7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x60182300) 18:52:05 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x7100}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:05 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x0, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 493.290653][T12215] IPVS: ftp: loaded support on port[0] = 21 18:52:06 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x200, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0xfd, 0x0, 0x0, 0x1}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x600402, 0x0) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000002c0)=[@in6={0xa, 0x4e24, 0x4, @empty}, @in6={0xa, 0x4e21, 0x6, @empty}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e21, 0x5, @remote, 0xd}, @in6={0xa, 0x4e22, 0x1333, @ipv4={[], [], @multicast1}, 0x8}, @in6={0xa, 0x4e21, 0x4540, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6fc}, @in6={0xa, 0x4e21, 0x80, @rand_addr="72c5bd0525fcec624cb85c356ae01e40", 0xf44}, @in6={0xa, 0x4e20, 0x7, @remote, 0xff}], 0xd4) 18:52:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:07 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x7300}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x64000000) 18:52:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0xe}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:07 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x0, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:07 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x401, 0x300) ioctl$TCSBRK(r1, 0x5409, 0x5) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x801) ioctl$LOOP_SET_FD(r0, 0x4c00, r3) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 494.688356][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 494.688383][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 494.694172][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:52:07 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x7400}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:07 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x65000000) 18:52:07 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x8cdc62288b6b7e93, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') lsetxattr$security_ima(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.ima\x00', &(0x7f00000001c0)=@ng={0x4, 0xf, "d8fd00be9a6aade453"}, 0xb, 0x1) readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f00000000c0)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0]}) r3 = syz_open_pts(r1, 0x4000000000000002) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:07 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x7a00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 495.248403][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 495.254227][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 495.260049][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 495.265824][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 495.613842][T12281] IPVS: ftp: loaded support on port[0] = 21 [ 496.112944][T12252] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 496.123392][T12252] CPU: 1 PID: 12252 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 496.131276][T12252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 496.141327][T12252] Call Trace: [ 496.144611][T12252] dump_stack+0xf5/0x159 [ 496.148850][T12252] dump_header+0xaa/0x449 [ 496.153181][T12252] oom_kill_process.cold+0x10/0x15 [ 496.158304][T12252] out_of_memory+0x231/0xa00 [ 496.162884][T12252] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 496.168623][T12252] mem_cgroup_out_of_memory+0x128/0x150 [ 496.174166][T12252] try_charge+0xb3a/0xbc0 [ 496.178488][T12252] ? rcu_note_context_switch+0x700/0x760 [ 496.184115][T12252] mem_cgroup_try_charge+0xd2/0x260 [ 496.189427][T12252] mem_cgroup_try_charge_delay+0x3a/0x80 [ 496.195119][T12252] wp_page_copy+0x322/0x1160 [ 496.199774][T12252] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 496.205395][T12252] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 496.211101][T12252] do_wp_page+0x192/0x11f0 [ 496.215521][T12252] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 496.221147][T12252] __handle_mm_fault+0x1c07/0x2cb0 [ 496.226397][T12252] handle_mm_fault+0x21b/0x530 [ 496.231158][T12252] __get_user_pages+0x485/0x1160 [ 496.236130][T12252] populate_vma_page_range+0xe6/0x100 [ 496.241519][T12252] __mm_populate+0x168/0x2a0 [ 496.246099][T12252] __x64_sys_mlockall+0x2e3/0x320 [ 496.251212][T12252] do_syscall_64+0xcc/0x370 [ 496.255708][T12252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 496.261615][T12252] RIP: 0033:0x459f39 [ 496.265507][T12252] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 496.285214][T12252] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 496.293685][T12252] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 496.301641][T12252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 496.309596][T12252] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 496.317611][T12252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 496.325566][T12252] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 496.335201][T12252] memory: usage 307200kB, limit 307200kB, failcnt 54 [ 496.342010][T12252] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.348998][T12252] Memory cgroup stats for /syz5: [ 496.349851][T12252] anon 308547584 [ 496.349851][T12252] file 102400 [ 496.349851][T12252] kernel_stack 368640 [ 496.349851][T12252] slab 2142208 [ 496.349851][T12252] sock 4096 [ 496.349851][T12252] shmem 81920 [ 496.349851][T12252] file_mapped 135168 [ 496.349851][T12252] file_dirty 0 [ 496.349851][T12252] file_writeback 0 [ 496.349851][T12252] anon_thp 274726912 [ 496.349851][T12252] inactive_anon 44617728 [ 496.349851][T12252] active_anon 15319040 [ 496.349851][T12252] inactive_file 0 [ 496.349851][T12252] active_file 135168 [ 496.349851][T12252] unevictable 248471552 [ 496.349851][T12252] slab_reclaimable 540672 [ 496.349851][T12252] slab_unreclaimable 1601536 [ 496.349851][T12252] pgfault 34518 [ 496.349851][T12252] pgmajfault 0 [ 496.349851][T12252] workingset_refault 0 [ 496.349851][T12252] workingset_activate 0 [ 496.349851][T12252] workingset_nodereclaim 0 [ 496.349851][T12252] pgrefill 33 [ 496.349851][T12252] pgscan 33 [ 496.349851][T12252] pgsteal 0 [ 496.444853][T12252] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12248,uid=0 [ 496.461012][T12252] Memory cgroup out of memory: Killed process 12248 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 496.481308][ T1062] oom_reaper: reaped process 12248 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:09 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0xb000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:09 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x66000000) 18:52:09 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x3, 0x1) ioctl$VT_WAITACTIVE(r2, 0x5607) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a5}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:09 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000080)=0x44) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 496.768341][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 496.768351][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 496.768411][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:52:09 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0xc000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x67000000) 18:52:09 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 497.088940][T12302] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 497.118492][T12302] CPU: 1 PID: 12302 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 497.126415][T12302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 497.136494][T12302] Call Trace: [ 497.139811][T12302] dump_stack+0xf5/0x159 [ 497.144082][T12302] dump_header+0xaa/0x449 [ 497.148442][T12302] oom_kill_process.cold+0x10/0x15 [ 497.153596][T12302] out_of_memory+0x231/0xa00 [ 497.158263][T12302] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 497.163995][T12302] mem_cgroup_out_of_memory+0x128/0x150 [ 497.169642][T12302] try_charge+0xb3a/0xbc0 [ 497.174001][T12302] ? rcu_note_context_switch+0x700/0x760 [ 497.179662][T12302] mem_cgroup_try_charge+0xd2/0x260 [ 497.184888][T12302] mem_cgroup_try_charge_delay+0x3a/0x80 [ 497.190548][T12302] __handle_mm_fault+0x179a/0x2cb0 [ 497.195695][T12302] handle_mm_fault+0x21b/0x530 [ 497.200566][T12302] __get_user_pages+0x485/0x1160 [ 497.205632][T12302] populate_vma_page_range+0xe6/0x100 [ 497.211111][T12302] __mm_populate+0x168/0x2a0 [ 497.215725][T12302] __x64_sys_mlockall+0x2e3/0x320 [ 497.220775][T12302] do_syscall_64+0xcc/0x370 [ 497.225342][T12302] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 497.231247][T12302] RIP: 0033:0x459f39 18:52:09 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 497.235173][T12302] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 497.254800][T12302] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 497.263244][T12302] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 497.271229][T12302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 497.279259][T12302] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:52:09 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x410000, 0x0) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x82, &(0x7f0000000000)=@assoc_value={r5}, 0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000000)={r5, 0xff}, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000840)=@assoc_value={0x0}, &(0x7f0000000880)=0x8) r8 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r8, 0x84, 0x82, &(0x7f0000000000)=@assoc_value={r9}, 