff00b5359bc596d72c3b7db46e52c1128ce0f2c1cc56e21e93538ff5cfd1973c4bcaba10a9f00d2437c546e3441c3ee3057f970e3eacac0028131a56be968ba854361f69be5272a6e8d3a309bdbad429a2d5dcd5a72b570717f918535a9998437686e37e28b09f617860efa08c0cb541312af8c69de7e6737e1f5ab5cb4da0cab05042244f4b7263b9c12f964d078d33ab93ad187a71e92fd1043f71c9eaccbfcbaae9b826333d93258afd386c26ae3facc63e0af63526dfbadff0448463868fd519fcc83d71d32b02c0d65ae1087e7a32b45ead1d34fd2df4e0403dc44ea6c5df7e329abe14dec22c27e8bce09cb56b0acf5d400abc982e37dbf625bfbe002e3c6bf12ea2625496bd1020aea70b0b55f427c02bf5ef5fb262728f6f5eee73a599ac8815ae8f08889d855a7eb182f48162770dd876b8590978a02080a522854aeee187cf7dc9bf7041476b08ed3f2551410e1b34aa688899ec997420a6b0a730e86fcaa44464bf8fab7a5a5fca7c019ab89c9ccc70186338c286fc0970b679ccc90ad745c9c13f522fac0e974c842be84db70f56d7ac7bbaecdf987c5bfc3b22fe0b1182f3e61cf3b4a40a3f00c09c12412f2f9b632a64acfbc96610712ec7d2aadf8adaf8fe32fa0bfceb86bea078ad95e0337156fc8f60089937409c492b23344f102ad9f88e4c790ba155654ee417c03b7c6e2cb674fccfc770c4170a7431d7839b50d0923c0c193a039405a9e8872943d67c89a49f342bb640d19f8dc56a6a43d54a180817a2af57c5a3cfeb1d19721ea39c641446436b7ecb2b85a6b785920bcd990f62af85a48cfa997c88f499a4ed4bf853dd06db5e6a23ba687aa42451f744b6f9413fb5d56a4ee37368c23310db3197fb278252e33b6f2a3062b94d6573ad45bd7e3d9bfd09694025af997f4c601815f276c168664a03cc2ed72d801e6c20cda84953638e90e956363025ddf7dae0b8ad4bed34edcdf864d89804129924ae574c038cdc0cea69f31c266ff8fca2a628c1df72b11a66b1b7d45e6b28fdd80482bdc8604821382f8548297cd6b7e2688a9cc2285f51b87d6b40310db0c2a9f4a3a2694a9a86cc00dcebc54a20f7158e9186f771f7ec097f87f78c39bda1250b14ed5dcfa2f4011121da1d08f71fc8f0f37e16350c83ef9589f176b1fc98a4b962b043d7736b533aabc83a11c154f04cd855a791e7609bb2ba587cb63105961bed5aa773c3eb7f18cac573d0984b122239a659f3a22864d9080003004567ffff08000300ff070000b90002003c1e890f63abf98861d33096dfb1e603b0d152f00b53286f8e39a1cb3631e33ffd02b19006de610e4dc27f251d6ddb99ae472cc3e1da33bcae36f11e70af3b4f6309f3daa995f33803d3e86fe90131a25d29fefd3cff47b8e00d2edb2f38834d28bab48b82834b7ae1c8645c71b8b6dd045bf87d2bdc444fdff24457cd06164563ecdc720ab297f40082f08690b9f27df3d8903e287039ce9dd49761107cbdd83b2c42ad6b05413d472ff3c9eb0c63ae172545fad800000044220480d401008055000200b63c6be844f0401d6a92b4ab22642fb7644004e074dc12a592fadc9f7a2b50b7588add3adb215d3b41bdfba2f9ed07a998ef00807b833555f46d471a9ea3693fc763aa7528910d5a87ad9b2c4236b80598000000d00002008373e58d456dd38cbb6bb0787a66d3ef9b0c75e7b9aa4be524f8c81272e97e597a4c9fbfbed51d725d259a2799305c7baf9cad4b3858cc49198943153f991be9dbe6ab6998ec61f62dd56980652501dad725829c11dd1110ebbba7614255c28112a85feca3aafdc0d1162feede748d49915a5ae3232fcddff9997aab9497a6aab266036a0de4a58f649d939836a7a257542a70c5de106bb28bd6e7dcf91fb0ba8f8b146bb4679590852ce586501b2cb8b54f63bfc6733bb70317005c63fdd381c714dc89a0b5a1eb26439dfd06000200619d00000800030001d50000960001008e77f9204aeb982534e5e599cbe0b26ed84e3179d825ff66746a63021895fcc7f4f110814f894a35919a272be7a979c4869e512e3b48c38d880c96f400180f1d84f7b70b0725f20bda5e807efcbf97fc8f3f1f8208b7ec0c7c8079c624638757e1dcacc483cc7613c9b1c88dccae1a693f510180fed80f9ec6cc110909c299148ea116c91db6ae04d4e79e7f83f89aebd7c000004c0000804500010096a9462c23a7898f8cb3ae677f1694b397a5c736e3a3cb64e44c7944d67d878dadbded99c5f6340f2262bec2840c2b4741f170105f12bc6271356543608486bc6600000014200080080003000a0600000410020014977c6c9b7a9de1017cbf3ad8fde339b830179dca2cf69501e7b525e2a4d8894fcfaebc24ae381afe0bd9711b8d872a046de4c06af0a791d4f5b6c4b761f6ac5550862ffd2647362c21078724a5153ef6dc0c7624e5eac44d54efa312fc252d90a60b88a075403052edc5175d3a66ce06832d7edf7d19d608276150a5be0fe6740509224223df4d25ae1a121ceef5fabdb1f9793fe28e61d987f0c26de5fab39adfdc8fa02d5d4f333e3f42cdb85d34e63dd3e31cfa901549688ccf0113763c31cda4cc4cc9505bfc3f1d3091292c107835e449717a1fada3092abf9bfea9b0b2dc7064b8804497b48b34e59b6dd03028eb514fa9f38df1dee09f89d8f09349463c61428b0390a0c015ea143e2208ab7ca830b3133dd2f20b72419e4b44b06f10a00d10bd7ae7852115536a8d77345eb53556ffd75067ee6a61ca9fe556458a4105ca48be3d716ea6b17f5679594d1deff24e2b357c1747398ebed828b0f24113565f0979f0fac516c41e6e35a1731f4dda92a4add45b26c91ece778536899747dea82de453e87cd920bc5e189aaf2068c48e5457d3bd06780d5893d7a28c4728f9fabc07c7ee2455d99fffe0f1dcb1bea204ce9a7a8bddcd30fdd63f5cf77db7eff4bfef987b09db6ecc1426e2ef2301b5991ae0167b19e8c9ee379ad07a2e91770df3e8374730b6acccc3d32aa0c079cf921f688d68e3173883ced0732e73dc73d8ee630f9f4732748ae6b6fc981dd8d3f00faa0b1a245458bbb24a22c5d30f60f4a9f8e9bb5980b92f2e37103be47e3203cbd3418713cd6306c37aec89f1c0266abc4238d4eeaad00aee5235040740f0f9272dac9784eead0bfdcfbf3961b46c5feaa6d25e18c4f8c897d60ceaaa712bf429357086fbadccea00120d2ac2eefc96b652e6ef5931a28fe9050d608d052c9f121d8be5bc728fe474c00e460571eef38b7b9f0ae9287f947d39ede08323346f1fa2f28c3c79457cb2fb051e6d58c92aa444daabdecb92475a11a52bfd00e46dd33d096f83303dbe72d236c964280bd7db3dc064a1c803dc0a2590cb38e08af04dd6769920b7a76f39a8cddd3ba0555e324cc6dc9b21567b51872ea714b0af56f4e8f425e8b0bf438bf92c39caea7d9f3dd8fb67176372884ddb77323e08f4aa652417975f63aa78cb2de1c0edc0ee96bb4c17d83c9e0148a2304b1db2dc117614afcf29b3cf4a5ae3dfe67e4a44a233852abd4d589ad9c24a1fd76bb609e420722778c5698a059714dc867bfb4b7f3cb1a41df6a81100367877476be0f745fb6e07bad459bafc4275404a98a292cf745d508ffa8b6df2e65ecd0d2c36f7c01a290892e74378e758bc2e2b2ef3da833de90f9db7a30197b3b2536f246c47ea6ed8799f0074fc990acd909a3c72dca8125227258648a4ec9cd60c82563228b6602faffbc6dcae2096b4acb2d7f331da47f714c49beefa57a64f2b857e9cdda424f9add8a4aacc1e2dbaae7eab5f03a56f468d64fd00577cd36a6de94f3a7f8497805354144fe051a9221e56a5c4b516e8929d6b474e0c306d4bf5cea13abd520eff49b4faf07521cf19155ebff925b400d9244f175c28593010df7703571e34b1dd9144e1a1b0558c0c6ce5ab7a17fd8e185ce3d24522ba34ce24176af92d4e4a0ff32c30c30b18c4b16501382c0662013ea6dba87f2ac5ea95aa4552d9938cf6a20ae713e93979efb61e066ee0a257aac1fc66abac3c407f2ec918d6a01fceac735a9699656fec98c6bf7d321368dea0c1be68f831178c830fdaf128429e7bbb2fde0ce2f8d889605ce55287c7211c41dbcfbae5ef5c429dcfa18c35fb28a1f9e9e9a10114347709a1554af2d665084968d358b76f3c13793f5fd97cab437179ad4ffde72d3d15eea6a0374e77465760d540b8f5dc52bd5ccfb2e98f854ea663be09368cfff57b6a1619d309418f1b855ac625501c46f0735647bd736fa97ba9e8ce4938c71b6ce42a3d1941eed4be728ad8f85b451338a268849f24b46fc163b230f44235ef9b8561afe4052be8c40a9727cc69cec454baf4fc82b3153d7c76b00dd08f77c985a8c97b2990967bc712215f583fadc2fbc30f8d89bc78c5c3cad239c1d036b1d3555bb44414211f5b805190503eaa66a664100e2b5d2958644da77b93c2b32e5901c4597294bb1213d90bbed89850eabfe72e6911887f873b464a6eb7fd5dd6b4ffcbfbd0800f7e668b0987a14402ace8295c1179b63ac1d4e0c308d4cdb30847e009d99c4b585456c3a0d3d6458b1adaecfa28f669772da68710d10794a3fde97108828adcc060969e7883a42587569cca959b986fe7e6b41432336ad01c3a74aa21d5f21c771519c1374dcb4a8f43efd752148c54c1726c3ec6deed483c97bd5bc0bf2963daca5753001d77434e655de77b2f511ec27df6c4534b22bcdef0946dd053bb7cd9ca3d569b00242cb8d0fa9688417e81aecb2ca4a36641f9f0034f0830f53904d37553dc26b50b06f3f1e5a279731f3e41706a6a737dc0134ac22a57c9114757648c5aa2f3832313ec7818eeac09ab4b284708b5e4f3d2c1d1cada750634d8f22bd632fd42b119633a9e56e3c8e4d1709fde2bd9e5a02007b4ee44aee9da438d1f1962959f2c0006e5408c56bbfb01deead41085a1acb6ce1e147b36d24db0be8a946f8256cab6f6f1e69bb91295b8860562597f881a85b95afe603e1fdf8e6fd5ef301de88bead90c2fb3b30afa519e60e88ec6113434f988a53295778963039a18d3427e7ed3ca9afaf38d0ea94eafb2812e165c37aa7739cacf73004e3993aede02518a799b3e02cf63ebb58ec72b2655742624e538ec4825b425d3a2836c556c3db67d9cc2870d29a5b78cd019ed7395d8060c1bf841f68e7747515e784a27067b01923fe78fd89f7d1f544cc55c95e1030ab0c4139add7221e26ad59942c6ef592a153c338084cc8ee90390f150b7efa00436048150140df3b1980df8f38ffa5e7c6a35deca6d5a5354bd15386de684660a1133eeb4343e4250b02d8fbdf1fdad1c44794406b9defcaa9fe3d63045c6dab9f00dc814cda5e567b4e315c7046bed63072a5e87654228bc4f9996c830a9d0f325bd589ee25410bd8ca746aaf3b6ab2e9ae77ac01462912cbe6ef2da3141a0e313851277c7846bfc0f98860f0f481fa799015d31cdd595640e98bd207963f33585f549b879777a85c0a7aa3e413f17ab73f02fc72f38fc073a5ff645dfc2aa03956be4fe1fcb846676b533f4b8cbe8d923845e47a65375f277a37d3ac81dcbce4db4fbc57f6c0c4d7310c89f27d2379e0bd5f1cc6bd808aa24e856470ef394fd9056362383d3d5bede3c94c5c50bccc7ba420b7541faaf6c24b74b3a64fa65d1fa2b48298c97b11c66046d9cf94027598e3447db2d4d2dee5a5b79b704fab3910f163b16d1935303de77d5010678c31d6b0a7002b22388ae4b8653b5a62f45d20327311276aaf112979227b6e1923f6f1f26c33ddf6eaacbb88e85307e033c4cdb50b698d58f98637a6f2c7d6fa1c3f6aeca7c045e623d7e91c81e8b7169c8a8c11fbbb72f2e13b5449c079210a980dbc06fce56e82c2a847f12460b26cf0628dfa8e9b76c61cd74909d63915eb204298269357ef912589310c465e675e6e14510cefb971176c67641b1362b18cb6f5648e9f2fe94e358c1db3a3beef49bf95c8343c139f120fedb4da755acb44ca9119952de434d298b618ef829085a9e11d8e3b2840104b84201cb9d027241dffbf710e1ba20c809b705682c61027efc4bd71ea1cf244d4f3097c4f49e40a75e24c8ce4397bfe35f7d5793d0c88df1a77cfa22ec5a8510a6d521bb447ae3af04acaf08e1f19f6dc9ffae27cf000d3b479c50a30edaf77c22bf5bf8484c772e2b1f80c620577076d2393847509f7243495bb40476de4aa943c9f261a78f23f75ecccfd220a621f958eb624edb65383ce09da598190eb0aaf8eab72bc6bc39c1d2fea0105969fd1afe8e8ce2837895d2fe9617ae94e0fc03640f682c96d4742e958e7b476dffc96ca6dbd50efed1b08f0b00f44b92a16b750f68196986797d2d0b466d4cb20bf171ed27383a43ec356e5e4f3e7d7d51fd0fd2900117c2ece1d34377355d41fa2a5579abb9a548d7ca900dae48ab0ca73a8dd5572a1530cb89d5b59b56ac0f6d3afc55fa54801b3bac333b5cb41f04671b92b81d5b9328958d98bd6f373c2d629c80bf13fad8077fdedd15d5a7da500b7e371ee666b3956cf94d62a12a85eae90845aa111ab772005171e1bd2f9701362804cad518b01d52a6ea0767c6be7578906e32f21578b55c35533c31cff604331dcbea6a82f5759147ca7b50bccc5c56ee1f55c3a346b1f73a3cfd1fdaf1c7f23e8db36209fb0f01e73696f444e12b983e5f40e3a0304b2245ddf63d4f9a02242ff8805c20721691e2590fe7c16419e88998a093e82baf929f4d34342515356a77533f61b8d69ed44ae87387d1a7b2fc4a106765a0c67ca861c8b488880359d90ca11cf0ec6adb74f095ff63f6319d0a3c1ee5973364511fbf24ce111e996e495f5bfb3047fbd5c8eff8dc4df507fd48b4441d19ac53bd30f02caa9652e9c12f6655c2c1de97da7ac1bdd90ce6889571d387ee244e921597eaf69839bfcc540e36577542d50e55b2a7af95aa8b722ec11987812169e978aa434e670189b318fb88374353ad5af2980c3affeb39b1e8a4a0e7cb989252f583cd8f67ccf3caa754d310dfb0bcec922825665c7ee5fa49376811c7eca9599b814431914af9bac075428229324547c06e19a4a9c6107041231e87e3e2aafbd74ecdc2f6b580da73ca93818257bfaee8e953714cd5447e7e338576e2cc443b4f33a7497e8a366688afffaf1fd091379af1d6f65630d0f6022346b27df1feeb3c8b03fc96f4af89d309804b87fe00badecf4dca6a3b5ed1a45fbb4d82346b8be80b374e481bca7358fa5786d51f306e3f9e0333a4dff494e4ec85e0007c66266fa50ace6c22b8f330d0ffa8df183a7f5d9e6da092eee6cf3a8f0b8c51c9c2f14a02e5e20c4ac990d94a54d1a5dcb5917f064300bd9e3eb715b57b484a3e2cb4dad1762110a7c68abc66dbbecd314c27bfefd02f309251deb4af997e21f9672eece39907248b15e731713b33e7e09dc7ab416c4c9857096e3350e375743eabfaa3f6c255d678bc15a35eef08f265d8208d1f184913b382dc3161eae945269d71a52325519026c60b70bdc138d8ebc7533d36693e3dc36c61ffc70f4093bf01dd59e0cecd34a6cbd21b321bc60f9d63147d1fe513e35758c8715ca120df6f2ab04c7d1c81ff9051943c1cb3fbaf3a0a0a6033f3aad61ac37d70a30abfeb75e6ad17a167b8bb2ce24d6df08da1d0ede7429a5f3a0a32635456fd6cefe440127d8c9e1dc23bb2b188551899eb06bd99c598ba39fbc2300151c6d88d8f72eb513072c16f33ed970f88ffe77b0a3e0928d6072f9b8f4f2ef6305bfc90eec9e31bc361bfaae66869f05ea6edeb070ec0f707bde094932fb1b0fd44a94af9bd5550c91671ef8fd44d220a2269bc8827c922989e92b031c2410f2aa5b94345baa184b8cda35aae8015077d29310472ca9a0112309acb8a81cf76210f43d9cf8824824563d58268fa89367d2cd7424a3873d807c24b7384789344160cf639b9fea9b9983b624be2dcc96431cb9305de24779e1e12999fef6856430fd0c7c19395c7f3765a3d077c71350c814c2d705229907dac819eed97bde88c23e571b4a30a92ced924cd9e5bd0fee1ec275f7eb776e340cc5b5bece72d04100200e66d3b2924aea3f18844ddfa75aac0301364911bc07011c5a2d7cd8ba46ceb6c5c0bba704f45ac3a6afb72e6e9602cfb39cde21d9b20ff2c4b785750c09836f87759d882e951bfc6779f797a40d68ffd1b9f990ae2491cb5f04d728bda20d7e404d265f5d7726f09d14169079ae60b950212ebedac78bd7489df1267e532d8ca8293c30130ff1434d3ae0de55e52817e0db669c14af0a442ce005292a5b17dbbb8bf761ed2abb90ec95bf15059ba6be541ab6481da265a7b94f58f4b41622d7eee234b1510c435bff1808e1d4f808e89f96c808f47b390a746ba34a26e81143cb0e6e9915a06616dbbcc63b35e3e188c7ab2a7f6e35643b3b13f2757aa5d84019e97e60df119d9776de6bec9a5bf4a68cf96a8453384e1969b5e5ea178e54dcbefffda78c9d711787d5e04b0d9115c780d2cf8a1b2eaa4e7459d5ec63ce7cc1bdf79e05fa93a3dc168fd29dfa5d93221ff34f29d1ba38bbb88a7a1ca4119641e6f06f1ca7da3b84fa2875dfa8bc19be1220efb3cfd060efe59ff3899639677fa5ee52eae4e6c22a4dcf3d0710ed21de0d9438bcbbf1194a763855f0a2a079c7b3b630733d7bbe034161b235cb40e6d05e281e10fbc655bead00a6b1bf513fdb09fe3301d4f7e8009fbaafc0d7472679f4888255e46aa90c041c1f7b02c925a5d111eefc6f21c35f8a2cff1b2cf46c45e7524bef154a67ae6e54f107ac05477d18b246c403246a1258f7aa459223e6362261636041f8bb9c9dfc42acd996d81ddfe968a1f9f718c5e08d16be0eda556a0f57f7d86f967c5a93566ea27954ac5ff839ffbd2c57f8800b8437f4aee9c658491c2baadbb052625efdf0eac0c5aad198f3a5e164cbe9414ff65a21674014a77820122b13a8e695a276f130167762df7eddd7e4a81a94079facbe621f98f91b0c84103cacf4e986d1c3343900944cb9439b1c5741c7fd70b46dcffa0e0b904b81ad56de97cf471d08188a7fd7c8cf372d84877b8822c6e2d2b3911050201a800c38bd0dd950df20ae90d12e23f4d3cea320c8a555d5adf636e4ea75602ae1168147bdf39b6975e04f9f46296634d017c1dec42919c0db54341d69f6a342b3ab97df0a646668dc1351a1ec5e5bb4fbd5286712c46c9554aaa4a6ee17a4e27f67b4a7e26d1d33018d2183c73d96201e20786de11d88d5ad48075991a4966add740b22b96de2809323940e09b29a8729e041c77d0abc6957c940cada9b36c57c37caf3780919b2d5530725e071bfcc2cd39775c79ec894c06e7b92b1fec13c4ef3a24e67f30342691851758922309c6aa7129a8a1ad040d10016b4613e8693c65cbc92b4fe117a83a5fb3e8a741b944d774bf0ba0eb8d34441458df8332be186e1581d38474be912bc82d63d3749c79fc07e5f2391f4ab7b1cffdb97e20b55c2d162dbdd74967f20142e8cd58d25d9f294ccb1baeb7f597cb741f1d5117a4d153e3fdfefbfff6f8f7854eacf1957d32dcda9cae0df5c4e796bde0172b3a5823ef05daabcf72f159158c6c411f0e0ca9850799394418ed0829baa20aef421f2660582b44d0657f0841bacf8614da9edd7f62651e6bc824c92ec1b4e439be680cd4c41a527cf036805e5c58377b4220ed34c11339562002278c5d02de3ef4c15262c2b9f5e372544ef53c4da353b536d9c473da1fb845b0bd2649c996a380bf6f4b3c34e3565db22b33ffe179f220431756f40627429b9facbc39c556fe1c4203bc5a75e2bdda79f68f6b846be0eba9eb105bf3ff1e061eff0b25931385cc032e29c448e9bc096de225cd03404a886480f166c8f332f4c93efd481fe86e398b6258442239052bab66684dfdc71bcea397442b2c75b77e2c652523bf5fb2f49726329f656d8ca303b7f17fcbf2f96a87950d211265012dcdd0bd84da139821bc1d1199837972fbaf4c0c23ae05a0528f21a27d446dd66c73344b83906ff04806d897fd530b64d255e6ff49e07ac9f40e255e5b3646984645812aa9cb39b1c96a16687e40390b29511afaa59975b7a0f6a35ae8a0cbcd71cd29cf6bd568edb9630d19769e70fde04ee3f7662964c04cf35d7367b4048f1df22ebf40ac8a2d5e770793062c87b9ddc9f4dd2f97cc71fbde103d34b7efce462780dd4997a458f3af992634417230522caf84227e26368e93ae9f536dea96c1177ee390141629b4c5ca4cba9218d4499c039db131c729277e63d7174fc2249260f07ac02c81f9d9e612adc5ffb1ea7610572d528692d44e6d932d18929f8cd65bb486ef394a12aec7b5ab3adfe9af681fce13a65233e5f5c1e66adcb5313167937bc12c40ff1c4524e204a07c406dcc656ab9992f82056e7ae2b233ab600029b9eba3e0600cb42218fd2b380606b98aa05b0d97ebea48be72f01e02b88552f9327bd59daf89b8d7c757fb852d70304c790ee39ff1ea438b97e3707e940a3922aa7ca5ab4b62232858c7228eb931f4c59d518b177728cc4e4cacc9a74083a7bb055652df0dd6c1324e41d2f7299b6123951cbc2bedeb5a8fcc730c0054f9b7e01053f84eb822a6f6fedeead337c34749ec4a7dc40a06376dcb1bbf52e2d4b374f6593d620830e46c2b3bbe4cfa0d9d9e89f05bff2c0d6ca3c5f76da1c41db708751b7dc1660c5fd87c975876014ea8fab98082892f83d3772fb81c732e11dd78a61d17338ec06d7158192a8c15ba5dddcefbc9bff35bcdc0dc680e311534be99328b8d78f9e2769d94ad8217a0380403e1ab6b6ed35a763cb7251f3d9e0733865b5de0e8ab830b04db8389a17c2a8102453f9e83a24fdc48f869d540f303dda480c591730fe23249632ee0c389f8dc8e08aac585251557314eb62258d552773a47c8fa565129f13765b42b09e04badf9d6fffbec55c577b8d6a82a72c2f70c2f4c65889293daa4bd9de6e9aa7151da05c307ba22b3786e995471469ed8c6e13977ab8b2a4f3865af755f21ebd99bb27d69d388d52f792bc37c6970753bc954c41e6739f3a384001c3ceb2cae13f570e4b8fa3dfce79d9bf3861ceac5609810c0799d1196a0593798417b73ae8b025b7a7b44cf48fbb8e8ecd52f317a4f3a4dbdcd49bbf540ed35b4d28a2e0de200aacef160de140bcd31e431c1c514b62d0e5fb8679aa4b8e5093ef26260fe264d7053556f03321c9179cceb45603fd3ad92147d076cdf83bf94002bfd09528060d0430e395ec1f61550ad2b16618c248a22967aab8a2691da376f2e79ef295e8edd17965560e54099e7642784b7e38f3344df74ab9dab750d9d3e0fd22e58e3f343853d2f04797cd7653ba10d657db4aa74858268b20585d6a0c66176ffffcfcd8c7f8a02c303521c86b15b3e06616e8157b7d3bbb395acf0ac7a044e609a109deceae1da9226defd13cd8f48ec80a8cbd58037b148f51e8e9399d171f02189a7e1fc0bf6621c9dd7c702b400ce55833f7652d3b9a6d779df251427937c2b87ecd8d6ad2948e802ad90fbac402bf32b9a0920ea6f2244206aa6ae7b8938c6635f28c7e03af0ca288b5d38f60ed68e1004c516706da392f38902d1e615d275fa308a611046c65f3b50807169392f1f863ffa03ce9cb258a46db2e55bad2e02c4288e0341e61a5e800817ee954db78d3192153975763e0b684b9ec2e8b126330e10358a1f122f3ffa515696a8e412215bc197c44bcfa3145caf20c96a81d1ef7691387d2f47eed81adc07ef7c84ced4524707d3478458152c4453ec668747e7ad1c7a2eb7cfa7085a23a882222fc122911dcc384f696d260083bbb0b379f35dd283d09987f2d3fb6d8d28e70a1810c8e86ae059a89620b15402863c61d6eca8f135bddf265b8ed651a4a2a17e9809b8f5dcb0f63ee61cec6c03c9cde7d8ef3fe89b7ec11a276c0ae1bb5d2dca664e985f731fa164f1d190245f249eb469bc62916c7e415a3fb69e4bdb76d801179021af47ee57aacb3c074d700553fc97471120310eeb63acb1be26d551e4a720c2e530d287476bdb8ad2438a460950f54cdedaa1e56ba879a95a9ce118890848f0f9e0a125b2918bf2b2ff8f528193b23692812c04a5fea9919929ac5d4cdfcb0ef6799827b328ba6e80b2514c36686cae2d632f5f9e29a86a99af13a87b701d6bd71af1fbefda547a1c16f762b8555187a515d5a20a6854e3e9fd66bf5cbe18f6a807470852023af859d10e548a5e0a18df9674ea6b5b6c9973cddbb4e27b68385b2949ed919bd9f13ac6fd1ea7f0de321956e1c691d1d10dfbe980d05915d359970abd1cb673621c8b9875542f9ebb87d74040702a98c60d6e68eb62d89f83bf3fa107bf51fa01172f7e70f09d6b7d43170d881e9b81f3b43fb5de6cb193288b72ab2951f85b86f0d228cc83cc6ddfe72544589a67815ba5b25ea0c33d1727835de2a0b756d84b0c9ce49fb3ff9fdabeeb2a6a0235f958eb2d038001bbbbc3d2bdd27b2fd342b0023507dc92b8fa0dced21e089c68994318ef88ca40e18420f9dfbf7869d51467b3d2e44dd6912c96517ae74f7b1b010a94756e6d8d0b9c6772e367ac99eeda0b683f991e2f29de90076d3940c4389af0121236d9fdd10e2ddf6a279e4831f0b481c5b720c71b6ac34fe577a478a46042e24c5e6f8041d6b201c436221a15fb3ef70d7fa43184d209312b1bda57a4a8475e8a18c15c5f48ae837042209918c1b8786270ee28c4ae8c2bb1755fe7e5ad89d768d420116e36743639f4be7e5c829ddf21427eab53898267730e2aeb6b1fc790d28d86f94e32bc77469864faff5952ecc912823f78a7d48915ca61e212968fea57785a77b4162ffc6e3219c2ad013660389e08d3fe5302d4f2eee067937ff46e280a58c039d8bcf3fea5a64f074423165c79cfd390d7d1fed480a4e3114ebec250b4fdd7dfd91d90311b0c020da7f3bc9405c0ee21bdd3faf30f6b5297976ba591ecf66a0ff5ec86810661f3edf20870c564820f663dbc5a429a863c71da5a4d30d95f9c3839d59a69d6739352f9db5ff944c127d5925d571799d92d8269de28f5743f01f09dc8b13872232d59dea1a030986c4bbb6a608e1ae42c8cf5845a2b453e25d1a32ce6e755fb62f082bf9ec39e65f3c8024d688e8c1bba50502d9099c9a113d8c126e31a71312be05ece3b522947e2b69809ba94b787088f93c667c055b5755adffb67142b1d89b2dd14adbe68c769f8e3325a4709f651b543a1b57515170ab96726de75801b3fd8c21970c697f58e242e18c0e137573f0ed163ead674fd3c0debb85b2ee07538fabc5d5b5ba7f067fc76ba9808bb9c1e42fb669221c014077caae48f90cc6f3f3e95489aa0ac6e7eae641cc3bea58aa2ca8c300bf8f98fa4649486369c19bb035b50d98d2c327eb0f0c9cf8a4f81b9528f955c8e50cd66d2ccc43d0540bec433c7078ed11ec114a368df80a536eb79375bc84af1b4d609963d5ae849cbb5b82c5e7caa0620e36606403b667ccb5ffa730751c5a1ea220de6359eb44e2cc5af35cf4b8f259d196dd398aaca580e354c88cf89a52dc66aeaa442ff468d2ad7d82021514c3eca3143dd39096c2718898a046e5f66eb159289d9d72e5868943bc875ad37e181d6b894c25d43ea8d5283ab06abf789aa42531eeedd57eb90077a9c523e682350b4e9f63db4b5bf4170f841574b904b47b2d301681c13a6b6063bd45fcc4331c6cbbfc8e805cfacb9827facd6d2be89b7c2ab042fb887210fc2634cd9aa0eb0466871c963353c65840b1cbe9f15aa0f9bdee1305590cae75fbc6b8ebb6036891922568d55f3899737f8502a17ca5f7233630ab77eb25dcb07273c0c000080080003001f00000004000100040008000400030004000100dc130480d801008008000300070000005d0002007ae1ad2b455d5ed7365fad5fd5a70f046515a5ab77840856158166f0537c14ec7b872dfd2a897b8651db2497e7f4aff518c5dbc77b4a78cc6c83842604ff83ae8c657a33dbd38a36d587e6117f488e822ce504cfe4a5695e510000009100020082f4345f3e0ab07a3dfa4b4f6eedc0fd8c89a36ef8a7dbe2c9824f2bae223a9ebf8599ec2e4f4fb839295dd147024719a35baa0df987ba65aed74eed9794658055b95c73066a42ce492dcc4b62f01a598ad0b6c6c9abd9375d0affd8192804688f69ac13fa13e0d28966e3cf2189acb1de17f9545ac9b446bdbeae82b1b25c486a984577c6032ab4ab33cc0d030000000400020004000200ce0002002af967e4460b48792fb5c04e44dba9670ab8b4422b9fdf1b66f5159047f62a8b5f3c62e1c0accc5bea0e9650e8e2bbb37687f3cd4ccfe84c9762bbf09073c4aca4e5c56454016594b84b65164edc353a4c0b7e160aa7f946be2e79d4cd743c5721aea47d31439916e947985a89d7355ef892f0549b4b539d39541429a4b7022889723ac184efcf5f6fa527c639b900a6e5a56a7c229771a36ea7178049614e7ce46be1c3ce5ead71b1a3638c0e2f078da7d8a04aa8bbb93d443666417201692befb85714e88c956aa21f00000c010080040001000500010041000000fc0002008a8925aa9ac23a7eaaf3fa1307bdcf1ae87f435413a5e55b0a3bfeb36dbfcc105a5598ad3cb1d48057f4389030c68cf541c3c7577a6f5331ae671e194b02e5b477dc0313e656f77580f18fa6898391c854da9bb8b8e2c69ded4c0f61e8c75e86044df4fb716a162fcc1e83ec9cd98a4c809dfe8f0c1d77ed260f9b89ca6db794c6ec2c415004581df48e2634a31c4b5b87c44a29a9c7a26cfec9fe4add53494a74191e51c5d5cf238b2f39c08bacb11ea23816890039472cdb29aced3eb98354710ae5b0fe6bfbda442efe92c8aadcff1151e693b30317cf02c013a9e29c950f9b0c0088b26b337b3e82b5af60c266b8795cc50c90687734f4100080dc0001004f56861a75f80e5f12340726fd905335971e315528e955f8e191a76c3d25d444f24abe55732e88d68660a3881957e1111b615815e8328a56cc52b8342e1c5eeed7c16a5b41dc97913740a3f8b4c4cb71315ddd9b9db5332e744159e6ccfb60995262bce29772d1b95a13c16b6654e828708279646c16dec5175029670483b464e40ad7864c2dae74547733317870490918cb206c6b4d3284d61d5f2e7b87bd6884f6f504b2b0034eb1e00690cad13e4166ed39116c31de7bc0ad84385097e3068d17ef95f19391f277892379058fd388148caa442a2a531804100100a38f82292cc9ed5e685d49ebde409427ffefa84bdc50a5888f68266db2894bd9f23be1b5dcf0d71d5beba8488975b2ded1b2fbe6c72a881c0f8fa87483830b69721703f5cca206cb4ce1061099341416c51eecae03fc9aaa94c94988cacf77d2aef5faa8f6c2b8079464035fee60e56e7e8625a17e2840421d8496162490f13e4df11bcb20171947a82d427bff2900b47ba4ed6507a13ea1aecf6dc7d38e7cc1a981d6ac344ee4c30a17554817b55d46477bbb5f792ab7fa95cd8ea07918e5f04d4c1dfe2118e1ec3fc22b60a0f0f6d06259213cd8bca29ffd12af9aa86517cf1e323cd8585040384f62675c860e84d135e2969a34678218a22c7c41f7da0dcc7cffc9659002621eb9794d9f8e1b7a534fedb82bf1ce35eb2866a8263f288b08401e416d21ac7330b8c928b21a64a7ed1108c5e1ef231cb34607d9e7010dca24e9b663f952c304cc4a0d22701e5f831dba59aab6f9e372098b608be9ad2e44b023c6a79f193777d92d4979a94b3087f12e74028a106ef7dd7623ecd22c27c71b46cedcabbbf4204ea230b99d3d21214574e40f4d2148016e3f89bfe9e83c4ed5f96eeeacba7bcfc6773530114fece55ed2c5e32ec21c806e1ad76a0e7d45d2bb341e3d26babb074e8ccc0d31982eddb1617eaafa99becd141ab30485466deb5769b4bbdd1f702e7359572671050fb9fff88eb5b63cc4671ffd67b390c48b92383619ec6d208195308df7a3af726f4b56d694cae9d1fc5095a38f96accd0aa338bcd4e4ae30a37f383ad946afb60af9c94aa70b7b7e8ddd52ac7876adea6bfb8bf49f20b576e1b6ada5bd91fc60079c9dacfe430d3e7cee57e5467ff190ebeb27ac3c82d77fe642db67d54c6a2a425543a0cb1183efbebf074153b72c32970a7a2d0f29df7ae88c52c91f6b7547de0698cd41b5a4d5441030de4aa43c21488a935c78dadbf027134e50469a581efd5314f3e61cf1a954256490c0bdfbe0c7be9454cc6ed9f17a2314d21d37586e62b351425ac0bc4efafe25d222e232c28a6c2aa27d4aca12b30676425c2f03af472266fb5719c37e5d11dc43c71efa0082d06381ce3ae9042187713753afca4621d1d9b4f2796698d77c2afe1c971dc7585f98a2f393ec02b2e88f58cfef379cc4da0592dd10bc6ad2437c4bea73ef14ced918fb878064ccbfc62db413d5fdbc6e3c306d8a39551df9f959da22fe88d76ed3189c7663d410a19aa7d132e50e0d0b3e3a15646874a6b5d16a410ffb8b92b54a9662e138323063ef77d16a06d190d9841b83f3f01902969bd25aa2066d821103ef4f303b0767da105b3e00bbc39ca46544ec072ed3bf63319fafdb30478662ad76da9a863529202e52ae0a69092c68b8ec0957567e48e8589a38bff06380357efa1f1f057cb06f49a0558cc01f53e3cfe10fb2cb6c121322460001461840fd1c1bd4e904d43e4e24891274d86ee6e6e0a22964fcfd05848fa149a1612c1019dd06f8f1183321a02508f60c4d304ba509c1174ded2dabd0c703435c5535a4881b44ba4ebb302d99469cd4725c79fececdd1a6b13dbc2833dfc49468a499884ea7734a5af859d7b22a87507ed171f722c4a9ad675f34d061363e3668deb318b044fa0ef912981725ed0b4388beb2958c7e953e6d5db7c00eb59bef4717f03c8c6579baa4a867fab9444190eb9e67741fafb0ed923e7a835531f5a2bdf24cae87cb11816fdeaeb9013e9874fb465a89dca64d41ec1e75f4e8286fa665369ca036e2e6fb3336d066d43b21b9a435384286ce4b3cd4c4dbc0c1a027eaf9c8e168de772c59e98ebc942662728d9a59651593120f02f1dbad2964b2b549d06fb835a57b346f973eee77299962bf80fad08fc46a2060b9ae672e1fc5f82bd93e0fbbb8cfab3f621700e0b146095f7260047cc7ee169bd311398e3e768a64f36c5cfbce314f9fe19a42ddb0a517174332ebbb5a285b66c3c1913053dd28a3e89c99ca57bb679d415462e6b9f08e0e259f7b77f3b6d6d81fb67d6b5aa239f5b777d3806fa47a1dbed22976873b6aafc545d35e79bcd303f4fac661f3121f638f7375d548384c2651674e1b1dfd032888ccff57edc2e076eae385648a6b80a77087d80fd472082f791f4fd8e460f9d9ac36c775255266d9ec4c386702a796c4c011b84a45761e7c77db2cb5d01dde28a6bc6586ce23633488bc4d1fc5c5114ebde1e0c8c209edaa882604cd57b660c0b3d99b20ee92848bc51586d7cfc3d122afe47a050dbe893f66355ed777c01a84ecf891f38a99df5e0ace2a1402f8460aa68aa10298e2c3009fa84f88b3c788fe3c615243db715ab39cdea0c66d51eeb9797042049860214d7ef7e331565cd334f119e73ed318d2b48b6e0032adbc33eb635b440392377024934fe316b1f776ab523176a14e414b2b5b7afa5d564bd0d2545ece2206ec072efc4dd1788b7b639d34016b9899f2e5b3868537b0515c336b063ce5b09ce7d0da8983fbab5196ae0866221d658e6ab0768d30e05d8e7f4f40f09d7253da9e0d0a815446f1ac443882622785d7f9f564b1bbf25e81e7c6c09c1af26bec52e0a4d31236754e5e5e3a0d94176bbc6f0f4bdac9fd1bedf6c75dc5f64f79d103d48eb7c1967c5b13f17d7657e72600d459fb5e0341f520779faa144dce616f6ab7f3c8ecc66250767585e0630c9f3415a8e4b4db4dd1b33b6811586ef597f8be10e0f1f28b56c960d0106fb349ff066eb8c1dafbe62603f64f88ad7301d4a00e7f5835cc8b4fb278b71ca64c68d80bf2a9d24436cdde218d3c5b6917ae2d45d29de12cc69d58aa026d6314044019284b6152cbef8d7e2456b41f4b39cecbc253018f2608e86cf0a0e06a590b81b3d86673c0f09006ee554d8b8c668039a38c0a09876e49b7a76799f82f1486c4fceb10aea2010448b53a04cba7c7f6d8fcce10451bb5180a0d7c7feaee48681a4a58ae33578fb7989affb9de05aa946d27402e783ec4fa18d6ff4defa00afcbec59e2369ae7a04fafe7e03aab53d8710316c77f2d6733a2ff6c63e55c750d0b2543092ceeb7b8439e6281687c442c243d5613e02536ddbe01a296a9b29c4310916868a429ba6077963268d31f2c0542d4f0dc5f8f8270f5abd9dc311d474a604f55f3aeddd6203f69f52aabfc1c230ed6a70eeb6a972ec865591e8153a97cb6af109b62d517e0b6663c6fcf126dd854744b2896cafd1c2d2bed58129e91164210c9fdb26b51a95081a19acd4ccceb44f85460fd7985340731da04dc436de97f6daf2cd5535e2e94314fdb369cb837354e602d718dc9e4ed5c041b66768dcc9617196c0f6f9a13b4fba5fd9b256f5844dcbe6407f0de012b243ec9668e66ccdb1d3b6aadfefcbf5da76647f9d3091a76e11a03d317430ce4aebaac23b2c18650de82b62dca3916599b1dd8cfef1e2433c9fa61037a2feb2fa8744865095595a2d0044718add1c6af6cd11f0c8611f14abdb195a18fa5d3d83d476180ba74aa87a2e2466c057fc68047b353d6e25224207745f162db5c929664616c82f9f25cfd0227f19d36a85bfbe3a90f9fa6ea98c6262af19971f4309622fc3960d60da27844eb36b4a46aab7e9d6b52409d75c1238c11a1e335b81a6e5ba93d1c87b18368c5b77f0e21bce201e95aadca82d4e8cc53bad90af82fb7f42ee166b177ed0c38d7c31642ae3cb2bccfa16f6d5b3a2aa9424c4974f1d018aa7405b3f440c61773826325a006f9ee60108907822ce66a5703eddbf314d38829c420f5daeb2b656a35a224edf3278788484f0756a0323f161dbf8717e92bb9b721530c87b475afd8d944dda67c659964dfa40228cfa29c7816d2ebcb04ed73541f61b0091d35ddeda4aff830993fe573b02d820cd492f5bdae7a6163c33912b5fcbb98a04bff6d49737072e02a83a030f8e5c9e8c726269a43261826c404666dae8a42c22bea0b2a2e8edf2b43e26bc6c89bdf589ceb407769213ac63715604758799c6f97d7d610797fc07fc965e7846376552928bac05a1fd4a2d9a55085476af7ebf1740f9b87ecef2dae12d8e62e308eb0792f503170840069e13fba69eeaa27b40e0e617c3b73300ea4c6ab20aa4c1ed2f0b12c0b1fc7f3509f253b01103a25554af00665d80620c32f414377c979af6792832250b3da6313a2a7d814e39c53b57de47cd8562f89bee6a1fcd0b55d1efe31e70cba8c874d4cde747d90cda3990a909f8c8db9a37180dac7c44b2aba575b830227bccf07a8730f739624842e6c5144de6ae3c43054982bace982add3d57b77ce70232743e483ed1015a348a5314ac33e6cd9069e8a3eb5f89ab3d34ebd86d8e42d34b8ebc4305ec127caa91e3a1c89dd3762f359af9d40360d95b7faac407ec1bc085d567ae29bdc6bfc5be5c0094f2b75a7c2721171d981f15c68e07a9782ec0cd5b1b2ee78afa2536f091a79ef8686c1c8865bbab50e4bdb38f74a0c684183cf95085d2523445ce1197c53792b6aa23494d0c746f1824c074cea7ad7ffe82fd8d2c992ef2bbb4f094796aad050ef7f8f6b3886f0a5c1ef6a94e4850bc100a80f261a9278feb0b6ca9744cb11133ef80e704cefbced43d852eda146bb1b278709e381977f7495be4fee0f5bb03236be7791f2612c9676370b1e6cd335b301870d710183c77c71476690b400e05d3fed7e590c7c118af052a98a72fcb76a0a75cad4ffe97a5543a37bfec334fec6a41ec21ad968d404c98eb69b8ad6a046f11cd2e5117dcb13507958b38263935c9c7e2f057bcdd96b1d1f7c9ce531bfa8d075421feaf88a3835dde86efaf3334cc37ce73704408219cc920e2a3794f9d27c61d73931a79680fc13bc228160e67c002959e01e881da4ecaa44657cf2a8a24425629ea4b56a1096d2c15eb7d256d973e7bb60bfa8b09d4e84352778155b59703fa10fef38e0d1d58c49494f0c4919cf72244a995aa11dc56be764e353ae01d46b031e4830304c028ed97327d69c060b2dfcd1f9b25a9eb5e9260967aeb342c5690f2b6c5584df4e4e4bfeaac088a3a77e5f53a08b42be1e7e281bfdc30f12443ca7fad049b8f00f7df3672e1bf747f986f37478616a551d07ee96a92a8081c8cbcb811281dbe3786fa33ac9e737e5155c00a7257605e6b04a0c069757ef0b1b0c9156495051c67b22c2c532267c82e73d4e58ae75274030d091bbbdb87a1c20f0a1a012c880e0dae45cb74871b183bfb3d4da92d134e6c6f9a9642d2da1553dbc21a746997aa97148a6a05b4cfbf7cdc9cd3510b62743a2982f3a4f3269d9b570cd7d23ae11603fa1f33e41f204e1d031f8376ba9fdef2db0b530935b748a9d9f073ca7ce7de57ab67563c86c7f08b4090fd3e58f21c28819dbb3ee0fc67425e3f0b664d8ee05edcf20ccb4380f92b244c447a25cfb46bea8e32083a681995ba6a469f61989f364e9156ce70ed63e1a42bce4da9d270cc8626ba4add9372ecef37a851bf7e600136ce5ede2595cc730306dbde24f18521a837e101dffaa396c12dd122aece2873e16dab00777b51ef889559dc26aeb522924ad45b1f98086f8a2123e3228da7ae3accf54f0bc7f2e2ae30b7b08f6cd4a6f917fe78de8b8a2a082a8e6485df495501fbd3bc7b08a3dc35cb1ad751ff487c8fde58bd20af5cc6d1fd9b82d9afe6d118af72a2d727f3d46acb7c1bda5b7edf23dcc3ad33bc47153b77b29df022ae9f2d9e346a179c774b3e77f25b4b5636a9fcf2be256610ec32e26a7b4995fafb8954968839644d93a6be154b05f25663c8a12e6a8d21f917fc26354a370832ed0c307f080003000000000008000300bb0000002800758014000e801000070040000000080000001f00000004000100040009000400030004000900080075800400060008007580040006005c00758044001280040087000600eb00040000002400848014000680080003002fd400000800000008da00000a000500b68883d54eb200000600f700020600000600f7000005000004000800040001000400080004000800040007003413758004000700040008000400030024130e80e2000b00012bc98fc328cb1f5d4b016654f9dd4b3a8f1467446dd51436765c38331ce05364d624a4d357c746b1a062a85ac486e76e4970e170eaddd0f8376f5df723ffef85c255c9717610fda1ac329e76944b44bf8955ec30e88235d3bb149a498d8007d8881428285bc915468b025d1ec487e8857a4565d1536e4d92832ea3978ff39d0dbb354bb3ed582cbba2c3ddc48b5c42e9ff27565e928ff9457d1851132d5868f1be9aaa107cfcecc0d08375151c5b993296355c15798f624423672fd55376006de1eda6bffa9491190d805c0fe809251e28303d5b3b737d298c2418215200000a0003000802110000000000d80006007eea12a353d654b62fb2c1e165e87d3aab834646f6845292ce479c27858552664beea0f55060b356f48714e6fad2c7111b716776402cc0b6b5d8a96240f72aabbeafc086c6c39f68b0dc17fa362069751b2e83a271c1ac1cb98078145ef70d4f1c593c28fc34b8ee999e9f3de66c06c281393af0813fdc1acedba699c3803c522bf2c8383eb24cc52fcc8a9193195dabab65ccb7e0e78cde411b7cd7b7bd74b5b511380dcbab6f5474950c2563fdae90e92bf4466420164a2d5d9f0c0d3f91c3023433e52bcf372b5a699472eff32910f8587b897a000b0003aabad4318f08c0538db23260130ac6b28b0a488a537f56bac8c83db0704fd80daac2361d395b074900ff2387144fef0ee3e886b6823fcc148c8d55b5d884d856aa4b920e6d8bf54c923e39d7dbb3aff8dab6a3bf16475233cde5a36e0c414f7a0bd445062e098e678c030afc76713c84b2966603720000b500060075354f36c3205494083f88a5dcf2b98ddd56c8be575f39270f91d77533519dda36e3b72962c70806c952c3e88d34cdcd7a6c2e3620146fd8b6b2af6326e519911723e9d3a0e259d9cbfe0e54bf913dc756d54f238c67b587b6ab2412085c0cbb3132aa3e078336619f5bc287a18892a8e09fa01a8e878e42124cd79d7dc16632a7c03f8292ef3b0439b51355764011e2207446da4856190766b4bdab57e380503f1c49557aa0e337032d165c1b46240b27000000100007008000000001010000000000000c100800020000005a000000add731d4bbcba0083fa6b8c95a6ef36e47bdcd96a3611cd70ac2963c7eaab67f516e935221b0ba7861d167af0773168de43b815cf8de6399c468a4e811182909d2ceb3c3cfebd2770c1fac9e64e6dde58c8e5b80786a83b151302a6bcc0f5d99d018e5c32b5ece608d833044d798610b9983756270e9eca8b8f9c8ff00ced602c34ee62c91f63152eae30f56c837ea5ec2d6d305613b0491c5a9cbd1497bedf03c242194fd7722c86ec2ae7b46b35207ca953d3fa0d6bb73b2f7d78dc913250999b0e41ae00d57279dc06290c2b1ff148dbc1cc6f6b8238ff0a4b4b2567bdd9e91c7ed580aa37f673b56540e37b145decb7f7fcf8593464690926fae436cef7e09e63edf813fdbcce227fcc2118ba8a36c3ddff228487ed36953b17f7ce5793cf99b3d24516c2a59877b116f4a296dec9c8bca9b9c22afddff752056bdea5c9c43667a4d71856cb94e9dec7c3ebc63bb173f5aa910612a0b4fe7d35b973e9c81a5a3d5aeb4455026205d727ae6d8e3a29ffe21732bb762d85d03f56dc8892fc70e0c69b072335a9e1eee48ffc221236b0b02d68b0884afbe3041abcdae2771116e54ae4838b2d9dfc7a861f4341083f4ba8ee809223145f042dbf0e59b5b232abe7d45a16685ef4c8bd5e1aa2dac6cfed497be38da714a1e7d730f851c296686ca39e12ece53c5dec1234ff3b9d9b13e3eec8974f993352847daf66e9cbe4087f018561d4c46f978ee51d1f14032a7f3b8bef99456c150bdec576dd60a68a4b00a21fb8b490cc9ce13869d06f91cc8b04026b1993f989136813714b6a7e964296937dc78b6137b17f245241a5648ca32e3ca6c302fa26d93429aabcd6a0ef7119249141575b06a6ab207b02dca8bace43f723a7910d01c5ae8b79af1259c57351133514323e530c3a9c5b2fce0de1713028f69628ed6cc1e06c3d75a17ec2af63abfc6a577dbfcbbdedce010b38b0cfe9fc9d526b3bc642a10f2142e0491aa540c9f521367f092d274721fc77efc66bcae34dfb58b532da84653d5e27904ae2f4dbbc34f2f0bc435018dc9d7bd0688295c9e3e4369d3e48a878cf4986ea7caed625f8187ec1c5ba4eaf6563c22efc60a1d2e58f6f308baac70c5de9b05653c41a49dd8d9a1ade9ee7e4fe72f88097c316d26e7f1446c9cba73c838f382d7bb59782d7ebb3cbeffcc8cd5454b68ecc72fa9e806620bfc590ca961f4678645c6d31822aaee700a6e4fbb3e5dbc5813b1634e723b3d5ef383d4bd63872c1243c7a57f7c968be53b2aa3d6fa27e41b9289f4c0dcceed65d3c22f39ca1b70e63c7b5b7a7ddddae7fa8f1abcf23f15167ba741369468d607a1e64ba3b138774e500cb2a27577896b03e38487836cfa06e8334a522d137dcbcac9efd669dfe851adc474c918e451e8e5f14c978f5298039c6fba322446ccd4dec9f477ad5a77ff2f17f67e0be677f542b3ab33e98028a9f29b847c4a68a3b9310d9d7fdbdbf1984519858762cfbe7ce355458251700b47726410d863d5b34beccc66618dd40359ef90476a4f55b6440a4b5dddc2bbf2cd3315f94602a1774e72e646a78244e209a974b848ff0553a90475475d7b53359a2e397f9112b601b0c1c85ba628156824fcc4bc844afe854a27c1965b5a6a8049daf407cc3116d5247671acdbeab1cecd7fbcf22b9d548400e0eab5745ee472b8b16e5e25e7ae0c7d548ed2b567c0aa240d8c3a8b4aaadd87720b995354de0202fb354c24dcee875a885ecc3b227491965e1d457da3703762fb8e73b48965bfc768c1c704327a7327b504f80f6ee96a842d92a979f9cabea7d09aa8d057be0e030c2db7bf53319a33596dc49d471785ba5346a724ce5ed0944b04810f9fa259eefe02c8b967175a11a98c9b995733e910f6a2b1cb9cb304be0f21cef32b659109e118ece5a992be892994d2e9d25b2a9997217859c7898e94a916d13cfdbf67d1d0b391e6a0f6f95c63b0e50c3b16589bd66fdd1c6aeb57ae99af46aa8d589e72a12e31e36b3c42f2e6e2345e934eec5705346d344aec52942343fe8121361abb95ae65da32ff608059ec941669c56ab87f848780d0d61e17eca44910122418bed671dbadc68808d00b47c9fdda81f146caa1b5c9bb68d3c3842c35c662068f231f52de214b91d50a252bc73dd0fa4cfc42c33b44e20d626eb7cfc0eb4f8400e52c6fc83ee1d0d25f8e1b3d5909cf0d5f10becf2c37dc9d9d16def5470a421d6ded9e99d5374b299a5d3bdbeaef87f407b373cbe09eb9004003f6242becf037857fb0d5d6126887e38803997b4ea265c121d797f8cc2087013dd4c8bc6afb041d351c9dc3c16a42bfa14795ac18ef57adeb553bf3b65e72dcb1a933377d475ecbffe64840f11d36437a0011d47f91b28d02e999813821814c3d44bff71a851b206dff7a6fd6c23bc57b6aeb80c60340c32f4ef665df86a865f6a1490f699e5f99f1fe169936d186dfdf484b72267b48158292f526ab4cd23092a2a223685bcacc3bd16de7df918c4a343007207731d40edf117e7b76d091b6f5daa0262143b2fe6ba1e923f2ee8ab7fc898528abfaa80e7266fa13e8bf57446a286e91370bd108955ce2ac1abf3625fce21a17bb9bd87b8a331c3d456fae2428d0f06450af4f5cc87a77fe5b11e1b544fb059315567464182929cea0d010577d30d4f03a5da571eed896ea296653e16e017210d3efb55864dc406b2192fe8ec42257354f71de56afb30ea30b11701c694d438a6b6657546eb1b2e4f3f6dc456548f43c3a119a93a6efcf4313f7abaae1102d9152441fb341e65842f96456e5db4da7e8402ed41076c034975bd8e20c16dbae8525c2393508cf1a81858e80208f25f3d9cac4edea43b4756062ee3eb912c700357155b3cf00a806b7d33226b08e32b2285691ec6abd45ecb07bd651eba289f109eb8cfb3283f221baf91105775b459a984cc3b87e7f4e14c19cf090628b3425491228529caa4b259e14ee82bb5131a97c1e4bbff8ce695468ce1b79d44ff00ec15e9dab922004be590bbd80988505e65417153ca0d4e1670b9e72309f73bb89ddc047bdb62fbe05cec7c6046ac063487c52f05ca3f6fdb178b74a2d5cc99f0d46bd437891c97b93ac5c0c5173128d782f7aa2ecd7054387c54d7bda6549ffc443df9fd2bc6a3de79b639bf8e97ea9cc978d566154d0dea91aac3b24f82c71fabfd898dbc065b2b4ebf6ceb593b549132bcc848e381c50100c9fbbd2fb21a0f9726a7c52f0d4dd36ae82e33a7cfdd2bf1bbb8d7520ce7b18dd7a0ff7a11a79b3792c96541bb8b4aacc37233b478dec985ba74b25ed31998c588b80f1e4bfa7b8c11395d83b117474bf0e6f2123042e578ea4ddf58d6e1832042fa038b6ec595120adf35a9f0a4ce4ca3860d16fafef163004119b17330a27b14896747c220a2d914ec024af07cff54fcbf6b79bc7e14dc1e991505312126a1f8dfeec004dda7b04182b6ce7d6123bf7e7666f552dba035df60ca0410b4179eebe3dc2966f17208d86ef0705002f1227965dd257951defffa18510c19501281102b77d67eaf1b99f8742afc631114acbacabcae81b84a64930b6ee8a737455bffc66eb1ee1f8d37e9123d8fceacf3504037c01384416dd33830510f8dfa32049a52e8d1c8d2b64115fdb41b60727be1141d1f4d2efc162f4a701a6cbdced4b06a5193051233b71be1de0812ebc4b1b11e60ca18009b2808285017f1cf087d5d6ad4d2933ea0563c9e358adf53674d006365550c6e99f82a7b29a5d17e4f6fd5fa0894c74f8a0f902bd00441e0a55c420c34d0dd0c2bda27a55073fa3fd1b9091405c5942cfed2b60ea3b2efa9e38b07f0d0fba3e31f6569950d7233b502a7a0a13613abf463b7b62fba29fc045ca9b84ac3ed6479c556b38a3c290dbe6683ab19ac7fc45131ffaaf465f3b40809ad0f0d806213dcb336d0c90e3e5a5c4e3890116d908948728ca638da948b7050721b2cc4edafdab59284e217efade407194827fdde14a37095abdd256c17b36c73f84e59e170cc559c3f168c12f1195b0416a4d66c92143e9803a8c82c10c7e90d841d45aade59a36663d42ac199d7fcc58bbccb907c2210325eaffd7