0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000000)={r9, 0xff}, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r10, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f00000008c0)=@assoc_value={0x0}, &(0x7f0000000900)=0x8) r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r12, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_sctp6_SCTP_CONTEXT(r12, 0x84, 0x11, &(0x7f00000020c0)={0x0, 0x8}, &(0x7f0000002100)=0x8) r14 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r14, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r15 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r15, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r15, 0x84, 0x82, &(0x7f0000000000)=@assoc_value={r16}, 0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000000)={r16, 0xff}, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r14, 0x84, 0x6d, &(0x7f00000024c0)=ANY=[@ANYRES32=r16, @ANYBLOB="8c0000000350d80fa0b032d8bb86c615de6e8d93a9d7a26f1581eb9d4d0cb515b9c6faca63827652cd142f69ea38196fe7bd9a6c1e6ea7488e64cc67c7952a7fed77b5ff4069e3390ae489a149b356e017f3f41f02aac2637448205cfd5e36b47ddc99f95194ed075d65a5c01a863998360453ac02932bdefdf2c26500000000000000caeb5ad91bca76af3d0d1b2f488d3caf00b3189a636b2b6713fdd8671111df34115fd5a687d9d1b9adb93691d24fe6674d898190ed969e05f8813c596c6c00b114a105d53427c0769bb2097fa77fb3427e994858e26430ca0995d007000000ca9b1af04c06edcf2ab4fbea4e1af2ea07bb07800959a5db49f9dcc562e9b1cc31932da44ce4fa41e76b"], &(0x7f0000002200)=0x94) sendmmsg$inet_sctp(r3, &(0x7f0000002380)=[{&(0x7f00000000c0)=@in6={0xa, 0x4e22, 0x0, @remote, 0x40}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000001c0)="bc6ba27f4ac0567ea5a7363948d97e5b0531ac96de22641c266ecd8caa372cf8cdfb4dd910d99b33d88910073013ec42176d336e9b4f4ce3b61ca37b3e02ee0e8fb0d6aa003430882732dab36053753b5356ceb92cd2a5fcfde63a1463918acd59c72eadb031ad79ee909a62ae472dd81dc054705e5e8089985880fd3bb1d6e72b3ab759377b419f8f13402d99adb4886025b7d5d4c032", 0x97}, {&(0x7f0000000100)="2822fca4091fa350d5be202f30a386cca982f3fed7f803b817e58db5fcf77bfe20603995a084b6af8007858c6afde749e173ed1d568e0d8d", 0x38}, {&(0x7f0000000140)="857239aa84c3993861f71ec5e97fe18ec3705c5c80eb5d7264a42e8875f0921f1b398574797446980c", 0x29}], 0x3, &(0x7f00000002c0)=[@dstaddrv4={0x18, 0x84, 0x7, @loopback}, @sndinfo={0x20, 0x84, 0x2, {0x8, 0x8, 0x5, 0x2}}, @dstaddrv6={0x20, 0x84, 0x8, @rand_addr="bc1fabcd03a50e6b1f98ef6074eca4e3"}, @authinfo={0x18, 0x84, 0x6, {0x7fff}}], 0x70, 0x4000000}, {&(0x7f0000000340)=@in6={0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, [], 0x24}, 0x7e82}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000380)="89e54bc890d71f15d1284e1d4db3c476e76999ebd8df2fc60644a43e848bd812fa175e83c612fdab360574", 0x2b}, {&(0x7f00000003c0)="28e4768454f00f7ab1d96890d2b42008eab936fd9f0913a09ac422", 0x1b}, {&(0x7f0000000400)="b4085ef8df1f2a22362e282d332ce806ec8cc0e2b6154c3b6fa0de8b664844a6025414eb2b8a366d687758e1236137d29b050156aae0cb45ab22c85b8b05d0719fca56c28e1c0b985baef53c5e4481c2b02a45bee98059399f94016b9f7ac21d16f6c931bd21f99767", 0x69}, {&(0x7f0000000480)="760bc5390b60304812a1af55e588446a5baf5d0a9c950b0fc2b3b5879428c9451683259b2fd21bf95691222d37a3de1e1bf7e7580e69763fc5546edb106a26161c3c264988aa3b8ba71a0efed529c4b9f5d3c40c7fc194b905084151fa3d6dfe373544748b1b406ead146266e725b8409fa1777dc895", 0x76}, {&(0x7f0000000500)="e75a75f0fa8098fb83e82acc329766e76592e4a0e625b20e9919fae6fbbb4a0dac39f360e1", 0x25}, {&(0x7f0000000540)="c864a84fee1cc28969ec83e965dbd95fe0a5d69787ee6f29e4ed6afbc3113ce9e7d1ddfe8251509c017261a820d08f5d6400c7e5dc339a035f682c6a62f79c1cbee723a9c7ec5367973baee8306d156c8fe7078f5aad39bdc0795cf1b7798f219b713e1b375603c75da5af46e8ffda02e109ac83ecd41d656930bde393846defcee9088f602f4470b9d17b70130a570986e0811b1a2f8e", 0x97}], 0x6, &(0x7f0000000680)=[@dstaddrv4={0x18, 0x84, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @init={0x18, 0x84, 0x0, {0x6, 0x86, 0x800, 0x1ff}}, @authinfo={0x18, 0x84, 0x6, {0x2}}, @sndrcv={0x30, 0x84, 0x1, {0x4, 0x8000, 0x8, 0xfff, 0x5, 0x6, 0x2, 0x8, r5}}], 0x78, 0x2}, {&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x1, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x6}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000740)="13a02d740f80912c5b8348e85928898332176c130ad3de595f4d79c83154fa882a08480fb21657871deb0e87010e2b7e824215c349a5685b76a153555e850d07e9045e0740b70748e078e70d134f74ca3d98c71d1754dd4771bbab20dacf54673685b7af9f118fc3acb40ebc6d01a120472ad07e0f016da5be969fdb6fe3d0fff6478bd892235e62def842c5cfb7435fe011c61f7d42908c675568", 0x9b}], 0x1, &(0x7f0000000940)=[@authinfo={0x18, 0x84, 0x6, {0x1}}, @sndrcv={0x30, 0x84, 0x1, {0x400, 0x7, 0x203, 0x8, 0x89, 0x3ff, 0x4, 0x7, r7}}, @authinfo={0x18, 0x84, 0x6, {0x7f}}, @init={0x18, 0x84, 0x0, {0x1, 0x8, 0x1d, 0x3ff}}, @init={0x18, 0x84, 0x0, {0x1000, 0x8001, 0xfffa, 0x3f}}, @sndinfo={0x20, 0x84, 0x2, {0x1ff, 0x10, 0x5, 0x60fec822, r9}}, @sndrcv={0x30, 0x84, 0x1, {0x86a, 0x5, 0x8006, 0x8, 0xbf8e, 0x0, 0x6, 0x5, r11}}], 0xe0, 0x8006}, {&(0x7f0000000a40)=@in={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000001f40)=[{&(0x7f0000000a80)="80b781abadace4a4efac69bbebec5f34368e8e3a45ad096b0d3a34066f026f1f381217351392fa0e4cd3ef", 0x2b}, {&(0x7f0000000ac0)="e1964dbb4120f6fd0a0e2c13973633baa242a7d4d2bd150ac2b2e6e024856f2c2b92ff1589fb43feb259d01f4a45fb6093b7c8b4b2e51e46126a3ab7dfa3fc3ef27cbb02fab33b9ef1c91144222899b03ab40798d098d42776e42bac46fab97a37c8a5a8df26ae8500ff328f10899139d72b49e053aae033ccfd3c27510eafe8fae518d272fbee370cef6da35bdf7faeb6c0b81c1994341de1e6b05f4faca4b2365b90dad5932482b931853fd9715f9e593bf62162073c9d6b96a18504bd024c43f187ca0b9d6bb41afc357383c5a46adda3c9a9da8a17f781327641224703c0f9cc0e67fbee1eefc421f86d63a79592ad84ac6d89ff31e491e408f9761552d8b562bcc8ee13eef4e258dfc12d5cb7d84f26257f6fc79c06f1b7a7e334d06397c5d60e200cd505c3f6606289e56f98f0801878b417182e3751e1d5cb7b1d9c5fb01899fc7c73b3f7ce74e5e87098804ffa5e9eeccf0b1e755c94f42d60b5c280916fd2f363c1b7c4fd5b16a70a249e5ab7d2399ba074e60b2dfadcc8636cfa24f050afa0bb10637842e9a368b124f0c67f4468e2358de1b8f2feda51c1f870d4bb785d8bcfd2444fe532970486e5325cd8624b04e2697c81506bbb506d7f5cf2fbdf46448c5efcaeb3bd608ff59f9749bfef630dd11e932562f36d29c709afad58ffab34327a1fb48950458689c97ccf18fa0d02214617b8dab270980771681b956f160e412ab93a9636588a56c5149d18813965a00f15b19086d3f468afc88f6da862a8fd42325fa2ab36968fdbcd15c2468e90cbb981ea67e60dcc44d15bf725b6a606ef5cc637a25f1c0ad2eb200c7fe92ab0319006ae061a48d51fad5661e64819df0dc608288388a88b63946f65c33843a5b078cc7a77e33c3a2d7951c9edb6e7c296e4739864fd1a260d5fcc8ddcb8046186da5776e27ca1820bad62e3433a476395702cd3810342fd795ba8ab89c2112e24a3f9ba3411dedefe3f606a257d0a2a2a91ee7c8183facbd9feb9341d45c099ee6c92c9acefe5b29da587912fd8c2d508c055a015d097c90847b7666e111cc4c96797009b3aaf94322e7cb22aa9d5e39645c9d0e960f14a096710c2578b9179157ec724d038bc5d485912588fa04c45030bc32fadc6f957b90d19a53337513d32143ab39118ec58de929cc6e1d1ad897eeaa8460b5f537073da64087cd1242f062140571bab59921f24c3d56e3bb119c41f84e806e5db7531d786a6880bc789a7a9ccfadf2b6cdc5bc72c353bd259507ab63cc3dbd96c22a9c56ad1e1666bffdbc41cc57a39c99544aabf7ca575b481d539d125eac865121a8bfd5d41e227176fb4e688687630a3b33cdc3a1a5cb674efdc68f6164ab9e8029c9a173c5e18ab9f119c1b775d4b5e37d323a985cde67caa52e4d4b34f5796d78e6c07d698baf763ea78479ef02158c1791c72decb9ceb960db67d32333e357a658b541576aeb84c12c71a3ba5b05ec966590ba19dd01dd7122d7ae231c8b1fcdfa3d248f3ad1d63963126231befc16069bb72a5de6b84b851c9c304d79f76225a62b5c1eed4ced095a383f87cf85be1dbf5f97892e0655abf5cd78e7436af5834c2dc57a8a05228dad1156edad94424f966f44eebb4c4ccd9086fa516c1fcb829dcee7bca622509fba0a3a9e8a5b1f304bc8f88876c5b5ba1fcbe2496439b8164b63e66d026e611dbe8d73f329d84c071ede3a65ac234dd77dc6a111001943823a1a0735e0167edbb56dfda5284e661536687ce2320af9012aa0119918459bd0361ff61892e6c5601c8c75155d263443a71af421dfb506890befa4ae1ed9bb46a24a534eff9c18f8fc7ea8f10113c75dbcfb0d220a0d8493b8f489d3570895d829b77516236be8a69dcd96ac7e466568471d2ab0ac8b6ddb93747f6bae4f80918cf2983c1a234eb505164fdb36cd1a49f0d8d5f97d16a1499668de3e9c602c2f19d4c85090cf6e421e42c104ad27e096b8d527ca3eda35dec097edc683292513e9e992b9f28e6d9068d9a88926fa08e55efbec02853e10fb241ab03fd58188b570d3861acb7737c9cf9186a7d2963c0443a257918eaea0696c4efbc1ba8ce5b461775ef6de369ddaa72bc957eed5c5b6458dd72ccaf7c1d297e32b847742dabcb2547ed3a22fc74acd8243be227c8037c800775160b04a62727b390b667edee4197b29169346a044f1927707b85a1d890a43f02eb64e99df886dd3448f914d90ff30b0eebcb40eae65607a5e993a85d802b204437dee1116f3e9029c25ebbf4c38c476a65022ca15600d6371813a572268aadf420ad3842a2cd84973be8e7372ff422030d4f1e7ddbb4a132944890691cfd3fea5527e308119cc75ed9fccf5eac3dd5452ac1513a8f132d99cb2a93fc0cb044779723e137a2c99171270892faf10ab1ad95f72377b3353a27fb583af4815185cb41121232d874888ca12d8298832091cd1a6a13c4d7ac33c9955fccc7c23a6660a332b042e61a18d2577aa6853853d3a7d5f1b978bdcd281a5ef96832685badcf5a957e9e706bfcbb7f7ea82cbabbe7d79bfc1ce08eff67e62d3b285edc253d0d539d12e2e0b92b377110bec47931179e035251a5f4d76030b92f5a673f97c12f2f9a5b5394e77099294251acbe808daa73a334e3da378fe5fb25a3f56572ce6565b66abd60504bb825b4c81096cbbf9deee23cc8098c5c95a9785dc206e0c642a4e599590d2351d7a31da51204934fa12114b24de5ea078f43405354d07ee8df0ee09f0a72d60ae87ec433abcb3534061acc0f318906c744def9ad31087e69487fff0bbddd401923eefe1b2b92ced78fd737f633170584d35f2036ed25d59d35babec800ce55889bfb28b10b665b660589890bb6d080a2aa41f709fb75f614fcfbb6016bba68d125727784c040a1bd5a87cd121a9789d57ae4e23fed67df35ffc28502b3a47dbb828ffc976e765214abf1bc7bbc549d4fa925ce6b231c57a3e44d7f6f7b232690a8a5e7db268d8784fc512b0e082bb82252c0f246ce2dc5f5a4b677495c0a8dc7454de814e58d1804379ad0bab9d687c0c63ec68d58b4d6cdaa01d77f354ee7c1a58ebd516db512eeb10ee4cf7fb014c93a6b4b7b263e25d7867f0225218b7513c9edfe3416e018e84ee13b81f50b480e23fb23365935792a55b3520eb1fe0e9e032dc530dd252a8176989d7de6717f73ad6c7e673729d2b82cb7bb4007d0de645ecf2e7ee32bfa1ac7f60cf95713fbef53c58f25bdbbaad3fd296bc1ae7f61f1cab3d3f2fa0627a3a9f31f2eb4a1f490cc7eac6b0612c66dff6c9900eb8e201677a8667ac20ef9ac4f69d54ada5fd74651e25bc359a9dcb3b7dda1ff61d66c6fa624cb54a477f0fe78d506f72c494c40efa10d1a43823a56df91cfc97f732874a1d1691f0189149d91a1d357d75b7174f5817547f00acb2558d4acb39b7301bf32d6fc8a068acc74d1fc537d730caf177bd4e925910477411e4b6937636721adf37dbcf83aa6cbd04a2ab4e5ff591a5b0eee91f49a89ae7e4e044cf8e245570033d8c433cd25f5161837f01a173e5ba3477b8b8737beeb6d255c31f78a0ac35616cb11916bca7973da41690825f2d76da79e23824f6114da28a796176b2e1ee36d18f93af0f3f0b0edca389c4ab447a6cfc46105fa786f6f22a9fedc0bf5ba187fca99d8fed5e956453663cd18f113f37597de54a097ab2e670e31d5182fe772427a93662ab510e23d40e957cfe17917b19e2dc7ca9a8becfa2fd771b2951a72b26626ce5ae53f94deada4ea610949a25884105686e0be145f17a486fc5417f403f118e3be431e76161450680838c2aae400421fa75e2db0c1516ccfa0999d58bc62b010b218897392495a72621c89746ee5c38a25009c7086c17310f08d2060a8f7037681b38ee5181fbf06ce69061d3efa651de8a3f39f18f0b72569ffff013104cdf83c49ac9d7b092cb0a89fd3fdc2624737cf91a100f3dc668a949b05a15ba6d23962684a62bc63298b22b43c42df914e52706a1e456440d8e99b58534ad395f43f2a25fae608c026e54e8b696884fe32d102d08e160d00776a9df65671c3a316c17f9ab27225730789e9141e3b38d19f5122d5880d0ba80197d731d344ca849028cdf13e34e0195d8c13a626e7f05fd22ce021523e0177ad8f79811fc04abfffd3647f8d0e7d35617ee5d39b68d65fb5718d9af6d654b814b13f74a869cfb054e697975da686c7499818edda8df9ca7cf392ec6f68046213dae58a902b45d705c4143a9d2d1159194b6c610215e11d3ef4814cd8e6bac4d25a79cf2838f43b846ca7b517c59c6b6d2a3219177ad61a295efdb48acbe9e5419017c94cc77a7e5b81de9b61ec2aa8c266e3aff6148fec9b6dc310e69967085b0bd179b5701aa4c51b786580377d545bf027f7fc9ac65e1c2bfd1692204339b7b1ef11e28033968f9d9b7b43685776099d5d7464fe0fe62565239374db1abb8a73b707f88c53310c9045138676d744444c4c1ed7a3082c8a8ba13d6161dedef66981cebea6b28a37d002ca7797756444c6818d75945729149f6b10aef41caf0a7aadcd46dee36ac6df269d7d33163d0fe492b98c5907fd781e81228457d55d39fb2e325f8df31f98d7d9d2814d15a94d74e32e2de9b0562e8ca5d24efd45b5df15a083560507fa01fc37a0c3effb0a2dda933b7a0d38375b2bcad466d816083a0ec4d071d3dd862adc7786271d144457a3ada13dbbad3e0980817a0be8ad9eb8b2f4040f9f0b93631c2051f6feb8260f2a75d797f46a7fc1adbe6b0498283479c5ef27f82d9f93575975a9b30d2a6fe96050c30fa4e27acd5f2f3d7b3745be019e396216c0a4e22088ce6df6303f4447ad28f449d81da2847cfa6359eab6b02edfa59f69aa38fd6bb4b09b24692204c445f4eb3642a4e45b39a090e08498edcfe2bdd7fe38386deb943a1d82d3682438f48ecc087faf82bbe8b4afab89db18d5e71566fd56de98254510c057647032e94ca154194fecc54c79f82b1182c4c338c6f602ee78a9af29930b32e0cc33a634c5e93bec2c65bc6b8e972d7617a70fbc6c4f3ba549be8d1df2c3277aeca05fa052fc9f5d6a9e597abdc8e6ee2c80271e3c2e3dcd8292b2031dbb1fa81d42c7ea2514f61af1bc4a87e469f937b1c38b8088f99e108c2feeec6863d530a104955fabde06a2cf48c9f2540dff759df36bff01299c8a8a233dfcacfa9129a5df0725e54d3077a6ac3f50e399b4075d399b4f1827dd64647ce2bdfde17b9ad63e12a056d7a13a2f09542868cb42bc67a2d9b5b356d76b69d83481f7b5e4f838fba28a2c5721d50e1f5dd30f27aff99d8ff398f0fc86595cb1bb1200fb3a2583cd20652105ec0905826823c78371213543679c6b1a5ffacbd923964e4370c386e70989b9546b9745a2bd4f94a3ba27fd7c3e20e1923019cf962b9b922c14608d55b7f34e26db95ac4736ac9f14477e5049d95bcf855b2c508a3731538f4a3304d5cd9c026b5c277dd9c13ea8ef0a1dedd222dd8aa96afb21ebbd47be852de832bcf06613c474ab48c38b1ab63cc9ae47a93fa4237b4fda7f5572a569db341d89e14a0eada2665738c82cbe7d260679d74498b919e95ccf8339105c70358fb3bf8349c5c5f0bed1cee33d907c69e614c20ab8d7907ecfcfdac260ae9e127f50e6d78c390577667b4de4a693b134301c3df7fc40c38f6de179f13fe6a17d1ee038e1d6a0c0e4465e76fe35380d635425dc33fc000bc16e974102ee1dd363a7da433a07ac905651a29faf355d36df24f55c", 0x1000}, {&(0x7f0000001ac0)="479052a4cfb38d518ab2268d8f21b532afae9bafc95252145042d79e3ca62b9e09b4233273446d7cbc5f6cacef833326fd239fab1816d7b02a7fa1cdf8c80d94920559d4d12d02544adbd0d7509406e7c6c6959660de574cdfebfc449042785db64f69bd6ad6e17ddedeb7b54ea74a92a0c2d9ba79d9d0306e4fc9609db1ff873deb6fe9eaebcb497a9dcf23bc9e2ebdcd0f034d8bcdc0f5c66a6c41774a04d1bf63004a01bdd0a5f3529a8718586a64b596209f17a4b5b5bb9d871c4351d78d63a201f09e8be0528d425ed6fb451ce28df307138eb941227f56847b1ad431efc79d49aadb59bc331988fe2b", 0xec}, {&(0x7f0000001bc0)="52d7adfc9da0962b56e8161f0f7d1df0ba0367c1bb7bd3312c121bd85cf1fefee443696561c32d869d7939abc41d82b9a52e3607f7608565520f8b685b6b5d0b4ca3f5be29b5dc6734ff2e81a2ef561f9e415d1e6a853cac26f49a4328b40252c7e8fe9c9f768e7c97f80402cd538fb5e87af7df652d8c7ae978f34c899a4736c78491e41605a0838092265d08ff28021917fcef2945b00b24c0b983ce356b4d02f29912edc2ab29743984babcf6de7bb866370b253949157e7af3539ffd68b11896330f490e8cd886e2bc00e13057fd8de00571", 0xd4}, {&(0x7f0000001cc0)="4a1e90f0bb11fd8e5f8430cafa3ab9cb4a5e7993bc351a93fe36cbeac28a4c9e16b2570f0a43ff6399f6df866f178e18e9389cff9cc0361cc564d1a77cd6600144c968676705e60957f53169e30f9f2166e26143371553ee3fc273b04bdf520313281a9719e3a5f323798a74957ef596bd72b664b0448f685d170e128c002ba3f93b97a709c5dcf603b0", 0x8a}, {&(0x7f0000001d80)="be1aba9ae30518909f9c6cee99583ba36c5204e006491f9292ee09c1649715a7a9b77fa0ca2c50928930c5e53f7ca7c4585a721d40e0fed24d8b324f003db6a707401c6035a361867b964300e0084c6de31ac500744f095b0b50fcc6427efcce6c039096f46a7638e4e176c6676700f1791fef0ab6659a724f897be99e50b9bfea7ac5bab96e5a5059c2fd159d6fa0b3e5258514c4fb49b678d44951cc46cf384e580d93dc1cc450818e0434595adfd171d55ebedc8a3686b418a0807bfbf146937b15b60067f083aa56bd97bb98335a819a8074f425bf19335a70d0ccb67ac4d9999326937f9e1333b8d6e2ea17d31f70d7b1c9d7fbb490143363bb34c40a", 0xff}, {&(0x7f0000001e80)="57fae251b6b686e3ccb00617b64d7a914ce7acffdd74819e9a503102be9d669ad9a15a40f4e3af15a8aff09b9f0d082f1cd2b05594abfde63c1289343ad07934c2a61d6e62a0c1a3abd1905d5c212c44ed4354d0e6893b7de80be9dea5ebe472975cf87852d7af9a06e5403a5e61fcf87d790fe8b700d32b173d4af84b16f61aa3709cdcc2a371788c95019a40e2049a85e97a72f128", 0x96}], 0x7, 0x0, 0x0, 0x2000}, {&(0x7f0000001fc0)=@in={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000002080)=[{&(0x7f0000002000)="f571986d8c0ed070634eea3f1ccb8c6928dffdaee4a0998b18b70c162e60806c923b1ec53447f023018139b641c785936e144ce5deee87e2f534c759a79bb779051078af457da289e2139652cdc17087eb", 0x51}], 0x1, &(0x7f0000002240)=[@authinfo={0x18, 0x84, 0x6, {0x7}}, @dstaddrv4={0x18, 0x84, 0x7, @empty}, @sndrcv={0x30, 0x84, 0x1, {0x5, 0x9, 0x8402, 0x0, 0x6, 0x80, 0x2, 0x4, r13}}, @authinfo={0x18, 0x84, 0x6, {0xfff}}, @init={0x18, 0x84, 0x0, {0x7f, 0x2, 0x3ff, 0x7fff}}, @authinfo={0x18, 0x84, 0x6, {0x6}}, @sndrcv={0x30, 0x84, 0x1, {0x790, 0x69, 0x8200, 0x1f, 0x852, 0x9, 0x200, 0x9, r17}}, @dstaddrv4={0x18, 0x84, 0x7, @empty}, @init={0x18, 0x84, 0x0, {0x6, 0xffff, 0x3}}, @dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [], @local}}], 0x128, 0x4000}], 0x5, 0x10014c25) [ 497.287247][T12302] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 497.295231][T12302] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:10 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0xfa00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 497.713040][T12302] memory: usage 307200kB, limit 307200kB, failcnt 92 [ 497.721639][T12302] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 497.758682][T12302] Memory cgroup stats for /syz5: [ 497.758957][T12302] anon 308658176 [ 497.758957][T12302] file 102400 [ 497.758957][T12302] kernel_stack 368640 [ 497.758957][T12302] slab 2142208 [ 497.758957][T12302] sock 4096 [ 497.758957][T12302] shmem 81920 [ 497.758957][T12302] file_mapped 135168 [ 497.758957][T12302] file_dirty 0 [ 497.758957][T12302] file_writeback 0 [ 497.758957][T12302] anon_thp 274726912 [ 497.758957][T12302] inactive_anon 51433472 [ 497.758957][T12302] active_anon 15335424 [ 497.758957][T12302] inactive_file 0 [ 497.758957][T12302] active_file 135168 [ 497.758957][T12302] unevictable 242044928 [ 497.758957][T12302] slab_reclaimable 540672 [ 497.758957][T12302] slab_unreclaimable 1601536 [ 497.758957][T12302] pgfault 35310 [ 497.758957][T12302] pgmajfault 0 [ 497.758957][T12302] workingset_refault 0 [ 497.758957][T12302] workingset_activate 0 [ 497.758957][T12302] workingset_nodereclaim 0 [ 497.758957][T12302] pgrefill 66 [ 497.758957][T12302] pgscan 70 [ 497.758957][T12302] pgsteal 0 [ 497.877381][T12302] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11537,uid=0 [ 497.900227][T12302] Memory cgroup out of memory: Killed process 11537 (syz-executor.5) total-vm:72848kB, anon-rss:18492kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 498.114675][T12336] IPVS: ftp: loaded support on port[0] = 21 18:52:11 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$kcm(r1, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x68000000) 18:52:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0xff00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:11 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r4 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0xffffffffffffffc1, 0x20e800) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2f, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000060000000020000030960000182800e1", @ANYRES32=r0, @ANYBLOB="00000000ff0000006a1bc0fffcffffff18230000", @ANYRES32=r5, @ANYBLOB="00000000000100001800000008000000000000001beb9a38950000000000000095000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x3, [], 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x0, 0x5, 0x3}, 0x10}, 0x70) r7 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') getresuid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)) readv(r8, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000002c0)={0x4, 0x2, 0x6, 0x0, 0x0, [{r3, 0x0, 0x81}, {r4, 0x0, 0x10001}, {r2, 0x0, 0xffffffffffffffff}, {r6}, {r7}, {r8, 0x0, 0x3e1}]}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x4000000000000002) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x200004}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6f0a77bd) 