f153f9263558bae8c92606a9211f5759787c714e514a152df76b3f9d19ae3e07b616cb8fc23483dbd0d96091fba04de2ed75b896ad50a0b432cc777a7eb60f2e42511872db9e01617f5e70277bd03ddfc99c12d13cdf1f46c6a6978316048caa772e8735f5b36be5d1eaaf5c6c807497b9d3cb6c7ce31b21bbf852cae7baf9c77297abdbb806a75162c42760e1e34196b24e52ebb95deec4076e1746378637fdcbbbb8ffda7167852f354e8b86c0702dea53f97ff6dfef8ee44915cce7ae3d2883fb0d52992be0523577682708fb42e317577d5ed8413b630502fd7ff94a3317876022df7ced16174ee4a5ea32b1f17a0d3580d450d5a7bf798ede6eb4f8611ba8036cb4d05b37cef14bd9fe37a9ef10d0d1f71a70da86470456526abb80fa980f7fa32f5f931b0900e62da291c0afe4d292031695674eb32df414d2501980ce11a9c0d4a7945c41343c7ff8fd04b78f4a33d8ee4988eb2a956a64d4f05f28ebd5ff11e3d77334700db046192bc99feac15b258594953cb75ac98aa85f2981b8b5c3288f8d3f3128f27db6f4443dc1386b6fb23b6df962019431b253c0cc1f70915186026ac76ca80239656ee0875d5b381ce6330aeed3a2457571caee82630fee301d9404a21dc5d5819f81048b71cd046964480333f2dd97489762d74e5a7e2397f14d4fb0485da0d1356b8b8a2d19bd4c44ace092c61eacd60d6f4dc05b3932133ca1861c2381bd25e807bcd6765bf9e874013650391819285533bb09ffb18b0698369e56789e54cab0155c23422aa9a430e49aadfae42a43cfaedc1d4371f05122dc576ac2fb99c72a7b0f93c6996c9076198f744d6304553fa4e2fddba8e3445a0d460371b5509b1385f448b8a167474e622deca12cdc4c4d5fc869d055008deae7ba17710d90bb5b8648ad0b6e2d6e59d6df2df364f56af834ab546b048a83e28dda6e5ae15f05592e23feace90ca422c2e28a0e334f9abc7b736d32d489c051dbe675d3a48cf4d2dd4b62191ce2ba9c99771fc4d9be274b863bfd53e365af451c4eab8454a1bfa9794619e50dcc7682abaa3d7550ccb8186df1c287f9d4754b1f1d4817f654fb619430bdee468c2b92338075aa08cbd2f1d0b5fafff957073b0d2c16a26e8f81505d2ffeed170808657178d9b97ea0524aa95f8f3bca8bcb84acd2b1c548c9cf2e0260ce9851a6702573b1ff2a3b8a7735df7371af6f9cd9444775c6423fafdd54774dd20dac79da5ecae8cd4b760ca306cf06eee0c8210a77aef648f6a11209efde20774da2e703a3804f08cb9f01a58daca0c97c1d18ee42016a3b6f27a07462f63862e3b63762722b16c698f04cc4da4a8d4ce982e81d87f93617fa1be395b3e8451257f330ae45e571232c2d6e179c3106cd1acee00a4929d9a947b656741c90c4fd36be5318ebb215b0ac188653126a456689775e5279ed7217e677893127f9f54f1ebf15bba9550df0eb5d6bc5c54f1693ccdc76aabf96d69e3a80896a54f65b27c80463bb4f3f411ef43ab727e427ac8a7c10aefa55b422c1375a50d6bdd5338da9f816cf77653e98d0711fd73f7bc2bc07ca65e312ab8fd481e761727ef2b5eacca95811da7b97aede5c67041010804c8498b21211fd21606b9f41bcb862f24819896c51ef115bf02d21e5e1b8cbfc64e83ef30ae0fbea0600040000200000a4147580a01404808000008008000300080000006400020049ce9245ed50c93780b5e5d743d76830f57b51156758801b96fffde231bde9c99ee5de123c483d39e02957cc0d3c204fa8c8e42f01c04235a6c62170920c1edf813668f24f951b80155b77814a351246ad9a662724a78067968fcbe19577513e080003000500000008000300d31dcb3f6c02008099000100f961a02a409297498631a500f2971103136843af98bb867e6e62ee95ad568e246c806b7038b00394f6f81693203add4cba524234edb4e424b0931e07913a1d6eddb7623f0e6e648da1188489d7dbdf0cf18b6617f22e13a455f1fec1c32039f7f113e3189994b68faf197d91fa144d8ddc9c0b940eefd5ffc1f1d77c98b8f74f52d157661700c085a1595c58857afe888c922f4fbd000000e900010077fddc7855e1570e15f39fb84f5c249be607c881336276763eae5a2f5536803b4b64c7f3adb18345e12ac7e53923b461bc8cb960dfd0f8290f82517438b3a3794b73729c2dcbc62ef2adbe1b5456c54c07b3f70f038fee6fa9decdfe90b9e03c1de0fd51ce6cc565b58d2a6d5e459f5bed4e97defae90ccbe691c909f59bff1f1817d80f9b353a6139feb67b9c3917b8fc8699b3faea32d08104058d793fb58fec315bba66b60e489e5bb5b847dfffd260268574d596c1df0ec98b7f1387f6cca64b0e352fe3af609aa49b262973cc563d5a939258ce318ea6d5a15f1b72c1c40d667cfcae000000df000100982d109c6c6e2b77155f5363e1d8b39c997397b2567db9f11a3f4544f52298d6fc7b604a5241672bfd5e3799220a7adcddac593c1f85f80b2de85f8313b5a51143dde43d52b103043b718ecac839f6358edfca936d904508a3ec3f1ac6bc556fa23e6f33585f23b649045ec042800715169b70edc54aeae4b5f8cd2dd34ebc1b153bca9a0994eaed3a711e158d49e48eebb093eb667d5de1a3fcda6b4333d8e05f2576b15b9699620d21e2e2d5c861235efb03cfa683dd1b1105388d4482b0b4b4248d84ed4587a954623ba79e3c4d66e36df0b79cbc25991b6e3600b010008008000300ff070000080003000000000098000200e9b8ffd93aa1c756d83555138854e54743c8b601438f7c7563ff48c12fa3fea948e6f216b6a2f04617293a8b1b3c2d5898fe0ccbab5ce750ac7a516c5e0b1662a123ee711bb2bc9f306b8cc5d7ce1a9a469909856a1722a57b1005cebbbaea6afb538d42e630df39b6bb303927ecf30b43912f7f6e69832e637efe7f55aa563b9c0c2a5b6dd6351fbf6472c00bd4cc136c17176e041002004bbb05e66e5bde9becf463f7b711c9c70f65f5a8f237bec074f4047bc5854d1813c9effcce083590d9e711d582867c78b5c050d75a7bec1ea0f3a837234fae456e04caa1cd43d878c127a05c2b67bbc4280c4ca4eb540493057b011c7de9aa576f0563450e974cf94783f9605db0d1c753ab445ee89d48e3a231a9bba6cde352740ba275864102aa7fc54ae1eb312eabde47938fc9841d1e7cb4f6c46c7bc52ab03158c1873c8ec7e1bc2b46018376d6ee1ec29c66a9f4faf22000c1875dfe4bde4e89e5349696f59965142b97fd3da921a13b2ae5627f5aa7f024bee37cd32a52e28fa5a5e52683d674749002592adede48d296128139fa44c47e785012fd6cbeaedf91ccd84055769a82f91292edc954890db6ea72974f29b6bc9ceded9fa992a2d285edfbdaabff8ebbc0d035288c8846214f2085523aee992991dc989d18e8a3869ac23e30e5eccec6f7f43e65ea0f090d5e8cba7e4996d7b4ea41ba536b581473c902ccf7006e71be35f55e49cfcd2061fade70a56edb2a58c2c1800ecccb2252c73c03ae4d1c30752c6c5b8207dff8f8e7fc2f9565e62763872e52149c9b96e450b563a08c54b2a01565ce4fcb6fdd2717ffe54ed760081a259c2c9d0b625180c6304f62f3d32cc2c8176093535e67a36f2d785f4df6dcf590a1fafc856a50453ad42e4871715d931405faa50db66e1fbdfe3de3324e82d15ce1aed47b4a3d54e8f8b4a5286b5f773b17807e8931967cfa2b13714adae1b2a49e8da3f2981044f821e5c6249110e69cd6a4a8cfe2b98fc591318c0a2a6ef83eee33b3260bddf1788bbc927c955c6f5fb19cfc0fd8f37752ae2e5647542f3a48a0e0aeb0a615ef7cb96a566a3ef9ce6cfb0a8162d04dbd6501c08d6cf572ec84bb42775c99bd1d300214007e55edffdb483ef8c48d1bfaac4229224f40c468997c1ba0f00ba99ac52bd4a7568c87838feee9163da9e83bcfa4b9f7a50756cf1eff0f25bfd1d32236af4cde965b596978d56df4f0b6a6af6863783304257de86895fbb2075e01dc29b02f23de1241bee0c2d0a5dbccfee00ebef14cc4256722008fcb25563e0f30a7f98d05c5ef7ac8d2e05784c39a0dd9bb92edae97486c21fe9815cb5cd8ba7bb190c2080bafef0d49a2db37c494d43b2a5aa03f6d15b6ceca18a9cefbb2725f34aab7b5637f9ffefa981912926fde7304f9c4b7d74114d4bf71ae08bbbeb884442bef84cde2d6294dda8eaa033ab3ccd9ee50b98020fb96bb5a9ab41305a3d3aa61db6c8cfab032bcb9e3cfffa3ba0c3eb6554eef187f7edb74e556e16713b6bceb720e0e1d07bb5dd7e106b0f919072680a91e3e2d4171c44941556f521cb23d9c9cba6516c68bc57c49dff3e033cd01a654bab9c0b31c2bf9e339bf13096eeb6c12c54f359ba955c41702910057e9d9594594090575c8ed33d76c4172b04f96725f7ea177c67d87cfdf9794336626308c486465ce099f64fe7e62e7141ad3090af4e181c30a34395e2b692ac37b29a82aef0fffe8a580af449e61a215d90e0f58a312b0cba9cad4c5beb7856ad2305d728eea03e550fce0a96c955ccfc4c76cb89eed2237b84fec40f03839513bb2b0579d395eaf957bc8da7e8042137eacedbeb5754b9007986c5f036a97cd946964dceee696fbf2ef21f06d09dadd943298fa49d1e44b87de307870f52fd4df6664eb42ba623e584f5c3e8692acc5e895c190d6135d37fbae6ccfcaa426bd0f81b3fe2908b0d7024a4608f4a578b0fd63d015a7d210a6bf8f6469f2a8c7db0eb5b1148e6106139e34267064080e3b9b1c14ae019c21918905b7d649141529ad80f44f690486f847e47d97f49e6867569cd57c6adebfbf378274d1f36e198dc38337823df906ffab73ca341133c82ba0a4dad84dce2141a785427fea7a2da0f6e8cd01a5683818edaa5a9fea14f5949b7929ea7754d97eae22dc372e2f2f69a87f595a6636358f58b7e7020b4c10f4cded43725fa9e94ebcdf1da4124214174fa9078dfe238b015ed1b1162efe1d0a2dc8131c91516536faed873a02ff79b951982c5db12013f8204750de812cb4e859239154700f9d3968a52aeae889cd6091c284124a573359ceb7080784dea9c990bae38f6bb6036109bf042ad7f34833bd3b1a256397ea8f259b034ac0d30fda91caa124239d7f0dcffb0c087715012843c19dbdcd3fc962024d4ef92cb96631dceb1c910ace1b4c830c61c677e77f9b3557432a36249e73db637b580bb38222fcaff049478c2fa2a90137e237a3341f1579fe1f6c57d3970994b919ec2becdef08c5a2c7f47e0fe9575793a367f485cbbcb05724fdd22e31e12215a9a15434a3db2894e3be8f940c39116136b36108c1e761733825f928ece6b23bc05b458ee255e02aa9fafee34cc339670cdb369ef3a8b3aa2079537b532da97f4cf5fcf3d80bd51cb4ad457cb470c874017bb7eef9b0a7a2e8dcfbe32b53080a86a2b9d4c0c7e80398795e73bf23b170c721cac3d32f597d17501b1f6502aaf7234b2d1dd66553663f748e2726e55147440efa8ef41f6b6e3de86dcd75d2b39929a23dbeabe045274d02b77c5116e1d199d527676b38fea459abaa51e97ca14556cef987dff056cebfd47cb5e0340cc6e00d28e90d8adc47fab4ea0cdd6cf729cea46decf3c2927ffbb8ee85c9cc16b022e0255995ee5dbc331053f27e3130c6ed89fe69ef9904770500f9c5a6692e414c9b4a307cd7434c74841e7a5b38ec627473462b031f84e6502a3a0391410eb0d3632554ed6f25fa713d7c7dcdf26d28184c34704686476b2f6e014e6d80f12c624fec878bcda17b7018063b0822f0e938d27b04bdcde7cdad8771d7b11d2d492ea7f42ecf5140c7f5c1297460ca352450b8f26d90546122823da37abe4d865b271ad6b227692b2e8830a4003babf3495a1f4d70112d24a27f37bbf447d8715221c67836cac42179dcb0484457d1a75a2f8471c0630971e55fb9d1bafde9cf4eb49b42355b9192bd082e7d6f1f9078b8c4110ad205b7ad1e81c2a5b6fc8e3d7e9b1ec6e2191dae7f53e85f1ebaaebbb97bc953431857a76e6924c52c33445d98355583a1bf63cbb7e95ef8278bde1ebf0c74bd69fb7bdbe7c5377e390a6eb70fdca7b5377292f18bbbdd53aaacdcd2ad839231146da311fdfeff3d65d5258600900cd2002d06ed6c58f19c432f8f969acdb6849062b462953a0fbc02741994379c99db4cfc1f412fe3a6a06ebe7358fd947426e684af7bfab2e4b476379a21320f9747f616540e919be5b906a857bcd341141eaece0c75efdbcdbd6880f41004b511fe4720b8d01d8f6b2ae7575fd2f804db9b390eb2d7b9e32b33f77819426e8bea5844ffcc8689456ad946cda8d0e289e1a9289abef7c2318655a45470d7ccb7ce900ef16115eb06ef802b89a0275710c8cd62c26e34eb820b54b0259c80459ea320be7c16fc011a0386bea8d499a4573edd53a216228b8c5604d86b88a50ecc356dbaf4c7b3c6acaf344ba5f18875a43a94a90a0512ed449a632d76c38d058da8ebd702bb6f450e52e1bb9705ec639a8e66c199318df27d42c732ac4dd0e33617e70167b5f0d719587a074b607c08aad2b4de5c80f5914a2daa31bfcd343c60c9c91445baa9fd283f628268a4b2498e34179e8c5dbf2dffad24168799741f233dab9a7c7f77f607d208b59b71dd48d73016ac1518868d94f132ec04849901a0090a6a9a4f8acd8b1c9f94c1ad3da3177e57f89950ef08c6f8e5878443f3f80d6093d081c5dd7002d596814057ba31dc053eb12c16139512c2e3d7f40b02492d990f9836e3d811abca5fac81ccf6afda007393c7ee0c4bcaebce749868235e4fa96438e534d33aba09c51478d441791fd707636291e63599526630d9d37013946b2cadc6a87466c5a3a91ddc228d08ced0ec042eaa29c879d38f24ffe49e21c91e30262564e97741757a4310cb0cdd67e371e27d43adc60e87918476026058b0601a27714e0ca17eadd8470e826ac7ce91ee26b767a898ec659537a7feb55246604434a579ca081f9be043a62e3441d5a7ce0e4edf04a1f5b3e48cdf2fb969e2b27d02bb56387a24356ff16f6d723d75d6ef8f1a064a4db24f92d72ef2ef3d4a6f746e4c97f28afe8fff9def3127451c1c1f61dd07b5a94db04e1775605c7f43ca4c6f7a0c3392f04daa3b27d7030724b8d20e5b1eadcb3cdfc1c7b5d43b729a224563504e7741b694328c2d795abd3fe8c20ee7dd0704c10fae29854090f937bfd5f8d4887ced25297dffd0f13a90ec61ddef1c0b93f6622a53ceba5c681bbbff9f681b2abb33dbf08228099998f560a661d24c57e075cd565dd5dbb5c9c912c5ae76ba311a4a7542c33785fe7814834519243c843b513bd1cb4f1a9b97f860ba78e0d216bca6ebde113c4d84524fd0ad21dd76236c375ad6ce9c9187016a59ccb935b44fa61e0a6fcb3ffd5b28644c9790d983b0f78297de771fbe9399d3074eeb3539b3f3627d14c20b7be13c7d71520df0bbfbc5f22822a6872763504a82b7b68bd154fdbd8b5675d99952b933af5a765177f089d8943329bebfc0e8a3002f237c5dd5ec38e7dc649364f38752f0f21aeec44f574e3aac2bb6d02171581dc3b953d4c55d09ea5790fe714f827cfe7671021ee81d9fa0090161fad33a5839ec0a14d2f41d3fc0c1d6e59ba10c422c2f8367561766762f9a752a902ce7d89ed4df47171f829a7f926ac6aa1d2ee9a01a3901089076b3acdb739d1af6121c8faff2dfcca0faf0f4d4efa76197a466c95cbea79b0bef268a6af31110ebb62b6e00d347426f9abdacc529ef57ae64795ddbaf36895205b4a59bf431325da3d8c466cf021790626620602585a2295b6874f575a29ce25cefd8125c69fa213372ddb596a36a8603d58e18764ca56bb525f250b5f56ad606e3617fe3450942cc9bf62c6d31a7b06abe1df424891c320e6e89ffbe3d72a8139e787aa393865420c1b275505786b6da55ce3a3a1af7f7768d742d35966b8a7eaaca287f165ecdbec6474ad5eb0e527b1ddd5a442948fdea6f110bfa552380cf4a1f92899cc9d723a6647182e3b5cd692d0a52169293eaea17c160d3c7241e2453aa2dbbf0174b1666a976130d89757d9bdd1acb549e4596fe7e5d9f0edb50a76d2b58a399f3d9a3505668c4c9c2463fbb171c92fcaab9d116c1dfe32faf22d56803fa9b05a52177774efc42596793ac8b0778c37a3faa62272ddd8afb9652e19e37fbaf30213a11cc12fdd647c9499948bde94e99fe5c7114200f830cc6d6bd5ebc5ca507d3b6d60ef2ab867a4500f401532cafd09031a7193386f5f0e2af43028c8513e32cb61515ad7524f7f1760a90a33a761f74b2c19223b0661c534ca8f27874b1617e4831f9352ab906eb5937f9f14002086908016e20bd9c5ddb982b0f410708f3fa21a0ea9e3488583b0fb9a7267425fe80412a24988f6057330d1b93c93608e6c4054307eb8ac4a88c81280ebb4b1c2d3f99b804dd1a7831e5a7152da4de8cb637d8adc0ea78626202e890782ef23e4f4b001bdf8fe9c01ae138bc5f458c37232982827ffba126fa4f31cd54fa7ec14512d40b179177fd4ae9de4749568b15ee6041c6e1d710ad57ac8143e673279310c7c5a0eb28c1956153a87013a3b10a6f75a477ef150356c57c61946a23e63c0cb6383023ea91d20fdc5ac5999d476dd22e441a7b7ff2891d9145057362a20ab60c881e8a0b1327c1ea4e55e2a30f947030b835af47ba63d0925722371aeec166dd237e3449eb2010001008008000300018000006800020090375902525f8902aea5c71faf04eae3211ca17bc42a112ec99e8e6e70e0d52e9ce0340f0ee3a92b73511112032fb2bf2372a616afafe5fff5fb2f5769450b4f277e907c5b41237cedce4cd95e2c232a00aa88f08167eb6804102cd75e84a55c6b16c2ed11000100f685b1863857772b67ed880293000000700002000677a246421dfa4240740354f661f88b843ee7f3f26c196ea7b25f743ed9b57b78353872046bdb51956cb39cf0822f5f851c99864ceebd13e2daf7f102cfb49a378d5cd1250b19d8c906b38490aee2f6082e34d7f11d22be02e442187d16ae11b738713cbe19982ccb1cc55a08000300080000000800758004000600"], 0xb368}, 0x1, 0x0, 0x0, 0x20000000}, 0x8e80d2c7dc9ff33) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='yeah\x00', 0x5) 03:04:08 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000825bd7000fddbdf256d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000400000024ef00003f21f213f1b9cfd6eda7b7a46aed62a77edff430b747005c42089b496fa18a67cc406f6b5a86ab5dac4b17051ddab0b145d3fe8e0bcc4c0bf0a8ca"], 0x28}, 0x1, 0x0, 0x0, 0x4000045}, 0x20000044) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x4, 0x800, 0x30) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) getsockopt$IP_SET_OP_GET_FNAME(r3, 0x1, 0x53, &(0x7f0000000080)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f00000000c0)=0x2c) r4 = syz_open_procfs(0x0, &(0x7f0000000100)='statm\x00') prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x200fc0) 03:04:08 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x3}}, 0xf) ioctl$UI_SET_SNDBIT(0xffffffffffffffff, 0x4004556a, 0x5) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) [ 1782.499377][ T6043] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1782.507333][ T6043] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002d [ 1782.515353][ T6043] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:08 executing program 2 (fault-call:8 fault-nth:46): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000680000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000006c0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1782.610512][ T6081] FAULT_INJECTION: forcing a failure. [ 1782.610512][ T6081] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1782.636838][ T6081] CPU: 1 PID: 6081 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1782.648285][ T6081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1782.658315][ T6081] Call Trace: [ 1782.661588][ T6081] dump_stack+0x1b0/0x21e [ 1782.665885][ T6081] ? devkmsg_release+0x11c/0x11c [ 1782.670787][ T6081] ? show_regs_print_info+0x12/0x12 [ 1782.675950][ T6081] ? kasan_alloc_pages+0x4a/0x60 [ 1782.680854][ T6081] should_fail+0x6fb/0x860 [ 1782.685237][ T6081] ? setup_fault_attr+0x2b0/0x2b0 [ 1782.690228][ T6081] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1782.695568][ T6081] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1782.701080][ T6081] ? find_get_entry+0x5da/0x670 [ 1782.705897][ T6081] ? xa_load+0x323/0x340 [ 1782.710107][ T6081] __do_page_cache_readahead+0x244/0x510 [ 1782.715724][ T6081] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1782.722151][ T6081] ? unwind_next_frame+0x1c07/0x22b0 [ 1782.727403][ T6081] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1782.733092][ T6081] generic_file_read_iter+0x626/0x20a0 [ 1782.738521][ T6081] ? find_get_pages_range_tag+0xae0/0xae0 [ 1782.744205][ T6081] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1782.749542][ T6081] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1782.755620][ T6081] ? avc_denied+0x1c0/0x1c0 [ 1782.760090][ T6081] generic_file_splice_read+0x491/0x780 [ 1782.765603][ T6081] ? splice_shrink_spd+0xb0/0xb0 [ 1782.770518][ T6081] ? security_file_permission+0x1e9/0x300 [ 1782.776216][ T6081] ? splice_shrink_spd+0xb0/0xb0 [ 1782.781169][ T6081] splice_direct_to_actor+0x3cf/0xb00 [ 1782.786513][ T6081] ? do_splice_direct+0x3d0/0x3d0 [ 1782.791502][ T6081] ? pipe_to_sendpage+0x300/0x300 [ 1782.796495][ T6081] ? security_file_permission+0x128/0x300 [ 1782.802227][ T6081] do_splice_direct+0x279/0x3d0 [ 1782.807043][ T6081] ? splice_direct_to_actor+0xb00/0xb00 [ 1782.812556][ T6081] ? security_file_permission+0x128/0x300 [ 1782.818243][ T6081] do_sendfile+0x89d/0x1110 [ 1782.822713][ T6081] ? compat_writev+0x390/0x390 [ 1782.827442][ T6081] ? security_file_permission+0x128/0x300 [ 1782.833128][ T6081] ? vfs_write+0x427/0x4f0 [ 1782.837509][ T6081] ? fput_many+0x42/0x1a0 [ 1782.841807][ T6081] __x64_sys_sendfile64+0x1ae/0x220 [ 1782.846972][ T6081] ? __ia32_sys_sendfile+0x240/0x240 [ 1782.852224][ T6081] do_syscall_64+0xcb/0x150 [ 1782.856696][ T6081] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1782.862564][ T6081] RIP: 0033:0x45dd99 [ 1782.866433][ T6081] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1782.886042][ T6081] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1782.894419][ T6081] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1782.902356][ T6081] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1782.910297][ T6081] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1782.918238][ T6081] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002e [ 1782.926177][ T6081] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:08 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r0}, 0x8) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32, @ANYBLOB="14000400"], 0x38}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000826bd7000fddbdf252b0000000c809900ff0700001b00000004003c0004003c002400238008001c00ff07000006001200060000000800090001000000d2c62cb42d05f7b28806001b00020000001e009400020006010000000000000003fc7f00000a0006556c8235519ba72760954c675d5a7d58af67e73a3b1dac63f7"], 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40000, 0x0) ioctl$TCSETS2(r3, 0x402c542b, &(0x7f0000000080)={0xffffffff, 0x669, 0x0, 0x3, 0xe0, "84b2b104d330d61d5e6265757e86980bc2ae8b", 0x1, 0xff}) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) 03:04:08 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x99) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000740000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:08 executing program 1: syz_genetlink_get_family_id$devlink(0xffffffffffffffff) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) prctl$PR_GET_SECUREBITS(0x1b) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x0, 0x1) lseek(r0, 0x5, 0x2) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:08 executing program 2 (fault-call:8 fault-nth:47): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000007a0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1783.122391][ T6099] FAULT_INJECTION: forcing a failure. [ 1783.122391][ T6099] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1783.143806][ T6099] CPU: 1 PID: 6099 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1783.155263][ T6099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1783.165302][ T6099] Call Trace: [ 1783.168586][ T6099] dump_stack+0x1b0/0x21e [ 1783.172906][ T6099] ? devkmsg_release+0x11c/0x11c [ 1783.177841][ T6099] ? show_regs_print_info+0x12/0x12 [ 1783.183040][ T6099] ? kasan_alloc_pages+0x4a/0x60 [ 1783.187977][ T6099] should_fail+0x6fb/0x860 [ 1783.192385][ T6099] ? setup_fault_attr+0x2b0/0x2b0 [ 1783.197401][ T6099] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1783.202771][ T6099] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1783.208313][ T6099] ? find_get_entry+0x5da/0x670 [ 1783.213150][ T6099] ? xa_load+0x323/0x340 [ 1783.217388][ T6099] __do_page_cache_readahead+0x244/0x510 [ 1783.223013][ T6099] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1783.229424][ T6099] ? unwind_next_frame+0x1c07/0x22b0 [ 1783.234706][ T6099] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1783.240414][ T6099] generic_file_read_iter+0x626/0x20a0 [ 1783.245866][ T6099] ? find_get_pages_range_tag+0xae0/0xae0 [ 1783.251571][ T6099] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1783.256928][ T6099] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1783.262984][ T6099] ? avc_denied+0x1c0/0x1c0 [ 1783.267480][ T6099] generic_file_splice_read+0x491/0x780 [ 1783.273014][ T6099] ? splice_shrink_spd+0xb0/0xb0 [ 1783.277943][ T6099] ? security_file_permission+0x1e9/0x300 [ 1783.283648][ T6099] ? splice_shrink_spd+0xb0/0xb0 [ 1783.288568][ T6099] splice_direct_to_actor+0x3cf/0xb00 [ 1783.293928][ T6099] ? do_splice_direct+0x3d0/0x3d0 [ 1783.298939][ T6099] ? pipe_to_sendpage+0x300/0x300 [ 1783.303956][ T6099] ? security_file_permission+0x128/0x300 [ 1783.309658][ T6099] do_splice_direct+0x279/0x3d0 [ 1783.314505][ T6099] ? splice_direct_to_actor+0xb00/0xb00 [ 1783.320039][ T6099] ? security_file_permission+0x128/0x300 [ 1783.325746][ T6099] do_sendfile+0x89d/0x1110 [ 1783.330241][ T6099] ? compat_writev+0x390/0x390 [ 1783.334989][ T6099] ? security_file_permission+0x128/0x300 [ 1783.340692][ T6099] ? vfs_write+0x427/0x4f0 [ 1783.345094][ T6099] ? fput_many+0x42/0x1a0 [ 1783.349416][ T6099] __x64_sys_sendfile64+0x1ae/0x220 [ 1783.354604][ T6099] ? __ia32_sys_sendfile+0x240/0x240 [ 1783.359884][ T6099] do_syscall_64+0xcb/0x150 [ 1783.364379][ T6099] entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:04:09 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = dup(0xffffffffffffffff) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$BTRFS_IOC_INO_PATHS(r3, 0xc0389423, &(0x7f0000000100)={0xfffffffffffffff7, 0x18, [0x1, 0xb338, 0x3ff, 0x7], &(0x7f00000000c0)=[0x0, 0x0, 0x0]}) setsockopt$inet6_int(r2, 0x29, 0x46, &(0x7f0000000080)=0x80000000, 0x4) close(r1) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) bind(0xffffffffffffffff, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x4, 0x3}, 0x10) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004980)='/proc/sysvipc/sem\x00', 0x0, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000004a80)={&(0x7f00000049c0)={0x10, 0x0, 0x0, 0x804010}, 0xc, &(0x7f0000004a40)={&(0x7f0000004a00)={0x34, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {}, {0x18, 0x17, {0x1e, 0xca05, @l2={'ib', 0x3a, 'team0\x00'}}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x12}, 0x4040080) 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fc0000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000040200000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:09 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000080)=0x1, 0x4) r3 = signalfd4(r0, &(0x7f0000000100)={[0x9]}, 0x8, 0x0) symlinkat(&(0x7f00000000c0)='./bus\x00', r3, &(0x7f0000000140)='./bus/file0\x00') pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./bus/file0\x00', 0x0, 0x10}, 0x10) dup2(r4, r5) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000300000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1783.370257][ T6099] RIP: 0033:0x45dd99 [ 1783.374140][ T6099] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1783.393733][ T6099] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1783.402129][ T6099] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1783.410090][ T6099] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:04:09 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x70bd28, 0x25dfdbfc}, 0x14}}, 0x8001) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x6, 0x9f9}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0xa0842) write$evdev(r2, &(0x7f000004d000)=[{}], 0xfffffe82) ioctl$EVIOCSCLOCKID(r2, 0x40044591, 0x0) ioctl$EVIOCGSND(r2, 0x40044590, 0x0) syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x52900) r3 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000002c0)={0x0, @l2={0x1f, 0x0, @any, 0xf2, 0x3}, @llc={0x1a, 0x301, 0x20, 0x1, 0x8b, 0x9, @remote}, @ethernet={0x306, @random="bb22754b5f4d"}, 0x1, 0x0, 0x0, 0x0, 0x800, &(0x7f0000000200)='wlan1\x00', 0xffffffff7fffffff, 0x0, 0x5}) close(r3) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$BTRFS_IOC_LOGICAL_INO(r3, 0xc0389424, &(0x7f00000000c0)={0xfffffffffffffffe, 0x28, [], 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x200fc0) [ 1783.418059][ T6099] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.426020][ T6099] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000002f [ 1783.433976][ T6099] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000020400000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x80000000, 0x4, 0x0, 0x0, 0x511a, 0x0, 0x7}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) fsmount(r1, 0x1, 0x8e) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:09 executing program 2 (fault-call:8 fault-nth:48): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1783.612102][ T6138] FAULT_INJECTION: forcing a failure. [ 1783.612102][ T6138] name fail_page_alloc, interval 1, probability 0, space 0, times 0 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000060400000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1783.653364][ T6138] CPU: 1 PID: 6138 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1783.664826][ T6138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1783.674869][ T6138] Call Trace: [ 1783.678152][ T6138] dump_stack+0x1b0/0x21e [ 1783.682471][ T6138] ? devkmsg_release+0x11c/0x11c [ 1783.687395][ T6138] ? show_regs_print_info+0x12/0x12 [ 1783.692578][ T6138] ? kasan_alloc_pages+0x4a/0x60 [ 1783.697503][ T6138] should_fail+0x6fb/0x860 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000100400000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000500000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1783.701913][ T6138] ? setup_fault_attr+0x2b0/0x2b0 [ 1783.706928][ T6138] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1783.712291][ T6138] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1783.717858][ T6138] ? find_get_entry+0x5da/0x670 [ 1783.722697][ T6138] ? xa_load+0x323/0x340 [ 1783.726952][ T6138] __do_page_cache_readahead+0x244/0x510 [ 1783.732574][ T6138] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1783.738973][ T6138] ? unwind_next_frame+0x1c07/0x22b0 [ 1783.744247][ T6138] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1783.749958][ T6138] generic_file_read_iter+0x626/0x20a0 [ 1783.755412][ T6138] ? find_get_pages_range_tag+0xae0/0xae0 [ 1783.761119][ T6138] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1783.766486][ T6138] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1783.772549][ T6138] ? avc_denied+0x1c0/0x1c0 [ 1783.777043][ T6138] generic_file_splice_read+0x491/0x780 [ 1783.782581][ T6138] ? splice_shrink_spd+0xb0/0xb0 [ 1783.787513][ T6138] ? security_file_permission+0x1e9/0x300 [ 1783.793219][ T6138] ? splice_shrink_spd+0xb0/0xb0 [ 1783.798142][ T6138] splice_direct_to_actor+0x3cf/0xb00 [ 1783.803498][ T6138] ? do_splice_direct+0x3d0/0x3d0 [ 1783.808504][ T6138] ? pipe_to_sendpage+0x300/0x300 [ 1783.813521][ T6138] ? security_file_permission+0x128/0x300 [ 1783.819221][ T6138] do_splice_direct+0x279/0x3d0 [ 1783.824058][ T6138] ? splice_direct_to_actor+0xb00/0xb00 [ 1783.829592][ T6138] ? security_file_permission+0x128/0x300 [ 1783.835296][ T6138] do_sendfile+0x89d/0x1110 [ 1783.839785][ T6138] ? compat_writev+0x390/0x390 [ 1783.844529][ T6138] ? security_file_permission+0x128/0x300 [ 1783.850230][ T6138] ? vfs_write+0x427/0x4f0 [ 1783.854647][ T6138] ? fput_many+0x42/0x1a0 [ 1783.858960][ T6138] __x64_sys_sendfile64+0x1ae/0x220 [ 1783.864141][ T6138] ? __ia32_sys_sendfile+0x240/0x240 [ 1783.869410][ T6138] do_syscall_64+0xcb/0x150 [ 1783.873896][ T6138] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1783.879767][ T6138] RIP: 0033:0x45dd99 [ 1783.883645][ T6138] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1783.903229][ T6138] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1783.911630][ T6138] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1783.919581][ T6138] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1783.927531][ T6138] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.935482][ T6138] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000030 [ 1783.943437][ T6138] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000600000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:09 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000080)=0x3, 0x4) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:09 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f00000000c0)=0x1) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) fcntl$setstatus(r3, 0x4, 0x1000) close(r2) r4 = socket(0x1e, 0x4, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x7, 0x6}) connect$tipc(r5, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x3}}, 0x10) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x58, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_COOKIE={0xfffffffffffffc9e, 0x58, 0x1a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x26}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x800) setsockopt$TIPC_MCAST_REPLICAST(r4, 0x10f, 0x86) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0x200fc0) 03:04:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$F2FS_IOC_GARBAGE_COLLECT(r2, 0x4004f506, &(0x7f0000000000)=0x1) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:04:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000040600000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000700000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 2 (fault-call:8 fault-nth:49): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:10 executing program 4: r0 = creat(&(0x7f0000000040)='./bus/file1\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0x80585414, &(0x7f0000000100)) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x26, 0x4, 0x4) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x200fc0) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$PPPIOCGFLAGS1(r6, 0x8004745a, &(0x7f00000000c0)) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) io_uring_register$IORING_UNREGISTER_EVENTFD(r8, 0x5, 0x0, 0x0) 03:04:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000080)={0x9, 0x8d}, 0x0) r0 = getpid() r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f00000000c0)) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x3, 0x6c, 0xfd, 0x5, 0x3, 0xffffff7f, 0x9049, 0x8002, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) 03:04:10 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x25, 0x4, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x5, 0x81, 0x5, 0x1, 0x2, 0x3e, 0x0, 0x310, 0x40, 0x1ba, 0x7, 0x7fff, 0x38, 0x1, 0x8, 0x7, 0x92}, [{0x60000000, 0x6, 0x7fff, 0xffffffffffffffe1, 0x80000001, 0x664, 0x0, 0x400}, {0x2, 0x1, 0x3ff, 0x8, 0x6, 0x7a, 0x5, 0x1}], "e58fb02b5435927ae13082d381cc9ec2ac9c9ba876e69456497baca0f10ba0f9a933ae8297806a4e38bb6397e9b5c44eaa9c443f281b63254ada3e4ac966f724865d12d82151789a9edfe2e786ce851565"}, 0x101) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) socket$key(0xf, 0x3, 0x2) epoll_create(0x0) bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000040)={0x15, 0x4, 0x7fff, 0x6e, 0x0, 0xffffffffffffffff, 0x0, [0x31, 0x0, 0x0, 0x400100, 0x0, 0x0, 0xe], 0x0, 0xffffffffffffffff, 0x0, 0x49000000}, 0x40) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000080), 0x4) 03:04:10 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000080)=0x2) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000000)=0x3) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 1784.308917][ T6181] FAULT_INJECTION: forcing a failure. [ 1784.308917][ T6181] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1784.335302][ T6181] CPU: 1 PID: 6181 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1784.346761][ T6181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1784.356801][ T6181] Call Trace: [ 1784.360083][ T6181] dump_stack+0x1b0/0x21e [ 1784.364398][ T6181] ? devkmsg_release+0x11c/0x11c [ 1784.369325][ T6181] ? show_regs_print_info+0x12/0x12 [ 1784.374510][ T6181] ? kasan_alloc_pages+0x4a/0x60 [ 1784.379444][ T6181] should_fail+0x6fb/0x860 [ 1784.383848][ T6181] ? setup_fault_attr+0x2b0/0x2b0 [ 1784.388872][ T6181] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1784.394233][ T6181] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1784.399769][ T6181] ? find_get_entry+0x5da/0x670 [ 1784.404612][ T6181] ? xa_load+0x323/0x340 [ 1784.408844][ T6181] __do_page_cache_readahead+0x244/0x510 [ 1784.414465][ T6181] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1784.420864][ T6181] ? unwind_next_frame+0x1c07/0x22b0 [ 1784.426135][ T6181] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1784.431830][ T6181] generic_file_read_iter+0x626/0x20a0 [ 1784.437259][ T6181] ? find_get_pages_range_tag+0xae0/0xae0 [ 1784.442951][ T6181] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1784.448299][ T6181] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1784.454338][ T6181] ? avc_denied+0x1c0/0x1c0 [ 1784.458818][ T6181] generic_file_splice_read+0x491/0x780 [ 1784.464333][ T6181] ? splice_shrink_spd+0xb0/0xb0 [ 1784.469242][ T6181] ? security_file_permission+0x1e9/0x300 [ 1784.474927][ T6181] ? splice_shrink_spd+0xb0/0xb0 [ 1784.479833][ T6181] splice_direct_to_actor+0x3cf/0xb00 [ 1784.485179][ T6181] ? do_splice_direct+0x3d0/0x3d0 [ 1784.490180][ T6181] ? pipe_to_sendpage+0x300/0x300 [ 1784.495183][ T6181] ? security_file_permission+0x128/0x300 [ 1784.500870][ T6181] do_splice_direct+0x279/0x3d0 [ 1784.505688][ T6181] ? splice_direct_to_actor+0xb00/0xb00 [ 1784.511207][ T6181] ? security_file_permission+0x128/0x300 [ 1784.516892][ T6181] do_sendfile+0x89d/0x1110 [ 1784.521369][ T6181] ? compat_writev+0x390/0x390 [ 1784.526117][ T6181] ? security_file_permission+0x128/0x300 [ 1784.531803][ T6181] ? vfs_write+0x427/0x4f0 [ 1784.536189][ T6181] ? fput_many+0x42/0x1a0 [ 1784.540543][ T6181] __x64_sys_sendfile64+0x1ae/0x220 [ 1784.545750][ T6181] ? __ia32_sys_sendfile+0x240/0x240 [ 1784.551002][ T6181] do_syscall_64+0xcb/0x150 [ 1784.555474][ T6181] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1784.561331][ T6181] RIP: 0033:0x45dd99 [ 1784.565192][ T6181] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1784.584807][ T6181] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1784.593225][ T6181] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1784.601169][ T6181] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000900000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$SIOCGIFMTU(r3, 0x8921, &(0x7f0000000080)={'wg2\x00'}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x800, 0x8) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x3, 0x3, 0x5, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x3}}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffe, 0x1f}}, @NFQA_VERDICT_HDR={0xc}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xffffffffffffffff, 0x9}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_MARK={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x20048000}, 0x40004) sendfile(r1, r4, 0x0, 0x200fc0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000a00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1784.609131][ T6181] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1784.617077][ T6181] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000031 [ 1784.625016][ T6181] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000b00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000c00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_ROPEN(r4, &(0x7f0000000080)={0x18, 0x71, 0x2, {{0x1, 0x3, 0x6}, 0x8}}, 0x18) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:10 executing program 2 (fault-call:8 fault-nth:50): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:10 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PPPIOCSDEBUG(r4, 0x40047440, &(0x7f0000000080)=0x44) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) getuid() sendfile(r1, r5, 0x0, 0x200fc0) 03:04:10 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) r2 = fsmount(r0, 0x1, 0x4) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') sendmsg$NL80211_CMD_TESTMODE(r2, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000002040)={0x242c, r3, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_TESTDATA={0xed, 0x45, "666ad429cc569a12258ec6a6a0889f5e6ebdd8f6a03a46fcf9218159bde1e6adb08151fbba734eb5f4e89c4a812a2fe5f2a8e7ac67401c17b93efba5cc87f126fb4704512f8860f7e90dfc91ed76a7918b0d3182cbf7a19c676b8d31174631c4b341f25080310362b9bafebb8ffafc98012e24d98a65f8d2a908a732472a4667efcd1497876355068e25718d7513fa3e2eaeb5f135540b60eea097d558fa6ab95562e1d493d2c930c0052a0c10080ad28a521d07f6e4c401d6331c8d71534c520177bdb6489c2544e790ab52bacc962086228487beb361ea09a8d2b9ee93b4500b1f5e3ce68694c770"}, @NL80211_ATTR_TESTDATA={0x83, 0x45, "885c6a1143536d7ac80653a4316264baf23121b80fe18b467c1c97d00d2431e013e4f1ef6412886651e326abbacd02a543a8cc4d4bec9f0054218a03dd306ec74c5a80490a3f9ba8c8f9daf7e65694af06f927c0f6668b1332d83e8e0454b3e9d023fae789b1846fa4263243f482461ce37699f783170e288e3e7a9fea853d"}, @NL80211_ATTR_TESTDATA={0x9b, 