18:52:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6c000000) 18:52:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0xff2f}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 498.906988][T12353] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 18:52:11 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000080)=0x1, 0x4) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r3, r0, 0x0, 0x6f0a77bd) [ 498.982798][T12353] CPU: 1 PID: 12353 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 498.990732][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 499.000788][T12353] Call Trace: [ 499.004113][T12353] dump_stack+0xf5/0x159 [ 499.008379][T12353] dump_header+0xaa/0x449 [ 499.012740][T12353] oom_kill_process.cold+0x10/0x15 [ 499.017897][T12353] out_of_memory+0x231/0xa00 [ 499.022528][T12353] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 499.028258][T12353] mem_cgroup_out_of_memory+0x128/0x150 [ 499.033908][T12353] try_charge+0xb3a/0xbc0 [ 499.038251][T12353] ? rcu_note_context_switch+0x700/0x760 [ 499.043916][T12353] mem_cgroup_try_charge+0xd2/0x260 [ 499.049139][T12353] mem_cgroup_try_charge_delay+0x3a/0x80 [ 499.054789][T12353] __handle_mm_fault+0x179a/0x2cb0 [ 499.059959][T12353] handle_mm_fault+0x21b/0x530 [ 499.064833][T12353] __get_user_pages+0x485/0x1160 [ 499.069839][T12353] populate_vma_page_range+0xe6/0x100 [ 499.075250][T12353] __mm_populate+0x168/0x2a0 [ 499.079867][T12353] __x64_sys_mlockall+0x2e3/0x320 [ 499.084919][T12353] do_syscall_64+0xcc/0x370 [ 499.089441][T12353] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 499.095334][T12353] RIP: 0033:0x459f39 [ 499.099331][T12353] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 499.118947][T12353] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:11 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$kcm(r1, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 499.127372][T12353] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 499.135362][T12353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 499.143353][T12353] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 499.151334][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 499.159328][T12353] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 499.238511][T12353] memory: usage 307200kB, limit 307200kB, failcnt 124 [ 499.249963][T12353] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.287867][T12353] Memory cgroup stats for /syz5: [ 499.288192][T12353] anon 308510720 [ 499.288192][T12353] file 102400 [ 499.288192][T12353] kernel_stack 368640 [ 499.288192][T12353] slab 2277376 [ 499.288192][T12353] sock 4096 [ 499.288192][T12353] shmem 81920 [ 499.288192][T12353] file_mapped 135168 [ 499.288192][T12353] file_dirty 0 [ 499.288192][T12353] file_writeback 0 [ 499.288192][T12353] anon_thp 272629760 [ 499.288192][T12353] inactive_anon 59686912 [ 499.288192][T12353] active_anon 15347712 18:52:12 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:12 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = dup2(r3, 0xffffffffffffffff) ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000080)={0x1, 0x4, 0x7fffffff, 0xf9e, 0x19, 0x2, 0x7, 0x5, 0x200, 0xffff, 0x1}) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) [ 499.288192][T12353] inactive_file 0 [ 499.288192][T12353] active_file 135168 [ 499.288192][T12353] unevictable 233656320 [ 499.288192][T12353] slab_reclaimable 675840 [ 499.288192][T12353] slab_unreclaimable 1601536 [ 499.288192][T12353] pgfault 37125 [ 499.288192][T12353] pgmajfault 0 [ 499.288192][T12353] workingset_refault 0 [ 499.288192][T12353] workingset_activate 0 [ 499.288192][T12353] workingset_nodereclaim 0 [ 499.288192][T12353] pgrefill 66 [ 499.288192][T12353] pgscan 70 [ 499.288192][T12353] pgsteal 0 18:52:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x74000000) 18:52:12 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$kcm(r1, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 499.812581][T12353] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12337,uid=0 [ 499.869048][T12353] Memory cgroup out of memory: Killed process 12337 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 500.368522][T12395] IPVS: ftp: loaded support on port[0] = 21 [ 500.742028][T12353] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 500.752492][T12353] CPU: 1 PID: 12353 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 500.760376][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 500.770410][T12353] Call Trace: [ 500.773777][T12353] dump_stack+0xf5/0x159 [ 500.778037][T12353] dump_header+0xaa/0x449 [ 500.782395][T12353] oom_kill_process.cold+0x10/0x15 [ 500.787606][T12353] out_of_memory+0x231/0xa00 [ 500.792252][T12353] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 500.797887][T12353] mem_cgroup_out_of_memory+0x128/0x150 [ 500.803511][T12353] try_charge+0xb3a/0xbc0 [ 500.807881][T12353] ? rcu_note_context_switch+0x700/0x760 [ 500.813508][T12353] mem_cgroup_try_charge+0xd2/0x260 [ 500.818832][T12353] mem_cgroup_try_charge_delay+0x3a/0x80 [ 500.824456][T12353] wp_page_copy+0x322/0x1160 [ 500.829138][T12353] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 500.834785][T12353] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 500.840413][T12353] do_wp_page+0x192/0x11f0 [ 500.844880][T12353] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 500.850616][T12353] __handle_mm_fault+0x1c07/0x2cb0 [ 500.855754][T12353] handle_mm_fault+0x21b/0x530 [ 500.860514][T12353] __get_user_pages+0x485/0x1160 [ 500.865576][T12353] populate_vma_page_range+0xe6/0x100 [ 500.870941][T12353] __mm_populate+0x168/0x2a0 [ 500.875525][T12353] __x64_sys_mlockall+0x2e3/0x320 [ 500.880542][T12353] do_syscall_64+0xcc/0x370 [ 500.885069][T12353] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 500.891010][T12353] RIP: 0033:0x459f39 [ 500.894967][T12353] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 500.914566][T12353] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 500.923008][T12353] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 500.930982][T12353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 500.939088][T12353] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 500.947055][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 500.955009][T12353] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 500.964842][T12353] memory: usage 307200kB, limit 307200kB, failcnt 158 [ 500.971754][T12353] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 500.978868][T12353] Memory cgroup stats for /syz5: [ 500.980559][T12353] anon 308305920 [ 500.980559][T12353] file 102400 [ 500.980559][T12353] kernel_stack 331776 [ 500.980559][T12353] slab 2277376 [ 500.980559][T12353] sock 4096 [ 500.980559][T12353] shmem 81920 [ 500.980559][T12353] file_mapped 135168 [ 500.980559][T12353] file_dirty 0 [ 500.980559][T12353] file_writeback 0 [ 500.980559][T12353] anon_thp 272629760 [ 500.980559][T12353] inactive_anon 51974144 [ 500.980559][T12353] active_anon 15347712 [ 500.980559][T12353] inactive_file 0 [ 500.980559][T12353] active_file 135168 [ 500.980559][T12353] unevictable 241078272 [ 500.980559][T12353] slab_reclaimable 675840 [ 500.980559][T12353] slab_unreclaimable 1601536 [ 500.980559][T12353] pgfault 38379 [ 500.980559][T12353] pgmajfault 0 [ 500.980559][T12353] workingset_refault 0 [ 500.980559][T12353] workingset_activate 0 [ 500.980559][T12353] workingset_nodereclaim 0 [ 500.980559][T12353] pgrefill 66 [ 500.980559][T12353] pgscan 70 [ 500.980559][T12353] pgsteal 0 [ 501.075260][T12353] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12350,uid=0 [ 501.091821][T12353] Memory cgroup out of memory: Killed process 12350 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 501.112140][ T1062] oom_reaper: reaped process 12350 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a000000) 18:52:14 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:14 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0xfffffffc, 0xe, 0xfd, 0x0, 0x0, 0x0, 0x4000, 0x6, 0xfffffffc}) lstat(&(0x7f0000001440)='./file0\x00', &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001500)='./file0\x00', &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0}) accept4$ax25(0xffffffffffffffff, &(0x7f00000020c0)={{0x3, @bcast}, [@remote, @remote, @rose, @null, @remote, @default, @netrom, @netrom]}, &(0x7f0000002140)=0x48, 0x800) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r6 = gettid() tkill(r6, 0x3c) fcntl$lock(r5, 0x25, &(0x7f0000001680)={0x0, 0x0, 0x10001, 0x3ff, r6}) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000100)) r7 = getuid() syz_mount_image$erofs(&(0x7f0000000080)='erofs\x00', &(0x7f00000000c0)='./file0\x00', 0x99c, 0x5, &(0x7f00000013c0)=[{&(0x7f00000001c0)="76352b736985802d71db9421d35213802eb1b8d11176933042b0be4dbb803da790dbd9f221a61e3b0421491f5ca562989de6d87aff429be3b50a1cb4a9bfdd367954ddce11f4bd2dca927389c66a463d8a6b717b405878174a2352326b460105ac87242b798dad569542c48f002928f67936cd4ee31b43a325a4ef77836ca11bead69ccb0a8ca4318da6b3d4f4ef4814c1ba25a718bf67631c5399dcc51b05325a909cbb988e397b40c38864120276bd47df4c5e98e71b790a9391bfa9d9c9d09a3b27da1bde61d2812d1f3a5da5d4bf8f6e48c2765674c7106a1fc7b664", 0xde, 0xe2}, {&(0x7f0000000100), 0x0, 0x97f7}, {&(0x7f00000002c0)="0dbeaea4a3cc166c681048fcebb8bb988c2edfd87cb3ce2b47e7a2654a6bcdc528eda95862a4e735f89099439065a6f73dcb474f60e8f48efa95aca6e1f70260b07e43cb9b758f13a8b1eaf70acd90bd0dfb979c7ff2fea40bf4b1752fc39a8afdd21838fd3184c65de3b81b1c41af37a3cf58cbbe10070b24c077ecb04a32708b515480863f3c3513de0cafffe5619c37e4c1ce54de274d60b6fb4eeaa612209d9a86f2727ea12b681ea9b7920c7e94f9f990ceb288ba692d3fef1d5b2f771b1f6dce79cdb45c49f8f3cacec7e64125be70602ac4032ab40b0f003253b17c160c5eddf0299a375c5ece9772dd14c6b813a449947b56dd414519", 0xfa, 0x9}, {&(0x7f0000000140)="3fb801894b25760965f8392410c349ff5c0756a07e7cc097e4c2b4efbe4def14c392ed4ce99d413d811a2c", 0x2b, 0x94}, {&(0x7f00000003c0)="778ce86a9ab1ed604ba422c29287e6a9d778fc36ba766d668340d3df562cdc86e7891e1c98c7d64c2d9555a0a3b6dc5b1802eb0842dc1d53a5f9c5fe675898656f0d19e83136cc9b4af26809b546ecfc01c0c559e041b49341260b62acf773bb8b6186556f836f489ccc391636265db20ae944010a76d88563faefeeaf8e441f3c1014b52e88eff51d78f00f395109e6fcac0c9c9886f12308b79c4698fb7bd063f620d9f81df2c4411d0e73a18ca3cee9a7192c8e7ca24d3d8818e117ea8221b640ea3052bedf869fceec5f2b64b1f898a9771d0a3534349beaf1a3c3cef27dca0eaeda1c686ef76cef0fa7974422d0ab120d8040bd8c858afa75ca30a1f4bfcd17bc7b9a27efeb2d8de9579911396b85e1acaf21fe49ced1d66924c6fd87dd3a397b740a819cddcd7e4d918efbd0a89d53f22f6494b28e08c521847f7c328f2a434ad3aba82789216b21b3a8bfbb3d4ca405a98274c632424230335004a6d4f190ba5b058623ab96a1d689a67792e84b9f0a373f668e3cd85ad935add2a64fb1aff439b37fa59b1feef8c207e88c75a4036df86d49a431a4541cbf68051019ee08d0cd1384363b557942ee9a1981ba0c980affe6a81cd826dd54f23570e082f53608d027dd67485f5d26b368095c00c2e1a808d90a51ec0533c7e5f0fa163ab301d7b70c289164acb6095e713d9ca6d91407a2a4ea2f553891ae7f08c20825fa601d1d8173103e01a006d3a720cb8ef729758a130c0404b2e5a08da12e8c8f48c626c6de233fa423b902a9ddc787d303b043e16c44a5aca0167daa99e49c4f255eebd6f2198471dcf8dae5166cc81c2d6b80cbeed7464629b68edc784b3432ca340f9f5b6fd512d66404c3bb36ad7e4dedc775d273eda6ec69802db683fe7a7169bba2fe15b3bbd22efa7deb8a2ebe529db73615d1d34a95e5ed5f1a9f4dfc82bdeb9f2e3ae5ef240c5dd105540112dab461b00ec718776260dceee50dd40d1c92ed798255f0b9a560f48b199323ea6b3a3812460062cb424f4cd542ac299910d796d791c9ff6e64f5420137f9e112e6bf9d6f3dfd4b991b49fca259ec0dff9dfaedffbf97af707347054f0bac90f1cd148cac9923c04ec61a821dbe294281cee15ac848f293a3d29f45ccf253272539bfe331fb1358db8e155dc577cf4451e2b18b5f49db3b129cafbe15eebbb4476133df2c947e9e0e6b51c20a860b2c9633e9e71bf2dec373d4120d27edb2b6b91476e4309ea43ea6e94089cac04213e8b7c961d1f66e51bb2439fb0f28862c9cce64982037b0a4bb81f3b27afa1e1a58019c7162de3c5af4b5b698951ed6dd9aa087676d13f56c27315440aed5ab29f2a2950f67373273ae1938ea826678f51fac26ca2de01092c9147f95a25dbfe3d4996073eb92eb9c82b93b1253bdce21cd9c7ecf042136faa4c381b4ab064813cf1ab78db1f47439a0135d3796bbdba71a97a7f9d3a8db70d54ec73a3bc0ec2e8627d5e4b489006b20acecceea261a2a046277ea34d299df98d79a8535c6088dda261077f0598d7705919873ce0313751e66e9532f4a783174a44a2fc7d7f7e0afa87e50609fa5bda0ae71256a2b519923c0a974fa28f7e2765975a0af567a42ff803b3dc254dd486160ebe9669247161799fbaace159c1bf1d2a2e494f3c4d552fbb93a8b39bc2280b45cd8c9e7c23a47c482675f3a248384aa439210e15308a7cfb027c2dde908438c3617fbe4832976df690ae2da24d85f179966a00565f3678968c9c84393cc64f80efc802c8c7d3572519689bc65363168a79a2df30bcaa48a881dfe3e06251fb12152ba00075aee847c689c780cec9b01ef4c1da490e9c3ad85217b2998951535425354cee3d79ac05fe82ab4eccbae6ff9c210964fb33bdcf94e7bfdd108448e199bbc2fa81b749ac480b4eda527934e8e3acdbb1113131853e912c7f9e9a4bca99a3b7367e9aec3352bea8360f384ba318fe3936dd367051a71bcecbb9ab5159e4192027d9f7bbf646c39d5acb9d776bdb06035d799f8c8245af3aa51aeb7a190b7d34fa80c3785dae6cf0ad8ca8dd176675fd413586e31ab9e5a3efd985796b86b7fc3980d1c1eb3e1c5671b8ff1831500d83ef86be13f413b01502ce0fd9913a98e263202c1cc22890079e74f4e57aa89f69e47e57fd2e3b475c6175aebe8003db903d0a56b2cf2f531f4ab2e5774f1cf286629f9fd8393e39fceebba05d4eb71b2959ab096e977b3028cbb62a994cbe4b113b1b871fa344b7a16506f85e9814c80deb81d50b9acfd70b2f876cbc543c5a1054377362b2775752927453af18525f6a9632baaba122791ed37ce376cf6e55a27a2ee1084a7e9b4ebef80a070881bb5fdbe7136dff04e4356cc54724f9ad4089b9057c68c3654c6c64db14a6fea8cb474abf5ffe11b53a46cdbc65202d0578fcb3058b4b5d63a8674c77879fff7e092b16e371817a5a5c6512174f1cc3767c2f905978d575b7535a3af7df0dc6c7b9320550f04dcea10519e6b1db2a07da79d52fc84fd7b07adc3bc9b6803aa307470b9d98fa9023a43ee99499b042f7a111e0d0b78751c53b4d31afceeba8d8bedb4ab8fa0d8678e75bec4a74ad29f3a8b771788023affb340f695591f5ab8914b113d91e72ac290be08e04c82d72d84ae408ba95ca7d8d7aa3c77d81827ed17fec5a85f31fcb293c4ed8115c346293da2c9879227d930db8e502a834c047abf4ab33dfe3caf706cd29ea1b79eef993399b205b1f94e2f2e6c4c155e10e38cea5703b0b604f28a0deb426bede100d9aab848c587be0e53ca2d1b9e557f83fc9c0ccbf7b4de1beae1c1bee6684b33aa8eda74ff84d63d3389629282ecd6898f0ec96a3f998156f1c4944be25c86f4ae8dcdb16bb94dd72837debaa34d23be435751f7455f3309d761d6b79b87293a7a119048831247c054a09481ec32a132bd9bfad5b71a289628fd191beeaaee71cf8e642cad1671e01aa28fc6eaa4a5e3e548c9b1aa1a4ace5c88b3b9dee5a777054188ea582310b90e760685203a386ad86a3eb2103115899acd099fe7a52f8c19bc3f64efa25cb490963392d93c1a97319bef386437281150e4dd1a0b8c2ce0d05e705e65f57037e4bce7e9ef103d8871e6b3776b2201b3fa2d9e1e458b2ad527518c5c4728ed301900821469b128d286fea161abf03279207a5c1b526d8dec79e2f6336de5c562c3d495adae6708bcbcc644d83371bab52d82ccb85ed75e2524641764fa975f0d8c468a5a9994a7f6de3b41415d60b92ff37cdc4a9569a0258f9be71c279e13e9e012e84a7f140029315ba341b7bb2b5f65fa66e6a360236e6a245df4da4ea87ff19e33bccb6b9bcadd4b218481bc1b4eca2af32e32085645618ce51bae2e17c5d50a4c705446e952a779b141c3e7cc12f35165a0cebc3f68e4ea894bbd89a632dc4fa1249cd660bc180671ebf48f7bc3430655f73a230fb9d2bc1307c1667227c490da73732be7e4721b70aeef4c2032c8a2c4c73671e86b0c20263e21c8cad98ba46916f65db217ed251635bc7824a0c4deee03292cf7520f29c728f4d2ca6355afcb869e9e7107abc4953432aa9435cf967237644c56a2ef55784a8a2cbfeae399cfe2176fbaea107b67c81bff89e91b7888f6487a9480a1978306c91b6f0cfa20977aa015ec9dc29b66ded006b9fdcaa1d0ceb2ca47abb80cd0a2c68df85fe8c78ce9d279e9b37c338f9c8d5ba5994486ea1618525f4958aafd8d3ece944485a8e4977b55c7999db2842b7ae138ef27abc1e8f77e80636337c235540ba821b288d351d26feefc03dfbf4065e61fcf30f56a8fce8a47304b7c321e02656f9566d2cc3f9bdf07f4029b6ebd210c34ceb0774ab9591ba2ec25fa06c9d100052ea9ce27e5026edbc1d54ad23770375165a7944451bc25e9cbd32d8906d7182db436f770c74044c429edff612c601ce31a4732c9d713ca7f41661b23fa2aa2e178f2b67f6248a2d4c889a2cde46d8cdfb91782b7146d4145e13c9dd8aff10830a3ea9d8cf2a7704c1a7e42f92ef7fb959087563ceae72d01667fb9cfd4c395697dd1604e7f35bb870472fde40313814225e1b580ebc0319f0e1794988934ec6932dfcee183aabf493e8499ec5aeef7fe88c162f37a001b7b563484ceabc98eca180110f640fcf8a7b1bf077979f0806a0e1b196e76b1f5dd582160d49a8f0d66116d63b236fb6a55257c6d00b4db1db33abf5a00fe47f2246881e7b71cec39d209d9fce79f00426d4966d73cc9b19d13f9800e6ef6a142d6c0ab5f9590c116692eb449b8e0271ce201d245187d9552dc70ba8befaaeb4ffe97e601062392d244a7ab22a63d02faaff15dd6c912474bd5a91bb77eb5d3300de1e8afe1efac38656a5e8198ae722058320653d2942715a8f481d8a1b61f9fc35c43466aed01c15eea3f52dcdb895935ad2b14ed017e58cb38134497b3cb8c5d7659eb476f2fd36b25bfb197975a7b1cb08a7f5cb389bed684aa68c529fd3f3fead607a0b5765d04f8a958dd938fedb83df29b629fb2838c95bad2dfa80b44a45fbd8faa3f06e9df53d6a80341f09ba95a8cb0fd61f634a7aa975779ca885bb3add079fa3f82706239e3a4f17c540e8bc11b051332fe2428fab59be5df1d80a6d181280c90d559bfc58154604066903eda9f6ba0fb76e0e599231ed8876a6f4d2e7e05631ae304e7434387cb8b8af344003355bf282fc6a1f41ff6dbff58a4e6d5eb64a09b134c7a7e77429c8124aff2e32bbbe75126fd9d0dffa2d354d35ceb2c609059a9ad55cadfecf2a0e1fae3c8b05ba572cb0ae5dca61d0929efa6089b9bc84e0f18a460d1bdef92a6df55a055e61926cfb5fb0f8c83a876c605d89f5d584d622e4dbcb962c022375a6c9a4a59be2ccf3697b10bee8c4ee543c5c1915437f6c16f26341b005ef5085115639248165ca292bec1480ec1095693c37290aac1ee253a324e5f67877978db238ad1993846bdd4e83781f8239bd61ef297cf65c045eab1dcc1c83c290aabdce1d8c53265d8faa2fd114067dadfefcb113644e9603a74052f09ddf153fdd555d3f1bf94c99b7fb93e38973fa79d4486137dae5cc6e8ea72ab6101d07af10795db42c6ee4dac272d51382645fb8de5393dc3fb6f9d42c14ca868902b5156b882fb71b65ebe71780eeefb8ac5856bdc9d8b31f97bafb261c9049d4e8d88c8c3472cea55faf972926156637909ec756e487a1063813e96fb167bed617aea054024382531d264ab1ff7566365aee499c3ed790b5da69d0497bc38590ff62ede2bc1cc1ef63e804ce4c3ee7eff5313a38cbb1ca1c109a101a411c1912d6ece72a0eeee3e8e4034404ad8c4f025e412ef3ea2d963cabc6f40e7724b463c79a17c796aaedf500c585ba889635f4d5ef6fbe954e7257c24f0f4833aa8e7f0933d83e231bcaddf9e751137d6fb64b08789ab77a0dd2fa56c654395be3caf9ad0224b8ec0da22096f77cbfb1d70cf89fb8615d6e6b25ce8977075b9b803aaf8ecc74fed269fcd02d50f09e2bcc2894e2a4f702f40ed6abee4dcc3d593f1f3e3cd090d3767277e76f9ae04718af8cb3e42ac7ea4c3a0d0d12ae65d122e74a3ddf8812f11ef6c290246acf97e4c3d798b6f798dd895f895115d32f404c8a5ac2e459bd739a5e85dd40e01437762c61d35b61337081b67d5ba9207cf5bfc674e50bd43a64a6c11bcf7a822c8d0590dd01eb0164438a6c78d9ce68d976f98957e53e6064949aa3c23bc88e83f777f235734c8c887bf3e2b3f34870319cbcebe7e5fac53", 0x1000, 0x8000}], 0x4812, &(0x7f00000015c0)={[{@acl='acl'}], [{@dont_hash='dont_hash'}, {@smackfsfloor={'smackfsfloor'}}, {@subj_user={'subj_user', 0x3d, 'net/dev_mcast\x00'}}, {@euid_eq={'euid', 0x3d, r3}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'net/dev_mcast\x00'}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@uid_gt={'uid>', r7}}, {@fsname={'fsname'}}]}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:14 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r0}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:14 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000080)={0x1, 0x0, @ioapic={0x3000, 0x7, 0x1f, 0x6, 0x0, [{0x9, 0xc, 0x8, [], 0x6}, {0x4, 0x6, 0x7f, [], 0x40}, {0x56, 0x7, 0x8, [], 0x74}, {0x0, 0x0, 0xff, [], 0x93}, {0x8, 0x0, 0x20, [], 0x7f}, {0x7, 0x8, 0xe5, [], 0x2}, {0x7, 0x0, 0x1f}, {0x0, 0x2, 0xfb, [], 0xe9}, {0x8, 0x1, 0xce, [], 0x2}, {0x5, 0x81, 0x1, [], 0x7}, {0x3, 0x4e, 0xff, [], 0xd3}, {0x3, 0xff, 0x4, [], 0x6}, {0xfa, 0x7, 0x7}, {0x0, 0x6, 0x6, [], 0x5}, {0x0, 0x81, 0x6, [], 0x2}, {0x9, 0x1, 0x5, [], 0x5}, {0x8, 0x1, 0x0, [], 0x1}, {0x4, 0x0, 0x3, [], 0x7}, {0x1, 0x2, 0x81}, {0x7f, 0x9, 0x2, [], 0x4}, {0x5, 0x1, 0xb5, [], 0x8}, {0x3, 0xaa, 0x40, [], 0x80}, {0x2, 0x1, 0x8, [], 0x81}, {0x2, 0x9, 0x1f, [], 