0x45, "0b4caf0c1bd42bae7c30e63e79efe433092f5a92f99636ac6699bc2e1d538157225432086205a2d568944600ee73aa25194dc926d8955c788cdc7c930fd2abe57e3825528727dbe86797387cd1aafe2fc4d227856d8df33ce3268dd179303409c940206f9ba5decfab017b4e966bcf7244c9367a4c9e643734057c08c0163be9c9985bf2ef64bdfd2170113ab8c93e6b353b2d436a2025"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "62afd8f1b289b09ec5f91fb37071e1285c11fe57893b8202edd61f29bfe2ff1e8a75a7a4001efa6d4008fa7098aec16857bd9626f624d3ceeff9da19e97c1e45b6ce101a014663b359e90b820a9d4f3af824b4df4c969433ecd8e37c21a58aa14e8f97bd5e0a21afc0d35ccc6cea90a609c3560b5902a4f5b71facd9ab15d9e6619c4c74264613d0f53b033358c0b87621a5b0e0824c1c165e96904b0f26d10e1ff6751cbbe9319165c773bebea030d402232b17819ade0c86e36be2642f3aabf6848894bda5d08e15bf3a672a8d7d9f8ec7bb6c1f46af950d3353e2a540aafc4c5c05c75029251ae374bc329fbed16aa2ebcfbb93c81bf81a70ce052b439b8cd6d03450f93c037786ae974609bdc33a8419f77516f671404a18b3ec4991f703ade4cfb1b973442ad5a7c5b3de0fed1e7dc75b2e38c78e50a312317cef210b2b799b1003a0be2b2773215c3fd4dbae3ffec6b09b617d63fb84670d3d631d81402a5c373d469d7abbdea6a5e622654d57ee9a7c36bdb22cacb39e04cb93b84411ef1302f1b421fb7eec9e754188b20e01a65702d888591e515ff990b61d28e3b25dab57344f27724f5a5218d767f39c6b05a20e84454928ab304f4cb09ee358f9709a2e78c68eb5b338355f9bc9a2a929902a8eb7ef4f9f66c4c126d42358abd020e5ea0f9f28a9b438e29be828a52e1ea6717652917601bb775b0199ae32cea415876907e0e55042d302d8663da715468a059507787fa9906ac291bed3db37f46e8de238968692161e19c3b568982762d3202998e834bfe38f0ddcca2fe7cf04596690f4892bb7f30ea033a28d29dad46ae5d04b31e4294b4c66dec70297a210eed7b76225111c28f4a31a7eaf4445de5128b4c078c8a06792fed065c82184d8cc963e7c54b71f6cb4ad0e9d7a55209cce8639f91687f0ea78c7b75fbea6f8c5cfb772041eec0c783b6a7c9a546c63dbd7118ba3cbe45a5e283dce3a7cf294ebfa9c5f6c8e67f8e87f8d1bb89b2f8962bcc6a6887a6a836dd2e50e0bb1a2890ac6dc9eb4fe021f94a2c8f57e94dbcecd75d1c66c5bbc3e074bc82dab0ffab34e141c8e313cc2076782ea1abf3adf07d0c7419eeba1bff2d7253fe53c9577520bca139a52ac480dbf50a529bb4b507ac5bb2afa017f451c9f4972fc69f5129473bfd8e779c20d4fa3584b3f7b88015172ef282223bda423d164dca55fe629b6b0a49f35c988345baff9e4ace884c5d12729e64cce5996526741a88f640fa647f3c221d96e34bdf3760f57b1af74b63f02a028c47744e308c37fe62afdbe85819a37df89dab842ae630cd4068b3a6ce6f68b7f52d48181e791df49a8dfb7d5ad8d380f4ed141469f3905cd23f19fca49838677d31d1fbb13ac878359af71df407975bfb85aaa75e96f0c472696bec0a33062c8b4270d1d547e8d327f12a7788e2c78cc061594cd0b985a63a0949eac65b8f122a0d37a646e37b6cf9bb8a393d8776af6b9657957732a0c85dbaedf3fa1e33558ca89a14bafd28176794d14f7219baba6399a2928fa5481e55b250f23303be5352a78efc4c8c6fe59e5eead56a567f9593003090de7f7d33c43e207fb6f40b63aa6ad4832c5c6728ba280c3bbba40b40c1ee255ebad7181055df7fc37091a13ebb9c1a2f3a18283eb21e19644bb9968301c4ea3fbd61663b388b8279859eb7f072bbbbee18dfbc9eb9b0822dd7cd4cd43e278e59eaadc34fac75723fdb3feb5edcfc79ae1ad3137d633ec1223a31519c4f328d53e27c85a9521d304927c0fffafb8cfe29a606236c3a6e43db68573e7d4ccd2131a958fe909ccd37f0a54653d0370d2f9ee2c33d6299e1c8733976055518e2f3a734dedc5d28836e72cf5943e107e33cffdc5450f1a918c51684a67bfd40dc98bc1df529a77f40e28e2c4976c71129556682f451daf916a20c27245587367673bf62b4bb018191fcdb5276ca89844d2c3fce50d37b979d85a5a063a53508d52f656f1156c9b47eed03e81766aaf0d9e28718af7e47d6e530a91abc8f3fa657bcff196f9cec367aae2e7b6abc28b54d9f3c7cc3af309126ee2dd49fe8ab5d0b3ef1a9087e075d320cef404a6bb1a123b0e3805eb84c45ed7fe6bf076208e5b03848d58bd88e985a7a35225433dde3c370bdd02a7ae8493df59862cb3ee8989711191fd6d363d4fe15123ad10f33aa94e54fbac74d892e884a82c978d748cd5b11898273201fa1a3de7d0b61ed7286eadeb4e1fd4711e81f91628a66b54f76b28a9b96cd18d36b14f4cf599ac2f73fb1be6e0406d841a899c87b60f3d647386a66361018aa9bd432f16857b6367f946e2cba92ee21b4cd1bdb3a52c916262fdbd293627f19212685818fb3d3c931ed92f9da629738be5e85ce5f1d92c1ca34937c622c60cdd3fa27d773bcc90fe1e73544097b89553b3b11501874eb004f38e5ee7dabea07736ec196a521eff39306319e5b5e0021282f696dc8834b9b2d9fd6727bca986f1e2bc5a0f07850462d950fef72610dba9aaca1bec5eec8e74592ddf33e1f4655a373dbb78b271abba1a4448529f8cc658d24572bfcdf87a53d5b28fecffd7e06ea0ea0c825c2b4d7a44546f93c6ca5f0834e72c608be5d0e3cb5044ec1216796a93f1868b9237a51b0dc64dc20a1ba395341bef06d2688081fb460f367b6f2a7751ed08a7db1c4c40d44580959094d8b347daca63aee6d0b4f62981551997f3b4a383b9e9a8396ba2e196cdbbef7c370b239eb9c06263fc10a1e864f17df8c3ea80f4113faa89469d2e399f9ff668e3bb6eaac240e98024046585af4b6be369ae6dd37eca28f4f74848c5525acce7f659f00f4673718c724fc6835a70d7ca4c9e5a71c6d45dfe9e69c07825d9b2b48d045f35c6ebbacf79ffc7551ff08e20de9e1054ad03a20aaf1ac93320a6ff1ce76f6da61f98c1b1fc618bcd3462e2266c3c2bf21466c474b3956611c1c7f2eb5ca5cd78e87773d24bdcd648d9fdeb8352498edc8a7f86ce23ae1f035c21eebac4fefe724b0cb845262ea47ed8dfc07752e1e4166c12b3e35cba2a4a9b0ae2f048bd60d596353e6891d915855e18bdc296d2cd84c29b19ccbef923a314cf75ee0911369d9ae290148e620e093f8627c0096dbd73ebae590e92700cbcce4431ea7dde731d7bc84ee7edb924d59d01a08011a0ff9ec148bb4de71e4b475159794dfeb5802a8623f7ba57594506ef8882be7a08c1482742b0ad209128f52100994a563287b657b8ae891a42b2f73e489fbe91cda6dcad01b84bce97731b95b7a82373915025553552520ea2a9271bfa659f931e5b861072b7c1ea2dc4a5b3e942e539ef32c2cf9c9b7d278d92cd397d7179dc3e612887effd7734252cd43fff0dc62dfd14aac8e96b15437ddbff363d165414fb3bb9ebfe7e63004073ecd0776b86cf242657d53a0b2d37326cb9369ae1c35fe9a76c58f2608ce3d62e851924e31ccbcabafae54d81eaaf8a4a679027e5ef599c03bd292d19352f9b295ccc4aa2cb563e88ac79be17da8f8eb61bf349b45c62cecb7cc457e49a28c1ffa46b2d967833587bca01702f8c01dd47cc9d6af06d02a13939142f5d625c38ef12c1de05b9c99ea77b098aa5acbec1798de69ef95d34d72798f50141f427497c529635b0827a0078681d9682dd50331c2266019a11d2e164ceef7d29499b5767fb82e8e25bf9842ea2f981ff2910b1b01e158bb38f849360f9962c9a39e6e705b7a6eb32ff7d3b74271442bf7676fb7a4cc5cd1feb653d52c1ad6bf31b2f0cb1fca6365afdc481a25b52acaf7ac48b0ea74eb39ed8c3fb173abe9aaebec39d432e8029853e682c618fe3cbc4ab68b91e078204a8366659a744796c1ba499cf8da6897fe1aaed570f4fcae1734064d319023b8cc2f4ac3b55f5bf2ca17395bad85126d63afd19c2a462b203bf76743d475dbd28ef2c4b01dd3d651b3ced8625815b9c1259fa7f393fd41ca443ecc46b412f99e99f0f26871193296398381ccb7e47d21889763ba8f4a26043e92ead4b1f195337b6c123799e3ab1d9e369fb9b7a6d7be04e98c7520bebf2e73780a3e05e578404a65d64bacc55e4aa2f1fba39a6d11eaed60ac20b4ab8b244b6b57c99de440046aac4cc23182129cc8e8d0de91710036ef1937cb563a7f600be02bdd833ccf70bd5ee1c1f08b2ce096e9aa78930c2909198d7c8f6bde6d75918d64b556a7dabf1a2617dc954e87ee142f8d1958e5e068fcbd5337a036f2ee5815e2275cec4e49fd4f6a62911fa4d48447380d8c0ea79a7139219d3922b2fca5ad8a602730fec089999e6c12ffc54128fa24ca2c26081a045baf705fbc38ae705ec78d08c12828102b29783f6680135da7287eec70e793bb5f54daf338b51413d28c6d3e771918775eb440725b9f945de11f0adef8a46e9b0ea1a9e44a0aae066e547426818d86c4d513a018c201a504994b992f3203589bd6ffc0b35d6df8957ede133c78d70170c0be2e9a43fb9f439defef8eb757ab0c824c4458c35b8abaadec02a0b7e119d80c374e18453252049595a25d3b5b4da67cf724ac10233cd337e4b58a7464d44211c6a29ef54137293febe500d1168def01f9df1f1682b3d57b8f44be1532c267b3112853cb1da2100b06ad37174fa3e9d9878488563a7fdc309ff8f7f0f9d177fd78d300e50c5de881d75ea30f438714602c5475012c718bef75c6ba9456429d6ab149e4a742fa68c9fbc06761691642cf009a6d2c14974753f46a1f0039a3c306230a2a4f2b7f2b5d3e39f250d47cb848faee969d7bcb9bb534f370aadb23516fbebf7dcaabbe7ceec0bc99e042a3166cc8a7ad5a8c45d3c0e00fac18c0ad598e4f70e9e5f3978c174b95f7b99a6f98e47b3d78c0583a322e7291d113eac3071ec9e637f3e0e9c15a57a3b98875e6036481580cc773a5da1ed3ab97c58b95a37cb893fa0a6ac63ecedb8f229c6f5244fe428b4e1a299c9270f989c950d5813a2bd43b5131b35b9cb64a10b5ce4c21eb9f7e7752d32b19824be899e9f6880d02db9b780fa536d15976b92305110a136ef48cd4b17e6aaddb4d472e067dce6dbd3c3cc1a30cff40a118f8ceacab0d42ffe0a25170d785ab004ae148aca5ab5655ad2191aa11f098ee8f617068c6aaaaece4936c3ced4bd12cb5bd556af1115e1646a50dde5bdea4c5c08f612978c4df7f00d01e7ba6691c1d446bc98db20862ce3fe4f81e2d6de9fcfc3fcc7083bc8c0cae6932a99f0a177a18847a0d10c211ce5d24fd990864b61b4139419a757285d1b8c8be2032a1e74825de8e35370f3acb17149a2a0e6c783f25a7f2dd9b1e177ca33d7bf157f2f0451ce217f8099de012f31cdcdf49b96d2a7250783120fbd20376603d0ebccc7df988b8fad896e8242e12ed96bc85353fbf17ee35d545442e79f9f0479832e21a094e2c33a769f55c3535971bd9f2a583ddc722580f2cfbad7fb70b5be835b0d4bc205db6e3ef6d74f60118f61c8e89a5b616f8185ffc59952fdd31a9f7e491ccd98e78596162a822a855c7a451493b245304145054be8825be32ab1a0f0add6a843b873a057fbb624a304ac4b5cea0d1d60904c33ae6d84b21ceda522422c4b54de1565eccba377f823fb89381d51e2574a84276dad19d7a5ab94bbb8b14c3f07b5034a9fc65a8d3e580783678cbf11ed618d2786e77ea25a793ceb1e4a65440391f25541bae4877a5bc142751f4ff8f1780a2d9d1927936c49e3085ad2773eb9b9d14218c2bf402f0dd6ca830efa69dd8513c72734e8ceb98af7aea6e202b0f5e82b37"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "29dea41f30920e8e4dd5ed006bc3a4a77c0e525f39f47f4c740fba8d4ae25d943e26c9d9b815d8b064103853001491474787bd947a80be19eb0e21ee7f96c60cb55315f3ec5fb4392a17d6a7b761717252a7912bbe70671aa321ace131c3551fb045e270e4b7e738d0a23d502b2bb42ec81cbac4b69b12cb741a178e63d2df85360847414cbb334af51cf1567551464259bf570dda63aeb21fdad77ec3fa3c10fc71a1769b999c0fab15e22b14527d4c5aee3ece1e80e5331e2503a76eab8558c9bdcef5280413c78dba5e7c82a45160efecdb66c0c6997ac0aafea93a43783f98bc98e01dd9f3cc4eebea6fea1c5bbb99b9cdad2d6feb3b6df61a972894802ad4994f8daa86a34f67591111968579ae8ae8f4244f34e3dcb0cc5587de6df2d5754902edf50c9ca453f822ca4a6b1ac4980f1195a198ad643f129aa6d643f6bf21b34f10e875723dfc48627530673566102ed744148df396fc658e76fc7bb4cbe31047bc84fb4cda3f23147c9c08bec6d46ec83d7d2f7aed143fe134287b8cc6be2ae5a25e11fd814dfa1adc27b5d0b2a0d686905e19531bd08c321bd99fd6a2bd9fd3eabf2094eff82525bf011ede66c29d624f4c44dc55834b6ddee138f582f8a54a29db3be1757f51d3712c21c872feebfffa417ce2292c7a8501f47bc74dea270a2c4817111da22e571781e0ef0cfa516ee520248ef617edb144fd2975623f00458cbe1ad07963f4de9939820dbc16f3e3b4d1ad1795a4a913f59810e03af00008431c41aded094de67c1a4bb7d6decf1c7a2cafc66ee76bbae10a7a78f18e1b1d0cfe7f1dc02b664782748fcdee6ec79652c1dd5e9e755bfd7024ab1a5f45b44e07d6221b416cea65fa39a02231d9366f80b00347c1eafab05e5ff99dfdec9d48815255e0defe4c92e149b9c3d44d7bbf5f231d2ae8906ee89972eec28506b5c972ef12527e33a733ea7d4a12294a4fcb915b273b3710a5075782573e8eaba40d4606347dadf8c19b99099666be9fb36900c4ee07569097df37430ba6ff7a452c4bb574c7d8451ed1fb533abe210c4135e590f6ca30f879ac1b12bdf0eb7e9cc7097ebc34390cf919c5967b75cf507ecf640da44dee9e669c4c44bfdbd67ae4e80cb9e574a5500226959aea71d027cb66c80ab5bb6d9708f721c0938a4f9276af3a531f7b1459d2dba5fe653511aa5bc84a7beaba8ab646fe6f17f5baa287be5440d8642cc6f7876c94f59d59a54839d89e3bb9fecc0dc17144672c76977adc24658d4ca89bb90cc4fbc97abd350cfd33ea1900ba1ff198f268243f78e4889c8ca7d5965b2630f2e31900a854d2b4ddfadeffe3a94fe3c11d2f653115f539910b4f8da8017a5a2422a35f411d12fd74e18a76802291edd9f5c314965c25e98456c812c16f5450aa7307ed14bd46d501d58a6508909764773aaa9a29dd7bc0e02cf50624e5c3561e38ae39f124b288e0eb144e5b11b8847ad7fafe8cfd6e759ba7ab9fee19cd4072d7c86e0c32d9c27adf2a899c0ea120d5041a1162375bf831f8afe01bd35d9bef207801afa085a1005ccf5ee21692020b16d8ce73c87412f0e887654c631d7f95df38f125b2d1956b7326eef0fad16f0a7d05a4d6d849a5507df4dfe9a6081af43e8c8f1e0254669657501453bb900774eece75426b4b512a09326936c1e586381b67f8f22de7ac1eef4d853334d0822e6207c41b089a8602e5d0001b24153a48bb57d08763ef2ca912bc53d469ec750b83829dfc3f09b045f534e0565f20dd7fba3f7dd86aa9a0a8e379e53daa00c23943e6f5af99c4fc9f74c59db887c33f9862b7f5ac5327ca8c71871c415bf6685d75bb057880cf569527f249cb0909792013e091644a9d22df9b6b99a645a9641fa91bd4140bad1eeec5959e507454c0f1d05755cf83449d2d1688a6ab4cccd6480a3235f19a1e21690adb8b931b228b1bd0ad53444319f2e254f52bb33a02841be123f8ccfc2cb67e782c0b63954ad495a017ef16a6ff150c1987aa9b573e111115fe1f196e95cb15d0aa6f90671462e319ec34ab5416a71975851c23c1782b85a7325cb394b5a5015fc7b1b1f92b57efc258a51ec050d45fa0218affe832d6ab8c2383461fddcb500e9f08fb7023f839064dfc5a324b07e32f0e359a7650b9cfe8df7ff6bdf3462c50b90f4064dbf2a652448f4a814ea1f67d74a846076a855cc8c7e90aa28db8d5dbfe2f1ebcb61b8b01d5fc238b7d4438209e736b5cf6e26fe42877ed89332178a7ae2d09fa9654d8269630915be1aff4792b9d2fe8d9ccfa9c6b81324b4424c9221cad8c6ea2ea0ff6442459a423ff0d7e58379d4ba09d6316ce3951b3b8b49a8ef3e445817a755ce34f302aa6bea695a801c81a04b520d8b0b27927729f310dbbfaa27ef8f22d318917adc09e109627e52f8d8523691f79bbe760fd2067068fa1dad18041400d0bbd98570e842a2119274db8ab836936d4f4672f7d6765a15153800a3107022615381c41869a857423a023f2c48c7797e6087c9068a6837611169945f680fd89d436e0d1addd6912367ad5ec4411e60955ae175f97e4075086c77d90cc5b42b240b4984f4cfacf36cb912fd3990a31c19f0d9ed23b2d3bc3396d01f5d28b39769dae6100e2972adc05f28debd709bdcf97bf1c46c956588023b916e324f227712eb29218d45915d096513e5e0982d70060cafcbca429fbb826ffc72340a6c4c1b043a73384eed5985005289a29efe69a1f78b7643cd8c4ac6c2a47513d6ec5a7f1300582fc6c0fcc489661a5ef4acf3b3864bf0948dec079a00371c3a8a8af85f0260f2ca316134a5a84cd8d0b82c65cef2eb565533b3aa8994533b04df657ffd7ece37dd67d7d72bad9fe1b616f18133c135835b01b659b45ce0fb45ad8ee5ab0d33d27e47e4d9deb9632bd066eac82300693946662836a71fe2b87e67069d5cbae543520e8b866f1a7527c78ff32ed3f6337de6e2ac61f456a9a2a43bc036ac8ec09f80587341ff348a29c6b2344095e7c2d57bdd5de572cbe02ce4fb2fc6422dc4e67c717f74efe98625deb8f778439f59c9cbb6212ebac95815d1abf9e620136c72047216d34d9c4723380378934a5d8bb94bdb8104e3ffe333295bf43bec1b6a849c01e87b92697c87639163ac0445db138cd4190d9ee6544ed149135df327c8819ad6bdecdf7f93a0e0f4945129bbe6061df5ccaadd94e69120f86f723403e5fe00c12e1cf519a0e4eb5031630af8a650bef75ae8b2db57c7d14549d4a9d53c118d4c0b28d80755b95d7c4f7671698333a474c84dc3ec567b2ff477cb740c95ea21890839c92bfb6d70a50a63eca33ded19d86890aba71b183847a2647265ca5bd79f39fe9c0695d5eb7bb54ea73447c729e88fe46358c8d991d69ad19403f4eda3527e714d102ab46e036bb5113393ce64bcf687e167c282fb82d42b838d245e8978a98de7ddb681a684b813d709f08034d83e4a7a1dbba45bfb9ae27e207d99d2ce7941540cdea0a3c538fdb7edefc729f189eaa723d7bed6961886872d6758692e311272a2dc34d70eb9195a92f392c42a92404cdbf1d7bb5d30af55642f2e550b5f41ab301e99301f521169cf8a39cb8d0bf4efa98ec4bbc7aab0760b50c6277ff41f7228f5a6bc7e48fd5af5c5d09f794395390f239043d8649e78e26c5d7505a97df610b537335c5a36be6f52fb2dd52391de2c67004cd624f7e2aaeb0b44f1af844e3b98d13f39d8d625b7e9155d9df8fe5b7cf1db737a51504bdb06c61f0ec25e9dc68499407c9ebdd20d3d3b43db9925912fd8991b6490c8700676e5cce04365a2668f8a02eeb1b821b6fb0b3135daade491806acd76bb6492a79970d8b82a3d7ef4377256904c20da3105e97730a3fc1d3429c39bd38b7b1b7cc45c38a97679d43d49a677ce1e5c15e0e7331e8a5cfbdbcab8bdd0c0f4e93cc714f804eb0ddfdc93ff29db33f08afce11d7af9d60033419e6347e5345b4e2cc454263ba3f8ae5e6c20f2662f73af06412edd9a408d8305c667c6efcfdc3c25237750a74d562314ccb00484d8298e5a6ee88a5331b08702eca1e63fa2de9e3aa45d63bc4bf228ab7f0142507e492fe0890b9a02afea525f95f36a16790e72bb61d9666158b6c105b1265f47b2e0c2c9df1eab4ae75c864af441b48db83802ba77e76ec44c1552518c8d494e25d88d6bade390be3580ff1ccd8ec7d1b543341dec12d2aa7b2466a47a677bd672b56298ea7ec369689c8d8647ddc948f161d034cf1eb94be5b1e11c37e887c6f798acbeaf4b29093f3167e196b035394be991d93a3f70abb81834d9924c6f3288d4cbe32d4749d0433577ed88485b2576166eab7a7af04973276440103f070d1e22032c1c9b7e27c59eafc2261af7887ea60adc7da9880bdb52f025d1fb3ec5a8e936df18b64b8b498da2ff16a46b61c5778ee2899d4d85a2735bb72175d1f581c4486dc4de28e0c830d1c22a43cd1a0b3ebf3b414f3319f6cf5c7b454cafe85f766968713268efa4fdefd029416a27ac5169b5262c83b0e45552a7003b8500e7fee6721d631543e7dde38eb88cca2f631dcb3856b938926db9df2aa59ebdf1aa9b78ec0701607093698fd3a645eae627c3013d9fa09dc22bc72a541ad11e45e7af33dd620a5284d50b4310e4d103fc67b008a3359518195c94d3ce7120c323eb041b58d44570a686660cc659fd09e5fded77738cae2ff1fa70a47c250aaeeb61a6e09fb163e220ed7f349869d3daea88994d8ff068c4279e3f62dd1bdc92c596dacbebc3a0b81258d73ecaee9fcc0fba8225fde410cb2699196a46fe408faf5240747ff004871395e5c4fa1a696b0640dff10cb1eb19cce9669f3df32ca9fc8dba45005a1ee9739779c512e31c3c7fb49b9b8cefd1e9b635d812bc802dc632513aabd8ada07fc5616b684f48e66b37df86299adf711f5136107962800aed4868930e4443f0cbd87cb019752e1fb527002d46dac57d62c937647f3109f59dadd6fa9cd05c4aeb852eb2021ea5cf6ec68dfa59bbc4d0ceae9a375cdfae3e1f29d4e52bb696d6534d9a4bb1914d38f278671f21f76bb6ffebdaed0a773dd5c38c9b507651f24017888e8806fc49fe53904d41dbbfbe6aafc7d2de8b7c80f1aac2733557fccb19720358f620f99d5105debf38b4062b345c703a9da0d1175dc254e4866543352de10e5c1106f28f4965f5b5b0fbeeeaf04e0a4afa25d5292166793853fc0da83002ef5b8938c558faa528a29886b2b9d21ac4d697afa71e11e1d568eb6ab4332b5d2343d8c72960fb8f8bb9e01d2565eb361248cd2289b52aebfcfc17e3fe68f851e79217e2a3a65d14f88727ce4f93770ab2a7c93b6eb1ddf814ad6995b81d2e5d17c727349872641d49ff40afb2fcd00bdfda7159125a3ad046b5746c771eda14b68c7db6156c785d7247902d727fcf68b1077976673ffb3aad03d00b28f8dc3793555ac0a0cd18cbfb5fac9e16028012434fb8ec11dd58444b3f812f4dca10ef74d315ef604d94fe12827bd88d81e332cea83cc4921a5074f0e2ca81985b9bdad2d637540ace1133c0325c09f1e1551feb7f008d2c0d2e34d79ca650ad42dd113b797f929fb8f40bff1275d3fc667c57a12ebe664491ebc04bf36e844a6371f4739c15629e36ea21ac678ed94ed4fe51f64cbe2fc569e09ae1dc3e501d29fd0edc080dc73ce310313ccced24a5d982b53b4e2155d5c05049a2a2cc38186e8cfaa23c6cec1e8afe5dbca048f6759a06e492efd9d3b4c648a67e74ab195d636ca57d4b42b"}, @NL80211_ATTR_TESTDATA={0x101, 0x45, "cef0f3be83e3b4ad705e0361049c0c61545e461633b97d57110eea476f5224aca5abac0a66b956ef7c48bca966ac6a2f5ec7cea60ee0530f551d791d13c2ed235994ce41e98cf89ac3ff59dae6ccec307be326f53d520dd1a59de01db0cd8ec0004c1ed4f4b87b5cfe0be91d091addf10b8adfc3208edae7375fcd72a60be821978560f17f2a4e409f4fc238163c67f246a62af15d87fb0a74fb7f3a5a7ca7f74a774af7ecfe22f013ce679ec093f0632dcd21e7cc60cbe0743a0af1ecfd65092c82d4b0d77f749d63de2e05e59996980c8eaccd5dc6210c486e6aed07578ec3b298ee1fa7951d149ec140a306cd3b6981afd29a0f72a287bb6f334b05"}, @NL80211_ATTR_TESTDATA={0xb, 0x45, "f38a98eee4a6dc"}, @NL80211_ATTR_TESTDATA={0xf0, 0x45, "7b0dd78344a15cd52b9a98693353247edd39587e87dee3faeac8fa0727f09cfa45012d7ff03736c862c5d0e3eb3a4b5e3a5af79ca7ccdefb25e6421ccb182e446a2005bbe235f4c0752455205fbef06532520a22ebc96384690b10dfd05b9eccc1b3dbac986eedd1090917bbaac9cfd7baedeb07c444c2d576f97da3f6eabee1338b6102007778809f96549c88f7658fafce7f492489717ed6bd1c2541a98ad49f64fc04b59a2c8566537b49b2fc961523ccec3739cb17bce946fbdcd43a772f6f37570182ea370c978cd9be45a48abef64b541393d7d80cf2acb889a90b17c5abf73e253eefcede6ac7a5ae"}]}, 0x242c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000004) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000d00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000e00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1784.810207][ T6229] FAULT_INJECTION: forcing a failure. [ 1784.810207][ T6229] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1784.834829][ T6229] CPU: 1 PID: 6229 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1784.846289][ T6229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1784.856336][ T6229] Call Trace: [ 1784.859651][ T6229] dump_stack+0x1b0/0x21e [ 1784.863969][ T6229] ? devkmsg_release+0x11c/0x11c [ 1784.868895][ T6229] ? show_regs_print_info+0x12/0x12 [ 1784.874076][ T6229] ? kasan_alloc_pages+0x4a/0x60 [ 1784.878998][ T6229] should_fail+0x6fb/0x860 [ 1784.883405][ T6229] ? setup_fault_attr+0x2b0/0x2b0 [ 1784.888420][ T6229] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1784.893783][ T6229] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1784.899316][ T6229] ? find_get_entry+0x5da/0x670 [ 1784.904157][ T6229] ? xa_load+0x323/0x340 [ 1784.908391][ T6229] __do_page_cache_readahead+0x244/0x510 [ 1784.914018][ T6229] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1784.920418][ T6229] ? unwind_next_frame+0x1c07/0x22b0 [ 1784.925690][ T6229] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1784.931396][ T6229] generic_file_read_iter+0x626/0x20a0 [ 1784.936851][ T6229] ? find_get_pages_range_tag+0xae0/0xae0 [ 1784.942560][ T6229] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1784.947927][ T6229] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1784.953982][ T6229] ? avc_denied+0x1c0/0x1c0 [ 1784.958486][ T6229] generic_file_splice_read+0x491/0x780 [ 1784.964023][ T6229] ? splice_shrink_spd+0xb0/0xb0 [ 1784.968953][ T6229] ? security_file_permission+0x1e9/0x300 [ 1784.974658][ T6229] ? splice_shrink_spd+0xb0/0xb0 [ 1784.979588][ T6229] splice_direct_to_actor+0x3cf/0xb00 [ 1784.984948][ T6229] ? do_splice_direct+0x3d0/0x3d0 [ 1784.989951][ T6229] ? pipe_to_sendpage+0x300/0x300 [ 1784.994959][ T6229] ? security_file_permission+0x128/0x300 [ 1785.000661][ T6229] do_splice_direct+0x279/0x3d0 [ 1785.005483][ T6229] ? splice_direct_to_actor+0xb00/0xb00 [ 1785.011122][ T6229] ? security_file_permission+0x128/0x300 [ 1785.016810][ T6229] do_sendfile+0x89d/0x1110 [ 1785.021285][ T6229] ? compat_writev+0x390/0x390 [ 1785.026024][ T6229] ? security_file_permission+0x128/0x300 [ 1785.031728][ T6229] ? vfs_write+0x427/0x4f0 [ 1785.036123][ T6229] ? fput_many+0x42/0x1a0 [ 1785.040422][ T6229] __x64_sys_sendfile64+0x1ae/0x220 [ 1785.045590][ T6229] ? __ia32_sys_sendfile+0x240/0x240 [ 1785.050858][ T6229] do_syscall_64+0xcb/0x150 [ 1785.055335][ T6229] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1785.061200][ T6229] RIP: 0033:0x45dd99 [ 1785.065075][ T6229] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1785.084654][ T6229] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1785.093033][ T6229] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1785.100984][ T6229] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000041000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:10 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket(0x1e, 0x4, 0x0) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x83a, 0x10000) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:10 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) open(&(0x7f0000000080)='./bus\x00', 0x402, 0x40) r1 = socket$inet6(0xa, 0x4, 0x3) close(r1) r2 = socket(0x1e, 0x80000, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000201000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1785.108924][ T6229] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1785.116879][ T6229] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000032 [ 1785.124819][ T6229] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:10 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) utime(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)={0x6, 0x6}) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x7f) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:10 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) sendfile(r1, r3, 0x0, 0x3c6b) 03:04:11 executing program 2 (fault-call:8 fault-nth:51): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x81) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x48540, 0x0) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/timer\x00', 0x841) ioctl$BTRFS_IOC_QGROUP_LIMIT(r2, 0x8030942b, &(0x7f00000000c0)={0x80, {0x12, 0x5, 0x4, 0x5, 0x6}}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x9, 0x100010, r1, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000001100000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x8000000000, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f00000000c0)={@dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8) close(r1) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, 0x0, 0x3, &(0x7f0000000180)=""/73) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TIOCSIG(r6, 0x40045436, 0x35) r7 = open(&(0x7f0000002000)='./bus\x00', 0x94c02, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000001200000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) inotify_init() write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x6, 0x81) close(r1) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0xba805a7829c15d4a, 0x0) write$cgroup_subtree(r2, &(0x7f00000000c0)={[{0x2d, 'cpu'}, {0x2b, 'cpu'}]}, 0xa) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = dup2(r5, r5) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') dup2(r5, r7) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="bf60a85638000000", @ANYRES16=r8, @ANYBLOB="01000000000000853aeef600000008000300", @ANYRES32=r9, @ANYBLOB="0800050004000000140004006970766c616e31000000000000000000"], 0x38}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) 03:04:11 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0xc0000180) read(r3, 0x0, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsgid(r4) lsetxattr$system_posix_acl(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000580)={{}, {0x1, 0x4}, [{0x2, 0x2, 0xee01}, {0x2, 0x1, 0xffffffffffffffff}, {0x2, 0x2}, {0x2, 0x5}, {0x2, 0x2}, {}], {0x4, 0x1}, [{0x8, 0x1}, {0x8, 0x0, 0xee01}, {0x8, 0x0, r4}, {0x8, 0x2, 0xffffffffffffffff}, {0x8, 0x7}, {0x8, 0x4, 0xee01}], {0x10, 0x1}}, 0x84, 0x1) r5 = creat(&(0x7f0000000100)='./bus\x00', 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) r7 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r7, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$unix(r7, &(0x7f00000000c0)="902f85980291673debd91cf022cca4f4d8866cb6746210426663d8db24a7c657c7", 0x21, 0x20000000, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e24}, 0x6e) [ 1785.335258][ T6269] FAULT_INJECTION: forcing a failure. [ 1785.335258][ T6269] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1785.366257][ T6269] CPU: 1 PID: 6269 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 03:04:11 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x9, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffffffff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x401}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x200000c1}, 0x4011) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000080)={{0x0, 0x0, 0x3, 0x3, 0x8e1}, 0x3f, 0x3, 'id1\x00', 'timer1\x00', 0x0, 0xfff, 0x1, 0x4, 0x3}) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1785.377718][ T6269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1785.387758][ T6269] Call Trace: [ 1785.391040][ T6269] dump_stack+0x1b0/0x21e [ 1785.395360][ T6269] ? devkmsg_release+0x11c/0x11c [ 1785.400288][ T6269] ? show_regs_print_info+0x12/0x12 [ 1785.405477][ T6269] ? kasan_alloc_pages+0x4a/0x60 [ 1785.410404][ T6269] should_fail+0x6fb/0x860 [ 1785.414812][ T6269] ? setup_fault_attr+0x2b0/0x2b0 [ 1785.419824][ T6269] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1785.425177][ T6269] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1785.430690][ T6269] ? find_get_entry+0x5da/0x670 [ 1785.435547][ T6269] ? xa_load+0x323/0x340 [ 1785.439758][ T6269] __do_page_cache_readahead+0x244/0x510 [ 1785.445402][ T6269] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1785.451787][ T6269] ? unwind_next_frame+0x1c07/0x22b0 [ 1785.457041][ T6269] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1785.462728][ T6269] generic_file_read_iter+0x626/0x20a0 [ 1785.468224][ T6269] ? find_get_pages_range_tag+0xae0/0xae0 [ 1785.473913][ T6269] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1785.479258][ T6269] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1785.485292][ T6269] ? avc_denied+0x1c0/0x1c0 [ 1785.489765][ T6269] generic_file_splice_read+0x491/0x780 [ 1785.495279][ T6269] ? splice_shrink_spd+0xb0/0xb0 [ 1785.500189][ T6269] ? security_file_permission+0x1e9/0x300 [ 1785.505874][ T6269] ? splice_shrink_spd+0xb0/0xb0 [ 1785.510777][ T6269] splice_direct_to_actor+0x3cf/0xb00 [ 1785.516120][ T6269] ? do_splice_direct+0x3d0/0x3d0 [ 1785.521111][ T6269] ? pipe_to_sendpage+0x300/0x300 [ 1785.526105][ T6269] ? security_file_permission+0x128/0x300 [ 1785.531787][ T6269] do_splice_direct+0x279/0x3d0 [ 1785.536628][ T6269] ? splice_direct_to_actor+0xb00/0xb00 [ 1785.542145][ T6269] ? security_file_permission+0x128/0x300 [ 1785.547830][ T6269] do_sendfile+0x89d/0x1110 [ 1785.552341][ T6269] ? compat_writev+0x390/0x390 [ 1785.557083][ T6269] ? security_file_permission+0x128/0x300 [ 1785.562769][ T6269] ? vfs_write+0x427/0x4f0 [ 1785.567150][ T6269] ? fput_many+0x42/0x1a0 [ 1785.571448][ T6269] __x64_sys_sendfile64+0x1ae/0x220 [ 1785.576617][ T6269] ? __ia32_sys_sendfile+0x240/0x240 [ 1785.581869][ T6269] do_syscall_64+0xcb/0x150 [ 1785.586339][ T6269] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1785.592199][ T6269] RIP: 0033:0x45dd99 [ 1785.596057][ T6269] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1785.615628][ T6269] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1785.624017][ T6269] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000002000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1d, 0x80, 0x20, [{{0x9, 0x4, 0x0, 0x1f, 0x1, 0x7, 0x1, 0x3, 0x6, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x1, 0x1, 0x9}}, [{{0x9, 0x5, 0x82, 0x2, 0x20, 0xe6, 0x7f, 0xff}}]}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x300, 0x81, 0x9, 0x2, 0x40, 0x81}, 0x5, &(0x7f0000000100)={0x5, 0xf, 0x5}, 0x6, [{0x69, &(0x7f0000000140)=@string={0x69, 0x3, "13b34f1cb6b9a1e8bc5b0fb4d029d62cd12ad75b59c5f0faad96d165213cb19b8fe14d0772e712055103623df6ef2b2361dfe2add16666413584c18178fd6a824b0e4aa873a8b3cfb9bda78bbe9bc7263715bc4cef1f9093f67a24826c94c836cfa59eae5576ff"}}, {0x8d, &(0x7f00000001c0)=@string={0x8d, 0x3, "307f67d56b45a06c0950b776286c3c505c48694090c020a39ae91792b4570bb316c2bbc654e3476fef8cd41999e3910a0ce1242bfb6c0effb7e3b8aee1ebfc7e1cf6f01cc0630b3d8d5b7b70ceef4d44a5edae799cb6c02feaa99eb8b372328796253bc6c71479fe350ce2a8932877397bbdaf7f83b8875fd518d0f859da59337df9b086ffb6c4232c96ab"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x443}}, {0x72, &(0x7f00000002c0)=@string={0x72, 0x3, "0033a80b1b4e3268a98f8b0b555087e92948995ab08ba79e8f9a16d2294da452ca6eb0f64de75f3c46a0e46a613b0d0db80a249728bb9025a2c63afaa5c550e64536281a1862d84ba88d6daf36359a07f891a3507ced47e92cdfe2c01eb15e43ad4926ad65341eb5706fd78027a00fdc"}}, {0x19, &(0x7f0000000340)=@string={0x19, 0x3, "0b0cc33d282855bd56a449b06811b895d80addc352ed7f"}}, {0xf5, &(0x7f0000000380)=@string={0xf5, 0x3, "d8696c3eca0dbd42f6a3bd86341fc3a4611ae8ecb5308ea257757c90bc823b5798f75551862c322d5c3d5c44221f6b2db8ee37487d2c6e79fa9e73dbe8decf1c5e411f17f1da498101b8c48c3a66593ba8040280d8be905dd518045c4662e7d601e430d43c189f9ed29cbbd619a774491876acc8a030d4139afe3ed0bfbd131cc6e626722f465f07322385f36ea49fdc195f29bf9499bf1391676161215fdfd2c2deea5fc20e40af1c64a106939724296ee5f18af8261c4661ff2cb7d6bc7b7795a7ad7da8517aecab1e79754ae9ea24ae4b45383948569efc08b8ecefdc359f060e16a812cbef1a91ac891bb7825ce40a3279"}}]}) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000102000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1785.631958][ T6269] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1785.639896][ T6269] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1785.647833][ T6269] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000033 [ 1785.655777][ T6269] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000002200000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 2 (fault-call:8 fault-nth:52): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000002500000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r0, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004043}, 0x4000000) r1 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r6 = syz_io_uring_complete(r2) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r5) 03:04:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000002e00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:11 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x4, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = accept4(r2, &(0x7f0000000280)=@ipx, &(0x7f0000000100)=0x80, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r4, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10000}]}, @TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x44014}, 0x80000) r5 = signalfd(r0, &(0x7f0000000080)={[0x1]}, 0x8) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32, @ANYBLOB="14000400"], 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_SURVEY(r5, &(0x7f0000000180)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x1c, r7, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x800) r9 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r9, 0x0, 0x200fc0) [ 1785.866279][ T6316] FAULT_INJECTION: forcing a failure. [ 1785.866279][ T6316] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1785.880670][ T6316] CPU: 0 PID: 6316 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1785.892119][ T6316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1785.902155][ T6316] Call Trace: [ 1785.905438][ T6316] dump_stack+0x1b0/0x21e [ 1785.909758][ T6316] ? devkmsg_release+0x11c/0x11c 03:04:11 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self\x00', 0x100, 0x0) dup2(r3, r4) sendfile(r1, r3, 0x0, 0x200fc0) [ 1785.914687][ T6316] ? show_regs_print_info+0x12/0x12 [ 1785.919872][ T6316] ? __schedule+0x8ae/0xe30 [ 1785.924363][ T6316] should_fail+0x6fb/0x860 [ 1785.928772][ T6316] ? setup_fault_attr+0x2b0/0x2b0 [ 1785.933789][ T6316] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1785.939155][ T6316] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1785.944687][ T6316] ? xa_load+0x323/0x340 [ 1785.948919][ T6316] __do_page_cache_readahead+0x244/0x510 [ 1785.954540][ T6316] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1785.960941][ T6316] ? unwind_next_frame+0x1c07/0x22b0 [ 1785.966218][ T6316] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1785.971927][ T6316] generic_file_read_iter+0x626/0x20a0 [ 1785.977378][ T6316] ? find_get_pages_range_tag+0xae0/0xae0 [ 1785.983088][ T6316] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1785.988445][ T6316] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1785.994498][ T6316] ? avc_denied+0x1c0/0x1c0 [ 1785.998992][ T6316] generic_file_splice_read+0x491/0x780 [ 1786.004534][ T6316] ? splice_shrink_spd+0xb0/0xb0 [ 1786.009464][ T6316] ? security_file_permission+0x1e9/0x300 [ 1786.015187][ T6316] ? splice_shrink_spd+0xb0/0xb0 [ 1786.020107][ T6316] splice_direct_to_actor+0x3cf/0xb00 [ 1786.025476][ T6316] ? do_splice_direct+0x3d0/0x3d0 [ 1786.030488][ T6316] ? pipe_to_sendpage+0x300/0x300 [ 1786.035503][ T6316] ? security_file_permission+0x128/0x300 [ 1786.041206][ T6316] do_splice_direct+0x279/0x3d0 [ 1786.046045][ T6316] ? splice_direct_to_actor+0xb00/0xb00 [ 1786.051584][ T6316] ? security_file_permission+0x128/0x300 [ 1786.057291][ T6316] do_sendfile+0x89d/0x1110 [ 1786.061785][ T6316] ? compat_writev+0x390/0x390 [ 1786.066545][ T6316] ? security_file_permission+0x128/0x300 [ 1786.072256][ T6316] ? vfs_write+0x427/0x4f0 [ 1786.076659][ T6316] ? fput_many+0x42/0x1a0 [ 1786.080974][ T6316] __x64_sys_sendfile64+0x1ae/0x220 [ 1786.086159][ T6316] ? __ia32_sys_sendfile+0x240/0x240 [ 1786.091437][ T6316] do_syscall_64+0xcb/0x150 [ 1786.095928][ T6316] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1786.101803][ T6316] RIP: 0033:0x45dd99 [ 1786.105685][ T6316] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1786.125265][ T6316] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1786.133702][ T6316] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1786.141656][ T6316] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1786.149595][ T6316] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1786.157538][ T6316] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000034 [ 1786.165477][ T6316] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:12 executing program 4: ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x2, 0x35400000, 0x44, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @ipv4={[], [], @remote}, 0x80, 0x10, 0x6, 0x3f}}) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:12 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KDMKTONE(r4, 0x4b30, 0x6) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:12 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000003f00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:14 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x82100, 0x0) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000000c0)) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r1, 0x0, 0x1) 03:04:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$DEVLINK_CMD_SB_GET(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x24040040) 03:04:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000004000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:14 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000080)=""/232, 0xe8) close(r1) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x121100, 0x14) sendfile(r1, r2, 0x0, 0x200fc0) 03:04:14 executing program 2 (fault-call:8 fault-nth:53): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:14 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x4e402, 0x56) ioctl$UI_DEV_CREATE(r0, 0x5501) setsockopt$inet6_tcp_TLS_RX(r3, 0x6, 0x2, &(0x7f0000000080)=@gcm_256={{0x304}, "9deb8ee8080c4903", "44fdf434f7b3291d1516ce5650bfdffd37118037e45cffc3e433e183ad6e4560", "b0cdc20a", "cadf3647b00ddaac"}, 0x38) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000004200000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1788.761369][ T6359] FAULT_INJECTION: forcing a failure. [ 1788.761369][ T6359] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1788.787837][ T6359] CPU: 1 PID: 6359 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1788.799288][ T6359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1788.809327][ T6359] Call Trace: [ 1788.812606][ T6359] dump_stack+0x1b0/0x21e [ 1788.816929][ T6359] ? devkmsg_release+0x11c/0x11c [ 1788.821856][ T6359] ? show_regs_print_info+0x12/0x12 [ 1788.827038][ T6359] ? kasan_alloc_pages+0x4a/0x60 [ 1788.831962][ T6359] should_fail+0x6fb/0x860 [ 1788.836368][ T6359] ? setup_fault_attr+0x2b0/0x2b0 [ 1788.841384][ T6359] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1788.846745][ T6359] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1788.852277][ T6359] ? find_get_entry+0x5da/0x670 [ 1788.857112][ T6359] ? xa_load+0x323/0x340 [ 1788.861343][ T6359] __do_page_cache_readahead+0x244/0x510 [ 1788.866965][ T6359] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1788.873365][ T6359] ? unwind_next_frame+0x1c07/0x22b0 [ 1788.878637][ T6359] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1788.884341][ T6359] generic_file_read_iter+0x626/0x20a0 [ 1788.889796][ T6359] ? find_get_pages_range_tag+0xae0/0xae0 [ 1788.895492][ T6359] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1788.900829][ T6359] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1788.906858][ T6359] ? avc_denied+0x1c0/0x1c0 [ 1788.911332][ T6359] generic_file_splice_read+0x491/0x780 [ 1788.916843][ T6359] ? splice_shrink_spd+0xb0/0xb0 [ 1788.921753][ T6359] ? security_file_permission+0x1e9/0x300 [ 1788.927444][ T6359] ? splice_shrink_spd+0xb0/0xb0 [ 1788.932357][ T6359] splice_direct_to_actor+0x3cf/0xb00 [ 1788.937693][ T6359] ? do_splice_direct+0x3d0/0x3d0 [ 1788.942683][ T6359] ? pipe_to_sendpage+0x300/0x300 [ 1788.947676][ T6359] ? security_file_permission+0x128/0x300 [ 1788.953361][ T6359] do_splice_direct+0x279/0x3d0 [ 1788.958177][ T6359] ? splice_direct_to_actor+0xb00/0xb00 [ 1788.963690][ T6359] ? security_file_permission+0x128/0x300 [ 1788.969376][ T6359] do_sendfile+0x89d/0x1110 [ 1788.973847][ T6359] ? compat_writev+0x390/0x390 [ 1788.978577][ T6359] ? security_file_permission+0x128/0x300 [ 1788.984317][ T6359] ? vfs_write+0x427/0x4f0 [ 1788.988699][ T6359] ? fput_many+0x42/0x1a0 [ 1788.992996][ T6359] __x64_sys_sendfile64+0x1ae/0x220 [ 1788.998164][ T6359] ? __ia32_sys_sendfile+0x240/0x240 [ 1789.003422][ T6359] do_syscall_64+0xcb/0x150 [ 1789.007904][ T6359] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1789.013876][ T6359] RIP: 0033:0x45dd99 [ 1789.017746][ T6359] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1789.037337][ T6359] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1789.045715][ T6359] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1789.053655][ T6359] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 03:04:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000004800000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:14 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ftruncate(r1, 0xe0) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = openat$cgroup_subtree(r0, &(0x7f0000000200)='cgroup.subtree_control\x00', 0x2, 0x0) sendfile(r4, r1, &(0x7f0000000240), 0xf681) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r6 = socket(0x11, 0x800000003, 0x0) setsockopt$inet6_buf(r1, 0x29, 0x15, &(0x7f0000000180)="a491083a235076920d8e3c04bcf238655af1fb3dc2823d6753ebc680d0f0bcfb6d74e022f4511ce5095d4e5941c68c5b02d279e02be3375761ef4d55bb42ec000222c28821f0d04b16c5db954977c4f6955123860e19c3f99df60daa5a2261d511637dc979b70578e4", 0x69) bind(r6, &(0x7f0000000100)=@hci={0x1f, 0x3, 0x4}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) getsockopt$ARPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x63, &(0x7f0000000080)={'TPROXY\x00'}, &(0x7f00000000c0)=0x1e) sendfile(r2, r5, 0x0, 0x200fc0) [ 1789.061631][ T6359] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1789.069575][ T6359] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000035 [ 1789.077519][ T6359] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) 03:04:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000004c00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:14 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYRES64, @ANYRES16=r2, @ANYBLOB="0100000000000000000007000000080005000904000008000300", @ANYRES32, @ANYBLOB="14000400", @ANYRESDEC=r2, @ANYBLOB="d745b808886a8f3c58db651c1f3ab46c7bb0f11d1cd8302c9ebe3b9912afbcc2a77a3daf83d63abebc712e30645d1542a472875af95764b898611a798f2660b31461d9ec187e345088e355e439e5b4b3d18cacff262156279ade1d3652f34929b072c3249036a4830f20e56cfdaf9993ca6d83cf49bef32d34f2ea6346f95f4a9437b0adc6b1271e5e448ed9ccfbb458bb954de1a4a7e131786908839ff3978c4006027542d5d92a1aac4db5"], 0x38}, 0x1, 0x0, 0x0, 0x4000080}, 0x20044044) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = dup2(r6, r6) r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') dup2(r6, r8) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x38, r9, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ipvlan1\x00'}]}, 0x38}}, 0x0) sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000100)={0x23c, r5, 0x10, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_IE={0x1d5, 0x2a, [@random={0xfa, 0x6b, "ea6051b25ebddb05a042d4e11d2a029627151461a845dc997ec2e6b5524452d69231916f1efbfcae7b9e6a8956f4d2ddaef03e811eda15c1d1fc7500770359c5ade3427f203d506e7bb5b3ef3735eedbc8376be99927a46eed7ec2a72f3ddcf6349b299b64a70b4665c374"}, @random={0x1, 0x68, "a8de8f8dd45c06df235c1a456085083d2c47cd597872a6c7cd53ae090c19d5015c726b6d2623ef6eb6cfc10a3db10d90c1afb3e77e802194ccc986eb86f70d4a36393332beb0072089d178622f438066b649f7bd8514fe8c90f728bfcd76260289badcfcd5ae1bce"}, @random={0x4, 0xf8, "307ea277e7d78463af92f05e712e7b2eac2520cf145f2e734772584879c3441a8f83b17b8b74b7fbeafa9f9064b54ffd01d37cc2d2055a6b46fb385387de18783a7c9987137b85ea834d60e84005fa613697f68c71b385f989e9436e36dca92355de48bb6864672c6cb2082849a66867bc86994efa180323976f1b864a080c1aeb9a4fa55e1106e4384a00eb40fe2e1a050aac1bebd35c748eb9495320c6eb9e74e08f81f892c1e6c7827bcb432459f452a77bc046583f1d39c98c22a9e01f679389d4026c79ce5da634ad560b0153c387e779771a25ecc995a7dc4ff499b6a137297ff1eb5b31d43d0fa7fcafd024470e830df9d103c39a"}]}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x9}]}, 0x23c}, 0x1, 0x0, 0x0, 0x8}, 0x20000811) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:17 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000080)=0x9) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x1, 0x0, 0x4, 0x4, 0x2, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$BTRFS_IOC_RM_DEV(r1, 0x5000940b, &(0x7f0000000a00)={{r3}, "9baf9f207bd20fb3f4e5d3a27a21936ad8ada73fef8eebf116cb6518e8ba9948e11d08a3ef1fb033a5426c2f05257bc75ec902b7a2e4074dfb0aa6a72ad4ab90cc6b951443e0ad2da4a133f979f9e919d4eb99c2394d55104e7a9ef9992ad800052ffdc0fb949c48501115cd7fd307580c4feaf23de689fc7fec5b534e45bd428dfcea4e83b0bfc7e6d4b54372d91270e18a4efee3d81fe69d1c2e5c262ac7510208acce3188ae3ff08c1f63a7225a81b491344f4b0e334ed5461ff7c333d653f6e6945cfc359d868cda57d24386eda122359125a244abd73066e38e075aa1b99039340c5ef0567678762a7560c726c579d54ddc2a2be8aeadaa1446ab6f1248a904cf14439fc94300bc58bdd4a41c8a0000ca98e501c4b51a55c4e13107d05fb39c524d1f01e2ecb659ac1b2c1290d6667e0f13311e4188cba24c7132d93c82bf9d82fcac7b3b1c41be3793d697dbbc5084934a2ae79cb5090ab55a676fed24aa3e72216781fac79bfe33bde48232c8e702300d61d1ce49473b417159fd93139784b02453253c386c2a1729a5f80a8ac41ccf57f9e245eab68db7be41ca0e6e6c82ab51746855615d428a9a2158b0541be0a3ee64a822c1a7aef3468c79e52f44f4d4d7acaeae66191d385056f5b9ac937839bc983d7b72b548a49b03ff06caf6d7660619477e4bb2a26eff8f9adf4f61a6640ba29cc85460d97c5d4aff1a80cc69c41a8c400d9bc251f72a9a7708bed0468ffd89703d20de950fa9e434e479daceb741eb45da1aa1333906e002910b1e116612179db3eb2b26d0bca58527f90786f69b14323ba14cccd3bdd6d917d3ad593b909f41d2ff60b51f4cf615d2776befa40f1c3a9a919bddac307bfad9c6d2527d62b05273109300161b777dca13e5efa61f2c1104748cb46b4796d4c5f2dd993b53095a73374312d242fe5088d7f65a311237a70fea8bea8630b82ae4e35a0645e49fca79a3dbfb3c23c5f958b68418a19e8301f172d2bd7c731a94d2f17e2fe612bd36ab2e5375708695133847a97ec6bd6c580461476a8c16751570e85445d549de382d1c67e0ff952a56ebe2570e74959350dbb9e07f3c237fa580ce1100b80f29c08fe3e2e148bb5e70caffa564a38c3226f6cafa36675230d2d607ae6bf35a85971c0b8085c2416182bb2145531dc5026d132c62569b3184cc4ba0ce546321c7fce1e94b60137e2ce822c1d77c6e7e2f6984d3bbb973f4f0139fd27736888910e1efb5e660bede384c598c62249f9c63933f29693f1c432e08533092f503d83e6e9ad016d8269d20d256858f5f96e8ce4477b5f57ba6a8d9d90dd95b89a55cfad45c19f44044ee9fa54f8e21cd28ac65999114a10fb820a5f7c13fb9b4260270514a39ae132ed571ada86a752f543a38f96f17586b9f167fa09efd6378d5c09fb242bbeffe28cde18484dd6aff974ab2349a8a5ff27b21eddbab07c3fafcd93eb5118367d4c6c99d64d5c5c2e6d865bed727a9001b329eb1181d5e77de203bcaae99ab129fd26a52369cccde14720da104e2cfaeef8551db41d21dc8a95ec061cbc27306deb3e5309e4c170a936ff062d598a33a438badf534a7f207677af7ee6d896268ca635828d58c7aa12f7774ceebfb90e920669fe0c957789ec937b63a177e6b4f3afbc1c955015bb78990170a790fe79cea95fc7637a504dfcbef3629a143d86b15c79cbeab5079c90099c1969565f8f6a170c0e8786c21e19f2fd9ffd8aa2415b82b309d700ba72f5fd3531474c6d6ed195ac4a937a08503b1825d94ab30b32a2bad9d6608779457948b0c67af9ccea5762ee1f8c567dfe3afe436142bd775859b15401b45922f2064997fda3028e440e348e15e705554f5a9f8959c69057b1f70a1c8b2e95fc6dc3e9c8d94cf0fe0169eb54780c21ff011b45e5146ce204aafae84b0a8c723292b3d3ff1103d84a3f34302338bb16c5d18c3a298b1f1b87b8482fee91dc0344c57aaf4ad1ee5378399d01d932afedc3ae6948afd0bebf67c16ab62c7229ceb9ccbbc8e39244d43e1c1ea6b808d14f6d0af1aaa5714eb635b48af68c1e599f97d814e491f9fad74ff91de09b7af5e7ec8af5289a9a3854a4c58b57fa80d4205ce46803c926c3f02146431fb5938f1a09d9c333711c1ae45dcaf13b67b9700bd2fe49a9951a10c61262ed0d3877773e2d31efcf086e0c4c8900fe964cd86475489ac0c5c49cfa63f78853ebbbb38dd854be4466609d12569d6f76fb8ba8f06dacb8349e3308e0b815de6be87216850e6c23fb2fe3b40d68afede3f6c96cb05a089f0a8ff1085e0587f3c2bcf728c53cee62428167da722c0ec77ba0ca09860762f44f028606fd89ab896b721af013a1fab2a78e6be5bb7914a226b3b6fcac6cbbb4f58a12b01eebaa46b9cfd3e08f4b9b346297cf005e7c149bf75d09c1ed92b00631f0a0c2cac8e9e9ed45c5ef68c8b00e5fb45388d2810ddcaf437328d3bd81ff827c658949e16346cbf55607264baa3987d3776a9eaaa514e60f3c4af3a4c57262c4b428bd096e2c744102db33d049cfad4d0c2f3e5e4cc3bf66d9232c8ecabd3b7be861b45bcbe327faa4d46f3693528dbe55b227acb5531b06f592b4384b5abb7997a7e97fc56ef523462f12f8bde7c06a677dcbfbeac88945ced29e0e53d57cbbe66ebdca430750d20645c33e48439d4de133b5c56de1b526beab71e83ee4bbea8f1aecf0601cfc09b6b10eeb46bd83c85c4ca7453ba29387fd3986101fceac6057a8d6b97a7e8d8b2bc32e9b6dc6fada9e7fa22386a53f04ca5052c1ee5f0851b8c2d8a8ab58cc2a85b4d8b3743c306b7bbfee42713209dbe7a1f2ad8e2abd9a9641dc5aca9ade78761306976bfb38224d2448b1a2cdfcf8677fc5d01865f26b75cc4edcb6b3bbae081d8a60bfc72d1845f2def2bdf913006f6c6acbb86ea44f46f6f68e575ab45ad1df0b1909cfe5d61610c66911574b128b78f4cc1b0b5656e519a248e2f872c0aa84acce121e8e3c95a29c374ab6aa5cecb62af5e7078155747843de6ed7d5c1bd3610bb4033a48519e2ab36db319d9dba7acb0bc9190951daeb97bd5db1dd60ea3c73d6a6735b1c77a1617a5fe70887a2a72eab938b4bb6d14d04cd23a78b059e7247f2341aee8024551186a76e7556f7ec1d273a7856ebe2ec753a275952262d8f9d412420e0703c3aeee76026f996241bcc4ba7b34ec672794999cbdca424dc0b43ed6035a9297051bae0fce14e8575228fb24c61755ad26c0ff3086c8dd0d8f6bb61147b0dc17bc4385368be10c56fe5a04a66e1b7cdeb00bbc8dcab3ee8efc8251aca181307c82977f45af6ae2773a59c9d089c3c5b5f500229afed4c9129b1b4aef592decdc173c4575dc8f7af1bae29624084e3325552ac0a63bf07ad28109674b594548d74a2d690a22e3eaef4e9c4eb787bbf9cf6ce3e6729f33c426219a16e5e56c75f0402985d1068c8d2f3ae64cf2151fce2c4511126d9451a4ea6c59fec8353e5b3349d48ff95bcfd59d83c80abd7b0c6c4eed22f648df8307b9cbb1a657ac7b6482f98b1d32bdc8000d1af67dc35e01b6f8b192b5ef45c20b04732f703092b8b9b1319ce853c5f64916e621b63ac0ca600c2570b256f8a7c7a48a3bdfd89474c13ca848f9698376158213bb899b02cdcb694547cd3bc34e8967a48a92486a75d338dc9433cfae687169ad275b34587a2b949a474329f297f244a8a4d088840be898fa811b4f7acd5b400ef91dd14f80e549a00407b1b19770fbca60ed9296d9d2925344569f386bf671992ec5ed369d3ab847b212dfb5679108dfff2deab5e51c5adbd275fce6515c7bb66d5cc69a4adac78b64b7b4583396357906c76ddbf9e928560986bed83a1f704d1bb86e414b96a2b787bb7c76b8eba9ff8e7c0ef7c35d0b79a190aa62b95eaf667b6e38e74199123c7560f95094d6a4d45861e5f810c8310fc937b360cd3d35775ee8a9e54d26ce817e6e23cc754f313b6545f7e9a9cda65e3dda283d4d1646665dae865d0232ef04fbea6effa5d9ed7be7ceccaa0ad18e1833bdd0aa5cb1cb2468440e7c56dcfacd7531f199f0b5311eecfe5f8fea1230af4957123ddaee446ca4c8969fd9b90e58f9b1a11857daebacc50b65812c98a28c263b9392beed6e56ce075cad13b8839e0fd1215227faf3f3ebda666f661abc4fc6f7c14998dfcc61a9d0b6ae7b9b125afd6d74d1af63f897015db6f48727f203d0da9444d3255018102ad0bb0f1f3e5317b0c2ae530da17ab56711b48922e0d02191dd5f61a739454d4604c9f192caef601330de26e080497c6053a45d32d93cc1466785ddc3108a214b7704c73c0e432236cc0404b8a98f75261ee740806fa31077caf2a113d2f94522c00355f8bac95485baab4507e1f80cb45b01c1852c7a222ea83600b3f4e4f9ab2ccd61038321cd230392b66124fa9598d6c736080e96b5c9f6e7e3069b52d427be29eff737a0629f4fba057e78804b7c5c0b61166156526335182dd9eda635610d334d95dde95a61fee21c2691f8e91771d2804b9517d2df8089c490a81a4f1f33e19afab40393efea593bdc8770313154c196139593764de7412df072f1b4d2ad36d9d1c7f70b828c2cb4ceefb105a2c1a98ea27283aab6e82ea4c4a6cf3fa29daeee416993e2004745f06987397238fce9e64b6d9d645cf9823ba196eea542fb9e7f24bd3ef4769f9a1c123d17528e2670eeef9318c9e00f06237505c547e467697de338f75e8ded83dd4a136176531a836160715c59fee7730af46e5d66449b9c9ad4c2a2db1b7e3c0da4874c45dea43c9692124c598083d0d0ebd882e33e7d24ed04898c05d8956c3614410197cb1068f79655747b8bdd9dd04ce5d52ed1da5f3d501a5d41c162dbf21b55d574020b1704dcad10a62a0c5b93e74afa3df793c8ae7b180a49c379703ff5ae9418aeaf1df3caaafd5aa62dc44780482b39c8d12d7ba46c8e4517653e1c189c38fc1953d9ce7b5dee339e144a192325beb86250d46211418255cb090f2897b891aaa61203c8aa91308ba349df24bcca300928e67784f8a66b0ad82da9e63338984b5c3783c572288e1989ba72bf6d2a4e42224a36902c43aac88c8e6213c5efba2c5998f18c5eb359893bec4f2a178f60a77b1d0b162b50d16f8adc0d538a3deabebae9f9cf741183e942a05b001e2fa897bce36b79a4d5348325858889797b4da90126bea55da79a04cfca3680090e872358cf6660b25fa9fa353722a5b244f18a89d39ce56acb3c8be9f8638ee6004f81a1cf6c1b87fd7b33a9bdc2bdb8e2df9214bec9d0bc11ced33faa5c77da4882bcd7d89f142b6b0d9daa603343c00093a896d33243dcfbbef27b3093180abed1990a4ca16eac65b85031803070ab1b0ed52934d120f7291361d555ce9fd1b207b1dd87adfe7dae252075fc85bcab2dfb615dea7c8a1a8c1cb9f11a5b995925ec6af99210548d693310a5b56e41af1e30f003ccd9d803b0ed60b0ba3226b9942f5dc9078733f6f2955ad081ddb8b1500298a465035783c8b42e690c18aeea78e32db958691e8cb305f988dcbc6e3e358237be2dd15b0cbc9f14922ca9fd8f3fc232116ba3a1de540527f252a881936a84da3edb30c7d20eb8a8e1a84117130faa3626266e71a70ca7580a2505081633452d25dd66fe2dd356fbb67a8dae953ac51e1038acce5a4917a669ace171b9dbe04ecc3fcf35699fe6987a48317f28962e6582f511835e3a3c80555622af6ee033d4a422517d1cbc0ce35c8d14"}) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000006000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:17 executing program 2 (fault-call:8 fault-nth:54): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:17 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x60, r2, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc31}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x45ff18b5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4040040}, 0x4000000) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r4, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x7, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x4}, ["", ""]}, 0x14}}, 0x0) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$inet_group_source_req(r4, 0x0, 0x2e, &(0x7f0000000080)={0x6, {{0x2, 0x4e24, @remote}}, {{0x2, 0x4e21, @remote}}}, 0x108) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x142) syz_genetlink_get_family_id$gtp(&(0x7f0000000440)='gtp\x00') sendfile(r3, r6, 0x0, 0x200fc0) 03:04:17 executing program 4: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x2, 0x7) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendfile(r1, r4, 0x0, 0xc) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000006800000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1791.767852][ T6392] FAULT_INJECTION: forcing a failure. [ 1791.767852][ T6392] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1791.786502][ T6392] CPU: 0 PID: 6392 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1791.797962][ T6392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1791.808007][ T6392] Call Trace: [ 1791.811292][ T6392] dump_stack+0x1b0/0x21e [ 1791.815611][ T6392] ? devkmsg_release+0x11c/0x11c [ 1791.820538][ T6392] ? show_regs_print_info+0x12/0x12 [ 1791.825727][ T6392] ? kasan_alloc_pages+0x4a/0x60 [ 1791.830652][ T6392] should_fail+0x6fb/0x860 [ 1791.835058][ T6392] ? setup_fault_attr+0x2b0/0x2b0 [ 1791.840077][ T6392] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1791.845441][ T6392] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1791.850982][ T6392] ? find_get_entry+0x5da/0x670 [ 1791.855819][ T6392] ? xa_load+0x323/0x340 [ 1791.860049][ T6392] __do_page_cache_readahead+0x244/0x510 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000006c00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1791.865675][ T6392] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1791.872079][ T6392] ? unwind_next_frame+0x1c07/0x22b0 [ 1791.877349][ T6392] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1791.883055][ T6392] generic_file_read_iter+0x626/0x20a0 [ 1791.888508][ T6392] ? find_get_pages_range_tag+0xae0/0xae0 [ 1791.894215][ T6392] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1791.899571][ T6392] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1791.905622][ T6392] ? avc_denied+0x1c0/0x1c0 [ 1791.910115][ T6392] generic_file_splice_read+0x491/0x780 03:04:17 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = signalfd4(r2, &(0x7f0000000080)={[0x1]}, 0x8, 0x0) signalfd(r1, &(0x7f0000000100)={[0x63b]}, 0x8) signalfd4(r0, &(0x7f0000000140)={[0x4be]}, 0x8, 0x80800) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$TCGETS(r3, 0x5401, &(0x7f00000000c0)) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000007400000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1791.915651][ T6392] ? splice_shrink_spd+0xb0/0xb0 [ 1791.920582][ T6392] ? security_file_permission+0x1e9/0x300 [ 1791.926284][ T6392] ? splice_shrink_spd+0xb0/0xb0 [ 1791.931205][ T6392] splice_direct_to_actor+0x3cf/0xb00 [ 1791.936572][ T6392] ? do_splice_direct+0x3d0/0x3d0 [ 1791.941580][ T6392] ? pipe_to_sendpage+0x300/0x300 [ 1791.946594][ T6392] ? security_file_permission+0x128/0x300 [ 1791.952299][ T6392] do_splice_direct+0x279/0x3d0 [ 1791.957135][ T6392] ? splice_direct_to_actor+0xb00/0xb00 [ 1791.962673][ T6392] ? security_file_permission+0x128/0x300 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000007a00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000c0ed00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000fc00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1791.968384][ T6392] do_sendfile+0x89d/0x1110 [ 1791.972882][ T6392] ? compat_writev+0x390/0x390 [ 1791.977637][ T6392] ? security_file_permission+0x128/0x300 [ 1791.983346][ T6392] ? vfs_write+0x427/0x4f0 [ 1791.987750][ T6392] ? fput_many+0x42/0x1a0 [ 1791.992076][ T6392] __x64_sys_sendfile64+0x1ae/0x220 [ 1791.997267][ T6392] ? __ia32_sys_sendfile+0x240/0x240 [ 1792.002547][ T6392] do_syscall_64+0xcb/0x150 [ 1792.007034][ T6392] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1792.012897][ T6392] RIP: 0033:0x45dd99 [ 1792.016766][ T6392] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1792.036341][ T6392] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1792.044718][ T6392] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1792.052657][ T6392] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1792.060598][ T6392] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1792.068540][ T6392] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000036 [ 1792.076523][ T6392] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioperm(0xffff, 0x8, 0x288) 03:04:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000fff00000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:17 executing program 2 (fault-call:8 fault-nth:55): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1792.204400][ T6431] FAULT_INJECTION: forcing a failure. [ 1792.204400][ T6431] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1792.220508][ T6431] CPU: 0 PID: 6431 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1792.231957][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1792.242000][ T6431] Call Trace: [ 1792.245295][ T6431] dump_stack+0x1b0/0x21e [ 1792.249611][ T6431] ? devkmsg_release+0x11c/0x11c [ 1792.254520][ T6431] ? show_regs_print_info+0x12/0x12 [ 1792.259683][ T6431] ? kasan_alloc_pages+0x4a/0x60 [ 1792.264588][ T6431] should_fail+0x6fb/0x860 [ 1792.268972][ T6431] ? setup_fault_attr+0x2b0/0x2b0 [ 1792.273967][ T6431] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1792.279318][ T6431] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1792.284831][ T6431] ? find_get_entry+0x5da/0x670 [ 1792.289661][ T6431] ? xa_load+0x323/0x340 [ 1792.293873][ T6431] __do_page_cache_readahead+0x244/0x510 [ 1792.299477][ T6431] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1792.305858][ T6431] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1792.311559][ T6431] generic_file_read_iter+0x626/0x20a0 [ 1792.316986][ T6431] ? switch_mm+0xe0/0xe0 [ 1792.321202][ T6431] ? find_get_pages_range_tag+0xae0/0xae0 [ 1792.326902][ T6431] ? is_mmconf_reserved+0x420/0x420 [ 1792.332069][ T6431] ? avc_denied+0x1c0/0x1c0 [ 1792.336541][ T6431] generic_file_splice_read+0x491/0x780 [ 1792.342057][ T6431] ? splice_shrink_spd+0xb0/0xb0 [ 1792.346975][ T6431] ? security_file_permission+0x1e9/0x300 [ 1792.352669][ T6431] ? splice_shrink_spd+0xb0/0xb0 [ 1792.357585][ T6431] splice_direct_to_actor+0x3cf/0xb00 [ 1792.362929][ T6431] ? do_splice_direct+0x3d0/0x3d0 [ 1792.367919][ T6431] ? pipe_to_sendpage+0x300/0x300 [ 1792.372922][ T6431] ? security_file_permission+0x128/0x300 [ 1792.378608][ T6431] do_splice_direct+0x279/0x3d0 [ 1792.383426][ T6431] ? splice_direct_to_actor+0xb00/0xb00 [ 1792.388941][ T6431] ? security_file_permission+0x128/0x300 [ 1792.394626][ T6431] do_sendfile+0x89d/0x1110 [ 1792.399112][ T6431] ? compat_writev+0x390/0x390 [ 1792.403844][ T6431] ? security_file_permission+0x128/0x300 [ 1792.409545][ T6431] ? vfs_write+0x427/0x4f0 [ 1792.413930][ T6431] ? fput_many+0x42/0x1a0 [ 1792.418230][ T6431] __x64_sys_sendfile64+0x1ae/0x220 [ 1792.423397][ T6431] ? __ia32_sys_sendfile+0x240/0x240 [ 1792.428649][ T6431] do_syscall_64+0xcb/0x150 [ 1792.433121][ T6431] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1792.438979][ T6431] RIP: 0033:0x45dd99 [ 1792.442841][ T6431] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1792.462422][ T6431] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1792.470799][ T6431] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1792.478754][ T6431] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1792.486703][ T6431] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1792.494652][ T6431] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000037 03:04:18 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) ioctl$int_out(0xffffffffffffffff, 0x0, &(0x7f0000000080)) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:18 executing program 4: lseek(0xffffffffffffffff, 0x800002, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x8a) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket(0x1e, 0x4, 0x0) connect$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r2 = open(&(0x7f0000002000)='./bus\x00', 0x2000, 0x10b) sendfile(r0, r2, 0x0, 0x200fc0) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000a000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1792.502592][ T6431] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000fc000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:18 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000240)='./bus\x00', 0x414480, 0x74) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}, &(0x7f00000002c0)=0x10) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, 0x0, 0x4, 0x70bd25, 0x25dfdbfb, {}, [{{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4f00000}, {0x6}, {0x5}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0xb, 0x7}, {0x6}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xff}, {0x6, 0x16, 0x8}, {0x5, 0x12, 0x1}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20004080}, 0x4040044) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000380)={0x0, &(0x7f0000000340)}, 0x10) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:18 executing program 0: prlimit64(0x0, 0xc, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) sched_setattr(r1, &(0x7f0000000180)={0x38, 0x2, 0x11, 0x6, 0xffffffff, 0x9ce, 0x68, 0x3, 0x0, 0x20}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000140)=@usbdevfs_disconnect={0x3}) fcntl$setpipe(r2, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x20, 0x9, 0x2, 0x6, 0x0, 0x1000, 0x1, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3f, 0x1, @perf_config_ext={0xcc05, 0x80000000}, 0x40101, 0x7, 0x6, 0x0, 0x80000000, 0x942f, 0x7ff}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) 03:04:18 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0xf, 0x80000, 0xfffffffa) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000010004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:18 executing program 2 (fault-call:8 fault-nth:56): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000020004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1792.714822][ T6459] FAULT_INJECTION: forcing a failure. [ 1792.714822][ T6459] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1792.746753][ T6459] CPU: 1 PID: 6459 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1792.758204][ T6459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1792.768245][ T6459] Call Trace: [ 1792.771527][ T6459] dump_stack+0x1b0/0x21e [ 1792.775845][ T6459] ? devkmsg_release+0x11c/0x11c [ 1792.780769][ T6459] ? show_regs_print_info+0x12/0x12 [ 1792.785978][ T6459] ? kasan_alloc_pages+0x4a/0x60 [ 1792.790902][ T6459] should_fail+0x6fb/0x860 [ 1792.795307][ T6459] ? setup_fault_attr+0x2b0/0x2b0 [ 1792.800327][ T6459] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1792.805692][ T6459] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1792.811225][ T6459] ? find_get_entry+0x5da/0x670 [ 1792.816060][ T6459] ? xa_load+0x323/0x340 [ 1792.820291][ T6459] __do_page_cache_readahead+0x244/0x510 [ 1792.825914][ T6459] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1792.832322][ T6459] ? unwind_next_frame+0x1c07/0x22b0 [ 1792.837597][ T6459] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1792.843302][ T6459] generic_file_read_iter+0x626/0x20a0 [ 1792.848753][ T6459] ? find_get_pages_range_tag+0xae0/0xae0 [ 1792.854455][ T6459] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1792.859817][ T6459] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1792.865877][ T6459] ? avc_denied+0x1c0/0x1c0 [ 1792.870363][ T6459] generic_file_splice_read+0x491/0x780 [ 1792.875876][ T6459] ? splice_shrink_spd+0xb0/0xb0 [ 1792.880783][ T6459] ? security_file_permission+0x1e9/0x300 [ 1792.886469][ T6459] ? splice_shrink_spd+0xb0/0xb0 [ 1792.891373][ T6459] splice_direct_to_actor+0x3cf/0xb00 [ 1792.896711][ T6459] ? do_splice_direct+0x3d0/0x3d0 [ 1792.901716][ T6459] ? pipe_to_sendpage+0x300/0x300 [ 1792.906710][ T6459] ? security_file_permission+0x128/0x300 [ 1792.912398][ T6459] do_splice_direct+0x279/0x3d0 [ 1792.917214][ T6459] ? splice_direct_to_actor+0xb00/0xb00 [ 1792.922753][ T6459] ? security_file_permission+0x128/0x300 [ 1792.928466][ T6459] do_sendfile+0x89d/0x1110 [ 1792.932948][ T6459] ? compat_writev+0x390/0x390 [ 1792.937679][ T6459] ? security_file_permission+0x128/0x300 [ 1792.943378][ T6459] ? vfs_write+0x427/0x4f0 [ 1792.947758][ T6459] ? fput_many+0x42/0x1a0 [ 1792.952053][ T6459] __x64_sys_sendfile64+0x1ae/0x220 [ 1792.957230][ T6459] ? __ia32_sys_sendfile+0x240/0x240 [ 1792.962482][ T6459] do_syscall_64+0xcb/0x150 [ 1792.966953][ T6459] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1792.972811][ T6459] RIP: 0033:0x45dd99 [ 1792.976674][ T6459] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1792.996242][ T6459] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1793.004634][ T6459] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:18 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) write$binfmt_aout(r0, &(0x7f0000002040)=ANY=[@ANYRES64=r0, @ANYRESOCT, @ANYRESDEC, @ANYRESOCT=r0, @ANYRES16=r0, @ANYBLOB="60792a0ed8988823b117ade8f40c5dd2734ed0196d2028d409adc41ddf89796e3f1408c0c2e74f566f97791770715e8d04dad56603858dbba05178b40bcdefab07fef1ce8c428fcbd8d6d1c07a02767285fd363545410680a72414a15042f59ec3b3f1b8be5247d1b04d87ae2d9558f7cbca6f023dfd3443676cebf984ed339b1e4ee8f6e422286ffb380c3f8533bf178a024c728239a7ca497317a0ecd4a1c90d4d43f3f3bb2e66ebc53f8614fa43db8a09e2531dfe521e66070d83338102e48d991c5bbd2b7db5454f418f70346fcc6d4d52a8b0b9b138b279d7a51a1e10954751aac0badfba71df81fd9d1ab9798b8c2724c9a2e97e13c71a777fe4a02de0a55d722a6610122901391b1e845af6205acd731adcd173d5b9fe6d073348a70b98aa9655e43407478e711791bd33f7db920c0e09347e8472f36c8fb6762b8c67ab75fdaa57df82274169e75d1be31ce1ac165e1451cba5c3683a42fe9264a43396f9b7e16adf4d818142e4995d10688f3a2296697a272208cf578e76b40a314f4cb5ba74b5a8255625cf2d4361f21283808b3397a81141c1c8bf3b66f210671e4eb9bd8ef727f1c8e84182fddb4f6bf9067a469a86d4b0f21e68fa0a1397c41231398c00ad55bc8c2c7dac36b594cbd66c9638f204962792e550eed7417f0955a893cc04aef057cc3966d94d0d22e0515608f7a4e432fc0d099e298c44dd23cacbf8b46fbea06a2d1c57bc5c819fbf83c7e6b9dc3fa942462adb8d40044d7aa78265c8a65b998a68b2a476cc38ea2b88e10fccca250210ac2810f8516bf83f15be9f49e16b36e4de8304eb28bdb03c2c9869dd010846fb55d05166616356957c5ad62437acd9ee56da1523360af03717816713250192b3572e455fc323d67ea7a342e25951c97d929f496ffee71397352a211bbdf94264c5a89e833811519e19817259c0da38dc1997997fb6696883ed1c85ef02d0fea799edfde2d240d0ee2fadf83204edcda5603fa51627a06b8e8fdda13ccafee29923f818763123e830e924558d1c152d0622caf28f730a01979357f5054e3d55bba1405007c622aeebee9f99fbeb601299e7d348243d8688b8aed4ae4cd26d10bed1342adaf0de84844c1ce3417707bc5e87966b6bfe74731ae7f5d40e79600cd13ce1894a91ea487f73da8cd086a9df74ef2e26ad120ae483cb3ce268eccaea4aacf9fb83cfc8ea90e1890b9443121a70fd8fec70eabb5976f04acef0010820aea855481c567eb2fbd0c217bcf75909d942c845d61cf61ab211b3b24b17d8d63b71ff2effe529747a42aa28cc729d7b6aa62e8ffc9f1b2d324a2fe086ab8b7ffb4454d998121b0d9b19e7d46759e21d7f28dbd19740e2a86028514462ac2c0fd575b8cd1bcb31d1bbdb449715f1732338bff2265cd823356bb07458ec362e56eecee2055881847220e54d1584fd762e1ea4e2c24de3158da8f169e53481bf1005b74fcd5238d44a9ae9e761aef928299cea4ee1618f84a95af0e355d5460d2f4e44d78442ac7e7ec9c27ac1d9bc69b7d90aa3bbd757b3cb9ad67cd230b4b9a5ec7d8d57b2f2ef2daf4ec4f151268c35176703b558046f886d57c743e7d3ed54619ad81c2c74383601f95512744c9a9388604dcb145541aa3bdddf8ee2e2fa6ab50252c1964115352f70b0fd94b74ebcb4bf75ea57bd9566a013ac8729d4b999d13af795f15ff5b1aa8d215417338479d6d65a7710a30252241d80fafa68eb9575ae6e3b94ba176150046a349db376a9a275bf27cc03dfc906e5fd5f540f34d8e9e05d765f6d29c24fed22ce18c66e0a70866861bbc1ea075f3d6b3c1854fc1ec80ca1c5958db403bd55e99bea214f6471445d66f5f3a463da778b232caddbc14c9502c4138478b4937e457072ea731351183666f74dae151221b8801016122558195aab81f9059fba3a7077bd91c7528dbfc6b294387ba8dc84fc10c3be374a064c92dea63788f3d48a3a08bbef8f4cdbf706441ba1e8521ef6ce648bd4596bd069ea975dfe9ec01d1669af148bc16f59e32800d3a02699016c5318ea5fa19968adbaf8ba20a725472a1e40cb3bef299660266780adb96ca1f45c1255205333212b1e76ce8e56fe23e7353df25472c5d83df344588bd4ca7304b6b54c7689b11aa1a3be0cf6775a0bb10dc9d2f18a9e7e187059157b9a5c0c7ecda879a3466a4fc4600074d7cf86214711d295fa727c47a3de38057836142b0f9a4b48163124da2911783227c45f3f1e0ea0159fd014813fbc5f9d36bae36408d632a7a04161e2331e8fe87bbfcefb5f363c7e864530c93bdca88e9787ae90231fa4f97ca1cc0add8d19eb69831591c3e5ab09ebe8d335552ef36e2ae0e3e4b7e0104fc91ede90b37b49f0991fb21599b8a720f58c32757325c2ee11ca389799e89a64cd31aeece73adaf3c3ced6e7c55ea53f7794b9016c6312fd29a8157d0e6e0613b99050c46f7d52dcb8e4bb65f706d05ef0b3dc946ef732cb0f3891dc03751720edbe27c72afe89866dc0043b23014b6d9a323d708f8cfb7ba25c186db739379e8b8b5cd876ad62b90b2c44ea2dd3e5dcfe1d1c40a93c70a47729f4a3a2420c3b8190e72ab5df73f31dda8618964338ffbec0d4999951de7c12f0ca453c7e63af4978baf4dfb51bccc6f809d087d6eef815abb1e84a95da51d3831f0b669b4f907aa50d3d6a007136429a44047abe0ac648e112116743820c8fcc5d8d1de71258e5ad3569381a4178e6df74612a2852fbc2dc70f6c71973969eae31d3cd19c8bd321ae54bd01fa6bbf4b084720711a52b2c20bf6eb399cf136e6baa5ae4d5216476c19b06934a0949851d7c9fb71729f5a2056b47cab398f3c50a02b1345b92a5b75b83467f06553169d056a746b389a3e15c170bf02ad22aad06c2718e3cecaa0e349beb2b88461b23c8a3438bf704738db521bdffdd2e107277ce384640290530313f485f1f0afefa754ddbd9e03460ad4668241dfa37fec7e74d8acf4b90ae8870db763d585ed4f36cfb7c520550553ae7f6d26538ca97662305889e2f50923f80fb76484b0ab12059a4671d39314903f6ecb11ca306e96c57c6539ec60720f86dbc3c22e076a9d0ef0c7c9cbefdb229f92e752597b77833c9447c385ccff33c24bfa4155702ee566da9900a0a974f0363e3202879ae3e42a240a792ac0a22cdf92a9cfbcc85389684fd6e408fdf0d4c4af7f13587b9342a69023480c867f21480961ec314a33213771f9b6adb7b8732e9d1f76b41f566fba267ef90e01857d49049fe45cb1e96f983ee87cf347c633fc835084e3e856fc33945b2b1910bbe03dd7a903a52bae6f42dddc63e169e19b90cc5ae4092eb1a378c525050f000211ed40e9323a780a5bfcc22718c1ab92be1c6e16b0238d400300cd9b3b589a4dce096c06c80c7f2d6c4aa0d335c830c4eaf5bc1a4b3b8ef81db14fd46a92974b2daea21a1908f9623c3f2705c97d6c5c5e1cc07558e015c88999b3448faff6d462ae3ee0d2a41637d713d9acb532755e49fee0c0a3af0a8d5717679102c599b12f410a14e2199aff1d887a6ba659c735304e00a92e07ed81405f4111a5652e8c5ba82b42f0b77009f139fca2c5cd2c329cf84775e3836aa42e0454bedb43299aea21735a21712fce9167f156f00350c447793fefc9814de8c02a3ddd25df198f225dbcfc95358870b8d40d9fdcadb87aec36f254543d3467ff1f6df1122d1bc56753d5244b495c355ea8d339803da93e27e36dffebef6d22dac813db0ae78c4c75f7cb10cf34953f8c9d44f65abbafd31910153bf4aaed8654d92e2537385893c7feea320c4beb7e9f629efd626de8a22f9420f3f9cc78e5e0a117c3fa827854d36bd4345aeecd550f49517874e4b54a82e20b55346f5d8caa076c539fba3b994659a65555544a2c82f16dd96495da29e09e1c1bdf227831c489fdb45806dbd6bc0c01d2d725728a8041170add8530411bee9f7dac7c2ef3369571b02892bc6004e8e298db53b2501b08ad555f74c829d1186375d1bc5503f8c5727a81c0b58da3ea230fac81d4d7510ff121e623dfee53d1dcc04500c8cb2748f7459c531ce9b2f5a8ee959e70559f710914aed9d59ee3f4635be86a9fbbff7517dc4791c316872c73425c9dc8ccbb19a090de52adc04909485004a78b817310e8601f7b678000f0c928e110494cc932b59216a129e4249459ce4b2b0d8ee76497940c62700a8f608d532e71c6d4d2a2c82085a615266141728457d82ed065cce49cc11f227353fee8d351b38cb9d74aeaa22bd07f169f0263f180d45c57edd2c5c87c0be107c882a83524c894a470eb8fc721c46339f38c816ab2ecedfc243385a6bac469a2ef5adf6211b2b40617004226f29df1066ee5b98637e5d119677299a02ae925f77adb2d458f7cbb629c733128c45905e5cba48341078a0325269221a69704a02b967f14dd87b51ab9f513ebbd02c885b9e20a7b9c61f042ae69e42fe467c874cfb0575e84cd08393123f0dc17ef98560a9fc70c4cd3aa8688e6f8f6d67ff7d1d01df5f5dd858d28446570a0b51dc7e653c6f3451d562588485c3723d7bf32668137f9b8a51797505c27caae17d1a5a097eded6079329b94a19cf68dd31811f29b1e3c6241c8ed17ab6daac34f4860e24b93793aed7e3f39d193057011da746447157944604d6c42fbca7cd0283654ae00abf976a1f19dbe755588bf8a49aa194695c7b0dc497041fd4575abfa9b601efc84faa013c17f4f5e1d8363d1d12e374750153b0eea7202640ac55c0e460513068586f70c7807ae7fec8a27993fa02fc1f1dd776a667a0493664d9cff3bc755cc1a25fcb149a6b8415f66d4145fbf288a92d49346e024405da707497f593ff245d813dd3041120c3206966b5de8952609e4c2c6b8ceb871d798e81add0a4fe635a1eab63aee4e485f8d5cb63d182ab1a9497fd1dabbd67b17b9655bd2a194c15a85ab45a10fb7535fd14f96e5a994cc27b4613fcd16fb585fcb4d975c35b5d23b94668c66f9547e9abc561ad2babff0e33c5c921c0dc78c0314489796b2f46888db6f478f8b4afb3a505200dc9aa66f3d71294ca513c86291282db945206ed08a88185c18b47840a7ba3a127d09bdd372eb7dce01c75e3916a8f8259fa25034c649b406cbd336d9e036c09dc81a270ceb993dbc1bc50cac1f6b7c51495d92da235e73382a47547628c6fbe447c3a57a4516e9981e740dbcdf51919dc6b240b597705c6acb3cc13db7d040b774688f276d2105696cad0c74a8a547bf3fa6ee8af1ae7803de32d1eda869ba9ea1e1ba6b7ca4c6c83dfff9083d737919c8f5add493a3b50c43dafe74d50be949c39b265471b1d43002a948e87740ad67768e0faf5beec0ae03779d844f48b22407440785f0218a3401f41198d40b5d1b28aaa103b7e67179f831860fe83a481046d92985a08294146f16eba712f4fe69e2823b4e5d2ae1928f30a87a0f87a600c15712f9eeb6ea5a1505dc13be428d796aedfbf976ec165b4c41013fcc1c290a000416975a4f8e1454382632945d06f8d42cc827b8e51fdfadb9838201a81b069af376d96feb0f5f81aa9941cbae72f67fb7e2920f4fc6fd598dc35bda52c5736ef4e98815acbb5b454d3f25388d3c4efd798b85bce41801d1644b7c6122ccd0eedfd6b08ccf25d27a48476543e606b9ca79478685a2917801e4b84a57a4579d69882e387768370bec681b5c2bdc5568a2f39d6c3c958f048124b57aef0dabfb401ba409941ea5796ccbe9751d37639f2e472", @ANYBLOB="ae7c512403c711620c19a23536c5a4d37c85c25cebc9dc94d961ac1eb9a740b5bc83524167a4b78629bd413774e52f2be5aaeb98a9908354d1f023687395e9e55335143697466d0046d50341adeef25c38e325903dd044414b3cfcd047c9f62b9971daf9f235082e66de3838a9bf598d221b4e3662c14ba2f61502709c3f", @ANYBLOB="72813f9fb310bf5b0fff03d8b558d7d1dd8c4b7b6da04c2785515cf39bfc1c9a3773e8c172f5c091b04691486672eea9033d6ee106ad7ed74162e81a9fa0f00074029cece603c4fca5e7d7fe38c9d6f3abffc0fa187abe9422e4faa4db5a8d3c30238ada5c33c6c93c9c1222afa8d41feebb18da95e1026ccdba23ea695b80c2273bc4", @ANYBLOB="ed7c60570e8b2a6e1fea315c51b5879f49f4a8a8fc137fffe02340c27144", @ANYRESHEX=r0, @ANYRES16=r3], 0x8a) r4 = socket$inet6(0xa, 0x400000000001, 0x0) close(r4) r5 = socket(0x29, 0x4, 0x4) ioctl$EVIOCGABS0(r0, 0x80184540, &(0x7f0000000080)=""/188) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x65) sendfile(r4, r6, 0x0, 0x200fc0) 03:04:18 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x28, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r5 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_DEL(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x2, 0x70bd2d, 0x25dfdbfc, {}, [@FOU_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x800) 03:04:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0xa, 0x0, 0xfdf, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000004020004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1793.012571][ T6459] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1793.020857][ T6459] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1793.028799][ T6459] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000038 [ 1793.036745][ T6459] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000030004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000040004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:18 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = open(&(0x7f00000002c0)='./bus\x00', 0x402, 0x44) sendmsg$ETHTOOL_MSG_COALESCE_GET(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x54, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x41004) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x800, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000080)=""/110) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00') sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r4, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002040)=ANY=[@ANYBLOB="e8200000", @ANYRES16=r5, @ANYBLOB="00032dbd7000fc7ed8258300000008000300", @ANYRES32=0x0, @ANYBLOB="ac030580d0010080c0010380f800018008000180040008003000018006000400ff0f00000500070020000000060004008000000004000b00040009000400010005000300010000002000018005000300090000000400010004000a000400090006000400020000000c00018004000b0004000b0024000180050006000100000008000200000000000800020004000000050006000b0000002c00018004000b0004000100050003000d00000008000200000000000500030004000000050003000d000000400001800800020000000000050006000e00000005000500080000000500070002000000060004000600000004000b000400080004000b0005000700080000000400020004000200b80001800800018004000b0038000180050003000900000005000700090000000400010004000b00050006000900000004000900050006000b0000000400080004000100200001800800020002000000050003000500000005000700800000000400080038000180040008000400090004000a000500070087000000050005000c00000004000a0004000800050003000e00000005000600150000001c00018004000b00050003000e000000050007008100000004000a00040002000a000100ffffffffffff0000c00100802400028008009f00040000000800a1000800000008002201aa0300000800a10000fcffff0a00010008021100000100000a00010008021100000000002c00028008002201e201000008002600710900000800a100070000000800a100040000000800270000000000240103800400020004000200040002005c0001802c000180080002007b453b440500070005000000060004000200000008000200040000000400010004000a002c0001800500070001000000050007004000000004000b0004000800050005000900000004000a00040001000400020004000200a80001802000018006000400bc61000004000a00050003000d00000004000a00040009002800018004000100050006001100000006000400050000000400090004000b000800020002000000100001800500050000000000040001003c0001800400090004000a0004000b000500070008000000050005000d0000000400090004000a000600040003000000040001000800020003000000100001800400080005000300010000000400020004000200300003800c0001800800018004000800200001800c00018005000500070000001000018004000b0008000200010000001800008008000380040002000a0001000802110000010000f40e0580e80000800a000100080211000000000008000380040002009c0003809800018004000180140001800500050009000000050005000a0000001800018004000a000400010004000a00080002000200000014000180050006001000000006000400f9ff00001400018004000a000400080004000a00040001003c000180080002000200000004000800050003000200000004000100080002000000000004000800050005000f00000004000900050005000a0000000a00010008021100000100000c00038004000200040002001c00028008002600b81500000500190105000000080026006c090000f00000800a000100ffffffffffff000054000280050019010b00000008009f0006000000080027000000000008009f00060000000800270002000000080022018d010000050019010a00000008002600501400000800a1000400000005001901040000001c000280050019010a0000000800a1000600000008002201a601000008000380040002000a00010008021100000000000a000100ffffffffffff00000a00010008021100000100004400028008009f0000000000050019010b00000008002700030000000800a00003000000080022010c0200000500190108000000050018012400000008009f0001000000640000800a00010008021100000000005400028008002700020000000800270002000000050018010300000005001801230000000800a000ffff00000500190106000000080027000300000008009f0003000000080022017f0000000800a100070000006401008010010380040002004c000180340001800500030000000000050006000d00000004000a00050005000000000004000a00050005000f000000050003000500000014000180050003000c00000004000a0004000100040002000400020004000200200001801c000180050003000a00000004000b0004000800060004005a04000004000200040002004000018020000180040001000800020001000000080002000400000005000300050000001c0001800400090004000b0004000b00050006000b00000004000a004800018020000180050005000800000005000500020000000500060005000000040001002400018004000100050005000c00000008000200040000000500050009000000040001000a000100ffffffffffff00004400028008002600df1600000800270002000000080027000000000008009f00030000000500190109000000050019010c000000080026006c0900000800a10081000000500000804c000280050018010f00000008002201150300000800220141000000080022018e02000008009f00060000000800270000000000080027000300000008009f000500000008002600f41500002c0600800a00010008021100000100007c0003807800018008000180040001003800018004000b00050007000a00000004000b000400090004000b0005000600050000000500060009000000050007003d00000004000a000c00018006000400070000002800018004000b00080002000100000004000b0004000b00060004007f000000050006001c0000000a000100ffffffffffff0000b0030380040002000400020004000200940001800c0001800600040001000000300001800400090004000100040008000400080004000b000400080004000900050003000800000006000400060000000c00018005000700b40000001400018004000a0004000100040009000400080024000180080002000000000006000400570a00000400080004000800060004000b06000010000180040009000400010004000100700001801400018004000b0004000900040009000400010034000180060004009d050000050006001a000000060004000ceb000004000b000400090005000700c30000000400080004000a00240001800500030001000000060004000300000004000a00050005000c00000004000b000400020064010180380001800500050004000000050005000e00000005000300000000000800020001000000050007003e0000000400080004000100040008001800018004000800040009000600040001000000040008001000018008000200030000000400090024000180040001000600040005000000050003000d00000004000a0005000700f000000014000180050007000700000005000700040000003c00018004000b00050003000200000004000a000400080004000b0006000400000000000400010004000900050005000f00000005000500070000001c000180050005000000000004000900040001000600040000080000180001800400090008000200020000000400090004000b0040000180050005000e000000050006001e00000004000b000800020001000000050005000f0000000400090004000100060004000000000008000200040000001800018004000a0004000800050006000000000004000900c40001801c000180060004000000000004000b0004000900050005000c0000002000018004000a0004000a000400010004000a00080002000400000004000a0018000180050005000500000004000a0005000300090000001000018004000900050007001f00000024000180050006000d000000050005000b0000000400080004000a00060004000600000014000180050003000700000005000600090000002400018004000900040009000800020003000000050006001c0000000600040009000000040001806c0001801400018004000a00050005000100000004000b003c000180050007007f00000004000a00050005000d0000000500050009000000050003000d00000004000a000800020003000000050005000d000000180001800500070003000000050003000700000004000b000a000100ffffffffffff000044000380040002003800018010000180050006008000000004000a0024000180060004007b04000004000b00050006000d00000005000600140000000400090004000200340002800800a1007d000000080027000100000008002600f81600000500180112000000050018012e000000080026006c090000540103800400020030000180180001800500030009000000050006001200000004000b00140001800400080006000400ff07000004000900740001801c0001800400080004000900050003000100000008000200030000002c00018004000100060004000100000004000a0004000900080002000400000004000a0005000300000000000c00018005000700060000001800018004000b00050006000b000000060004000010000004000180480001804400018004000a000400010005000600120000000800020001000000050007000700000004000900040009000800020000000000080002000300000006000400010000002c00018020000180050005000600000004000b0006000400001000000500030009000000080001800400080034000180200001800600040001000000050003000400000004000b00050003000300000010000180050003000c000000040009000a00010008021100000100003802008054000280050018012a000000050019010b0000000800a10000000000080022019f010000080027000300000008002201a0020000050018012b0000000800a0000000000008002201730200000800a000040000000a00010008021100000000003c010380600001801000018004000900060004006bf800000c000180050006001d0000001400018004000100080002000200000004000a002c00018004000800050006001900000004000b000400090004000b0005000700040000000400010004000a00040002000400020004000200cc0001801c000180050003000a000000050005000200000004000b00040009000c00018006000400030000002000018004000b00040009000400080004000b00050007003f00000004000800240001800500070004000000060004000004000004000a000500070081000000040008002c0001800500070080000000050003000c00000004000900050006000c0000000400080006000400000000002400018004000a00040008000400090004000a00060004000500000005000700040000000c00018005000700010000000a00010008021100000100000a00010008021100000000005c00038004000200040002004800018030000180040009000800020000000000050006001700000008000200040000000400080004000100060004005f05000014000180080002000100000008000200000000000400020004000200240003801c0001800c00018006000400020000000c0001800800020001000000040001809c0200801400028008002201d800000008009f0000000000440002800800a0008b000000080026006c09000008002201370000000500190105000000080026008f09000008002201f7020000080026000816000008009f0007000000240003800400020004000200180001801400018005000500030000000400090004000900d0010380040002008c0001802400018006000400060000000400080004000100050007004000000006000400ffff00001c0001800500070000000000050006001500000005000600150000002400018004000100050006000200000004000b0004000100050007000000000004000a000c0001800400080004000800080001800400010010000180050007001000000004000b003c01018008000180040009002c0001800500060008000000050007000800000005000700c80000000600040000080000050003000b00000030000180040009000500030003000000050005000500000004000a00080002000200000004000a00050007007f00000010000180050006001700000004000b00240001800500050001000000050005000600000005000600050000000800020002000000180001800400080004000100050005000200000004000b000c0001800500060000000000280001800500050004000000050005000200000004000a0004000a000400010006000400010000002000018006000400590200000400090008000200020000000600040080000000340001800400010004000100050007003f00000005000700030000000600040004000000060004004800000004000b0004000b004c0002800800a1000100010005001901090000000800a100470b0000080026006c09000008002700030000000800270000000000080026006c090000050019010900000008009f00020000000c060580000200802c0002800800a000010000000500190140000000050019010800000008009f00040000000800270003000000a4010380440101801c00018004000b0004000b0004000a000500030001000000040001002000018004000a00050005000c000000050003000b00000008000200030000002400018004000b0004000b000400080004000900050003000300000004000800040009003000018004000900080002000100000004000a0005000500010000000400080004000800050006000600000004000a0034000180050003000d000000060004000700000006000400000000000500070007000000040009000400080004000b0004000900180001800500070081000000060004007f000000040008000c000180060004000800000038000180050006001e000000080002000200000004000a0005000600160000000500030007000000050003000300000005000500050000000c0001800400010004000b0014000180040001000400090005000700060000004c000180140001800400090004000b00050005000c0000001400018004000b0004000a0004000a000400090020000180080002000100000004000100050003000700000008000200000000000c0001800800018004000a00040002002c000280080022015d020000080022011d030000080022015a030000080027000200000008009f0004000000340300800a0001000802110000000000080303800400020004000200040002005c010180180001800500070008000000080002000000000004000b001c0001800400010004000a000500030000000000080002000300000034000180050007003f00000004000b000500050007000000050003000a00000004000800050006000c00000005000700090000002c000180050003000900000004000100040008000400090004000a00050007000500000005000300010000002c00018004000a00050007002b000000080002000200000004000a00050005000b0000000400090004000a000c00018005000600140000002c00018004000100050006001d000000050005000900000006000400047c00000800020002000000040008001400018006000400fcff0000050003000700000024000180050005000300000004000900050003000e00000005000700e8000000040001002800018004000800050003000700000004000100050005000a0000000800020004000000040008000c0101800c000180050005000900000014000180050007000400000008000200020000003000018005000500070000000500030008000000050006000500000005000600000000000400090004000800040009001c00018004000b000800020007000000050006000b000000040008002000018005000600040000000400090008000200030000000500050001000000240001800400090004000a000600040004000000050003000a000000050005000b000000240001800800020003000000060004000900000004000b00050005000e0000000400090034000180050007007f000000040001000500030003000000080002000000000004000b0005000300090000000800020083de155d8c00018014000180080002000100000004000900040001001c000180050007000700000006000400ff7f000004000900040008002c000180060004000500000004000b00050003000200000004000a0004000b000800020002000000040001002c0001800400090004000a000400080004000a00050003000500000005000500060000000800020004000000040002001c000280080022011e030000050019010d0000000500180133000000880000801c000280080027000000000005001801000000000800a100010001000a00010008021100000000005000038004000200480001800c000180050006001e00000038000180050006000e00000004000b00080002000200000004000a00040001000500060012000000040008000400090005000700070000000a00010008021100000000004c0000800a000100ffffffffffff00003c000280080026006c0900000800a1000600000008009f00050000000800220193000000080022013e00000005001901080000000800a100f7ffffff20080580100000800c0002800800a00000000080380000803400028008002201c3010000080027000200000008009f000600000008002600b414000008009f00020000000800220143010000e40200800a000100ffffffffffff00000a00010008021100000000001c0003801400018010000180050005000100000004000a0004000180900003800400020044000180080001800400080024000180050007004000000004000100050006001400000004000b0004000b0004000a001400018005000600000000000500070001000000440001803000018004000900050006001800000004000b00050006001600000004000b0004000100050005000900000004000b0010000180050005000c00000004000a00780003806c0001802800018004000100080002000400000006000400030000000500030000000000050003000c0000000c000180050005000100000034000180050007003f00000004000100040001000400080004000100050005000c00000004000b000400090005000500060000000400020004000200a4010380040002007000018038000180050007000200000004000900050003000b00000008000200030000000500070000000000050007000900000005000500090000000c000180050003000e000000280001800500070008000000040008000400010004000100050006000d000000080002000400000004000200b00001800c00018005000300090000003800018004000a0004000a00050003000c0000000400080004000a0005000600140000000500070008000000050007000000000004000b0040000180050003000900000006000400070000000500050009000000050003000d000000080002000400000004000b000500050002000000050003000100000028000180050006000a00000005000300010000000600040081ff000004000100050005000800000004000200040002000400020004000200680001800c000180050005000b0000002c0001800400080004000900060004000200000004000a0004000a00040009000600040009000000040001002c00018004000b00050005000b000000050003000000000004000900050007002800000005000600170000009c0000803400028008009f00030000000800a000060000000800a000ffff000008002600d41e00000800a000d2000000050018011b0000000c00028008002201b5000000240002800800a0000300000005001801150000000800a100d2020000080026006c0900003400028008009f00070000000800a0000000000008002201a80100000800a000ff0f000008002600111700000800270002000000240000801400028008009f0001000000080026006c0900000a000100ffffffffffff0000340200800a00010008021100000000000a00010008021100000000000a00010008021100000100001c0002800800a100080000000800a1000900000005001801060000001c00028005001801010000000800a0003f00000005001801150000009801038090000180400001800400080004000a0005000700e400000005000500020000000500030000000000050005000900000005000700020000000400010005000300070000000c00018008000200040000001800018005000600130000000400080008000200040000002800018004000b00050005000a0000000600040063000000050006001c00000004000800040008000400020000010180340001800400090004000b0004000900060004000200000004000b00050005000000000005000700400000000500050004000000200001800500050004000000050007000900000004000900080002000400000040000180080002000300000004000800060004000400000004000800040008000500030002000000080002000300000004000800060004007f00000004000a002400018004000a0004000b0004000a0004000100050005000200000006000400090000001000018004000800050007003b000000340001800500070080000000040008000800020001000000050005000a000000060004000080000004000b00050005000900000014000280080027000000000008002700030000001c00028008009f0006000000050019010a0000000800a000090000000a000100080211000001000070010080a40003809c00018030000180050007000700000008000200040000000400010004000100050003000300000004000b000600040000c0000014000180050005000d00000004000900040001004800018004000900050003000b00000004000a0005000700090000000500070040000000050007001f000000050006000000000004000100050003000300000006000400000100000c00018004000b0004000900040002000a0001000802110000000000b0000380ac00018038000180040001000500070080000000050006001c00000004000b000500070000000000050007000100000004000a0006000400060000002c000180060004000080000004000b000600040000ff00000500050006000000050005000500000004000a002c00018005000700810000000400080006000400ff010000050003000a00000004000b0006000400060000001800018004000100050003000c0000000400090004000a000a00010008021100000100003c0000800a00010008021100000100002c00028005001901050000000800a00001040000080026006c090000080022015c0300000800a000d30c0000500000800a00010008021100000100002c0002800800a100080000000500180119000000050018011f00000008002201760000000800a00000080000140002800800a1000900000008009f0002000000"], 0x20e8}, 0x1, 0x0, 0x0, 0x1011}, 0x8011) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0x200fc0) 03:04:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000050004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000060004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 2 (fault-call:8 fault-nth:57): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000004060004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = dup(0xffffffffffffffff) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000080)={'bridge0\x00'}) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:04:19 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r2, 0x0, 0x0) pidfd_open(0x0, 0x0) close(r1) socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x1, 0x4}}, 0x52) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = fcntl$dupfd(r3, 0x0, r1) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) utimensat(r4, &(0x7f0000000080)='./bus\x00', &(0x7f0000000100)={{}, {r5, r6/1000+10000}}, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x2, 0x8, 0x1, 0x4, 0x1, 0x2, 0x6, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x25}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000090000082505a8a40700000001010902240001010000000904000012070103000905010200ffe000000905820241"], 0x0) syz_usb_control_io(r3, 0x0, 0x0) syz_usb_control_io(r3, 0x0, 0x0) syz_usb_disconnect(r3) syz_usb_control_io$printer(r3, &(0x7f00000000c0)={0x14, &(0x7f0000000140)={0x20, 0x24, 0xbf, {0xbf, 0x1, "c94c533d1f20815d91c8f03509e5d64f08d86ce5aecfeee6e890b8f6a051c9a4b76fa0cef729069d93662c8219fbdc8f07bb3ed8292d9f484569648df1f1dc19f76087f20f2a11361f11efd328c997f62f2d29607a3aed3ca4b06c134203d76b1dd6ca917b1fae9bfba8a448e276fae2878cac768ed2a1263bd218c8fef26a70471645b1361aa7719bb76c12b8e5c76a4c4f4e2e4fafd75efef1d4b0e2e406962d631fb14981f5796e46de29b2ba8e00b1bab539b9cc6dfe71dca041de"}}, &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2009}}}, &(0x7f0000000500)={0x34, &(0x7f00000002c0)={0x60, 0x5, 0xf9, "116b163c14aa2816dc1be89502b169f2f5a392245155aec057e19449302059e2fbdfebe02ca0d7fd4dbae30dcffd30217bdcb74b471e90e617107b445db1c60d7f7e393e99c86bd9f8ff73510491cf6972a34933d3dca483dc5c88d8085fce7e086ed00661286c08e26bddf3d83c3ae0f85d911de6480eaa06f8bed3dfe01c27d0dd861d28d5b9b9c0428f30c13cf0116a1d83254710efc6300c8ac5ea465dc4e1e5a9d018343bf2b87212d4771bf666dd394d6188c9a54df90e359544fe5a1b55d02858c9377f20358becc466894fe437a7cd130379a43b930a520dd19309f931a126a6f7647ba50b2d53d9c32d6d35395532b26bea1fad9d"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x5}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000400)={0x20, 0x0, 0x66, {0x64, "14f09afc2acfe8a987e200875765af583dcad03db8b29ef7d31b32484e622a58f5bb480693e6eee39448a3b99a538452c954b071ef664673a0389b2e4e3c5f3b5c6fc01f3a883a0acfceb5fc9acb1ec8f3d5cfe2d27456e22ed5cd7a27b0bd49282d5daa"}}, &(0x7f0000000480)={0x20, 0x1, 0x1, 0x1}, &(0x7f00000004c0)={0x20, 0x0, 0x1, 0x8}}) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) 03:04:19 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="0e00000017017f6f002e2f4f7573"], 0xe) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e23, 0x1, @remote, 0x1840}, {0xa, 0x4e21, 0xa14, @rand_addr=' \x01\x00', 0xe83}, 0x5, [0x0, 0x3, 0x6a, 0xcf, 0x93, 0x6, 0x3, 0x5]}, 0x5c) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000070004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1793.276412][ T6508] FAULT_INJECTION: forcing a failure. [ 1793.276412][ T6508] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1793.303875][ T6508] CPU: 1 PID: 6508 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1793.315329][ T6508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000080004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1793.325368][ T6508] Call Trace: [ 1793.328647][ T6508] dump_stack+0x1b0/0x21e [ 1793.332964][ T6508] ? devkmsg_release+0x11c/0x11c [ 1793.337893][ T6508] ? show_regs_print_info+0x12/0x12 [ 1793.343076][ T6508] ? kasan_alloc_pages+0x4a/0x60 [ 1793.348009][ T6508] should_fail+0x6fb/0x860 [ 1793.352420][ T6508] ? setup_fault_attr+0x2b0/0x2b0 [ 1793.357438][ T6508] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1793.362810][ T6508] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1793.368342][ T6508] ? find_get_entry+0x5da/0x670 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000090004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1793.373177][ T6508] ? xa_load+0x323/0x340 [ 1793.377419][ T6508] __do_page_cache_readahead+0x244/0x510 [ 1793.383046][ T6508] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1793.389450][ T6508] ? unwind_next_frame+0x1c07/0x22b0 [ 1793.394721][ T6508] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1793.400464][ T6508] generic_file_read_iter+0x626/0x20a0 [ 1793.405919][ T6508] ? find_get_pages_range_tag+0xae0/0xae0 [ 1793.411631][ T6508] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1793.416988][ T6508] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000a0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000b0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000c0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1793.423044][ T6508] ? avc_denied+0x1c0/0x1c0 [ 1793.427536][ T6508] generic_file_splice_read+0x491/0x780 [ 1793.433071][ T6508] ? splice_shrink_spd+0xb0/0xb0 [ 1793.437999][ T6508] ? security_file_permission+0x1e9/0x300 [ 1793.443704][ T6508] ? splice_shrink_spd+0xb0/0xb0 [ 1793.448628][ T6508] splice_direct_to_actor+0x3cf/0xb00 [ 1793.453988][ T6508] ? do_splice_direct+0x3d0/0x3d0 [ 1793.458996][ T6508] ? pipe_to_sendpage+0x300/0x300 [ 1793.464010][ T6508] ? security_file_permission+0x128/0x300 [ 1793.469718][ T6508] do_splice_direct+0x279/0x3d0 [ 1793.474558][ T6508] ? splice_direct_to_actor+0xb00/0xb00 [ 1793.480095][ T6508] ? security_file_permission+0x128/0x300 [ 1793.485802][ T6508] do_sendfile+0x89d/0x1110 [ 1793.490295][ T6508] ? compat_writev+0x390/0x390 [ 1793.495049][ T6508] ? security_file_permission+0x128/0x300 [ 1793.500760][ T6508] ? vfs_write+0x427/0x4f0 [ 1793.505164][ T6508] ? fput_many+0x42/0x1a0 [ 1793.509486][ T6508] __x64_sys_sendfile64+0x1ae/0x220 [ 1793.514673][ T6508] ? __ia32_sys_sendfile+0x240/0x240 [ 1793.519947][ T6508] do_syscall_64+0xcb/0x150 [ 1793.524443][ T6508] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1793.530321][ T6508] RIP: 0033:0x45dd99 [ 1793.534204][ T6508] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1793.553789][ T6508] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1793.562191][ T6508] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1793.570152][ T6508] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1793.578108][ T6508] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1793.586062][ T6508] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000039 [ 1793.594019][ T6508] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:19 executing program 2 (fault-call:8 fault-nth:58): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000d0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:19 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x1) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x10000, 0xc4) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:19 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x80c, 0x3) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket$nl_route(0x10, 0x3, 0x0) pipe2(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, 0x0, 0x600, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8880}, 0x91) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r7}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) readv(r4, &(0x7f0000000480)=[{&(0x7f0000000500)=""/183, 0xb7}, {&(0x7f0000000140)=""/28, 0x1c}, {&(0x7f0000000180)=""/204, 0xcc}, {&(0x7f0000000280)=""/178, 0xb2}, {&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000380)=""/173, 0xad}, {&(0x7f0000000680)=""/48, 0x30}], 0x7) [ 1793.691212][ T3537] usb 1-1: new high-speed USB device number 101 using dummy_hcd [ 1793.746851][ T6542] FAULT_INJECTION: forcing a failure. [ 1793.746851][ T6542] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1793.762429][ T6542] CPU: 1 PID: 6542 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1793.773874][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1793.783912][ T6542] Call Trace: [ 1793.787196][ T6542] dump_stack+0x1b0/0x21e [ 1793.791510][ T6542] ? devkmsg_release+0x11c/0x11c [ 1793.796434][ T6542] ? show_regs_print_info+0x12/0x12 [ 1793.801633][ T6542] ? kasan_alloc_pages+0x4a/0x60 [ 1793.806572][ T6542] should_fail+0x6fb/0x860 [ 1793.810977][ T6542] ? setup_fault_attr+0x2b0/0x2b0 [ 1793.815991][ T6542] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1793.821355][ T6542] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1793.826886][ T6542] ? find_get_entry+0x5da/0x670 [ 1793.831726][ T6542] ? xa_load+0x323/0x340 [ 1793.835956][ T6542] __do_page_cache_readahead+0x244/0x510 [ 1793.841576][ T6542] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1793.847978][ T6542] ? unwind_next_frame+0x1c07/0x22b0 [ 1793.853250][ T6542] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1793.858953][ T6542] generic_file_read_iter+0x626/0x20a0 [ 1793.864412][ T6542] ? find_get_pages_range_tag+0xae0/0xae0 [ 1793.870115][ T6542] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1793.875473][ T6542] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1793.881524][ T6542] ? avc_denied+0x1c0/0x1c0 [ 1793.886028][ T6542] generic_file_splice_read+0x491/0x780 [ 1793.891561][ T6542] ? splice_shrink_spd+0xb0/0xb0 [ 1793.896488][ T6542] ? security_file_permission+0x1e9/0x300 [ 1793.902191][ T6542] ? splice_shrink_spd+0xb0/0xb0 [ 1793.907113][ T6542] splice_direct_to_actor+0x3cf/0xb00 [ 1793.912474][ T6542] ? do_splice_direct+0x3d0/0x3d0 [ 1793.917482][ T6542] ? pipe_to_sendpage+0x300/0x300 [ 1793.922498][ T6542] ? security_file_permission+0x128/0x300 [ 1793.928200][ T6542] do_splice_direct+0x279/0x3d0 [ 1793.931189][ T3537] usb 1-1: Using ep0 maxpacket: 8 [ 1793.933032][ T6542] ? splice_direct_to_actor+0xb00/0xb00 [ 1793.933047][ T6542] ? security_file_permission+0x128/0x300 [ 1793.949257][ T6542] do_sendfile+0x89d/0x1110 [ 1793.953748][ T6542] ? compat_writev+0x390/0x390 [ 1793.958498][ T6542] ? security_file_permission+0x128/0x300 [ 1793.964210][ T6542] ? vfs_write+0x427/0x4f0 [ 1793.968613][ T6542] ? fput_many+0x42/0x1a0 [ 1793.972931][ T6542] __x64_sys_sendfile64+0x1ae/0x220 [ 1793.978118][ T6542] ? __ia32_sys_sendfile+0x240/0x240 [ 1793.983392][ T6542] do_syscall_64+0xcb/0x150 [ 1793.987885][ T6542] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1793.993759][ T6542] RIP: 0033:0x45dd99 [ 1793.997637][ T6542] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1794.017222][ T6542] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1794.025619][ T6542] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1794.033592][ T6542] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1794.041545][ T6542] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1794.049500][ T6542] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003a [ 1794.051278][ T3537] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1792, setting to 1024 [ 1794.057451][ T6542] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1794.106494][ T3537] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 1794.126588][ T3537] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 65 [ 1794.147144][ T3537] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1794.251277][ T3537] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.07 [ 1794.270462][ T3537] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1794.280536][ T3537] usb 1-1: SerialNumber: syz [ 1794.311252][ T6516] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1794.318044][ T6516] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1794.351602][ T3537] hub 1-1:1.0: bad descriptor, ignoring hub [ 1794.365987][ T3537] hub: probe of 1-1:1.0 failed with error -5 [ 1794.551557][ T6516] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1794.561665][ T6516] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 1794.812171][ T3537] usblp 1-1:1.0: usblp0: USB Bidirectional printer dev 101 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8 [ 1794.851748][ T3537] usb 1-1: USB disconnect, device number 101 [ 1794.862635][ T3537] usblp0: removed [ 1795.801241][T20594] usb 1-1: new high-speed USB device number 102 using dummy_hcd [ 1796.041235][T20594] usb 1-1: Using ep0 maxpacket: 8 [ 1796.161264][T20594] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1792, setting to 1024 [ 1796.172269][T20594] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 1796.182746][T20594] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1601, setting to 1024 [ 1796.194122][T20594] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1796.204418][T20594] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 03:04:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x198, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [{{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x198}, 0x1, 0x0, 0x0, 0x40}, 0x80) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000e0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = syz_io_uring_setup(0x1d37, &(0x7f0000000180)={0x0, 0xeb30, 0x2, 0x2, 0xde, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) sendto$unix(r0, &(0x7f00000000c0)="ceaf70f5f9929355c37ccaf676ee7512f7251073e494879122a95629205bd05f471aaa1d57260256823c83001889f0d8d7681b9aa0465fbc736b6e74a25715cc9c8b4cc6804a29c72c3e93f86d1e815767b9881778dc60a2f83cb49aa412ab84b529a91a1931866527b983495e8c901bb19a20960464cc873614c0bfd881a35f1502", 0x82, 0x4040040, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) ioctl$BTRFS_IOC_QUOTA_CTL(r4, 0xc0109428, &(0x7f0000000280)={0x3, 0x858e}) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x0, 0x2, 0x98f2, 0x8, 0x5, "0e211882fa9b1e029ac12f341427c61069c7aa", 0x0, 0x4}) 03:04:22 executing program 2 (fault-call:8 fault-nth:59): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@ipv6_newroute={0x44, 0x18, 0x200, 0x70bd27, 0x25dfdbfe, {0xa, 0x80, 0x20, 0xd2, 0x0, 0x1, 0xff, 0x0, 0x1200}, [@RTA_OIF={0x8}, @RTA_ENCAP_TYPE={0x6}, @RTA_EXPIRES={0x8, 0x17, 0x7}, @RTA_IIF={0x8, 0x3, r4}, @RTA_IIF={0x8}]}, 0x44}}, 0x20800) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x800000003, 0x0) sendfile(r5, r2, 0x0, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x100000001, 0x4}) r6 = fcntl$dupfd(r2, 0x406, r1) ioctl$EVIOCGRAB(r6, 0x40044590, &(0x7f00000000c0)=0x7) 03:04:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x11, 0x800000003, 0x0) bind(r8, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r8, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r9}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRESHEX=r9, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32=r4, @ANYBLOB="14000400", @ANYRES32], 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x70, r6, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x4f}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x16}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r10}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x10001, 0x5}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x5, 0x25}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x1c000, 0x1f}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x37}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x75}]}, 0x70}}, 0x4000010) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) [ 1796.291248][T20594] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.07 [ 1796.300315][T20594] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1796.308963][T20594] usb 1-1: SerialNumber: syz 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000100004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000004100004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1796.340655][ T6570] FAULT_INJECTION: forcing a failure. [ 1796.340655][ T6570] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1796.354174][T20594] usb 1-1: can't set config #1, error -71 [ 1796.363282][T20594] usb 1-1: USB disconnect, device number 102 [ 1796.370277][ T6570] CPU: 1 PID: 6570 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1796.381719][ T6570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1796.391757][ T6570] Call Trace: [ 1796.395044][ T6570] dump_stack+0x1b0/0x21e [ 1796.399362][ T6570] ? devkmsg_release+0x11c/0x11c [ 1796.404286][ T6570] ? show_regs_print_info+0x12/0x12 [ 1796.409471][ T6570] ? kasan_alloc_pages+0x4a/0x60 [ 1796.414398][ T6570] should_fail+0x6fb/0x860 [ 1796.418811][ T6570] ? setup_fault_attr+0x2b0/0x2b0 [ 1796.423826][ T6570] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1796.429193][ T6570] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1796.434726][ T6570] ? find_get_entry+0x5da/0x670 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000110004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000120004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000200004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1796.439562][ T6570] ? xa_load+0x323/0x340 [ 1796.443790][ T6570] __do_page_cache_readahead+0x244/0x510 [ 1796.449416][ T6570] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1796.455818][ T6570] ? unwind_next_frame+0x1c07/0x22b0 [ 1796.461091][ T6570] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1796.466798][ T6570] generic_file_read_iter+0x626/0x20a0 [ 1796.472247][ T6570] ? find_get_pages_range_tag+0xae0/0xae0 [ 1796.477951][ T6570] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1796.483314][ T6570] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000010200004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1796.489368][ T6570] ? avc_denied+0x1c0/0x1c0 [ 1796.493863][ T6570] generic_file_splice_read+0x491/0x780 [ 1796.499398][ T6570] ? splice_shrink_spd+0xb0/0xb0 [ 1796.504320][ T6570] ? security_file_permission+0x1e9/0x300 [ 1796.510015][ T6570] ? splice_shrink_spd+0xb0/0xb0 [ 1796.514922][ T6570] splice_direct_to_actor+0x3cf/0xb00 [ 1796.520270][ T6570] ? do_splice_direct+0x3d0/0x3d0 [ 1796.525263][ T6570] ? pipe_to_sendpage+0x300/0x300 [ 1796.530262][ T6570] ? security_file_permission+0x128/0x300 [ 1796.535947][ T6570] do_splice_direct+0x279/0x3d0 [ 1796.540764][ T6570] ? splice_direct_to_actor+0xb00/0xb00 [ 1796.546277][ T6570] ? security_file_permission+0x128/0x300 [ 1796.551964][ T6570] do_sendfile+0x89d/0x1110 [ 1796.556436][ T6570] ? compat_writev+0x390/0x390 [ 1796.561187][ T6570] ? security_file_permission+0x128/0x300 [ 1796.566879][ T6570] ? vfs_write+0x427/0x4f0 [ 1796.571269][ T6570] ? fput_many+0x42/0x1a0 [ 1796.576017][ T6570] __x64_sys_sendfile64+0x1ae/0x220 [ 1796.581191][ T6570] ? __ia32_sys_sendfile+0x240/0x240 [ 1796.586445][ T6570] do_syscall_64+0xcb/0x150 [ 1796.590917][ T6570] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1796.596782][ T6570] RIP: 0033:0x45dd99 [ 1796.600668][ T6570] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1796.620253][ T6570] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1796.628632][ T6570] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1796.636574][ T6570] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1796.644514][ T6570] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1796.652452][ T6570] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003b [ 1796.660397][ T6570] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0xf72eb2eff3b7f219, 0x80080006) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000220004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioprio_set$uid(0x0, 0xee01, 0x4004) ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000080)={0x80000001, 0x20}) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 2 (fault-call:8 fault-nth:60): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000250004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpgrp(r0) ptrace(0x4207, r2) fcntl$setpipe(r1, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:04:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) getsockname(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000100)=0x80) socket$inet_icmp_raw(0x2, 0x3, 0x1) flock(r3, 0x8) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) [ 1796.796100][ T6610] FAULT_INJECTION: forcing a failure. [ 1796.796100][ T6610] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1796.825421][ T6610] CPU: 0 PID: 6610 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1796.836880][ T6610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1796.846917][ T6610] Call