0xfb}]}}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:14 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000500)={0x0, 0x9000000, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, r4, 0x805, 0x0, 0x0, {{0x1, 0x40030000000000}, 0x0, 0x5, 0x0, {0x14}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x401a0}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r4, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x7, @link='broadcast-link\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x40001}, 0x4800) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffff) 18:52:15 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:15 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r0}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:15 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) clone3(&(0x7f0000000140)={0xfd88d2d398bb8dc5, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0, 0x15, 0x0, &(0x7f00000001c0)=""/4096, 0x1000, &(0x7f00000011c0)=""/89}, 0x40) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000001240)=0x0) tgkill(r2, r4, 0x4) r5 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r5, r0, 0x0, 0x6f0a77bd) 18:52:15 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xe8030000) 18:52:15 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:15 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r0}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 503.090623][T12441] IPVS: ftp: loaded support on port[0] = 21 [ 503.878348][T12409] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 503.888760][T12409] CPU: 0 PID: 12409 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 503.896652][T12409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.906712][T12409] Call Trace: [ 503.910023][T12409] dump_stack+0xf5/0x159 [ 503.914288][T12409] dump_header+0xaa/0x449 [ 503.918680][T12409] oom_kill_process.cold+0x10/0x15 [ 503.923875][T12409] out_of_memory+0x231/0xa00 [ 503.928484][T12409] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 503.934151][T12409] mem_cgroup_out_of_memory+0x128/0x150 [ 503.939732][T12409] try_charge+0xb3a/0xbc0 [ 503.944104][T12409] ? rcu_note_context_switch+0x700/0x760 [ 503.949867][T12409] mem_cgroup_try_charge+0xd2/0x260 [ 503.955113][T12409] mem_cgroup_try_charge_delay+0x3a/0x80 [ 503.960816][T12409] wp_page_copy+0x322/0x1160 [ 503.965435][T12409] ? preempt_schedule+0x30/0x40 [ 503.970334][T12409] ? ___preempt_schedule+0x16/0x20 [ 503.975503][T12409] do_wp_page+0x192/0x11f0 [ 503.979931][T12409] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 503.985588][T12409] __handle_mm_fault+0x1c07/0x2cb0 [ 503.990730][T12409] handle_mm_fault+0x21b/0x530 [ 503.995598][T12409] __get_user_pages+0x485/0x1160 [ 504.000621][T12409] populate_vma_page_range+0xe6/0x100 [ 504.006036][T12409] __mm_populate+0x168/0x2a0 [ 504.010639][T12409] __x64_sys_mlockall+0x2e3/0x320 [ 504.015856][T12409] do_syscall_64+0xcc/0x370 [ 504.020440][T12409] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 504.026334][T12409] RIP: 0033:0x459f39 [ 504.030255][T12409] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 504.049872][T12409] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 504.058353][T12409] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 504.066339][T12409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 504.074400][T12409] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 504.082553][T12409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 504.090565][T12409] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 504.102837][T12409] memory: usage 307200kB, limit 307200kB, failcnt 179 [ 504.109921][T12409] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.116884][T12409] Memory cgroup stats for /syz5: [ 504.123452][T12409] anon 308371456 [ 504.123452][T12409] file 102400 [ 504.123452][T12409] kernel_stack 368640 [ 504.123452][T12409] slab 2412544 [ 504.123452][T12409] sock 4096 [ 504.123452][T12409] shmem 81920 [ 504.123452][T12409] file_mapped 135168 [ 504.123452][T12409] file_dirty 0 [ 504.123452][T12409] file_writeback 0 [ 504.123452][T12409] anon_thp 274726912 [ 504.123452][T12409] inactive_anon 52985856 [ 504.123452][T12409] active_anon 15319040 [ 504.123452][T12409] inactive_file 0 [ 504.123452][T12409] active_file 135168 [ 504.123452][T12409] unevictable 240214016 [ 504.123452][T12409] slab_reclaimable 675840 [ 504.123452][T12409] slab_unreclaimable 1736704 [ 504.123452][T12409] pgfault 39864 [ 504.123452][T12409] pgmajfault 0 [ 504.123452][T12409] workingset_refault 0 [ 504.123452][T12409] workingset_activate 0 [ 504.123452][T12409] workingset_nodereclaim 0 [ 504.123452][T12409] pgrefill 66 [ 504.123452][T12409] pgscan 70 [ 504.123452][T12409] pgsteal 0 [ 504.219355][T12409] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12408,uid=0 [ 504.235413][T12409] Memory cgroup out of memory: Killed process 12408 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 504.255862][ T1062] oom_reaper: reaped process 12408 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:17 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf0ffffff) 18:52:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') ioctl$VIDIOC_S_MODULATOR(r0, 0x40445637, &(0x7f0000000080)={0x4, "35988d339c846ce5e9f91bed15f266dd30b242d1b247e5d092db0f1667654ef4", 0x400, 0xac7, 0xa6, 0x2, 0x5}) readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) sendfile(r3, r2, 0x0, 0x5) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r5 = gettid() tkill(r5, 0x3c) process_vm_writev(r5, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/238, 0xee}, {&(0x7f00000002c0)=""/229, 0xe5}, {&(0x7f0000000100)=""/99, 0x63}, {&(0x7f00000003c0)=""/216, 0xd8}, {&(0x7f00000004c0)=""/64, 0x40}, {&(0x7f0000000500)=""/170, 0xaa}], 0x6, &(0x7f0000000a80)=[{&(0x7f0000000640)=""/183, 0xb7}, {&(0x7f0000000700)=""/185, 0xb9}, {&(0x7f00000007c0)=""/61, 0x3d}, {&(0x7f0000000800)=""/232, 0xe8}, {&(0x7f0000000900)=""/161, 0xa1}, {&(0x7f00000009c0)=""/147, 0x93}], 0x6, 0x0) readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TIOCNXCL(r4, 0x540d) 18:52:17 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:17 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf2ffffff) 18:52:17 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:17 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:17 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') io_setup(0x7, &(0x7f0000000280)=0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r5 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20\x00', 0x40000, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r8, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r9, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) io_submit(r1, 0x7, &(0x7f00000009c0)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0xbde, r2, &(0x7f00000002c0)="eaf69eab7b11cbf2d8c982141b6032cfa623223f1bbed0214b6b1685749deb30539296f5a7bdf1895b1f49d14b15434003fabe19a3f472916813e95c4f52acd72f4fcd5703cfbcd393ce6d502fae781ddceef449d181f58803eec65821a37a30786d38ee4a", 0x65, 0xfffffffffffffff9, 0x0, 0x1, r3}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x378f94343f74c437, 0xb8a, r4, &(0x7f0000000380)="a331aa7c56a5ce7ed33df3b74d0ae94055af37fc40e28ca0a5142d02e01646726f4a50ffe818e50f47bf71fe79598a82467d03c2717375e2148a68e6d809d89fd0c3f11f62d0a80a64ee8cd9fa7f5303f338ab8cd252602d78b15ebe934ac2a1ddfde9e1cfdefa2a9fcae10f28d4b376ba9414376399f5467f2c2b3fabb736b31fa4cf6cb27bf9cf18a6ca93e19ffcabe276db3198421c82d3b3d123fdf97443d8bb8684b96316a0f8d1680733e28b381e02a35978100b6141180c4ee0a6", 0xbe, 0x0, 0x0, 0x1, r0}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x2, 0x8001, r0, &(0x7f0000000480)="de969b9e056054d5637aab172c1a16ad6a6c0b26f62a1ba14c7f24cf95d61c178b8ddf844e17b1fab74f7a97eab7304fc2963998", 0x34, 0x0, 0x0, 0x1, r5}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x46a416abb453207b, 0x4, 0xffffffffffffffff, &(0x7f0000000540)="60944270bd8e503fcdd6b527941f5fb59f138ac9258439f33c4cb17c7ee880114d10e367fccf503d4aadacc729862dfdeab87d96031eee77054cb843d5165b4b12ec251e1eb4fc1af2d4ce434f1911ae056f3c87222741ad94c062e071dbebc129a43b932ad660d639f49ce38830ab785106952addc91abf0ea6959c731432e75e7913ed89edd145c263a0840da9a2600ffb77234b956931f9324c480c581615cbc62d2cc50cca750fcf97361a7e3deac7677844abfadcafa19eeb65f0f25165d474d39a19af2af42ef16f3f4e893763f6bdd2fe", 0xd4, 0x0, 0x0, 0x0, r0}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x5, 0x360, r0, &(0x7f0000000680)="c232ec526e2c42190f77b2827570779c48c6d2d7986a3e878b708e1be61f37731a3ae4f60d4caaf21b4b6d699edf69390122c51b80dcf1c6aa81c89758bf7f2db8fbb768235af56c39270087876cfefb9ac68f61ece76142acbcef6523b1bce80f3e16ccc2fc39bdd02813910209637533aefa930ec138133f306f3684ca82397d0ca63fd1649367c498597f2bc7c02a3e152db4b45426c1c7b3bfea1e1198b8bdf59f4d3f917b464ea08b415dbbdeeefe7d2dac4d7c06001a3056108a0f9fe9b34ac62d8bb0c7689e21b21f7500857ae80572ecba03df04713ed2f8b080f440ef18b976e54ee8ce1d04", 0xea, 0xffffffffffffffff, 0x0, 0x2, r6}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x3, 0x3, r7, &(0x7f00000007c0)="1b790ec37d7abc189c7e827cd919cbb5ef5cf908b677075e451ef4f46c306f5af2291c52fb8ba13ecfc335994c090b1d9e04171cc660c534f383ffe7e0c8ca13d896078af8ba4186c06bc687f93bc92f2bf786041b01f97c577cb93a812792926f5d13", 0x63, 0x8000, 0x0, 0x2, r0}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x8, r8, &(0x7f0000000880)="b1d30f79549cc652eb290b41918fb1bb6f6c4f358f1733c94a13cba3f7a9c490224df41cce66577a5b2ae1b4de3d68763b5f1ff2fd0cbf06d4dbf6014c9e9861ef0c98ef48af67086909aa2135aeafb9657143a24fb8e74e1f4e6a013a61bb2337ec43644c1cbc3a82165b47050c8dcf09aba22175f9011dd66bff3a54b7bf58efbdb40f1e856f79c096405d612632f1c01347d3e686b4ace7e07cb1c72d7e486c339b97b2f76efeb8217c365be2c804febfaacd1a607db3c1fdcf2d6b9a67143489e2be2f6b3f767de2d6f425a0ff0dbe77d20bd10e83816b7cc3a2995dce", 0xdf, 0x5, 0x0, 0x2, r9}]) readv(r0, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)) r10 = gettid() r11 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x40401, 0x0) ioctl$USBDEVFS_SETCONFIGURATION(r11, 0x80045505, &(0x7f0000000100)=0x1) tkill(r10, 0x3c) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TLS_TX(r12, 0x6, 0x1, &(0x7f00000001c0)=@ccm_128={{0x304}, "d688e5c050a03cb7", "b9be31db18c2cbdec84cc50044493252", "d3996c62", "01dfcd1eedfca9b8"}, 0x28) r13 = getpid() r14 = syz_open_procfs(r13, &(0x7f0000000180)='ev_\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00') r15 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r15, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x8001}) r16 = syz_open_pts(r15, 0x4000000000000002) ioctl$TCSETSF(r15, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x2, 0x1ff, 0x0, 0x0, 0x0, 0x1, 0x8, 0x1, 0x6000}) getsockopt$IP6T_SO_GET_REVISION_TARGET(r12, 0x29, 0x45, &(0x7f0000000200)={'ipvs\x00'}, &(0x7f0000000240)=0x1e) sendfile(r16, r14, 0x0, 0x6f0a77bd) [ 504.994886][T12479] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 505.057985][T12479] CPU: 0 PID: 12479 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 505.065911][T12479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.075994][T12479] Call Trace: [ 505.079316][T12479] dump_stack+0xf5/0x159 [ 505.083725][T12479] dump_header+0xaa/0x449 [ 505.088190][T12479] oom_kill_process.cold+0x10/0x15 [ 505.088405][ C1] net_ratelimit: 13 callbacks suppressed [ 505.088418][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 505.093327][T12479] out_of_memory+0x231/0xa00 [ 505.093426][T12479] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 505.099052][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 505.104775][T12479] mem_cgroup_out_of_memory+0x128/0x150 [ 505.104821][T12479] try_charge+0xb3a/0xbc0 [ 505.130693][T12479] ? rcu_note_context_switch+0x700/0x760 [ 505.136396][T12479] mem_cgroup_try_charge+0xd2/0x260 [ 505.141625][T12479] mem_cgroup_try_charge_delay+0x3a/0x80 [ 505.147360][T12479] __handle_mm_fault+0x179a/0x2cb0 [ 505.152521][T12479] handle_mm_fault+0x21b/0x530 [ 505.157407][T12479] __get_user_pages+0x485/0x1160 [ 505.162450][T12479] populate_vma_page_range+0xe6/0x100 [ 505.167869][T12479] __mm_populate+0x168/0x2a0 [ 505.172487][T12479] __x64_sys_mlockall+0x2e3/0x320 [ 505.177578][T12479] do_syscall_64+0xcc/0x370 [ 505.182107][T12479] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 505.188075][T12479] RIP: 0033:0x459f39 [ 505.192033][T12479] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 505.211644][T12479] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 505.220069][T12479] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 505.228046][T12479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 505.236027][T12479] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 505.244036][T12479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 18:52:17 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:17 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x102, 0x0) ioctl$KDSKBLED(r3, 0x4b65, 0x40) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 505.252076][T12479] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 505.318484][T12479] memory: usage 307200kB, limit 307200kB, failcnt 200 [ 505.330026][T12479] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.638865][T12479] Memory cgroup stats for /syz5: [ 505.639150][T12479] anon 308264960 [ 505.639150][T12479] file 102400 [ 505.639150][T12479] kernel_stack 368640 [ 505.639150][T12479] slab 2412544 [ 505.639150][T12479] sock 4096 [ 505.639150][T12479] shmem 81920 [ 505.639150][T12479] file_mapped 135168 [ 505.639150][T12479] file_dirty 0 [ 505.639150][T12479] file_writeback 0 [ 505.639150][T12479] anon_thp 274726912 [ 505.639150][T12479] inactive_anon 59715584 [ 505.639150][T12479] active_anon 15314944 [ 505.639150][T12479] inactive_file 0 [ 505.639150][T12479] active_file 135168 [ 505.639150][T12479] unevictable 233254912 [ 505.639150][T12479] slab_reclaimable 675840 [ 505.639150][T12479] slab_unreclaimable 1736704 [ 505.639150][T12479] pgfault 40623 [ 505.639150][T12479] pgmajfault 0 [ 505.639150][T12479] workingset_refault 0 [ 505.639150][T12479] workingset_activate 0 [ 505.639150][T12479] workingset_nodereclaim 0 [ 505.639150][T12479] pgrefill 99 [ 505.639150][T12479] pgscan 103 [ 505.639150][T12479] pgsteal 0 [ 505.734847][T12479] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12460,uid=0 [ 505.754436][T12479] Memory cgroup out of memory: Killed process 12460 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 505.777693][ T1062] oom_reaper: reaped process 12460 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 506.077903][T12511] IPVS: ftp: loaded support on port[0] = 21 18:52:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf3ffffff) 18:52:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:19 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:19 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000080)={0x0, @reserved}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r4 = gettid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) waitid(0x2, r4, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r3, @ANYRESDEC=r4]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r3}}, 0x18) write$RDMA_USER_CM_CMD_REJECT(r2, &(0x7f00000001c0)={0x9, 0x108, 0xfa00, {r3, 0xa4, "1a8faa", "5d3c5b56f13cc5bb6160c563cd34309f20ed3cfd8cee34e3636d6c9971f9e7832568e42c1afd219f7be48f7e84a9c6cbfa691fea2e3280693565e0b7b506972e5635dfc16f3e54fcd9273d661be2fb2e2c2ea512f373f22314fbb46c64863257aa1f447bd0e3377d1ac5fd8e9d6da4dc5ed784fab4838a5214ecfc70e0cb31435306842f4af7781e9c630e1a81cd65d01f900a562e8d4d5a70e0b7d25052b380d1f3f04121e5cdd77c54e501700aeb6086baeb86b963da5fd74807f00c72ec33ee05e24b234cd177e5cb828fa1cedb66d026f353347b8da0da0c035900865b794b4c1bfb3d4710d3716710ab1dd4d9455a3f012a84034f7798b510ed0fcbbb2b"}}, 0x110) r5 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r5, r0, 0x0, 0x6f0a77bd) 18:52:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:19 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x284000, 0x0) ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f0000000100)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) sendfile(r4, 0xffffffffffffffff, &(0x7f0000000140), 0x7ff) ioctl$sock_inet_SIOCSIFNETMASK(r3, 0x891c, &(0x7f0000000080)={'veth1_to_bond\x00', {0x2, 0x4e23, @multicast2}}) r5 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x18, 0x0, 0x2, 0x0, 0x0, 0x200}) sendfile(r5, r0, 0x0, 0x6f0a77bd) 18:52:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff) 18:52:19 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 507.093786][T12530] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 507.148657][T12530] CPU: 1 PID: 12530 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 507.156582][T12530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.166742][T12530] Call Trace: [ 507.170120][T12530] dump_stack+0xf5/0x159 [ 507.174391][T12530] dump_header+0xaa/0x449 [ 507.178751][T12530] oom_kill_process.cold+0x10/0x15 [ 507.183891][T12530] out_of_memory+0x231/0xa00 [ 507.188528][T12530] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 507.194275][T12530] mem_cgroup_out_of_memory+0x128/0x150 [ 507.199869][T12530] try_charge+0xb3a/0xbc0 [ 507.204232][T12530] ? rcu_note_context_switch+0x700/0x760 [ 507.209961][T12530] mem_cgroup_try_charge+0xd2/0x260 [ 507.215193][T12530] mem_cgroup_try_charge_delay+0x3a/0x80 [ 507.220853][T12530] __handle_mm_fault+0x179a/0x2cb0 [ 507.226002][T12530] handle_mm_fault+0x21b/0x530 [ 507.230878][T12530] __get_user_pages+0x485/0x1160 [ 507.235906][T12530] populate_vma_page_range+0xe6/0x100 [ 507.241319][T12530] __mm_populate+0x168/0x2a0 [ 507.245928][T12530] __x64_sys_mlockall+0x2e3/0x320 [ 507.250990][T12530] do_syscall_64+0xcc/0x370 [ 507.255573][T12530] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 507.261462][T12530] RIP: 0033:0x459f39 [ 507.265427][T12530] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 507.285031][T12530] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 507.293442][T12530] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 507.301409][T12530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 507.309426][T12530] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 507.317396][T12530] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 507.325463][T12530] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 507.438392][T12530] memory: usage 307200kB, limit 307200kB, failcnt 235 [ 507.479809][T12530] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 18:52:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) [ 507.656830][T12530] Memory cgroup stats for /syz5: [ 507.657085][T12530] anon 308277248 [ 507.657085][T12530] file 102400 [ 507.657085][T12530] kernel_stack 368640 [ 507.657085][T12530] slab 2412544 [ 507.657085][T12530] sock 4096 [ 507.657085][T12530] shmem 81920 [ 507.657085][T12530] file_mapped 135168 [ 507.657085][T12530] file_dirty 0 [ 507.657085][T12530] file_writeback 0 [ 507.657085][T12530] anon_thp 272629760 [ 507.657085][T12530] inactive_anon 65961984 [ 507.657085][T12530] active_anon 15323136 [ 507.657085][T12530] inactive_file 0 [ 507.657085][T12530] active_file 135168 [ 507.657085][T12530] unevictable 227094528 [ 507.657085][T12530] slab_reclaimable 675840 [ 507.657085][T12530] slab_unreclaimable 1736704 [ 507.657085][T12530] pgfault 42240 [ 507.657085][T12530] pgmajfault 0 [ 507.657085][T12530] workingset_refault 0 [ 507.657085][T12530] workingset_activate 0 [ 507.657085][T12530] workingset_nodereclaim 0 [ 507.657085][T12530] pgrefill 