Trace: [ 1796.850196][ T6610] dump_stack+0x1b0/0x21e [ 1796.854511][ T6610] ? devkmsg_release+0x11c/0x11c [ 1796.859433][ T6610] ? show_regs_print_info+0x12/0x12 [ 1796.864620][ T6610] ? kasan_alloc_pages+0x4a/0x60 [ 1796.869547][ T6610] should_fail+0x6fb/0x860 [ 1796.873957][ T6610] ? setup_fault_attr+0x2b0/0x2b0 [ 1796.878985][ T6610] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1796.884347][ T6610] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1796.889881][ T6610] ? find_get_entry+0x5da/0x670 [ 1796.894720][ T6610] ? xa_load+0x323/0x340 [ 1796.898947][ T6610] __do_page_cache_readahead+0x244/0x510 [ 1796.904571][ T6610] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1796.910978][ T6610] ? unwind_next_frame+0x1c07/0x22b0 [ 1796.916252][ T6610] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1796.921956][ T6610] generic_file_read_iter+0x626/0x20a0 [ 1796.927412][ T6610] ? find_get_pages_range_tag+0xae0/0xae0 [ 1796.933115][ T6610] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1796.938471][ T6610] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1796.944534][ T6610] ? avc_denied+0x1c0/0x1c0 [ 1796.949025][ T6610] generic_file_splice_read+0x491/0x780 [ 1796.954559][ T6610] ? splice_shrink_spd+0xb0/0xb0 [ 1796.959485][ T6610] ? security_file_permission+0x1e9/0x300 [ 1796.965187][ T6610] ? splice_shrink_spd+0xb0/0xb0 [ 1796.970115][ T6610] splice_direct_to_actor+0x3cf/0xb00 [ 1796.975470][ T6610] ? do_splice_direct+0x3d0/0x3d0 [ 1796.980459][ T6610] ? pipe_to_sendpage+0x300/0x300 [ 1796.985449][ T6610] ? security_file_permission+0x128/0x300 [ 1796.991129][ T6610] do_splice_direct+0x279/0x3d0 [ 1796.995945][ T6610] ? splice_direct_to_actor+0xb00/0xb00 [ 1797.001462][ T6610] ? security_file_permission+0x128/0x300 [ 1797.007190][ T6610] do_sendfile+0x89d/0x1110 [ 1797.011688][ T6610] ? compat_writev+0x390/0x390 [ 1797.016438][ T6610] ? security_file_permission+0x128/0x300 [ 1797.022127][ T6610] ? vfs_write+0x427/0x4f0 [ 1797.026506][ T6610] ? fput_many+0x42/0x1a0 [ 1797.030823][ T6610] __x64_sys_sendfile64+0x1ae/0x220 [ 1797.035995][ T6610] ? __ia32_sys_sendfile+0x240/0x240 [ 1797.041247][ T6610] do_syscall_64+0xcb/0x150 [ 1797.045717][ T6610] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1797.051575][ T6610] RIP: 0033:0x45dd99 [ 1797.055437][ T6610] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1797.075010][ T6610] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1797.083386][ T6610] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000002e0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x28, 0x2, 0x1000) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x200004}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) creat(&(0x7f0000000080)='./bus\x00', 0x12) [ 1797.091322][ T6610] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1797.099262][ T6610] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1797.107220][ T6610] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003c [ 1797.115178][ T6610] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000003f0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1797.141257][T20594] usb 4-1: new high-speed USB device number 74 using dummy_hcd 03:04:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000400004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:22 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x20) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x10000000, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x111100, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE(r3, 0x5000940e, &(0x7f0000000080)={{r2}, "57eaf30765aa281f08fa0da185b5732fdcb066cb152e44ce5acab13994e8ac41cf95e063a9b27065fbb080936f39bae6dc746b7bae5217bf71db02f6a2f442cb0c76e50a45e3ea0941fa8343a4b0dfb1e880b5d0c2d6452f450a7f47c65f1eaf5ef37895fe86c3f765f53a8b6b976cdd2a5812dbe569bf382d4b2d075bfc3a9955be01e04ddbefc7e4dc97f219a6c9dfbc06d74f55440f7a73bc6166fb307d6aa2198ec37ec7d4f46399f7469523bd23c548e64bcc8b531c14faf9dcfd0387eb300299dfdb575032813934ff4ee89c1dd1f8c025db353d5765fb7c31244318cc476a68f94e4c72007757cd0a419d8bb7453fe523fbb1f6953db3244f4a50ac9a37f2a39f73f08a9223a2c6ec0489390a8fa17274bb78a180b288edd9c75ed042bb09577ad4d1518926723a676277bfb53d85de890d4abe50947eab37ba18215efa49852a5f09301ef92344b169a50236a8fca35992fdfa150824f13a5918dcb4d55f6f83788e72c17027510dca482dce2054ec0b2854493fc25c6c28007d8e91ee9d3ca662778c688e576b88d8ba445544731528e2a35e2c4ae5f521e2f17e31fa57a71dae11b77be9e75fb87cc7cc09b6699ad8ec45f413875c0715c8ed8b77abddc1c2ab6f848fd1af9e0b8782b8b1954a1cca65417e09b6ca98c18f6a99373e68fd24f1636c521825d4fdd483581af4be52cd736266ea30c6925def4cfa45acbdd947ff7754e12d052c6e66d56d0437d2efb59fbc81312e263628453ee5d8d4ea992f9c2b2e96f1ba788d4e70859b9445b1efab6e279b341731dd58fbba64d9304c7b58dc7808ad3955ceab8012a1edf09c31673caed0a0dc13fb8192de59219c030804ba1d020f15c576efcc48b8643c2b85b2bd5ccc8b2160e5f67789fd6400b795bd99b945f043efdc61ba636b065919ebf87a36fd44914e0e7d1a8650cc297e5b0bcdad9f26ce289ad1c2a267b2af2769f4f441fd86692f25189a772bfc2ffe995eb03c5908c2e772ac34cab5cfbdb8a72c6ba7b1dafeb6fa07c21c0e6f962b69a6550863e64dbdb1675949563e15b8536800dedf0e7a8bcf2e52edfb348282d0954856ca84270d2880ad6fbf8e9308a5d3529368dc26e22a72eec09d07d1b1ca0cf0ee026a62268510e25cb7d0940f7565d98293926dec9dd0663dcd06fd3f003b1d6f9ef20221737ae4b200a3be53482c4f71b5bcd1899f1f581b4a93918f1022f2cfd27267c81784bb9d6dfb9411be81a63bd08afdef8cd4c00f04c1bbb7ff570446823ec689c35cb52cc682438ac5e07ce94ec49b7aaaf483195db48b8479f4299930218842b8b37f512f4c6f83105806e2b5c3170882b2ad7678c62233a0f766b5b124d777fa6d45699780e83a26eda8f0ffb675eae8f03bc6b8530b641b1eb8d4360946878eb54b18608185be0e0d05815248dc6ea0a2e68a44ade5336764207bc7c66d320797fa5ca464ce5a6f15895bdd268b3cd5150b241a9d4f55b41457e164187b316aac2a9f55e8249b170b8bfaa5cd0323b6efaa1a9b1fceb900d8d12b9bb8666bc1212980318c58cab362a2089f65855f11bf74295fbd7d0652c081319ebbe840ef748c5d531c83462ecca323fef9a88f0e566a93725894c3adeaaf3d2d8a038a3dfd5a5ca44a73ab626d7e9f7b9a70a3e1bf171a05f7cfbee3a158859787196a262a0724074e51bdebb6a3f9390c3483c44a91d972cc4f7787cb7508f2cb898ef74efb65dab4f1a7e55d543341d385bd6e71f743cd98387ef8c0a7eee042a5514ca354a6cc126cf75d9555b618c7575405a93c9ce48affe0c9dbbba4a82170764062454d3cf4d54e275ba51d0131f6924aa20f2658d36267b91f52e364a00efee90adfc1f3d755f6821fbc08bc63ce76392dc8390fec148d426c14eee0f38bb48b0f380158b0d8212201b6b03915443699130f24b4b40e295ffbb86c8cc672ade0be2e34b8f2c623d9a454e90dc59d12b2de352a6424ce4d531fbaa68e601f2ea0f0b3216406670a29866c43cf9b77a15aa43b2762a18973e680dd1d927dbce31dc57217bec44a18eb32130e416810b8897e4651b898dd61dfdd85756ca1d54c087fe7ffd407dd0ef92e064693efbb1663b85eff27966bf0fee9a4d772085c4919239dbdc51022fd5e74aaf5b27cbc4f46cfbcb25b5896e5eb862e85d8a00a0f0784fa6be8540d1039cfbe7168c029f229edd8bd145e2775468e115742d9a8f0ff900ca6a6410e8955610f5199da8af7ee24d09814ff3c71153af3f21202eb5d2b854529bb95aa229a47ed6637bd622b57729a7cae3de33f86427d7e77a7484cce946fb388830e7d3ee8579693180347c2ece349d107487b383086b90189f608bfdd7e8b1388c0e559df1960739184d51d4b0b4e4133c068e2fab108fb360638c283256db3bb6c3cd588887c8217ddcda392efd2d53bca9dd86c63b2ca2aa8002d16db996e3bdf0c2d8301846f1531e3a37213595769ca8af8a86b33d19779f814bd1402499a41ce5e7d891f71e2ab3e08313ea3b595cf059eb7f9417dcce6e27a4df4c400ac16829c8e7f68910d24ce59995e6d3738cc95dbafd8b13cf24e21412452b37206060dd29ac1532ac7961661f7d3d93edec00649fc50f0933e2bd79a42cb9dab81f799066af10bba6957f00667212ab3bb7574fe55eb9588a833a28d9cc0d770848c0b9a2c607faf6d3993efddbbc887eaeac89d91cbbc36a216ed51a2add72127feca9af439421cd0ff303587168d78271602516dcefa54fe450fe5564c63ff1955e36a99abeb1d406da04bd1a7da21c2e4cb388ef51443f5c4be8cd2c7a7c49c5fa3422d567177683c5bde634040be3c89332be8298fe48e43d1d456937760be73f41165eb3bce4838d49d4fe576a3d30e284e3b9a1b9d2dc6c9047a48fc6800adbb38b1c63ba98d856f61c19fac5cdd0df5602204eb0a66592d4e419832741447c5c3e2f56ca0f708b1d99f23794addf704f77672335b8710b03affb499ea61dc1f7bf3f1026c508e71a757f526f64267e21f35efcaacc4785e7501d30a7ec1cbaf44bcc75455b19a5c90665ad43698f9d399ac83a258585d3923fb84620a96744029ade36596c1990512223bc2d75d9813058ee74b44082e2bb57ab0d1222249b0493fd405b7b72a9d817fd2faa1e258db25e7182393658d3b35bb85305d303f23b48f24892d473c87aa701b98af0d1797d4c9e658fb6e70fb385def53c87e21e21344489d206964601cdfa5d4ab212756efc36de771d580fa57c2bd99320f10e4b0d6b81d327bfb6a5cf34c1e38329d86279c639065528eb2853c5b0de83cea3a7861a673003b49fd9f619bef9b3f9f406d2f16c6031af01d6feda16d148cab55828096e31607c518e178a26a2fba677ad675356ecf533308bf9b1bf5d30cc403709f9e80d7d193d2f8d36e0b434a56a75e1d6d0346a4d3dc80e21accda3ca5cc6e5bffad69ef6ebf30f7d5c341cb9dbe3c799d76a3c1983448dec0e643cef69f7ef799a1b49bf93593d7a5648d9897470635d55cadeb59b83a4256437f2eeef3078666c791cdf87c19f1840d1b48f8ddb4804c5b2b43358e2a58473cc0aed7b18c0d0b0329fa9ea5834fea677bdf807350e13e9d9c66784ab66843a4ee000491ef9aaf8b28de76ccccff9cde5b17db4872a5ebfc12f739873c239b11ba97d6e0b47e0edbf8a2ae6d16c67d194a716f1522a1f18b02430c1e5333d9fcae0e33b0a6586ae50e3bee8d6c5464454022b4fa911c9b3411ddd1c9932a740a6add759f2c9db0dffc54c395c95f4878d3e0022525758aa8e731fee2149006e2208b0f1a8954890efb4f56ad7ca45c64aad2419c43e08f5a347a9fa9bee591c0251dea19b22e7c0ac73133408b3d04b628aab016d46dc146662dfa6e3666e223255847db04ce8a2b0e4847e91e95168cdc7801889f8b29bf1fef071c779e538fa48f88228a97e5e21cc54847b0651a1f9a58c1dd3f7458500b5726542034210d8ac490cab224e7f654c604fac98963e58646db2a7908be42f1b51aac88522ffa0f9b3a90d8972f18444f7fe4f858bc4a1ed12faba99ad60949699ee6ca051a45976c53825a6b3f12f467a429fef808841dd56422741440dcba8f3646502aed9755500765d1493aceaf0d472dbde048ac3d08649d3c902d16318b0648d2246d30b4bd1b7a87cbe98be3312e9d43b07fa122bfcb7d49a01a8c28eb6cc59b1e1270f15627c31cdac4a562fa928121614fc17a8c97c18ee79d4b5dfb39f3dba732d8c3edad21b573ed9817f9fff242a471256e7bffa6f871d1d0cfe225c8cc3961f1c8814570e39f3892ae8eae38144d61945a414dc59c280e89a3b5f99025714c5eed90f83fd4d9160dec058cb92bc598aea6210c9700878195e1ae7e3e3d1fcde213753ae3b0e0cf4f0fea31349d0d604a430778ef1124f25a5c79ddaa3d3f947df8f682bcb8b59e0004e80f2136b56d952418dfa3649909db796db15a92419cf684226754bd239f68bb315b0346ed0849ae3099790bbc464cc6e995835158f2024414e8181b4a6b26b8e0f81d0f4f3eb7a123d33e1c7856eccff04f82d11dac2db0557071d6b48529c81779d91a00635293a550b9e0b80ed68233c326ab966bba9ef02cc45e3fc6999f20900352231f06b8c512d3973f1cd5c916db1483488791b07e9689fa8280cd20258fa16d289e0cc3091d885072f96d0d4e376c1ea60d86b1445afff31932d6bad7f584ce2a2775089ea6cdad95207c3ae774c3200de9bd06eefc10658ab390de29989dd454aca95b15fdd96ed99fef3e1607a9d2f09c04dacc290287f6060f1fa5c08e0f575f2ed5bad3c2301105aa572a3c2f5557c2f75ab4e392c84b905ea17d687be3f527233c604ce15c7b65911dd5dde45575e818e4e9c172103ad58a9c46ce8ddb0da311d373bf92b3f253b59056c7c2232995d623f5a62eaa5b8b4a5373194d7ad9a2ca031578e485169040b8fe5dca030897b8a39a0a21031a87bee3ca618006f443a9c2028d68548c55f824a6696228bf54d4c4d4409a9e80cbff06f8b41fc402eaa9517bfbe02a150ea8b98cea2bbf7f998f62ebcd3a6215185c67a0cf59cd6e6787134905e9e6906490d2f4cad12c0102eb62b6c05c409b2e37763adab667923358380694f582365b827203f265d73546742aa185e178a66c4e7eed4f1cf63484f7452891c62b9680aac41935e6ff5cb54cbfcefaa89b461ef1afe4e468f5ee056818664be31a4ae1710c20bca59bb1d83a997643fdc12ccb757b4f0a7af1b5c02b1f5cd9d2960394320379f00bcd708a9b075630784751f2579d9f78fd7790bfb9ee03990ac8b33604b805cdab8f17cf27ec6b693607257f4b711401a3b70c5146e93d1415de49674ea7784eb2d9f9f788beaa1aa9b3c0b30dd81dc479b26676f5f798135c12f56c9af0557a853d70309affc2edd294af3fd6c03266052b22d22d35b2a4aef371eb9b8f2bc67bf0392806783f0d6428ad2a04b163f81cf54b07bbb07589579c5c70f84e524f5dffef24e3d6cf908f7702037ba702a45f8e7542097e4829d6547214799cb5596dc203bb363ba02785df5e6c3a82ba9e031127d1beeb669ba73dbbc259d923a70475dfab0c571576b16ecddabf9ba5bd90f9475a34509650b1d6611c0a8c82f9dc6b8db99af7495f60c99d12b4d7c40800632c9f6056db1860894cfb4a82dacece553a88196ed29562565812d8822080b1a1b63b0c87384dc6b26db69c214ff85619a0243530abaf254fb3d30494"}) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() getpeername(0xffffffffffffffff, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000000200)=0x80) setsockopt$inet6_buf(r1, 0x29, 0x2a, &(0x7f0000000140)="6a6bcbb50b2b", 0x6) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) r6 = gettid() ptrace$setopts(0x4206, r6, 0x0, 0x0) tkill(r6, 0x3c) ptrace$cont(0x18, r6, 0x6, 0x0) ptrace$setregs(0xd, r6, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r6, 0x0, 0x0) sched_setattr(r6, &(0x7f00000001c0)={0x38, 0x0, 0x29, 0x4, 0x8, 0x1000, 0x2000080, 0x7f}, 0x0) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000180)={0x30, 0x5, 0x0, {0x0, 0x4, 0x7fff, 0x6}}, 0x30) 03:04:23 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x80000, 0x7) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = creat(&(0x7f0000000180)='./bus\x00', 0x0) write$FUSE_LSEEK(r6, &(0x7f0000000240)={0x18}, 0x18) r7 = open(&(0x7f00000001c0)='./bus\x00', 0x140042, 0x0) fallocate(r7, 0x0, 0x0, 0x4000004) io_setup(0x83, &(0x7f00000003c0)=0x0) io_submit(r8, 0x6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2703000000000009, 0x8000000, 0x3, 0x1, 0x0, r6, &(0x7f0000000000), 0x3000}]) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000080)=@req={0xc9a, 0x7, 0x54d6, 0xfffffff7}, 0x10) 03:04:23 executing program 2 (fault-call:8 fault-nth:61): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000420004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:23 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000000c0)) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$TIOCMSET(r5, 0x5418, &(0x7f0000000080)=0xfffffff8) sendfile(r1, r3, 0x0, 0x200fc0) [ 1797.296115][ T6657] FAULT_INJECTION: forcing a failure. [ 1797.296115][ T6657] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1797.309517][ T6657] CPU: 0 PID: 6657 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1797.320957][ T6657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1797.330993][ T6657] Call Trace: [ 1797.334272][ T6657] dump_stack+0x1b0/0x21e [ 1797.338587][ T6657] ? devkmsg_release+0x11c/0x11c [ 1797.343510][ T6657] ? show_regs_print_info+0x12/0x12 [ 1797.348694][ T6657] ? kasan_alloc_pages+0x4a/0x60 [ 1797.353618][ T6657] should_fail+0x6fb/0x860 [ 1797.358024][ T6657] ? setup_fault_attr+0x2b0/0x2b0 [ 1797.363041][ T6657] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1797.368402][ T6657] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1797.373943][ T6657] ? find_get_entry+0x5da/0x670 [ 1797.378777][ T6657] ? xa_load+0x323/0x340 [ 1797.383004][ T6657] __do_page_cache_readahead+0x244/0x510 [ 1797.388623][ T6657] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1797.395022][ T6657] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1797.400723][ T6657] generic_file_read_iter+0x626/0x20a0 [ 1797.406174][ T6657] ? find_get_pages_range_tag+0xae0/0xae0 [ 1797.411877][ T6657] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1797.417231][ T6657] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1797.423286][ T6657] ? avc_denied+0x1c0/0x1c0 [ 1797.427771][ T6657] generic_file_splice_read+0x491/0x780 [ 1797.433285][ T6657] ? splice_shrink_spd+0xb0/0xb0 [ 1797.438192][ T6657] ? security_file_permission+0x1e9/0x300 [ 1797.443922][ T6657] ? splice_shrink_spd+0xb0/0xb0 [ 1797.448828][ T6657] splice_direct_to_actor+0x3cf/0xb00 [ 1797.454168][ T6657] ? do_splice_direct+0x3d0/0x3d0 [ 1797.459158][ T6657] ? pipe_to_sendpage+0x300/0x300 [ 1797.464150][ T6657] ? security_file_permission+0x128/0x300 [ 1797.469835][ T6657] do_splice_direct+0x279/0x3d0 [ 1797.474653][ T6657] ? splice_direct_to_actor+0xb00/0xb00 [ 1797.480165][ T6657] ? security_file_permission+0x128/0x300 [ 1797.485849][ T6657] do_sendfile+0x89d/0x1110 [ 1797.490322][ T6657] ? compat_writev+0x390/0x390 [ 1797.495051][ T6657] ? security_file_permission+0x128/0x300 [ 1797.500738][ T6657] ? vfs_write+0x427/0x4f0 [ 1797.505125][ T6657] ? fput_many+0x42/0x1a0 [ 1797.509428][ T6657] __x64_sys_sendfile64+0x1ae/0x220 [ 1797.514596][ T6657] ? __ia32_sys_sendfile+0x240/0x240 [ 1797.519893][ T6657] do_syscall_64+0xcb/0x150 [ 1797.524367][ T6657] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1797.530226][ T6657] RIP: 0033:0x45dd99 [ 1797.534087][ T6657] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1797.553657][ T6657] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1797.562038][ T6657] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1797.569978][ T6657] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1797.577917][ T6657] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1797.585863][ T6657] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003d [ 1797.593811][ T6657] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1797.681299][T20594] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1797.690325][T20594] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1797.699587][T20594] usb 4-1: Product: syz [ 1797.704110][T20594] usb 4-1: Manufacturer: syz [ 1797.708677][T20594] usb 4-1: SerialNumber: syz 03:04:25 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000080)={'broute\x00'}, &(0x7f0000000100)=0x78) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x94, 0x0, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x2, 0x61}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x94}, 0x1, 0x0, 0x0, 0x8000}, 0x4) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) r4 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) open$dir(&(0x7f0000000180)='./bus\x00', 0x400, 0xe2) sendfile(r3, r5, 0x0, 0x200fc0) ioctl$FS_IOC_GETFLAGS(r5, 0x80086601, &(0x7f0000000140)) 03:04:25 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="29000000040000000000000000000000020000000000000000000000000000000100000000000000007ba3d443959f3617f4bfa55199e72ed2142661e53b05e4f53c585337ccf76fb46552343776c7e0df36dd9e9ff18ffa0452c637edb5b44d7b4cfd82479dd735d07ac042bd6b065142ba8ca6685bd0c55b05b70f8f204e47f392ffd89a8b4783d1e05e52eb0c34630fb11c7710466811b247cc11e2ce2baee2da7f294d0dd314704131b909c8551289124b61170e58bc5e5265a0754e8320094a9bac464052e4068f7172ca19dbefe4ec9f67bac87c6f84c114d65657484a5a066f326b655ca1258ac3ad7d59b19a2ff4fa9977d5e77499fa43b451a5ae731133c852057c15de15e657df"], 0x29) r4 = syz_io_uring_complete(0x0) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000100)={0x0, 0x1, 0xfffffc01, 0x2b78, 0x12, "452ba0461b236411787a32e3bad5ab6a256f06"}) ioctl$KDGETLED(r0, 0x4b31, &(0x7f00000000c0)) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000480004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x4, 0x5, 0x0, 0x0, 0x9049, 0x290, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x1000003f, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x101000, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x2e, &(0x7f0000000080)="dd38ceea09c6e37c8650ba2825c66c6101b98077608378f60151edfdf32c909f16c2d4ff0989a0b74c19833adab57b3c5ee6c82674e67e53f9ba7fa83067916450278a973b1ea42a6b6bb7a39f9971de3b83def0fe4a36", 0x57) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r7}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) ioctl$FITHAW(r5, 0xc0045878) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:04:25 executing program 2 (fault-call:8 fault-nth:62): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:25 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1799.818171][T20594] usb 4-1: USB disconnect, device number 74 [ 1799.836338][ T6675] FAULT_INJECTION: forcing a failure. [ 1799.836338][ T6675] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1799.862443][ T6675] CPU: 0 PID: 6675 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1799.873977][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1799.884016][ T6675] Call Trace: [ 1799.887296][ T6675] dump_stack+0x1b0/0x21e [ 1799.891615][ T6675] ? devkmsg_release+0x11c/0x11c [ 1799.896543][ T6675] ? show_regs_print_info+0x12/0x12 [ 1799.901729][ T6675] ? kasan_alloc_pages+0x4a/0x60 [ 1799.906657][ T6675] should_fail+0x6fb/0x860 [ 1799.911063][ T6675] ? setup_fault_attr+0x2b0/0x2b0 [ 1799.916081][ T6675] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1799.921443][ T6675] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1799.926976][ T6675] ? find_get_entry+0x5da/0x670 [ 1799.931812][ T6675] ? xa_load+0x323/0x340 [ 1799.936042][ T6675] __do_page_cache_readahead+0x244/0x510 [ 1799.941663][ T6675] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1799.948064][ T6675] ? unwind_next_frame+0x1c07/0x22b0 [ 1799.953335][ T6675] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1799.959042][ T6675] generic_file_read_iter+0x626/0x20a0 [ 1799.964494][ T6675] ? find_get_pages_range_tag+0xae0/0xae0 [ 1799.970203][ T6675] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1799.975563][ T6675] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1799.981627][ T6675] generic_file_splice_read+0x491/0x780 [ 1799.987167][ T6675] ? splice_shrink_spd+0xb0/0xb0 [ 1799.992097][ T6675] ? security_file_permission+0x1e9/0x300 [ 1799.997804][ T6675] ? splice_shrink_spd+0xb0/0xb0 [ 1800.002726][ T6675] splice_direct_to_actor+0x3cf/0xb00 [ 1800.008087][ T6675] ? do_splice_direct+0x3d0/0x3d0 [ 1800.013095][ T6675] ? pipe_to_sendpage+0x300/0x300 [ 1800.018110][ T6675] ? security_file_permission+0x128/0x300 [ 1800.023816][ T6675] do_splice_direct+0x279/0x3d0 [ 1800.028658][ T6675] ? splice_direct_to_actor+0xb00/0xb00 [ 1800.034198][ T6675] ? security_file_permission+0x128/0x300 [ 1800.039910][ T6675] do_sendfile+0x89d/0x1110 [ 1800.044408][ T6675] ? compat_writev+0x390/0x390 [ 1800.049158][ T6675] ? security_file_permission+0x128/0x300 [ 1800.054862][ T6675] ? vfs_write+0x427/0x4f0 [ 1800.059264][ T6675] ? fput_many+0x42/0x1a0 [ 1800.063590][ T6675] __x64_sys_sendfile64+0x1ae/0x220 03:04:25 executing program 3: r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x31) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) fcntl$getown(r1, 0x9) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r1, 0x40089413, &(0x7f0000000080)) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) r3 = dup(r0) sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x81}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x4008000) 03:04:25 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) socket$nl_audit(0x10, 0x3, 0x9) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:25 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='\x00', 0x0, 0x101) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:25 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x3, 0x3) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14) r3 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0)='SMC_PNETID\x00') sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x44, r3, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x1) r4 = socket$netlink(0x10, 0x3, 0x16) r5 = syz_open_dev$evdev(&(0x7f00000002c0)='/dev/input/event#\x00', 0x65c, 0x0) splice(r4, &(0x7f0000000200)=0xe1, r5, &(0x7f0000000300)=0x7fff, 0xffffffff7fffffff, 0x8) close(r1) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) [ 1800.068776][ T6675] ? __ia32_sys_sendfile+0x240/0x240 [ 1800.074051][ T6675] do_syscall_64+0xcb/0x150 [ 1800.078544][ T6675] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1800.084440][ T6675] RIP: 0033:0x45dd99 [ 1800.088317][ T6675] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1800.107903][ T6675] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:04:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000004c0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:25 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000080)={0x1, 0x7}) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r5 = socket(0x1d, 0x4, 0xfffffffe) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00') sendmsg$NL80211_CMD_GET_POWER_SAVE(r5, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r6, 0x10, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x5e814) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000600004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1800.116297][ T6675] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1800.124253][ T6675] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1800.132210][ T6675] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.140153][ T6675] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003e [ 1800.148100][ T6675] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000680004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x10000020, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KDGETMODE(r3, 0x4b3b, &(0x7f0000000000)) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$TIPC_CMD_GET_LINKS(r5, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x61}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) 03:04:26 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x7b, 0x2}, 0x7) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 2 (fault-call:8 fault-nth:63): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ioctl$KDADDIO(r0, 0x4b34, 0x4) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000080)={0x10001, 0x9, 0x1f, 0x200, 0x4, "fab7a69991a1c4806b8c045bc82f635233915e"}) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000006c0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000080)) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000740004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000007a0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1800.403725][ T6738] FAULT_INJECTION: forcing a failure. [ 1800.403725][ T6738] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1800.447906][ T6738] CPU: 1 PID: 6738 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1800.459383][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1800.469423][ T6738] Call Trace: [ 1800.472702][ T6738] dump_stack+0x1b0/0x21e [ 1800.477027][ T6738] ? devkmsg_release+0x11c/0x11c [ 1800.481956][ T6738] ? show_regs_print_info+0x12/0x12 [ 1800.487142][ T6738] ? kasan_alloc_pages+0x4a/0x60 [ 1800.492065][ T6738] should_fail+0x6fb/0x860 [ 1800.496472][ T6738] ? setup_fault_attr+0x2b0/0x2b0 [ 1800.501486][ T6738] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1800.506851][ T6738] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1800.512381][ T6738] ? find_get_entry+0x5da/0x670 [ 1800.517220][ T6738] ? xa_load+0x323/0x340 [ 1800.521451][ T6738] __do_page_cache_readahead+0x244/0x510 [ 1800.527071][ T6738] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1800.533470][ T6738] ? unwind_next_frame+0x1c07/0x22b0 [ 1800.538742][ T6738] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1800.544448][ T6738] generic_file_read_iter+0x626/0x20a0 [ 1800.549899][ T6738] ? find_get_pages_range_tag+0xae0/0xae0 [ 1800.555603][ T6738] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1800.560961][ T6738] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1800.567016][ T6738] ? avc_denied+0x1c0/0x1c0 [ 1800.571509][ T6738] generic_file_splice_read+0x491/0x780 [ 1800.577042][ T6738] ? splice_shrink_spd+0xb0/0xb0 [ 1800.581971][ T6738] ? security_file_permission+0x1e9/0x300 [ 1800.587674][ T6738] ? splice_shrink_spd+0xb0/0xb0 [ 1800.592601][ T6738] splice_direct_to_actor+0x3cf/0xb00 [ 1800.597960][ T6738] ? do_splice_direct+0x3d0/0x3d0 [ 1800.602966][ T6738] ? pipe_to_sendpage+0x300/0x300 [ 1800.607980][ T6738] ? security_file_permission+0x128/0x300 [ 1800.613680][ T6738] do_splice_direct+0x279/0x3d0 [ 1800.618517][ T6738] ? splice_direct_to_actor+0xb00/0xb00 [ 1800.624056][ T6738] ? security_file_permission+0x128/0x300 [ 1800.629760][ T6738] do_sendfile+0x89d/0x1110 [ 1800.634250][ T6738] ? compat_writev+0x390/0x390 [ 1800.639002][ T6738] ? security_file_permission+0x128/0x300 [ 1800.644716][ T6738] ? vfs_write+0x427/0x4f0 [ 1800.649118][ T6738] ? fput_many+0x42/0x1a0 [ 1800.653440][ T6738] __x64_sys_sendfile64+0x1ae/0x220 [ 1800.658625][ T6738] ? __ia32_sys_sendfile+0x240/0x240 [ 1800.663896][ T6738] do_syscall_64+0xcb/0x150 [ 1800.668387][ T6738] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1800.674264][ T6738] RIP: 0033:0x45dd99 [ 1800.678145][ T6738] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:04:26 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0) setfsuid(0xee01) 03:04:26 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r4, 0x8010661b, &(0x7f0000000080)) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000ffffff8c0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000080)=0x4) r1 = syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f0000000100)='./bus\x00', 0x6, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="5b6205095e6c1475e9abdceb3395b5740d553476789022ba0593fe27fe5a86afcceaea15a902d98b6eb57a3c36a81d7fd597c4d1a427b26d541630", 0x3b, 0x5}, {&(0x7f0000000180)="1a8a30bd2d01f617c3d8b4335d086916fcd09788a6eb6d3b9623f6767ba07ea569edd468654121565a23269777a89b02a0c861bb71e8f5fa1a2e9be23b41faa0ac3663dbb25ddab49dfb8de13f32cc7ca8c1e14b9e519d79e70b1ece73fdefaca81ce21d17b552ea05942149ddc39c13c5767ea3d5e8a9fc25bd65dbc47f1afb2d5d2956019bd5bc58edb32204765897286637ee38248041d11a49d4468d0210a1c35d8c89a5ce529c828c5467322e2889921267ac0e4ee356336d", 0xbb, 0x5}], 0x209000, &(0x7f0000000280)={[{@noinline_xattr='noinline_xattr'}, {@noinline_data='noinline_data'}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@euid_gt={'euid>'}}, {@fowner_gt={'fowner>', 0xee00}}]}) execveat(r1, &(0x7f0000000300)='./bus\x00', &(0x7f0000000440)=[&(0x7f0000000340)='7*+\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='+].\x00', &(0x7f0000000400)='\x00'], &(0x7f0000000500)=[&(0x7f0000000480)='\x00', &(0x7f00000004c0)='-\\$:+@\x00'], 0x400) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) socket(0x1e, 0x4, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0xffffffff}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000740)=ANY=[@ANYBLOB="8b49ac00dc4954cbeaa0c6e56c2f1a832366dd42ef89e065d3614eb917f242daa15a5851602315c53576627004000000488de7e5e5c0cdff724a95f6dc019a1baa26fb7877a81fbf56c69b672d1243d1ae3915049374d1e363c430f880fc014e26f6e593858798352176be2961264a75e509c3fe105c168e68e51465854ee86e0472dab1091ce1b676aab14a0b4b2b14cb1895b1ec785a1e0cc0cecc4b22571e9fdb26af67d732f9041ce3f91c1a613b3ff6dba8c38ddffa4ab4549551998ee88086820ac3c825e61747e9cf6d7ffda0a1b11fbda434be0a41244a78a30124b1c65cfe21195fe3caf78cfe", @ANYRES16=0x0, @ANYBLOB="040027bd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="0600060002000000080008000300000008000700", @ANYRES32=r6, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40000) sendfile(r2, r4, 0x0, 0x200fc0) [ 1800.697731][ T6738] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1800.706129][ T6738] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1800.714086][ T6738] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1800.722044][ T6738] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.730003][ T6738] R10: 0000000000200fc0 R11: 0000000000000246 R12: 000000000000003f [ 1800.737961][ T6738] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4) sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x6, 0x5, 0x0, 0x202, 0x0, 0x10}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x678, 0xfffa, 0x2, 0x356, 0x14, "8a2f22edadc2125f"}) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:26 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x164) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) prctl$PR_SET_PDEATHSIG(0x1, 0xa) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x800, 0x0) ioctl$sock_inet_SIOCDELRT(r4, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}, {0x2, 0x4e22, @private=0xa010102}, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x204, 0x0, 0x0, 0x0, 0xfbff, &(0x7f0000000100)='nr0\x00', 0x1}) fchmodat(r0, &(0x7f0000000080)='./bus/file0\x00', 0xe0) 03:04:26 executing program 2 (fault-call:8 fault-nth:64): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000edc00004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x7fffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000400)='/dev/loop-control\x00', 0x82d40, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0xffffffffffffffff, 0x0, 0x0) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bsg\x00', 0x80, 0x0) clone3(&(0x7f0000000340)={0x0, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0), {0x3c}, &(0x7f0000000140)=""/211, 0xd3, &(0x7f0000000240)=""/14, &(0x7f00000002c0)=[r0, r0, r0, 0x0, 0x0, r0, r0, 0x0], 0x8, {r4}}, 0x58) 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffffff60004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:26 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) syncfs(r3) r4 = memfd_create(&(0x7f00000000c0)='^#*$\x00', 0x0) ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000100)={0x3, 0x8, 0xec}) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) [ 1800.988808][ T6783] FAULT_INJECTION: forcing a failure. [ 1800.988808][ T6783] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1801.010038][ T6783] CPU: 0 PID: 6783 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1801.021495][ T6783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1801.031536][ T6783] Call Trace: [ 1801.034945][ T6783] dump_stack+0x1b0/0x21e [ 1801.039262][ T6783] ? devkmsg_release+0x11c/0x11c [ 1801.044189][ T6783] ? show_regs_print_info+0x12/0x12 [ 1801.049372][ T6783] ? kasan_alloc_pages+0x4a/0x60 [ 1801.054306][ T6783] should_fail+0x6fb/0x860 [ 1801.058711][ T6783] ? setup_fault_attr+0x2b0/0x2b0 [ 1801.063727][ T6783] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1801.069089][ T6783] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1801.074624][ T6783] ? find_get_entry+0x5da/0x670 [ 1801.079465][ T6783] ? xa_load+0x323/0x340 [ 1801.083696][ T6783] __do_page_cache_readahead+0x244/0x510 03:04:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffffdf90004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1801.089321][ T6783] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1801.095721][ T6783] ? unwind_next_frame+0x1c07/0x22b0 [ 1801.100993][ T6783] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1801.106698][ T6783] generic_file_read_iter+0x626/0x20a0 [ 1801.112175][ T6783] ? find_get_pages_range_tag+0xae0/0xae0 [ 1801.117967][ T6783] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1801.123323][ T6783] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1801.129379][ T6783] ? avc_denied+0x1c0/0x1c0 [ 1801.133875][ T6783] generic_file_splice_read+0x491/0x780 [ 1801.139410][ T6783] ? splice_shrink_spd+0xb0/0xb0 [ 1801.144341][ T6783] ? security_file_permission+0x1e9/0x300 [ 1801.150057][ T6783] ? splice_shrink_spd+0xb0/0xb0 [ 1801.154981][ T6783] splice_direct_to_actor+0x3cf/0xb00 [ 1801.160342][ T6783] ? do_splice_direct+0x3d0/0x3d0 [ 1801.165352][ T6783] ? pipe_to_sendpage+0x300/0x300 [ 1801.170367][ T6783] ? security_file_permission+0x128/0x300 [ 1801.176068][ T6783] do_splice_direct+0x279/0x3d0 [ 1801.180904][ T6783] ? splice_direct_to_actor+0xb00/0xb00 [ 1801.186459][ T6783] ? security_file_permission+0x128/0x300 [ 1801.192168][ T6783] do_sendfile+0x89d/0x1110 [ 1801.196661][ T6783] ? compat_writev+0x390/0x390 [ 1801.201415][ T6783] ? security_file_permission+0x128/0x300 [ 1801.207123][ T6783] ? vfs_write+0x427/0x4f0 [ 1801.211519][ T6783] ? fput_many+0x42/0x1a0 [ 1801.215824][ T6783] __x64_sys_sendfile64+0x1ae/0x220 [ 1801.221000][ T6783] ? __ia32_sys_sendfile+0x240/0x240 [ 1801.226265][ T6783] do_syscall_64+0xcb/0x150 [ 1801.230738][ T6783] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1801.236600][ T6783] RIP: 0033:0x45dd99 [ 1801.240483][ T6783] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1801.260058][ T6783] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1801.268460][ T6783] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1801.276409][ T6783] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1801.284399][ T6783] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1801.292397][ T6783] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000040 [ 1801.300341][ T6783] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:27 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = syz_mount_image$msdos(&(0x7f0000000080)='msdos\x00', &(0x7f00000000c0)='./bus\x00', 0x53da, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000100)="2445104102dd79dd4c2822a2bec2468756763c985efc2d267acd719f7f29db2502f4e89b0b2b4c3f0337d22164b63b696dc9cc6ec5051e57736f2da0dd03a90676fa488a372c080b5437c100148c7839c87990478e1cee742b924a1afd052d0760c64c399e927d51d054a158443e1136106bb9d676f130b641767ba2444a3d6540bf232be409697985f6500a89580fcc2fcb1cec2c3a959286058aafb0186a77a3cacf9be45a469a1ab94a1f98d617d01d08bc4071afb74c58e2e106a2a84e738d9ac1048170c322df790ff8287dd751e0a33b63ea3e2ffa66", 0xd9}, {&(0x7f0000000200)="47d0ee7ba2fe29f1032b3b18d5569f9f209d6d7d68dedf82bbc92fd2f13c2d5ea0efd9f2315abcb170d768dff95d885f28251040c6394b76b4d1f48703044b547bc309ff92a94440b559ce02d25fb8e0d2a1e2ad34315dd9d058caa4480b2482173f6b47920629", 0x67, 0x100}, {&(0x7f0000000280)="9c24f202e1c2", 0x6, 0x80000000}, {&(0x7f00000002c0)="489c40ef01e9415ade61c2e54347d8542b1b2d6f3cef6e996ef56b270f4b39083f1cb8406250a27d26dee142396ccc8b89b578736c43c394b90f2377a1144a9bb27f43102f3de45fe4654604c28689f911d42617c5039782689e300828e631d712ed2545154e35cd5603053ca178d4445fdd4da2fb3c095d54735f0e22e692247d45bd33a83f143f076f85b5a50a69eeb2394f74f69deb1cc0cc47854eaafed8b1b3c914ab05d06098ff2ff4f4ec67d3d7f34ba199dad3d961e1d272f40a3728ff74a6b0ab22481aac1f52f0317ca3889d1be8cd166fcc9812a730ede3ba46aff3654ae79e34250232272a328df2e5a22d", 0xf1, 0xd7}], 0x10, &(0x7f0000000440)={[{@dots='dots'}, {@nodots='nodots'}, {@dots='dots'}, {@fat=@nfs='nfs'}, {@nodots='nodots'}, {@fat=@nfs='nfs'}, {@dots='dots'}, {@nodots='nodots'}], [{@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@fowner_gt={'fowner>', 0xee01}}]}) futimesat(r1, &(0x7f00000004c0)='./bus\x00', &(0x7f0000000500)) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) 03:04:27 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:27 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xad) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffffdfd0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$AUDIT_DEL_RULE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x428, 0x3f4, 0x400, 0x70bd26, 0x25dfdbfd, {0x0, 0x1, 0x31, [0x7ff, 0xfffffff7, 0x2, 0x0, 0x800, 0x4, 0x0, 0x7, 0x8, 0x4, 0x5, 0x1, 0x2, 0x8, 0x7d19, 0x1, 0xfffffc00, 0x7, 0x64, 0x200, 0x0, 0xa80, 0x5, 0x2, 0x0, 0x7fffffff, 0x0, 0x1000, 0xffff, 0x9, 0x2, 0x8, 0x4, 0x3ff, 0xf2c2, 0x4, 0x5, 0x1000, 0xc, 0x101, 0xa3, 0x7, 0x7, 0x1, 0x2, 0x7, 0x6, 0xfff, 0xab, 0xc0000, 0x1, 0x3c, 0x0, 0x80000001, 0x0, 0x3ff, 0x80, 0x7, 0x7, 0x5, 0x3e, 0x80000000, 0x101, 0xfffffffe], [0x390, 0x6056, 0x9, 0xc3a3, 0x7, 0x7, 0x3, 0x6, 0x80, 0x4, 0xbd, 0x8a1c, 0x5, 0xfff, 0x3f, 0x1f, 0x4, 0x24000, 0x5, 0x4, 0xef0, 0x8, 0x0, 0x7ff000, 0x5, 0x8000, 0xfff, 0x6, 0xc4e7, 0x4, 0x3, 0x58, 0x7, 0x80000000, 0x0, 0x1, 0x9, 0x5, 0x200, 0x6, 0x10000, 0x1, 0x6, 0x0, 0x6, 0x2, 0x5, 0x101, 0x0, 0x1, 0x4, 0x7f, 0x4, 0x4, 0x6, 0x9, 0x4, 0x8, 0xffffffff, 0x7, 0x572d, 0x4, 0x1f, 0x9], [0x7, 0x3, 0x8, 0x6ce, 0xfffffff7, 0x80, 0x1, 0x1ff, 0x1, 0x8000, 0x100, 0x7c7, 0x0, 0x800, 0x3, 0x0, 0x5, 0x1, 0x9d6d, 0xd6, 0x7, 0x1, 0x1, 0x3e54, 0xffff, 0x200, 0x20, 0xee, 0x7d1, 0x273, 0x1f, 0x400, 0x101, 0x4, 0x1, 0xfffffffc, 0x5, 0x9, 0x3, 0x400, 0x7fff, 0x6, 0x1, 0x5, 0x1, 0x0, 0x5d6e4767, 0x6, 0x3, 0x6, 0x2, 0xf6, 0x7, 0x3ff, 0x35, 0x41, 0x101, 0x5, 0x81, 0x6c0b3edb, 0x9, 0xe7, 0xde, 0x3436], [0xfffffff3, 0x401, 0x6, 0x2, 0xffffff74, 0x7f, 0x0, 0x2, 0x1, 0x9, 0x7, 0x0, 0x2e51, 0x4, 0x6, 0x6, 0x80, 0x0, 0xfffffffb, 0xa772, 0x8, 0x100, 0x3, 0x2, 0xb9f7e23a, 0x8001, 0x2, 0x6, 0x5, 0x7, 0x7fff, 0x49, 0x8, 0x9, 0x9, 0x2, 0x0, 0xff, 0x6, 0x1, 0x60, 0x5a1f, 0x6, 0x7, 0x8, 0x0, 0xd73, 0x3, 0x2a, 0x6, 0x8, 0x100, 0x80000000, 0x3f, 0x9, 0x2, 0x20, 0x7fffffff, 0x5, 0x7fffffff, 0x4, 0x29, 0xb67a, 0x8], 0x6, ['#])\x00', '-\x00']}, ["", ""]}, 0x428}, 0x1, 0x0, 0x0, 0x44}, 0x4000000) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:27 executing program 2 (fault-call:8 fault-nth:65): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffffffe0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f00000000000000000fff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1801.455513][ T6815] FAULT_INJECTION: forcing a failure. [ 1801.455513][ T6815] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1801.478714][ T6815] CPU: 1 PID: 6815 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1801.490173][ T6815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1801.500211][ T6815] Call Trace: [ 1801.503498][ T6815] dump_stack+0x1b0/0x21e [ 1801.507930][ T6815] ? devkmsg_release+0x11c/0x11c [ 1801.512861][ T6815] ? show_regs_print_info+0x12/0x12 [ 1801.518044][ T6815] ? kasan_alloc_pages+0x4a/0x60 [ 1801.522971][ T6815] should_fail+0x6fb/0x860 [ 1801.527375][ T6815] ? setup_fault_attr+0x2b0/0x2b0 [ 1801.532391][ T6815] __alloc_pages_nodemask+0x1ee/0x7c0 [ 1801.537760][ T6815] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1801.543298][ T6815] ? find_get_entry+0x5da/0x670 [ 1801.548132][ T6815] ? xa_load+0x323/0x340 [ 1801.552363][ T6815] __do_page_cache_readahead+0x244/0x510 [ 1801.557982][ T6815] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1801.564381][ T6815] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1801.570086][ T6815] generic_file_read_iter+0x626/0x20a0 [ 1801.575544][ T6815] ? find_get_pages_range_tag+0xae0/0xae0 [ 1801.581251][ T6815] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1801.586611][ T6815] ? avc_denied+0x1c0/0x1c0 [ 1801.591098][ T6815] ? __perf_event_task_sched_out+0x1127/0x1250 [ 1801.597238][ T6815] generic_file_splice_read+0x491/0x780 [ 1801.602778][ T6815] ? splice_shrink_spd+0xb0/0xb0 [ 1801.607709][ T6815] ? security_file_permission+0x1e9/0x300 [ 1801.613411][ T6815] ? splice_shrink_spd+0xb0/0xb0 [ 1801.618332][ T6815] splice_direct_to_actor+0x3cf/0xb00 [ 1801.623695][ T6815] ? do_splice_direct+0x3d0/0x3d0 [ 1801.628706][ T6815] ? pipe_to_sendpage+0x300/0x300 [ 1801.633776][ T6815] ? security_file_permission+0x128/0x300 [ 1801.639468][ T6815] do_splice_direct+0x279/0x3d0 [ 1801.644284][ T6815] ? splice_direct_to_actor+0xb00/0xb00 [ 1801.649796][ T6815] ? security_file_permission+0x128/0x300 [ 1801.655478][ T6815] do_sendfile+0x89d/0x1110 [ 1801.659948][ T6815] ? compat_writev+0x390/0x390 [ 1801.664695][ T6815] ? security_file_permission+0x128/0x300 [ 1801.670379][ T6815] ? vfs_write+0x427/0x4f0 [ 1801.674759][ T6815] ? fput_many+0x42/0x1a0 [ 1801.679056][ T6815] __x64_sys_sendfile64+0x1ae/0x220 [ 1801.684220][ T6815] ? __ia32_sys_sendfile+0x240/0x240 [ 1801.689471][ T6815] do_syscall_64+0xcb/0x150 [ 1801.693949][ T6815] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1801.699811][ T6815] RIP: 0033:0x45dd99 [ 1801.703674][ T6815] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1801.723241][ T6815] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1801.731619][ T6815] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1801.739571][ T6815] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1801.747510][ T6815] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffffbff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:27 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x13c) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f00000000c0)={0x1, 0x3}) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r2 = socket$inet6(0xa, 0x400000000001, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000080)={0x6000}) close(r2) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x200fc0) [ 1801.755453][ T6815] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000041 [ 1801.763391][ T6815] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:27 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) socket$packet(0x11, 0x2, 0x300) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) socket(0x11, 0x800000003, 0x0) close(0xffffffffffffffff) r6 = socket(0x1e, 0x4, 0x0) connect$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r7 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r7, 0x0, 0x200fc0) ioctl$TCSETS(r7, 0x5402, &(0x7f0000000080)={0x5, 0x320, 0x769, 0x600, 0x1, "75f48123d76606fd183c1a69b397917ae00a5d"}) 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fffbffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:27 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x680042, 0x0) socket$key(0xf, 0x3, 0x2) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) r4 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000f9fdffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:27 executing program 2 (fault-call:8 fault-nth:66): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:27 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_KEYBIT(r2, 0x40045565, 0x127) close(r1) r3 = socket(0x1e, 0x4, 0x0) sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x8, 0x2, 0x8}}, [""]}, 0x24}}, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) [ 1802.041030][ T6840] FAULT_INJECTION: forcing a failure. [ 1802.041030][ T6840] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.053639][ T6840] CPU: 1 PID: 6840 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1802.065070][ T6840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1802.075112][ T6840] Call Trace: [ 1802.078400][ T6840] dump_stack+0x1b0/0x21e [ 1802.082724][ T6840] ? devkmsg_release+0x11c/0x11c [ 1802.087651][ T6840] ? show_regs_print_info+0x12/0x12 [ 1802.092836][ T6840] ? memset+0x1f/0x40 [ 1802.096808][ T6840] ? unwind_next_frame+0x1c07/0x22b0 [ 1802.102082][ T6840] should_fail+0x6fb/0x860 [ 1802.106486][ T6840] ? setup_fault_attr+0x2b0/0x2b0 [ 1802.111496][ T6840] ? xas_create+0xe07/0x1360 [ 1802.116079][ T6840] should_failslab+0x5/0x20 [ 1802.120569][ T6840] kmem_cache_alloc+0x36/0x250 [ 1802.125319][ T6840] xas_create+0xe07/0x1360 [ 1802.129728][ T6840] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 1802.135261][ T6840] xas_store+0x93/0x13b0 03:04:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x52000800}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000000012da27431f7f360ffbffffff796fd5a90ae873bdbe9e189811d40857e2c5323ef135725d08ced88fa363b1fdb7ae0c928b0135c2993239818d0387029db18e3002a9df00021580982669901a083dd400ab432b9863835e75af97213dec9a337cfb644e0ea2f41dd3ddc497a7524d9390ac473900452427ad81aea0950c102051df8519b3c05d7d262c44e3bc51efa6a23ac536979726b176a560c7e12247ee20309b2192d2c1c7a28bb3b6dff24ac0f244d823ab4b653ae79b5268f77b13a2fbe3b2f867a4c0e472b7229ca911abf4ed2f4fa9ba11d46b8c7bb3094baa00000000000000000000000000000000fec9b387473980a372a22557f477c10df7160b2d9a5ff60df76b8097637ca3bc72c91cc376de6dc3b767683f803a909e1ba039df52716afe91d9926de5db3596e97fe6f745de41f17eb8a1412d", @ANYRES16, @ANYBLOB="420000000000fedbdf25012da49a0000002c00fa8014000200687372304000000033994deb020096ddc840eac6e5f2422c27e2b90a256c6572300000cc00000000000000000000000000000000000000893b4c0ba7cb6cfb0d5adf6306479c70aea0cba9cd6e075c00aef570a0def55eb045e5f60100008b6c40b3ff33edf610fd560f81e3215414f6c2a16f39804712a78cd870281d9015c8509426fc0334f37ff93fa69d6b847887a1be6fde42fae4c98bf9d7a1fe2cea8edd267be62cf5d5864c39dff68ea342732f120c8805946e65aa906a27bc74ac2aebd412b7035dda17d5320c6b79f6822c5cf1c19625ea942fa07d574c994f1820c67a9b7543129032bda11a56dcff827d8a70c6c6f8521cdb810000000000000000000000003bb21a7e7401be6b4f15520733f484cc916295115b40f1c9ef058ec45a36103c9f31988e858371052ab6bfb419180b71338adaecbfde0a161ba8259cede8b271c278fdf908000000000000003bc6ffdb98027105ef9bf0ecf6998635d2aad8d35cf8e667a789a54fba4d"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000300)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="2000000015000100000000000000000002000000", @ANYRES32=r3, @ANYBLOB="081d0200ffffffff"], 0x20}}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x60, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0xffffffffffffffbd, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x4000000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x110, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000080)={'ip6gre0\x00', 0x0, 0xb02867d4f6422f13, 0x4, 0x3, 0x759, 0x41, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80, 0x8, 0xfffffffd}}) ioctl$BLKPBSZGET(r5, 0x127b, &(0x7f0000000140)) r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x240040, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x10, r4, 0x10000000) r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7) [ 1802.139489][ T6840] ? _raw_spin_lock_irq+0xa2/0x180 [ 1802.144586][ T6840] ? _raw_spin_lock_irqsave+0x1c0/0x1c0 [ 1802.150113][ T6840] ? xas_load+0x46f/0x4c0 [ 1802.154430][ T6840] __add_to_page_cache_locked+0x390/0x8a0 [ 1802.160136][ T6840] ? add_to_page_cache_locked+0x30/0x30 [ 1802.165668][ T6840] ? workingset_activation+0x150/0x150 [ 1802.171116][ T6840] add_to_page_cache_lru+0x11d/0x280 [ 1802.176390][ T6840] ? __add_to_page_cache_locked+0x8a0/0x8a0 [ 1802.182268][ T6840] ? __perf_event_task_sched_out+0x1127/0x1250 [ 1802.188410][ T6840] ext4_mpage_readpages+0x467/0x1eb0 [ 1802.193681][ T6840] ? perf_pmu_sched_task+0x370/0x370 [ 1802.198952][ T6840] ? switch_mm_irqs_off+0x46e/0x870 [ 1802.204136][ T6840] ? switch_mm+0xe0/0xe0 [ 1802.208370][ T6840] ? ext4_end_bio+0x590/0x590 [ 1802.213034][ T6840] ? prep_new_page+0x11a/0x380 [ 1802.217789][ T6840] ? ext4_readpages+0x8b/0x110 [ 1802.222541][ T6840] ? ext4_journalled_set_page_dirty+0x30/0x30 [ 1802.228589][ T6840] read_pages+0x108/0x3f0 [ 1802.232907][ T6840] ? __do_page_cache_readahead+0x510/0x510 [ 1802.238699][ T6840] ? xa_load+0x323/0x340 [ 1802.242929][ T6840] __do_page_cache_readahead+0x470/0x510 [ 1802.248551][ T6840] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 1802.249722][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1802.255057][ T6840] ? unwind_next_frame+0x1c07/0x22b0 [ 1802.255066][ T6840] ? page_cache_sync_readahead+0xa3/0x3c0 [ 1802.255075][ T6840] generic_file_read_iter+0x626/0x20a0 [ 1802.255088][ T6840] ? find_get_pages_range_tag+0xae0/0xae0 [ 1802.255101][ T6840] ? avc_has_perm_noaudit+0x2fc/0x3f0 [ 1802.291689][ T6840] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1802.297741][ T6840] ? avc_denied+0x1c0/0x1c0 [ 1802.302234][ T6840] generic_file_splice_read+0x491/0x780 [ 1802.307760][ T6840] ? splice_shrink_spd+0xb0/0xb0 [ 1802.312729][ T6840] ? security_file_permission+0x1e9/0x300 [ 1802.318418][ T6840] ? splice_shrink_spd+0xb0/0xb0 [ 1802.323321][ T6840] splice_direct_to_actor+0x3cf/0xb00 [ 1802.328658][ T6840] ? do_splice_direct+0x3d0/0x3d0 [ 1802.333646][ T6840] ? pipe_to_sendpage+0x300/0x300 [ 1802.338636][ T6840] ? security_file_permission+0x128/0x300 [ 1802.344352][ T6840] do_splice_direct+0x279/0x3d0 [ 1802.349170][ T6840] ? splice_direct_to_actor+0xb00/0xb00 [ 1802.354681][ T6840] ? security_file_permission+0x128/0x300 [ 1802.360401][ T6840] do_sendfile+0x89d/0x1110 [ 1802.364876][ T6840] ? compat_writev+0x390/0x390 [ 1802.369622][ T6840] ? security_file_permission+0x128/0x300 [ 1802.375306][ T6840] ? vfs_write+0x427/0x4f0 [ 1802.379687][ T6840] ? fput_many+0x42/0x1a0 [ 1802.383982][ T6840] __x64_sys_sendfile64+0x1ae/0x220 [ 1802.389147][ T6840] ? __ia32_sys_sendfile+0x240/0x240 [ 1802.394397][ T6840] do_syscall_64+0xcb/0x150 [ 1802.398873][ T6840] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1802.404732][ T6840] RIP: 0033:0x45dd99 [ 1802.408593][ T6840] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1802.428161][ T6840] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000fdfdffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x25, 0x4, 0xee) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x104) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x1, 0x38, 0x8a, 0x200}, {0xffff, 0x4, 0x6, 0x3}]}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ioctl$sock_SIOCOUTQ(r3, 0x5411, &(0x7f0000000100)) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000007fffffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1802.436534][ T6840] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1802.444471][ T6840] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1802.452416][ T6840] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1802.460356][ T6840] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000042 [ 1802.468293][ T6840] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:28 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = accept4$unix(r3, 0x0, &(0x7f0000000080), 0x0) setsockopt$sock_void(r4, 0x1, 0xd, 0x0, 0x0) r5 = open(&(0x7f0000000040)='./bus\x00', 0x8001145042, 0x0) ftruncate(r5, 0x2008003) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x12, r5, 0x0) r6 = socket(0x18, 0x0, 0x1) getsockopt$SO_BINDTODEVICE(r6, 0x1, 0x42, &(0x7f0000000000), 0x20a154cc) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = dup(r1) ioctl$TCGETX(r3, 0x5432, &(0x7f00000001c0)) r4 = socket(0x11, 0x800000003, 0x0) syz_open_dev$usbfs(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x1000, 0x2840) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080)='batadv\x00') sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="000225bd7000fddbdf25040000000500370000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x11) r6 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r6) 03:04:28 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000080)) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r3 = socket$inet6(0xa, 0x3, 0x5) close(r3) r4 = socket(0x1e, 0x4, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x200fc0) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000008cffffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000f6ffffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 2 (fault-call:8 fault-nth:67): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000feffffff0004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000410000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x6]}, 0x8) sendmmsg$sock(r1, &(0x7f0000000380)=[{{&(0x7f0000000080)=@hci={0x1f, 0x2}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="d4700dfb57c475168e54a8e637509f7b2b45dfcdb60e1ba2f70604bb622a91d6010ee583bbf3d3f6009e0c0092db76ac6fee86128b695de052c169cea851387d58af0afc3afc0d89d5448063a1a403a24eb9c3cef2a9b19050af8b0c95b952eb66e70f9c1a0a48fb85e7bcd46ca5702b054e559d28087f8bea8fb79ff327c0f6eab9fa982b0319f877d1b69dad271e98af9d61b71f7fdc93681b87dd8d63e78c57d47f9822324f65f99f29e455aa8486cb9bc2de06b5cc056340bb0801d04c66bc917885", 0xc4}, {&(0x7f00000002c0)="d7fdda8a0e1ced05cad48bcc55bd314c6881635f0237f520ed739e2f2c844829e044848f4af9109f34fc8a44e62414d3151ae2eb392d758735268db137c351b639a17bf6b01fe3f709be457a3c0b1e652eb21e4b1689864b49efb9fdac81f54a1627c8ece119db6d368e0f1b68d6cc294b82da2be7b7821c694bd522ed334075b1c6", 0x82}], 0x2}}], 0x1, 0x4008080) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000420000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:28 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x84) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, &(0x7f0000000280)) close(r1) r3 = socket(0x1e, 0x4, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000007000000080005000900000008000300", @ANYRES32, @ANYBLOB="14000400"], 0x38}}, 0x0) sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x94, r5, 0x2, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x36, 0xbe, "754d8aa2fd87e49e28fcb6185629a61fc04d6b25153b9bbffe81fad02c934443df93aee1175c05d8d352f1c92169a2d4d0ec"}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x3f}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x9195}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x5d6}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x20, 0x2ceb}}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x2}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7f}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x94}, 0x1, 0x0, 0x0, 0x40000}, 0x20000045) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) [ 1802.803492][ T6889] FAULT_INJECTION: forcing a failure. [ 1802.803492][ T6889] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.834351][ T6889] CPU: 1 PID: 6889 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1802.845817][ T6889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1802.855864][ T6889] Call Trace: [ 1802.859149][ T6889] dump_stack+0x1b0/0x21e [ 1802.863467][ T6889] ? devkmsg_release+0x11c/0x11c [ 1802.868394][ T6889] ? show_regs_print_info+0x12/0x12 [ 1802.873584][ T6889] ? trace_event_raw_event_rcu_utilization+0x170/0x170 [ 1802.880424][ T6889] ? workingset_activation+0x150/0x150 [ 1802.885871][ T6889] should_fail+0x6fb/0x860 [ 1802.890276][ T6889] ? setup_fault_attr+0x2b0/0x2b0 [ 1802.895285][ T6889] ? mem_cgroup_charge_statistics+0x12a/0x7d0 [ 1802.901339][ T6889] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 1802.906877][ T6889] ? __alloc_skb+0x88/0x4d0 [ 1802.911372][ T6889] should_failslab+0x5/0x20 [ 1802.915863][ T6889] kmem_cache_alloc+0x36/0x250 [ 1802.920615][ T6889] __alloc_skb+0x88/0x4d0 [ 1802.924929][ T6889] ? xas_nomem+0x177/0x1b0 [ 1802.929335][ T6889] tipc_msg_build+0x727/0x1a60 [ 1802.934097][ T6889] ? __rcu_read_lock+0x50/0x50 [ 1802.938849][ T6889] ? tipc_nametbl_lookup_dst_nodes+0x33f/0x380 [ 1802.944989][ T6889] tipc_sendmcast+0x92a/0xeb0 [ 1802.949654][ T6889] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1802.955275][ T6889] ? __ext4_handle_dirty_metadata+0x2d8/0x900 [ 1802.961326][ T6889] ? wait_woken+0x250/0x250 [ 1802.965818][ T6889] ? ext4_get_group_desc+0x253/0x2a0 [ 1802.971088][ T6889] ? __ext4_journal_get_create_access+0x300/0x300 [ 1802.977484][ T6889] ? __ext4_get_inode_loc+0x499/0x1030 [ 1802.982928][ T6889] __tipc_sendmsg+0x120d/0x2ce0 [ 1802.987768][ T6889] ? local_bh_enable+0x20/0x20 [ 1802.992519][ T6889] ? ext4_chunk_trans_blocks+0x280/0x280 [ 1802.998138][ T6889] ? _raw_spin_lock_bh+0xa4/0x180 03:04:28 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0xfffffffe}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000430000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.003151][ T6889] ? _local_bh_enable+0x30/0x30 [ 1803.007990][ T6889] ? memset+0x1f/0x40 [ 1803.011958][ T6889] ? selinux_socket_sendmsg+0x10b/0x320 [ 1803.017492][ T6889] ? lock_sock_nested+0x25a/0x320 [ 1803.022503][ T6889] ? xas_load+0x468/0x4c0 [ 1803.026823][ T6889] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1803.032529][ T6889] ? __ext4_journal_start_sb+0x3ad/0x420 [ 1803.038148][ T6889] ? tipc_recvmsg+0x1740/0x1740 [ 1803.042985][ T6889] tipc_sendmsg+0x51/0x70 [ 1803.047304][ T6889] kernel_sendmsg+0xe2/0x120 [ 1803.051880][ T6889] sock_no_sendpage+0x13f/0x1b0 [ 1803.056718][ T6889] ? __receive_sock+0xb0/0xb0 [ 1803.061383][ T6889] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1803.067071][ T6889] ? __receive_sock+0xb0/0xb0 [ 1803.071717][ T6889] sock_sendpage+0xd0/0x120 [ 1803.076229][ T6889] pipe_to_sendpage+0x23b/0x300 [ 1803.081066][ T6889] ? sock_fasync+0xf0/0xf0 [ 1803.085460][ T6889] ? generic_splice_sendpage+0x200/0x200 [ 1803.091063][ T6889] ? atime_needs_update+0x2cf/0x570 [ 1803.096232][ T6889] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1803.102182][ T6889] __splice_from_pipe+0x2d3/0x870 [ 1803.107289][ T6889] ? generic_splice_sendpage+0x200/0x200 [ 1803.112899][ T6889] generic_splice_sendpage+0x172/0x200 [ 1803.118325][ T6889] ? iter_file_splice_write+0xf20/0xf20 [ 1803.123839][ T6889] ? direct_splice_actor+0x25/0x120 [ 1803.129004][ T6889] splice_direct_to_actor+0x496/0xb00 [ 1803.134353][ T6889] ? do_splice_direct+0x3d0/0x3d0 [ 1803.139347][ T6889] ? pipe_to_sendpage+0x300/0x300 [ 1803.144464][ T6889] ? security_file_permission+0x128/0x300 [ 1803.150190][ T6889] do_splice_direct+0x279/0x3d0 [ 1803.155047][ T6889] ? splice_direct_to_actor+0xb00/0xb00 [ 1803.160570][ T6889] ? security_file_permission+0x128/0x300 [ 1803.166263][ T6889] do_sendfile+0x89d/0x1110 [ 1803.170739][ T6889] ? compat_writev+0x390/0x390 [ 1803.175520][ T6889] ? security_file_permission+0x128/0x300 [ 1803.181227][ T6889] ? vfs_write+0x427/0x4f0 [ 1803.185640][ T6889] ? fput_many+0x42/0x1a0 [ 1803.189952][ T6889] __x64_sys_sendfile64+0x1ae/0x220 [ 1803.195130][ T6889] ? __ia32_sys_sendfile+0x240/0x240 [ 1803.200384][ T6889] do_syscall_64+0xcb/0x150 [ 1803.204859][ T6889] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1803.210718][ T6889] RIP: 0033:0x45dd99 [ 1803.214580][ T6889] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1803.234154][ T6889] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1803.242532][ T6889] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 03:04:29 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r4 = socket(0x18, 0x80000000b, 0x80800) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) pwritev(r4, &(0x7f0000000100)=[{&(0x7f0000000180)="acc6538cbf54fcbf9610ff44b6a068aa31dd2ca63f9afbf2437f44b5f2be562e4d4762c53bd01d6d07184853c4ed0785d4a48afa4607237f5e383708f83e4c71e3246b02c8b55d6e22047d2467e019c27a6a4639ba63f6d9066412999f17e428526d7b588e298c2d04475e946c11646d6cc305bef9", 0x4a}], 0x1, 0xffff, 0xfffe) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:29 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r0, @ANYRES32=r0, @ANYRES32=r0], 0x8a) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) fchdir(r1) r4 = socket$inet6(0xa, 0x400000000001, 0x0) close(r4) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r4, r6, 0x0, 0x200fc0) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000440000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 2 (fault-call:8 fault-nth:68): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1803.250478][ T6889] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1803.258423][ T6889] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1803.266408][ T6889] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000043 [ 1803.274362][ T6889] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000450000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000460000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x114, &(0x7f0000000080)=0x5, 0x0, 0x4) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x100c2, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f00000000c0)={r3, 0x6, 0x6, 0x4a2}) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180)='devlink\x00') sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r6, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0xf8, r7, 0x20, 0x70bd25, 0x25dfdbfd, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4850}, 0x24040004) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x2010, r5, 0x10000000) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r8 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r8) [ 1803.327574][ T6914] FAULT_INJECTION: forcing a failure. [ 1803.327574][ T6914] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.374696][ T6914] CPU: 1 PID: 6914 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1803.386158][ T6914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1803.396193][ T6914] Call Trace: [ 1803.399463][ T6914] dump_stack+0x1b0/0x21e [ 1803.403782][ T6914] ? devkmsg_release+0x11c/0x11c [ 1803.408713][ T6914] ? show_regs_print_info+0x12/0x12 [ 1803.413896][ T6914] ? kmem_cache_alloc+0x1d5/0x250 [ 1803.418909][ T6914] ? workingset_update_node+0xe7/0x150 [ 1803.424354][ T6914] should_fail+0x6fb/0x860 [ 1803.428758][ T6914] ? setup_fault_attr+0x2b0/0x2b0 [ 1803.433778][ T6914] ? setup_fault_attr+0x2b0/0x2b0 [ 1803.438788][ T6914] ? mem_cgroup_charge_statistics+0x12a/0x7d0 [ 1803.444842][ T6914] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 1803.450379][ T6914] ? tipc_msg_build+0x727/0x1a60 [ 1803.455300][ T6914] should_failslab+0x5/0x20 [ 1803.459787][ T6914] __kmalloc_track_caller+0x5d/0x2b0 [ 1803.465056][ T6914] ? kmem_cache_alloc+0x1d5/0x250 [ 1803.470068][ T6914] ? tipc_msg_build+0x727/0x1a60 03:04:29 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x80000) ioctl$RNDADDENTROPY(r3, 0x40085203, &(0x7f00000000c0)={0x705c, 0xfd, "ce14093afe939dee3786e85802a2d28d7232130efd1df4c2499a70cc71637b13f87061e2908e3d158b17d940c46e13e525c6a065c45632d8dc3031e3314664ceec1315ba2cef9d5caa8f385ade4dcdc2d8845c4dd828a6fe84ed72d75e5057262aad031bd27928ee826b7d728d444e11bd9995fa23a7fed8afe25e024db49bf0e4055ee189daee3a54393b86abac56490c1d357c3362994044880e49aab9d9f0bed78d6654b123f97cde7cb2d7d64f438941359a77453a5a1f6cb3b4297606b6a29c7f8b47a04307c166030b982a168b7356c9c531e231f724a895d71c3a7c571bcc752d2b14092973ef1370f3297afca1326d928b93891e28567f3bb0"}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000470000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.474994][ T6914] __alloc_skb+0xd1/0x4d0 [ 1803.479310][ T6914] tipc_msg_build+0x727/0x1a60 [ 1803.484064][ T6914] ? __rcu_read_lock+0x50/0x50 [ 1803.488817][ T6914] ? tipc_nametbl_lookup_dst_nodes+0x33f/0x380 [ 1803.494960][ T6914] tipc_sendmcast+0x92a/0xeb0 [ 1803.499626][ T6914] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1803.505247][ T6914] ? memset+0x1f/0x40 [ 1803.509219][ T6914] ? unwind_next_frame+0x1c07/0x22b0 [ 1803.514489][ T6914] ? wait_woken+0x250/0x250 [ 1803.518982][ T6914] ? ext4_mpage_readpages+0x1e31/0x1eb0 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000480000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000490000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.524516][ T6914] __tipc_sendmsg+0x120d/0x2ce0 [ 1803.529357][ T6914] ? local_bh_enable+0x20/0x20 [ 1803.534107][ T6914] ? blk_flush_plug_list+0x4b7/0x500 [ 1803.539377][ T6914] ? prep_new_page+0x11a/0x380 [ 1803.544129][ T6914] ? _raw_spin_lock_bh+0xa4/0x180 [ 1803.549157][ T6914] ? _local_bh_enable+0x30/0x30 [ 1803.553997][ T6914] ? memset+0x1f/0x40 [ 1803.557967][ T6914] ? selinux_socket_sendmsg+0x10b/0x320 [ 1803.563499][ T6914] ? lock_sock_nested+0x25a/0x320 [ 1803.568514][ T6914] ? xas_load+0x468/0x4c0 03:04:29 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}, &(0x7f00000000c0)=0x10) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004a0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.572833][ T6914] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1803.578541][ T6914] ? tipc_recvmsg+0x1740/0x1740 [ 1803.583377][ T6914] tipc_sendmsg+0x51/0x70 [ 1803.587696][ T6914] kernel_sendmsg+0xe2/0x120 [ 1803.592281][ T6914] sock_no_sendpage+0x13f/0x1b0 [ 1803.597121][ T6914] ? __receive_sock+0xb0/0xb0 [ 1803.601791][ T6914] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1803.607496][ T6914] ? __receive_sock+0xb0/0xb0 [ 1803.612164][ T6914] sock_sendpage+0xd0/0x120 [ 1803.616668][ T6914] pipe_to_sendpage+0x23b/0x300 [ 1803.621502][ T6914] ? sock_fasync+0xf0/0xf0 [ 1803.625902][ T6914] ? generic_splice_sendpage+0x200/0x200 [ 1803.631521][ T6914] ? atime_needs_update+0x2cf/0x570 [ 1803.636711][ T6914] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1803.642675][ T6914] __splice_from_pipe+0x2d3/0x870 [ 1803.647686][ T6914] ? generic_splice_sendpage+0x200/0x200 [ 1803.653307][ T6914] generic_splice_sendpage+0x172/0x200 [ 1803.658752][ T6914] ? iter_file_splice_write+0xf20/0xf20 [ 1803.664281][ T6914] ? direct_splice_actor+0x25/0x120 [ 1803.669464][ T6914] splice_direct_to_actor+0x496/0xb00 [ 1803.674823][ T6914] ? do_splice_direct+0x3d0/0x3d0 [ 1803.679832][ T6914] ? pipe_to_sendpage+0x300/0x300 [ 1803.684844][ T6914] ? security_file_permission+0x128/0x300 [ 1803.690545][ T6914] do_splice_direct+0x279/0x3d0 [ 1803.695381][ T6914] ? splice_direct_to_actor+0xb00/0xb00 [ 1803.700973][ T6914] ? security_file_permission+0x128/0x300 [ 1803.706672][ T6914] do_sendfile+0x89d/0x1110 [ 1803.711168][ T6914] ? compat_writev+0x390/0x390 [ 1803.715918][ T6914] ? security_file_permission+0x128/0x300 [ 1803.721619][ T6914] ? vfs_write+0x427/0x4f0 [ 1803.726002][ T6914] ? fput_many+0x42/0x1a0 [ 1803.730299][ T6914] __x64_sys_sendfile64+0x1ae/0x220 [ 1803.735468][ T6914] ? __ia32_sys_sendfile+0x240/0x240 [ 1803.740722][ T6914] do_syscall_64+0xcb/0x150 [ 1803.745234][ T6914] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1803.751100][ T6914] RIP: 0033:0x45dd99 [ 1803.754963][ T6914] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1803.774537][ T6914] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1803.782921][ T6914] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1803.790858][ T6914] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1803.798796][ T6914] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1803.806735][ T6914] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000044 [ 1803.814677][ T6914] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:29 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_NAME_TABLE_GET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, r4, 0xc46dfc707e1df77d}, 0x14}}, 0x0) sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r4, 0x2, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000810}, 0x40898) r5 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x549e107c0712b5e5, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) 03:04:29 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x2b, 0x2, 0x1) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) bind(r3, &(0x7f00000000c0)=@ax25={{0x3, @null, 0x8}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x80) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) 03:04:29 executing program 2 (fault-call:8 fault-nth:69): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:29 executing program 0: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000540)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x6, r1, 0xffffffffffffffff, r0, 0x0) keyctl$get_keyring_id(0x0, r0, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x10000049, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004b0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) fgetxattr(r3, &(0x7f0000000180)=@known='system.advise\x00', &(0x7f00000001c0)=""/169, 0xa9) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r4, 0x89f6, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x2, 0x3, 0x6, 0x44, @local, @empty, 0x7, 0x10, 0x0, 0x1}}) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x200fc0) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004c0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004d0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.943436][ T6956] FAULT_INJECTION: forcing a failure. [ 1803.943436][ T6956] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.964044][ T6956] CPU: 1 PID: 6956 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1803.975496][ T6956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1803.985535][ T6956] Call Trace: [ 1803.988816][ T6956] dump_stack+0x1b0/0x21e 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004e0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f0000000000000000000000004f0000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000500000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000510000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1803.993136][ T6956] ? devkmsg_release+0x11c/0x11c [ 1803.998059][ T6956] ? show_regs_print_info+0x12/0x12 [ 1804.003246][ T6956] ? kmem_cache_alloc+0x1d5/0x250 [ 1804.008265][ T6956] ? __rcu_read_lock+0x50/0x50 [ 1804.013022][ T6956] ? workingset_activation+0x150/0x150 [ 1804.018476][ T6956] should_fail+0x6fb/0x860 [ 1804.022887][ T6956] ? setup_fault_attr+0x2b0/0x2b0 [ 1804.027901][ T6956] ? __alloc_skb+0x88/0x4d0 [ 1804.032395][ T6956] should_failslab+0x5/0x20 [ 1804.036887][ T6956] kmem_cache_alloc+0x36/0x250 [ 1804.041643][ T6956] __alloc_skb+0x88/0x4d0 [ 1804.045955][ T6956] ? __check_object_size+0x2e5/0x3b0 [ 1804.051215][ T6956] tipc_msg_build+0xcef/0x1a60 [ 1804.055951][ T6956] tipc_sendmcast+0x92a/0xeb0 [ 1804.060659][ T6956] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1804.066632][ T6956] ? __ext4_handle_dirty_metadata+0x2d8/0x900 [ 1804.072664][ T6956] ? wait_woken+0x250/0x250 [ 1804.077135][ T6956] ? ext4_get_group_desc+0x253/0x2a0 [ 1804.082391][ T6956] ? __ext4_journal_get_create_access+0x300/0x300 [ 1804.088770][ T6956] ? __ext4_get_inode_loc+0x499/0x1030 [ 1804.094194][ T6956] __tipc_sendmsg+0x120d/0x2ce0 [ 1804.099014][ T6956] ? local_bh_enable+0x20/0x20 [ 1804.103744][ T6956] ? ext4_chunk_trans_blocks+0x280/0x280 [ 1804.109452][ T6956] ? _raw_spin_lock_bh+0xa4/0x180 [ 1804.114459][ T6956] ? _local_bh_enable+0x30/0x30 [ 1804.119277][ T6956] ? memset+0x1f/0x40 [ 1804.123276][ T6956] ? selinux_socket_sendmsg+0x10b/0x320 [ 1804.128808][ T6956] ? lock_sock_nested+0x25a/0x320 [ 1804.133799][ T6956] ? xas_load+0x468/0x4c0 [ 1804.138157][ T6956] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1804.143841][ T6956] ? __ext4_journal_start_sb+0x3ad/0x420 [ 1804.149441][ T6956] ? tipc_recvmsg+0x1740/0x1740 [ 1804.154309][ T6956] tipc_sendmsg+0x51/0x70 [ 1804.158606][ T6956] kernel_sendmsg+0xe2/0x120 [ 1804.163230][ T6956] sock_no_sendpage+0x13f/0x1b0 [ 1804.168091][ T6956] ? __receive_sock+0xb0/0xb0 [ 1804.172749][ T6956] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1804.178435][ T6956] ? __receive_sock+0xb0/0xb0 [ 1804.183086][ T6956] sock_sendpage+0xd0/0x120 [ 1804.187556][ T6956] pipe_to_sendpage+0x23b/0x300 [ 1804.192385][ T6956] ? sock_fasync+0xf0/0xf0 [ 1804.196773][ T6956] ? generic_splice_sendpage+0x200/0x200 [ 1804.202374][ T6956] ? atime_needs_update+0x2cf/0x570 [ 1804.207547][ T6956] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1804.213492][ T6956] __splice_from_pipe+0x2d3/0x870 [ 1804.218490][ T6956] ? generic_splice_sendpage+0x200/0x200 [ 1804.224092][ T6956] generic_splice_sendpage+0x172/0x200 [ 1804.229517][ T6956] ? iter_file_splice_write+0xf20/0xf20 [ 1804.235033][ T6956] ? direct_splice_actor+0x25/0x120 [ 1804.240196][ T6956] splice_direct_to_actor+0x496/0xb00 [ 1804.245537][ T6956] ? do_splice_direct+0x3d0/0x3d0 [ 1804.250527][ T6956] ? pipe_to_sendpage+0x300/0x300 [ 1804.255529][ T6956] ? security_file_permission+0x128/0x300 [ 1804.261227][ T6956] do_splice_direct+0x279/0x3d0 [ 1804.266043][ T6956] ? splice_direct_to_actor+0xb00/0xb00 [ 1804.271574][ T6956] ? security_file_permission+0x128/0x300 [ 1804.277299][ T6956] do_sendfile+0x89d/0x1110 [ 1804.281812][ T6956] ? compat_writev+0x390/0x390 [ 1804.286544][ T6956] ? security_file_permission+0x128/0x300 [ 1804.292271][ T6956] ? vfs_write+0x427/0x4f0 [ 1804.296664][ T6956] ? fput_many+0x42/0x1a0 [ 1804.300971][ T6956] __x64_sys_sendfile64+0x1ae/0x220 [ 1804.306146][ T6956] ? __ia32_sys_sendfile+0x240/0x240 [ 1804.311398][ T6956] do_syscall_64+0xcb/0x150 [ 1804.315877][ T6956] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1804.321736][ T6956] RIP: 0033:0x45dd99 [ 1804.325599][ T6956] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1804.345212][ T6956] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1804.353585][ T6956] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1804.361525][ T6956] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1804.369490][ T6956] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1804.377444][ T6956] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000045 [ 1804.385382][ T6956] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:30 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x300, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0xc1) r2 = socket(0x1e, 0x4, 0x0) write$P9_RCREATE(r0, &(0x7f0000000080)={0x18, 0x73, 0x1, {{0x21, 0x3, 0x8}, 0x3}}, 0x18) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000414000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:30 executing program 2 (fault-call:8 fault-nth:70): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f0000000340)="3082", 0x71, r1) sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x4, &(0x7f0000000080)={0x0, &(0x7f0000000140)}) 03:04:30 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./bus\x00', 0x20282, 0x20) ioctl$TIOCSERGETLSR(r2, 0x5459, &(0x7f0000000300)) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r4 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x200fc0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r7}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="6772653000000000000000000000000054c59a699d0af37e47c1783968f5e22292fbed464eeb4ab74a6a6b1776251ac6c884809035eb4793b7f6b0eb74568e3284cbc238d846b8f81c2f5d3d183b11fd554d81b3d6684609b0068166887fdfe095182525337f025847dcb1ef1760002653f47092137b94c2e776dbf76bb13fb709ff4e1dfa7c9ab9fe12b91fe65d617852a62f360558b48b64cf490f83eb269fabd4ea82a79868de2ebef54d04081bd4b653a1d916e9876225c58c536520", @ANYRES32=r7, @ANYBLOB="00800001000000817fffffff467f005800660000402f9078ac141444ac1e010101863c000000030207b40c2e40180009a3adf1194b9d62000b4a775f597277f21b8d020ee3066aa735d2b487cccf44f6020db43250698981377ce8cb6e0707c264010101"]}) sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x600020}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xb8, 0x0, 0xb599b903aadad880, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x8080}, 0x48040) 03:04:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000424000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:30 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r4 = accept$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, &(0x7f00000000c0)=0x10) fcntl$dupfd(r3, 0x406, r4) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r7}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) r8 = socket(0x11, 0x800000003, 0x0) sendfile(r1, r8, 0x0, 0x200fc0) 03:04:30 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) [ 1804.567722][ T6991] FAULT_INJECTION: forcing a failure. [ 1804.567722][ T6991] name failslab, interval 1, probability 0, space 0, times 0 [ 1804.581089][ T6991] CPU: 0 PID: 6991 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1804.592527][ T6991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1804.602567][ T6991] Call Trace: [ 1804.605850][ T6991] dump_stack+0x1b0/0x21e [ 1804.610166][ T6991] ? devkmsg_release+0x11c/0x11c [ 1804.615099][ T6991] ? show_regs_print_info+0x12/0x12 [ 1804.620283][ T6991] ? __rcu_read_lock+0x50/0x50 [ 1804.625035][ T6991] ? __schedule+0x8ae/0xe30 [ 1804.629525][ T6991] should_fail+0x6fb/0x860 [ 1804.633934][ T6991] ? setup_fault_attr+0x2b0/0x2b0 [ 1804.638938][ T6991] ? setup_fault_attr+0x2b0/0x2b0 [ 1804.643943][ T6991] ? tipc_msg_build+0xcef/0x1a60 [ 1804.648867][ T6991] should_failslab+0x5/0x20 [ 1804.653412][ T6991] __kmalloc_track_caller+0x5d/0x2b0 [ 1804.658671][ T6991] ? kmem_cache_alloc+0x1d5/0x250 [ 1804.663667][ T6991] ? tipc_msg_build+0xcef/0x1a60 [ 1804.668569][ T6991] __alloc_skb+0xd1/0x4d0 [ 1804.672901][ T6991] tipc_msg_build+0xcef/0x1a60 [ 1804.677645][ T6991] tipc_sendmcast+0x92a/0xeb0 [ 1804.682304][ T6991] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1804.687903][ T6991] ? memset+0x1f/0x40 [ 1804.691851][ T6991] ? unwind_next_frame+0x1c07/0x22b0 [ 1804.697100][ T6991] ? wait_woken+0x250/0x250 [ 1804.701571][ T6991] ? ext4_mpage_readpages+0x1e31/0x1eb0 [ 1804.707086][ T6991] __tipc_sendmsg+0x120d/0x2ce0 [ 1804.711912][ T6991] ? local_bh_enable+0x20/0x20 [ 1804.716655][ T6991] ? blk_flush_plug_list+0x4b7/0x500 [ 1804.721905][ T6991] ? prep_new_page+0x11a/0x380 [ 1804.726664][ T6991] ? _raw_spin_lock_bh+0xa4/0x180 [ 1804.731656][ T6991] ? _local_bh_enable+0x30/0x30 [ 1804.736482][ T6991] ? memset+0x1f/0x40 [ 1804.740430][ T6991] ? selinux_socket_sendmsg+0x10b/0x320 [ 1804.745945][ T6991] ? lock_sock_nested+0x25a/0x320 [ 1804.750933][ T6991] ? xas_load+0x468/0x4c0 [ 1804.755231][ T6991] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1804.760930][ T6991] ? tipc_recvmsg+0x1740/0x1740 [ 1804.765744][ T6991] tipc_sendmsg+0x51/0x70 [ 1804.770043][ T6991] kernel_sendmsg+0xe2/0x120 [ 1804.774612][ T6991] sock_no_sendpage+0x13f/0x1b0 [ 1804.779438][ T6991] ? __receive_sock+0xb0/0xb0 [ 1804.784089][ T6991] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1804.789772][ T6991] ? __receive_sock+0xb0/0xb0 [ 1804.794417][ T6991] sock_sendpage+0xd0/0x120 [ 1804.798887][ T6991] pipe_to_sendpage+0x23b/0x300 [ 1804.803704][ T6991] ? sock_fasync+0xf0/0xf0 [ 1804.808099][ T6991] ? generic_splice_sendpage+0x200/0x200 [ 1804.813697][ T6991] ? atime_needs_update+0x2cf/0x570 [ 1804.818859][ T6991] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1804.824804][ T6991] __splice_from_pipe+0x2d3/0x870 [ 1804.829810][ T6991] ? generic_splice_sendpage+0x200/0x200 [ 1804.835408][ T6991] generic_splice_sendpage+0x172/0x200 [ 1804.840844][ T6991] ? iter_file_splice_write+0xf20/0xf20 [ 1804.846355][ T6991] ? direct_splice_actor+0x25/0x120 [ 1804.851532][ T6991] splice_direct_to_actor+0x496/0xb00 [ 1804.856871][ T6991] ? do_splice_direct+0x3d0/0x3d0 [ 1804.861875][ T6991] ? pipe_to_sendpage+0x300/0x300 [ 1804.866868][ T6991] ? security_file_permission+0x128/0x300 [ 1804.872559][ T6991] do_splice_direct+0x279/0x3d0 [ 1804.877376][ T6991] ? splice_direct_to_actor+0xb00/0xb00 [ 1804.882887][ T6991] ? security_file_permission+0x128/0x300 [ 1804.888570][ T6991] do_sendfile+0x89d/0x1110 [ 1804.893040][ T6991] ? compat_writev+0x390/0x390 [ 1804.897767][ T6991] ? security_file_permission+0x128/0x300 [ 1804.903455][ T6991] ? vfs_write+0x427/0x4f0 [ 1804.907844][ T6991] ? fput_many+0x42/0x1a0 [ 1804.912144][ T6991] __x64_sys_sendfile64+0x1ae/0x220 [ 1804.917308][ T6991] ? __ia32_sys_sendfile+0x240/0x240 [ 1804.922559][ T6991] do_syscall_64+0xcb/0x150 [ 1804.927031][ T6991] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1804.932893][ T6991] RIP: 0033:0x45dd99 [ 1804.936755][ T6991] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1804.956323][ T6991] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 03:04:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000434000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000444000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:30 executing program 2 (fault-call:8 fault-nth:71): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x200fc0) 03:04:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000454000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1804.964698][ T6991] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1804.972681][ T6991] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1804.980624][ T6991] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1804.988563][ T6991] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000046 [ 1804.996501][ T6991] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c 03:04:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x5, 0x0, 0x4, 0x0, 0x0, 0x9049, 0x0, 0x1000000}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x6, 0x5}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x8010, 0xffffffffffffffff, 0x8000000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) 03:04:30 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r3 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x12) sendfile(r1, r3, 0x0, 0x200fc0) [ 1805.058970][ T7011] FAULT_INJECTION: forcing a failure. [ 1805.058970][ T7011] name failslab, interval 1, probability 0, space 0, times 0 [ 1805.082295][ T7011] CPU: 1 PID: 7011 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1805.093750][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1805.103790][ T7011] Call Trace: [ 1805.107068][ T7011] dump_stack+0x1b0/0x21e [ 1805.111385][ T7011] ? devkmsg_release+0x11c/0x11c [ 1805.116310][ T7011] ? show_regs_print_info+0x12/0x12 [ 1805.121493][ T7011] ? 0xffffffffa0130000 [ 1805.125637][ T7011] should_fail+0x6fb/0x860 [ 1805.130045][ T7011] ? setup_fault_attr+0x2b0/0x2b0 [ 1805.135054][ T7011] ? unwind_get_return_address+0x48/0x90 [ 1805.140671][ T7011] ? arch_stack_walk+0x98/0xe0 [ 1805.145420][ T7011] ? __alloc_skb+0x88/0x4d0 [ 1805.149909][ T7011] should_failslab+0x5/0x20 [ 1805.154397][ T7011] kmem_cache_alloc+0x36/0x250 [ 1805.159154][ T7011] __alloc_skb+0x88/0x4d0 [ 1805.163469][ T7011] ? __do_page_cache_readahead+0x470/0x510 [ 1805.169258][ T7011] skb_copy+0xe3/0x740 [ 1805.173315][ T7011] ? memcpy+0x38/0x50 [ 1805.177286][ T7011] tipc_buf_append+0x461/0xad0 [ 1805.182033][ T7011] ? __kasan_kmalloc+0x117/0x1b0 [ 1805.186955][ T7011] ? tipc_msg_create+0x3a0/0x3a0 [ 1805.191881][ T7011] ? skb_clone+0x1f4/0x370 [ 1805.196284][ T7011] tipc_msg_reassemble+0x331/0x590 [ 1805.201386][ T7011] ? tipc_msg_lookup_dest+0x980/0x980 [ 1805.206762][ T7011] ? xas_create+0x1269/0x1360 [ 1805.211426][ T7011] ? __rcu_read_lock+0x50/0x50 [ 1805.216178][ T7011] ? should_fail+0x182/0x860 [ 1805.220755][ T7011] ? should_fail+0x182/0x860 [ 1805.225333][ T7011] ? setup_fault_attr+0x2b0/0x2b0 [ 1805.230346][ T7011] tipc_mcast_xmit+0x223/0x1690 [ 1805.235192][ T7011] ? tipc_bcast_dec_bearer_dst_cnt+0x240/0x240 [ 1805.241337][ T7011] ? __check_object_size+0x2e5/0x3b0 [ 1805.246614][ T7011] tipc_sendmcast+0xc00/0xeb0 [ 1805.251278][ T7011] ? tipc_send_group_unicast+0x7d0/0x7d0 03:04:31 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2000000000000000a60c59cd8300", @ANYRES32=r4, @ANYBLOB="08000200ffffffff02e9c163052c39b920ba4852143f725d1fdd9d0bef1eec114a956424a03b62f4d02840462226b09fea65f95641bf6531f37f76097a9b911065e4cca1726e04ca6b8a9bd8790734f3e92e6179801a0a0025e6539e4af2d95090f0ca5ccf4a9e908a4d18365912c2564f34485fa96bf95dc46ad182b3d2ae3db121738ffc72359f000000"], 0x20}}, 0x0) close(r2) r5 = socket(0x1e, 0x4, 0x0) connect$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r6 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x200fc0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x11, 0x800000003, 0x0) bind(r8, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000400)=0xfffffffffffffc38) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r9}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x0) ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0x0, [], [{0xada, 0x5, 0x0, 0x7, 0x9, 0x8001}, {0x7, 0x7ff, 0x330, 0x3, 0xfffffffffffffc00, 0x4}], [[], [], [], [], [], []]}) [ 1805.256900][ T7011] ? memset+0x1f/0x40 [ 1805.260868][ T7011] ? unwind_next_frame+0x1c07/0x22b0 [ 1805.266138][ T7011] ? wait_woken+0x250/0x250 [ 1805.270638][ T7011] ? ext4_mpage_readpages+0x1e31/0x1eb0 [ 1805.276169][ T7011] __tipc_sendmsg+0x120d/0x2ce0 [ 1805.281013][ T7011] ? local_bh_enable+0x20/0x20 [ 1805.285756][ T7011] ? blk_flush_plug_list+0x4b7/0x500 [ 1805.291020][ T7011] ? prep_new_page+0x11a/0x380 [ 1805.295771][ T7011] ? _raw_spin_lock_bh+0xa4/0x180 [ 1805.300774][ T7011] ? _local_bh_enable+0x30/0x30 [ 1805.305654][ T7011] ? memset+0x1f/0x40 [ 1805.309606][ T7011] ? selinux_socket_sendmsg+0x10b/0x320 [ 1805.315128][ T7011] ? lock_sock_nested+0x25a/0x320 [ 1805.320127][ T7011] ? xas_load+0x468/0x4c0 [ 1805.324463][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1805.330196][ T7011] ? tipc_recvmsg+0x1740/0x1740 [ 1805.335017][ T7011] tipc_sendmsg+0x51/0x70 [ 1805.339315][ T7011] kernel_sendmsg+0xe2/0x120 [ 1805.343873][ T7011] sock_no_sendpage+0x13f/0x1b0 [ 1805.348691][ T7011] ? __receive_sock+0xb0/0xb0 [ 1805.353340][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1805.359026][ T7011] ? __receive_sock+0xb0/0xb0 [ 1805.363680][ T7011] sock_sendpage+0xd0/0x120 [ 1805.368163][ T7011] pipe_to_sendpage+0x23b/0x300 [ 1805.372982][ T7011] ? sock_fasync+0xf0/0xf0 [ 1805.377365][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1805.382962][ T7011] ? atime_needs_update+0x2cf/0x570 [ 1805.388128][ T7011] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1805.394077][ T7011] __splice_from_pipe+0x2d3/0x870 [ 1805.399132][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1805.404739][ T7011] generic_splice_sendpage+0x172/0x200 [ 1805.410169][ T7011] ? iter_file_splice_write+0xf20/0xf20 [ 1805.415733][ T7011] ? direct_splice_actor+0x25/0x120 [ 1805.420914][ T7011] splice_direct_to_actor+0x496/0xb00 [ 1805.426253][ T7011] ? do_splice_direct+0x3d0/0x3d0 [ 1805.431245][ T7011] ? pipe_to_sendpage+0x300/0x300 [ 1805.436343][ T7011] ? security_file_permission+0x128/0x300 [ 1805.442029][ T7011] do_splice_direct+0x279/0x3d0 [ 1805.446854][ T7011] ? splice_direct_to_actor+0xb00/0xb00 [ 1805.452370][ T7011] ? security_file_permission+0x128/0x300 [ 1805.458056][ T7011] do_sendfile+0x89d/0x1110 [ 1805.462528][ T7011] ? compat_writev+0x390/0x390 [ 1805.467256][ T7011] ? security_file_permission+0x128/0x300 [ 1805.472942][ T7011] ? vfs_write+0x427/0x4f0 [ 1805.477324][ T7011] ? fput_many+0x42/0x1a0 [ 1805.481621][ T7011] __x64_sys_sendfile64+0x1ae/0x220 [ 1805.486785][ T7011] ? __ia32_sys_sendfile+0x240/0x240 [ 1805.492036][ T7011] do_syscall_64+0xcb/0x150 [ 1805.496560][ T7011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1805.502427][ T7011] RIP: 0033:0x45dd99 [ 1805.506287][ T7011] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1805.525871][ T7011] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1805.534246][ T7011] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1805.542224][ T7011] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1805.550169][ T7011] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 03:04:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000464000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) 03:04:31 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800002, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = accept4$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f0000000100)=0x10, 0x80000) ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f0000000140)={{r0}, "186610c4973186583d14230e4398e3c57c7a8a4bfcde6361db1f6408826a6fabfea1cc8fe9b5df8bf1d0c7468d95dbe3e10d6cb3486141aa8505b2b15fdce5434aa7f75b52d34aa18fdd0364d3c81c5c2b0ec5219804c4d253495d58bff2892f5f58ee40d7a7d643ed9ba663468e6d4db065a46dfd4bfefabc05adc62f4619b5a852e0fc97aabbd1321264d3500cdec8e40a6bb53f7403f1c6480c3c8058350ff9017c65888d3a7a15fd0e6d98acf2f6fc6d5fd49ef9a0b396e96c97fe746ed4f8a1454a2fef57539386170f891b5e961d37174fd7a84b7d87505429506eb06ea74ed83c0ab99fb8561b4e4bf12ca5288e224471f5e8e6b689f6c6f9562039666933e10de3c9aa5ca1122d81fe5caa46365a627227cd7dd91f7cb80f59b09ef02e86837a531885cad5097294638f0def8b131d4ebdffe62e8dda8c01acb55a7fd87a6d0a546aa7c4709263f451b867f984183cc36a5b7593bd8a223d2c99e245cd33a8b8d32059ac4d9a990d4cd0f745175c1a3bb82eb84444afe3f54026aa9b6b4c798bfc2674ac16cb24bf7052e2841a01998a63e5cee83e908c1a8bb3b048dfd76b3b5d407c933c5d2b82cc6a76d7bfbe8fa3e7ea73025a4fe8aed6387d268e6cc2ec1d0f14cc2b009557c7b741e851c4a621d74c01bc6e72e0b893859ed7505cc96373bca2ac69a02a87063a4a903d057bd11bad721fae6064206e08c29e5428216d65df5b40ea18c58a669636fe6d97f433bb5227e3f087306683243af490e3f3e6ee7e9b9fb8a214bbe52420a75ff8fb9737abfa75ea1ba07240d85402a4a6beb20d0b380122f8822fcd71018514a24f1f3d0eb520aa4617d180be74805f94ddd4f4f0b3b2a7e09865d5105e5ebf587ea596378134cbb1a31c77bc7bf5e6e4eb04f197baa9140bf5718a1b0a8ba8d800c1ec3dd0fab2c97d839b56962d2c125dec5ead875ec642f55fe3a80fdb56a5f9033f2212cfdc99b5ea745599d52faeff674abe2d609d00b32e3c44862e8b33d9bf381c0ad1d1d8c6c59de16ce93b32c13dcb931d34ced24530c5714d83e2bc1209d776ae68f476ddaae03b4a4492ba6b035e5527881dbccefccd60ffbf0bb4fcbf670693f12a57b0c4fed56b2f9fb2e1242312a6bb690796ba81e1ba582ba733ca8f3afb22f00dcb642a9692c8f538350650d66350913967919fe500e324e818b39af3c2c2f7e8f1d94f06d76bb8f6b033e8e86b5632d8c8152e2a04aadbc20705a272cad22f5ff0f21574008de543d3d2bd1c01563e3d4606ab85ab07090432a803d7c64784a10da126e59be20616e3542c9402418d15bece3b034f1a4569d5c747d34045e9e98022f8c5eddd0eff5dcc2398ce606a76a602ba6c9ab0324ae9b7950302710f81f6f354e7e0f27a05bed6e6acc8219cf59737187f6687ebd4bc25239a7c5bc45bedd1e475ba2d5a4df770495409ebc51ff8a91556130a03215e52eed25881d8056ba5354a868e2bcda01acf7bd2bef2bfae787b3fbdbcf445d4b97025cf142d4abf293f20b80bb4f50ba68731e665c31b95d19f7526d0ce710950b3c3f612b1f559d59a6283550b46567d93f634acdbbd72587086054402ad2a6b8510cb5cde633e4b3a681f958ecea9f6833d128374431bd616361b6085e1da0a7db891ec72dfb086dfff8750adc7b640b43cd8e83f06d0da13286aaf8555352163e1b4ad87a5e63e8db084afaf233ecab8fa86e826824e55325724ad358da5f404a5cd99110d921ebe366181941d4fdb4f4fad177d05f2810e5e7389ca7bc7ab14b7a67aeb1a79338daeac929948c01bd2abf9429ebabad079f35010d2545137925c24e6847b0a6cfeae2c42b80388a8111b33f5828b33a8e9bb7812c1058dd836d94ca396b8844c59e829f8eeb683a04c8d599ee7727a849a8da39ac7c7ffe31c3599dbdba0c6750deab9b98b397568a6da4b13cf7ff226359a218e0a0805bd8327e85e048b81702edbb6a4f7e4d24d7e2ccb3564741ec02df5c04b3cc19938307e60039040a8456da9ff1198bae72be1e1082326d9714f6be0e3ac38c67b503476fed0d031e020e1eb9323a635891e09cf38e78550ba1468915b6072b628e03d82cdb548177464ca32e50af1095f631006fc0cd757133da46a3d6b85c7c552b2159731b98aa71966a9417a9fadcff33f17f9338fa9e9b537ddc8f2fb6f1008ef13f0e22b1edcb39667d05f102f2075d060bc8e5c2b7ec4d8995e5e8da2ba1eac148d4376787f888fcaaef31780dc7485fffbe9992ef09dccbf6f14cdabdba73bc8e91ef9d4445ffa54bafee8bf37493725215ffbd34adbcc20f4bddbe98b633bfe5c24193a242871bc294d5cab22d53956e5da1db303fdb0eb97abeacc9e42734d40f97f249d5ee1e60075404867216916e3241e251148ba937acd83a10b9aeed8f4ba197faf0cb1ef35eef28f440f476823d98d438a50a7e63096d1d0a10f2ed52b174bc39bf57d8826e92e1badab1e4f0542f963ee8b9be6926aebcc14dd1ba2f26eec87def23d2bbaeb333b07798f8bfdd6388a64ba41d059c6d0d5cf33d5f4c481d876e77665bb8d78163939c80375fb17647a740e0bbb1506ecb524251a9eface9bee4a3cfa3a1af37cdc7d0a6e592b0a4869f98de70353796ede2bf02c2c79e60312627e4b7852095d8ec7ae52340b88d8b3a5bd524b658d5239f6c9a55b0ba5db05404889f963adc064929d7f6ef4deb04de30ee4e9ceea52ea8458af85fa7c93a2ff5de5dae486616e6cead0cceb286cfaa938eb8581c83c3f2c845703f2bfc5e49b1f33744d0506f90ab17539ebc33a0ba6e4a6d37d3ff6f84cc7362fc627650fb4b82b5e8b287ba31e1f3bfa0a8f8b6984c9ea3ed363abc853dd2a7e529682a2a95b349bf82b25d3f7f5bf24c518485dd749d220d7f3b1af8c3bf08e5bce0818ab46a6d5f4fffb59f3d8020edc49d1938b5007c01bff2f3e1a774bd12b432ed8df3f41f0c506104c18342b17aad226af2ceea638a6a0ba412f2f20058be594f0825f37287df2273ed26b072560098fecc7995b146b4d796d96b6c1431637a6b5673b2523aa75bc73aec62a62e968d159ca19e2e858f04f7b823eb10db16b572fd572d992dde56b2e5e0958aa6f93ab833fcb1c55efb2323d15a8b3baebe5fcb059a38da5836987748963aa7863ed930fbf683f273128ef925d45b0d15d04fe5f3418a0cf20daea19cd851e1c09e4da690c64a4c30975f419e6916c7cf389b429c765afeab313ac13eabdf40ea371bb94eb64efae687ccc306ee5cdb3dede98f7698939080eca82f5bed3a41368e9129269532dd66bc5cf9c6822ad2d25270d6c8908d82eaa4a1bdcea38c6501325a71c637a25d45bb0d3242a33d61d85975a04a2691a6023dadcc2bbbebb1edcc470f9abc33090ee4dc8f671a760cba6398076632d55e98c8187b3359a2cbd5b7ab11ac372f63b2a972be198c964253185561b96c554fddbd4cdcc85f098dd17fad450bdbc752c0b4bc4961f8a35d19073a60e028b446e5e4c40faeb68dcbf42c499a26eaceff332d6a37d3d2ebfb61e3ef3d3574962a3d4f18c812fddb4a4af0d51e16e18016fba72c46e727c0b18989d87dac6f13f884a6ae36104b65e58a45f835d61b3ea30b2f053d89741c0e6cd685557b41ed83cb46f75d7e2e31eb97718ea3fdc0f5cb64805c2cebdf5026a3bcdf8c64a94b1b8fee668edbca31cb7bdb09191357346ab9255136eb914b719e696c7517798151eff8084ca1ae9579b36cef4314e758af253d58968feab4d16ece4dd1b4051982590eaa6bbce73b53c1577cd0bc66aed71e9bcc0a12a806b57018a5390590562bb423ae44315c3e00ff75835830a3cfdfa9d9616fcfca5f624c2acea56b0f4e4f31f3289960226af95db205f6ea85d9fb0bcd8b9d7b0adacf3f6e97900dd93cf9969ef4952446891a91eef98bded3931ba94246c0fc0e0ea650f073d275447abde5425a12378ca277aac4420c7a5e3472e3b7ca8f909b771493da10fdd01ef586e9a3a64dc3c41b924d4607715bff3460965a301d31c92b57cbe75771e577ddf7c91331f8f54db110c4f1637052bee57ba2df2ff4e7f2920104171d958f7e55efabf3f68fd2cae225a8aa22bb3b567477e9accb1f2afe79d3679cfc55dba877d99bcd6cb483ca2bfb500ff76466f6d2704ea5f870fde7ca1da6423e456139f9997bc0498abdaf0d17e7da9a7b70b7fd9bd6c155f0f77ece166a6515dd7ec249d21d57958d1bbb7c3d2e832a6961ae185d340e728fb3d62f256ce5b96c29bfd472b32448bef71dd6a086da8043d72d4cefa3194d0e21ba88dc22f750b2e8242360c8e61f0f20059bd0160e457fae3ca73b72a19bcc1aead9cb8ed53522252e952a57a7c779361e677b30dd7437e89f0e38b443db7a20bfbf7d762c734cf5f21971afbf22531b0d037658a1057e63758ec9aef55a1910c60f4aaa9d6f0fef66a77a12511540305dd81c46fc5cf3b0ce21511ea1317ff3eec94efc3e0f9dfd18da3fbed0fa393d6cea1144f640ea26d163ec69e7ea4883e3e0dfa83f9c5c1da202525ea534d43b3fa345e8bf5b51ac95a4a2cedcf7252bf910ab81545fa1f4f219dd93ef0df79f8cf8818349a82ac4c7617f1f65fe1567d08ceb0b6c54ee7e7b30615bde7a3f76ef39f08cd9b665d2d896f30e7f2e6b570dc356b92c1385d42d590113416d8e6a6fbb8841b64f8166a803dd4a3a45dec98f67d80ae4b3a08eec8bd92e9b4afbee75e4377d84dc1fa80f1990f7d335328400ed96d9c86d7211158894c7b8e8ffc0a9ca516c7fa85220890dc2b3e6701e6119a36476cc737ab2de33741c091791a5b34dba0efca9d95e13d98b31ecd0a5dbb7626bf657fa2d02b6450b04b4ff05441f81169503af6b9d31797089fefe2c0268b4b5f89c782651f4d93d0f9bd0df964504b5c10bafef0b031db5318eaa2cd6cd30a75d0654eacff27540a6b55cd9e00e2ec955b41f8af8696a037a5efe38f61950502e7faf83d33ca0fd3c7c2a81ef93cbdceaf2d0bbd540eb7f17544f681730fcd032bb1f27afcc7212b34809ec0a6425bb214397844dd1c93fd2694254fd388625fd6783be43b08a1124dfb7619a45bc965b354e155e9749bfe7a12afed20dab412d36f105df8c81dcb530923c505aa164715a0c449f5e053bbe04c71aaa5985fd48bd32907643f9d6a8c2f5a023fcf9b972cc3c21b75a09a625a7c5227c7f8ecc9f341edef7f34e3132f95606c44322a3496a8fd2cc00ef095ed03f1fb4f38d07430840955db6a3292fac52092915ef0d570e0adbabe0be783269b4f1a5959faf53200b8f55b27d300646ceea7aaee977a3b9fa05a8f15393f1e83550b8b95d2af765521c93c29928d474983b95d02aa5566f69c65547291ae516c4ae65d063741c875eee6de7a34a245c388a97ba76d59f9e0cbbbd547f40ffba7d25e52b0fa71f70f58c7667bf5d1ed060d1e1e5ba196fa5924885b52f998712f52f421720c802b023bc808f08958e51d0a1de0c0e381ae3acd3ee767f804be39be93a23a16a8084efe061f86f188d1b83318a65d1c7a3883e99388a114400fea1bf2f9bc504ae366ccb1e333338416093a3a860b70c516b53c6ee11943614782bda17b1da0c7bb6ec90f854a5b6c247cfffc98f54e986fb6a612e6b79571fafcab322cc8a65c9da78cda9df64da7149fb5ab4e35f9eabfd0969a33f3dbf1ce6fcaaa1ed1aefdf9de6fccbfe0c5848e0ed796049dfe23e96c0ef4e1d332317d2a0aa944a862331ce9"}) close(r1) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x9, &(0x7f0000000000)=0x5, 0x4) getsockopt$inet6_tcp_int(r3, 0x6, 0x9, 0x0, &(0x7f00000000c0)) r4 = socket(0x1e, 0x4, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) connect$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10) r5 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x200fc0) [ 1805.558144][ T7011] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000047 [ 1805.566086][ T7011] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1805.576867][ T7011] tipc: Failed do clone local mcast rcv buffer [ 1805.583567][ T7011] ================================================================== [ 1805.591632][ T7011] BUG: KASAN: use-after-free in tipc_mcast_xmit+0x101f/0x1690 [ 1805.599068][ T7011] Read of size 8 at addr ffff888193238c80 by task syz-executor.2/7011 [ 1805.607191][ T7011] 03:04:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000000474000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}], 0x0, &(0x7f00000000c0)={[{@dioread_nolock='dioread_nolock'}]}) [ 1805.609501][ T7011] CPU: 1 PID: 7011 Comm: syz-executor.2 Tainted: G W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1805.614941][ T7031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7031 comm=syz-executor.4 [ 1805.620916][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1805.620919][ T7011] Call Trace: [ 1805.620933][ T7011] dump_stack+0x1b0/0x21e [ 1805.620942][ T7011] ? show_regs_print_info+0x12/0x12 [ 1805.620953][ T7011] ? printk+0xc0/0x104 [ 1805.660366][ T7011] ? printk+0xc0/0x104 [ 1805.664424][ T7011] print_address_description+0x96/0x5d0 [ 1805.669954][ T7011] ? devkmsg_release+0x11c/0x11c [ 1805.674869][ T7011] ? skb_clone+0x1f4/0x370 [ 1805.679268][ T7011] ? kfree_skb+0x1b6/0x220 [ 1805.683652][ T7011] ? tipc_msg_reassemble+0x3e2/0x590 [ 1805.688903][ T7011] __kasan_report+0x14b/0x1c0 [ 1805.693551][ T7011] ? tipc_mcast_xmit+0x101f/0x1690 [ 1805.698633][ T7011] kasan_report+0x27/0x50 [ 1805.702940][ T7011] tipc_mcast_xmit+0x101f/0x1690 [ 1805.707853][ T7011] ? tipc_bcast_dec_bearer_dst_cnt+0x240/0x240 [ 1805.713970][ T7011] ? __check_object_size+0x2e5/0x3b0 [ 1805.719228][ T7011] tipc_sendmcast+0xc00/0xeb0 [ 1805.723874][ T7011] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1805.729480][ T7011] ? memset+0x1f/0x40 [ 1805.733441][ T7011] ? unwind_next_frame+0x1c07/0x22b0 [ 1805.738701][ T7011] ? wait_woken+0x250/0x250 [ 1805.743183][ T7011] ? ext4_mpage_readpages+0x1e31/0x1eb0 [ 1805.748698][ T7011] __tipc_sendmsg+0x120d/0x2ce0 [ 1805.753521][ T7011] ? local_bh_enable+0x20/0x20 [ 1805.758250][ T7011] ? blk_flush_plug_list+0x4b7/0x500 [ 1805.763505][ T7011] ? prep_new_page+0x11a/0x380 [ 1805.768238][ T7011] ? _raw_spin_lock_bh+0xa4/0x180 [ 1805.773284][ T7011] ? _local_bh_enable+0x30/0x30 [ 1805.778108][ T7011] ? memset+0x1f/0x40 [ 1805.782100][ T7011] ? selinux_socket_sendmsg+0x10b/0x320 [ 1805.787613][ T7011] ? lock_sock_nested+0x25a/0x320 [ 1805.792603][ T7011] ? xas_load+0x468/0x4c0 [ 1805.796905][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1805.802595][ T7011] ? tipc_recvmsg+0x1740/0x1740 [ 1805.807413][ T7011] tipc_sendmsg+0x51/0x70 [ 1805.811712][ T7011] kernel_sendmsg+0xe2/0x120 [ 1805.816272][ T7011] sock_no_sendpage+0x13f/0x1b0 [ 1805.821095][ T7011] ? __receive_sock+0xb0/0xb0 [ 1805.825794][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1805.831540][ T7011] ? __receive_sock+0xb0/0xb0 [ 1805.836191][ T7011] sock_sendpage+0xd0/0x120 [ 1805.840666][ T7011] pipe_to_sendpage+0x23b/0x300 [ 1805.845495][ T7011] ? sock_fasync+0xf0/0xf0 [ 1805.849887][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1805.855486][ T7011] ? atime_needs_update+0x2cf/0x570 [ 1805.860655][ T7011] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1805.866608][ T7011] __splice_from_pipe+0x2d3/0x870 [ 1805.871601][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1805.877208][ T7011] generic_splice_sendpage+0x172/0x200 [ 1805.882649][ T7011] ? iter_file_splice_write+0xf20/0xf20 [ 1805.888165][ T7011] ? direct_splice_actor+0x25/0x120 [ 1805.893330][ T7011] splice_direct_to_actor+0x496/0xb00 [ 1805.899190][ T7011] ? do_splice_direct+0x3d0/0x3d0 [ 1805.904182][ T7011] ? pipe_to_sendpage+0x300/0x300 [ 1805.909223][ T7011] ? security_file_permission+0x128/0x300 [ 1805.914908][ T7011] do_splice_direct+0x279/0x3d0 [ 1805.919743][ T7011] ? splice_direct_to_actor+0xb00/0xb00 [ 1805.925272][ T7011] ? security_file_permission+0x128/0x300 [ 1805.930962][ T7011] do_sendfile+0x89d/0x1110 [ 1805.935439][ T7011] ? compat_writev+0x390/0x390 [ 1805.940173][ T7011] ? security_file_permission+0x128/0x300 [ 1805.945887][ T7011] ? vfs_write+0x427/0x4f0 [ 1805.950270][ T7011] ? fput_many+0x42/0x1a0 [ 1805.954566][ T7011] __x64_sys_sendfile64+0x1ae/0x220 [ 1805.959730][ T7011] ? __ia32_sys_sendfile+0x240/0x240 [ 1805.964988][ T7011] do_syscall_64+0xcb/0x150 [ 1805.969458][ T7011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1805.975319][ T7011] RIP: 0033:0x45dd99 [ 1805.979203][ T7011] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1805.998776][ T7011] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1806.007178][ T7011] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1806.015121][ T7011] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1806.023062][ T7011] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1806.031004][ T7011] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000047 [ 1806.038948][ T7011] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1806.046901][ T7011] [ 1806.049197][ T7011] Allocated by task 7011: [ 1806.053500][ T7011] __kasan_kmalloc+0x117/0x1b0 [ 1806.058232][ T7011] kmem_cache_alloc+0x1d5/0x250 [ 1806.063054][ T7011] __alloc_skb+0x88/0x4d0 [ 1806.067353][ T7011] tipc_msg_build+0x727/0x1a60 [ 1806.072083][ T7011] tipc_sendmcast+0x92a/0xeb0 [ 1806.076724][ T7011] __tipc_sendmsg+0x120d/0x2ce0 [ 1806.081538][ T7011] tipc_sendmsg+0x51/0x70 [ 1806.085832][ T7011] kernel_sendmsg+0xe2/0x120 [ 1806.090387][ T7011] sock_no_sendpage+0x13f/0x1b0 [ 1806.095200][ T7011] sock_sendpage+0xd0/0x120 [ 1806.099712][ T7011] pipe_to_sendpage+0x23b/0x300 [ 1806.104582][ T7011] __splice_from_pipe+0x2d3/0x870 [ 1806.109578][ T7011] generic_splice_sendpage+0x172/0x200 [ 1806.115000][ T7011] splice_direct_to_actor+0x496/0xb00 [ 1806.120337][ T7011] do_splice_direct+0x279/0x3d0 [ 1806.125160][ T7011] do_sendfile+0x89d/0x1110 [ 1806.129629][ T7011] __x64_sys_sendfile64+0x1ae/0x220 [ 1806.134792][ T7011] do_syscall_64+0xcb/0x150 [ 1806.139272][ T7011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1806.145130][ T7011] [ 1806.147428][ T7011] Freed by task 7011: [ 1806.151385][ T7011] __kasan_slab_free+0x168/0x220 [ 1806.156287][ T7011] slab_free_freelist_hook+0xd0/0x150 [ 1806.161621][ T7011] kmem_cache_free+0xac/0x5c0 [ 1806.166261][ T7011] tipc_buf_append+0x2d1/0xad0 [ 1806.170992][ T7011] tipc_msg_reassemble+0x331/0x590 [ 1806.176107][ T7011] tipc_mcast_xmit+0x223/0x1690 [ 1806.180923][ T7011] tipc_sendmcast+0xc00/0xeb0 [ 1806.185563][ T7011] __tipc_sendmsg+0x120d/0x2ce0 [ 1806.190379][ T7011] tipc_sendmsg+0x51/0x70 [ 1806.194672][ T7011] kernel_sendmsg+0xe2/0x120 [ 1806.199226][ T7011] sock_no_sendpage+0x13f/0x1b0 [ 1806.204041][ T7011] sock_sendpage+0xd0/0x120 [ 1806.208509][ T7011] pipe_to_sendpage+0x23b/0x300 [ 1806.213326][ T7011] __splice_from_pipe+0x2d3/0x870 [ 1806.218320][ T7011] generic_splice_sendpage+0x172/0x200 [ 1806.223749][ T7011] splice_direct_to_actor+0x496/0xb00 [ 1806.229101][ T7011] do_splice_direct+0x279/0x3d0 [ 1806.233918][ T7011] do_sendfile+0x89d/0x1110 [ 1806.238386][ T7011] __x64_sys_sendfile64+0x1ae/0x220 [ 1806.243550][ T7011] do_syscall_64+0xcb/0x150 [ 1806.248036][ T7011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1806.253910][ T7011] [ 1806.256208][ T7011] The buggy address belongs to the object at ffff888193238c80 [ 1806.256208][ T7011] which belongs to the cache skbuff_fclone_cache of size 488 [ 1806.270925][ T7011] The buggy address is located 0 bytes inside of [ 1806.270925][ T7011] 488-byte region [ffff888193238c80, ffff888193238e68) [ 1806.283985][ T7011] The buggy address belongs to the page: [ 1806.289592][ T7011] page:ffffea00064c8e00 refcount:1 mapcount:0 mapping:ffff8881daa92c80 index:0x0 compound_mapcount: 0 [ 1806.300493][ T7011] flags: 0x8000000000010200(slab|head) [ 1806.306890][ T7011] raw: 8000000000010200 ffffea0005ba5f80 0000000300000003 ffff8881daa92c80 [ 1806.315444][ T7011] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 1806.323987][ T7011] page dumped because: kasan: bad access detected [ 1806.330360][ T7011] [ 1806.332656][ T7011] Memory state around the buggy address: [ 1806.338255][ T7011] ffff888193238b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc [ 1806.346280][ T7011] ffff888193238c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1806.354306][ T7011] >ffff888193238c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1806.362329][ T7011] ^ [ 1806.366363][ T7011] ffff888193238d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1806.374492][ T7011] ffff888193238d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1806.382518][ T7011] ================================================================== [ 1806.390549][ T7011] Disabling lock debugging due to kernel taint [ 1806.403657][ T7011] kasan: CONFIG_KASAN_INLINE enabled [ 1806.412091][ T7011] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 1806.426459][ T7011] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 1806.433396][ T7011] CPU: 1 PID: 7011 Comm: syz-executor.2 Tainted: G B W 5.4.68-syzkaller-00475-g673e6740f870 #0 [ 1806.444835][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1806.454877][ T7011] RIP: 0010:tipc_mcast_xmit+0x1061/0x1690 [ 1806.460578][ T7011] Code: af fd 4d 8b 67 08 4d 8d 6e 08 ba 10 00 00 00 4c 89 ff 31 f6 e8 70 e5 ae fd 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 21 10 af fd 4d 89 66 08 4c 89 e0 48 [ 1806.480626][ T7011] RSP: 0018:ffff888198676f00 EFLAGS: 00010202 [ 1806.486674][ T7011] RAX: 0000000000000001 RBX: ffff888198677180 RCX: dffffc0000000000 [ 1806.494630][ T7011] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffff88816ee15510 [ 1806.502589][ T7011] RBP: ffff8881986770d0 R08: dffffc0000000000 R09: ffff88816ee15500 [ 1806.510546][ T7011] R10: ffffed102ddc2aa2 R11: 00000000000000fb R12: ffff888198677180 [ 1806.518502][ T7011] R13: 0000000000000008 R14: 0000000000000000 R15: ffff88816ee15500 [ 1806.526462][ T7011] FS: 00007f2f7adfa700(0000) GS:ffff8881db900000(0000) knlGS:0000000000000000 [ 1806.535374][ T7011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1806.541938][ T7011] CR2: 00007f79cb9ff710 CR3: 000000015f756003 CR4: 00000000001606e0 [ 1806.549900][ T7011] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1806.557852][ T7011] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1806.565807][ T7011] Call Trace: [ 1806.569088][ T7011] ? tipc_bcast_dec_bearer_dst_cnt+0x240/0x240 [ 1806.575228][ T7011] ? __check_object_size+0x2e5/0x3b0 [ 1806.580502][ T7011] tipc_sendmcast+0xc00/0xeb0 [ 1806.585164][ T7011] ? tipc_send_group_unicast+0x7d0/0x7d0 [ 1806.590780][ T7011] ? memset+0x1f/0x40 [ 1806.594740][ T7011] ? unwind_next_frame+0x1c07/0x22b0 [ 1806.599988][ T7011] ? wait_woken+0x250/0x250 [ 1806.604460][ T7011] ? ext4_mpage_readpages+0x1e31/0x1eb0 [ 1806.609994][ T7011] __tipc_sendmsg+0x120d/0x2ce0 [ 1806.614820][ T7011] ? local_bh_enable+0x20/0x20 [ 1806.619557][ T7011] ? blk_flush_plug_list+0x4b7/0x500 [ 1806.624809][ T7011] ? prep_new_page+0x11a/0x380 [ 1806.629538][ T7011] ? _raw_spin_lock_bh+0xa4/0x180 [ 1806.634526][ T7011] ? _local_bh_enable+0x30/0x30 [ 1806.639343][ T7011] ? memset+0x1f/0x40 [ 1806.643334][ T7011] ? selinux_socket_sendmsg+0x10b/0x320 [ 1806.648848][ T7011] ? lock_sock_nested+0x25a/0x320 [ 1806.653881][ T7011] ? xas_load+0x468/0x4c0 [ 1806.658184][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1806.663870][ T7011] ? tipc_recvmsg+0x1740/0x1740 [ 1806.668683][ T7011] tipc_sendmsg+0x51/0x70 [ 1806.672979][ T7011] kernel_sendmsg+0xe2/0x120 [ 1806.677579][ T7011] sock_no_sendpage+0x13f/0x1b0 [ 1806.682438][ T7011] ? __receive_sock+0xb0/0xb0 [ 1806.687084][ T7011] ? ktime_get_coarse_real_ts64+0xd9/0xf0 [ 1806.692769][ T7011] ? __receive_sock+0xb0/0xb0 [ 1806.697414][ T7011] sock_sendpage+0xd0/0x120 [ 1806.701887][ T7011] pipe_to_sendpage+0x23b/0x300 [ 1806.706718][ T7011] ? sock_fasync+0xf0/0xf0 [ 1806.711100][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1806.716698][ T7011] ? atime_needs_update+0x2cf/0x570 [ 1806.721863][ T7011] ? page_cache_pipe_buf_confirm+0x113/0x210 [ 1806.727807][ T7011] __splice_from_pipe+0x2d3/0x870 [ 1806.732798][ T7011] ? generic_splice_sendpage+0x200/0x200 [ 1806.738495][ T7011] generic_splice_sendpage+0x172/0x200 [ 1806.743919][ T7011] ? iter_file_splice_write+0xf20/0xf20 [ 1806.749438][ T7011] ? direct_splice_actor+0x25/0x120 [ 1806.754599][ T7011] splice_direct_to_actor+0x496/0xb00 [ 1806.759936][ T7011] ? do_splice_direct+0x3d0/0x3d0 [ 1806.764923][ T7011] ? pipe_to_sendpage+0x300/0x300 [ 1806.769929][ T7011] ? security_file_permission+0x128/0x300 [ 1806.775619][ T7011] do_splice_direct+0x279/0x3d0 [ 1806.780436][ T7011] ? splice_direct_to_actor+0xb00/0xb00 [ 1806.785949][ T7011] ? security_file_permission+0x128/0x300 [ 1806.791661][ T7011] do_sendfile+0x89d/0x1110 [ 1806.796135][ T7011] ? compat_writev+0x390/0x390 [ 1806.800864][ T7011] ? security_file_permission+0x128/0x300 [ 1806.806546][ T7011] ? vfs_write+0x427/0x4f0 [ 1806.810945][ T7011] ? fput_many+0x42/0x1a0 [ 1806.815245][ T7011] __x64_sys_sendfile64+0x1ae/0x220 [ 1806.820411][ T7011] ? __ia32_sys_sendfile+0x240/0x240 [ 1806.825665][ T7011] do_syscall_64+0xcb/0x150 [ 1806.830135][ T7011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1806.835989][ T7011] RIP: 0033:0x45dd99 [ 1806.839851][ T7011] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1806.859422][ T7011] RSP: 002b:00007f2f7adf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1806.867801][ T7011] RAX: ffffffffffffffda RBX: 0000000000027ec0 RCX: 000000000045dd99 [ 1806.875739][ T7011] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 1806.883677][ T7011] RBP: 00007f2f7adf9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 1806.891613][ T7011] R10: 0000000000200fc0 R11: 0000000000000246 R12: 0000000000000047 [ 1806.899550][ T7011] R13: 00007ffd7797151f R14: 00007f2f7adfa9c0 R15: 000000000118bf2c [ 1806.907487][ T7011] Modules linked in: [ 1806.911579][ T7011] ---[ end trace ec257be556f29a8f ]--- [ 1806.917094][ T7011] RIP: 0010:tipc_mcast_xmit+0x1061/0x1690 [ 1806.923051][ T7011] Code: af fd 4d 8b 67 08 4d 8d 6e 08 ba 10 00 00 00 4c 89 ff 31 f6 e8 70 e5 ae fd 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 ef e8 21 10 af fd 4d 89 66 08 4c 89 e0 48 [ 1806.942672][ T7011] RSP: 0018:ffff888198676f00 EFLAGS: 00010202 [ 1806.948716][ T7011] RAX: 0000000000000001 RBX: ffff888198677180 RCX: dffffc0000000000 [ 1806.956689][ T7011] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffff88816ee15510 [ 1806.964662][ T7011] RBP: ffff8881986770d0 R08: dffffc0000000000 R09: ffff88816ee15500 [ 1806.972642][ T7011] R10: ffffed102ddc2aa2 R11: 00000000000000fb R12: ffff888198677180 [ 1806.980590][ T7011] R13: 0000000000000008 R14: 0000000000000000 R15: ffff88816ee15500 [ 1806.988556][ T7011] FS: 00007f2f7adfa700(0000) GS:ffff8881db900000(0000) knlGS:0000000000000000 [ 1806.997483][ T7011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1807.004085][ T7011] CR2: 00007f79cb9ff710 CR3: 000000015f756003 CR4: 00000000001606e0 [ 1807.012076][ T7011] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1807.020024][ T7011] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1807.027984][ T7011] Kernel panic - not syncing: Fatal exception [ 1807.034799][ T7011] Kernel Offset: disabled [ 1807.039097][ T7011] Rebooting in 86400 seconds..