99 [ 507.657085][T12530] pgscan 103 [ 507.657085][T12530] pgsteal 0 [ 507.954566][T12530] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12512,uid=0 [ 507.988790][T12530] Memory cgroup out of memory: Killed process 12512 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 508.023525][ T1062] oom_reaper: reaped process 12512 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 508.181260][T12563] IPVS: ftp: loaded support on port[0] = 21 18:52:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:21 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:21 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:21 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1f}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = getegid() setgid(r3) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r5 = getpid() fcntl$setown(r4, 0x8, r5) 18:52:21 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfffffdfd) 18:52:21 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x18}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffe0) 18:52:21 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:21 executing program 2: syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r0, 0x4000000000000002) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xffffffffffffffa2, 0x2) sendfile(0xffffffffffffffff, r3, 0x0, 0x40) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f00000000c0)=0x5, 0x4) [ 509.166913][T12584] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 509.232954][T12584] CPU: 0 PID: 12584 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 509.240878][T12584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 509.250957][T12584] Call Trace: [ 509.254287][T12584] dump_stack+0xf5/0x159 [ 509.258581][T12584] dump_header+0xaa/0x449 [ 509.262942][T12584] oom_kill_process.cold+0x10/0x15 [ 509.268082][T12584] out_of_memory+0x231/0xa00 [ 509.272702][T12584] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 509.278352][T12584] mem_cgroup_out_of_memory+0x128/0x150 [ 509.283936][T12584] try_charge+0xb3a/0xbc0 [ 509.288320][T12584] ? rcu_note_context_switch+0x700/0x760 [ 509.293970][T12584] mem_cgroup_try_charge+0xd2/0x260 [ 509.299277][T12584] mem_cgroup_try_charge_delay+0x3a/0x80 [ 509.304920][T12584] __handle_mm_fault+0x179a/0x2cb0 [ 509.310058][T12584] handle_mm_fault+0x21b/0x530 [ 509.314922][T12584] __get_user_pages+0x485/0x1160 [ 509.319905][T12584] populate_vma_page_range+0xe6/0x100 [ 509.325416][T12584] __mm_populate+0x168/0x2a0 [ 509.330030][T12584] __x64_sys_mlockall+0x2e3/0x320 [ 509.335075][T12584] do_syscall_64+0xcc/0x370 [ 509.339588][T12584] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 509.345478][T12584] RIP: 0033:0x459f39 [ 509.349415][T12584] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 509.369024][T12584] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:22 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 509.377500][T12584] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 509.385476][T12584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 509.393551][T12584] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 509.401665][T12584] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 509.409735][T12584] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:22 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = getpid() r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r5) lstat(&(0x7f0000001340)='./file0\x00', &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r8 = fcntl$getown(r7, 0x9) r9 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r10) lstat(&(0x7f0000001400)='./file0\x00', &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r12 = gettid() tkill(r12, 0x3c) r13 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r14) r15 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r16 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r18 = socket$nl_generic(0x10, 0x3, 0x10) r19 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r19, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r20 = socket$nl_generic(0x10, 0x3, 0x10) r21 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r20, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r21, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r16, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r21, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r15, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r17, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r18, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r15, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r22 = signalfd4(0xffffffffffffffff, &(0x7f00000014c0)={0x2}, 0x8, 0x100800) r23 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r23, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r24 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r24, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r25 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r25, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r26 = socket$inet6_sctp(0xa, 0x5, 0x84) r27 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r27, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r28 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r28, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r29 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001e80)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) r30 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r30, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r31 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r31, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r32 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r32, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r33 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r33, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r34 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r34, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r35 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r35, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r36 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r36, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r37 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r37, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r38 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r38, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r39 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r39, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000001ec0)={{{@in=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000001fc0)=0xe8) r41 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r41, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r42 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002000)='/dev/vhost-vsock\x00', 0x2, 0x0) r43 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r43, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002040)={0x0}, &(0x7f0000002080)=0xc) r45 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r45, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r46) stat(&(0x7f00000020c0)='./file0\x00', &(0x7f0000002100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r48 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r48, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r49 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r49, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r50 = syz_open_dev$loop(&(0x7f0000003840)='/dev/loop#\x00', 0x5, 0x80) r51 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) sendmmsg$unix(r0, &(0x7f0000003900)=[{&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000100)="f82ed33caddd51a08196f4d9d424e962de8ab278b42a", 0x16}, {&(0x7f00000001c0)="20b7dfe90a1d0fd4a491b0f5ba0b8a9e30fc0cfbd569bab4232ad2259c84259c96b016f69608f18e46a9178fee3605ab6fe756b1e617ac97c5a4656e45310d91c390b55d421adb0308898cc9a4bd62d1972e62638e59843fba115781cf60e98e01704f10f797960fd4d3a97623be93356b1231cea1732e60c183fba8f7d5fd5308fae8ff14fc1b35593f3c666646dfef34913b3c2bbf74959dd23a2c5c12f79dd5472ef24d1451860ce12a83ef03c84c7484fdcbdd776bc48383a174ae20ddec60ff8790d42b6dda9f0d65bb44546808c344517c9b2841fa4d9e5967fd89dff507c0939ebafbc3984aa9bd274831a43ca861299ca82fba7a921d7c6462e57afebab9b2bd78b8b8c34e2c3f2d18f33d01e6f7da99391ba0c3614a9bfe5e2efa3ec9719be18530a36cba7d0bc964f275320dabbc7c84064facd62f2596b0ba6e42ff12d0bac3c0779defbb52a50955ee5d48c13e025cb48c5ca76ad522f7304feb4e3a52af7de5c85cfe92fd4a482d95e5f78c3d36f6f44ee784f0d50725f26f050ec721bf2d1229f5f58d730c55acaa1f9401ae4fa96c4032aa8b792b2104836dc7f7e7f20e597b66585ee416525c6d6fe743c391302723e5c76d5c926aa36deb13f67cd208dead4b788bea8910973735442eeb93f30d9db0a3114a3f396e36358a39fcadffda6c6d03dceb41c1090d4cbb4db982ddaaf33e197cc36034ba3aed1970074ed92deb84dc1c09611b0bd980a076f63fa8b600d640512c2c796f95db8a0984018945f53194ec8b9887fc0065e9c75e15dde0e16d0cf7e61149c116fc9acc862fe99bfe7e8012dc02e7513c0437d9e6f5a4269e0250676f7c4079770e1428aa49206b8830ed57608f2d82cf80e85b352818379aeb86d0b899ce6eca2c950d82d43ee78395909c7fc43e2a9edeec657907d7d9aaee995bfbb93e633d6eaf4a5ff169856f48bc36551ee983d51b9c2a5a764b92993578afe0b4773beb6ee03653bb28c637f7b871e38050fed9d8fe45c41d46373f6fce7333e15e0deb402f2d2dff900f43f7f0e077b186195e6bc6c676286d746f09403d094854b8a7e393ea3f06972f31ff1f4400b364fd07ae72173be5c645f16f077e90b882f8f73a7f2806cb6a16919fe3a60c7081e2775820db851f2aca4043d0ee53892166f108257d661910a1782b17ca1e2e42eefebe5ec4682f5ea315909bfd773fe86150f7bde9965fad5ceaec2f8f9588707e7b5e06efc2e464c12fea7b8956bfbe27c098f2833cba58bca3546891991c8c43a1d7d7528a07da8e935ac5b633307eac6d9ef0bd203cc74f7799a9eb00050f2cc0852fee4dbba5f5e116b392594c4f396f2455efd9d85b14ef98c876f928e10d21e3fa1e6c49b076aebce78e780872c003e8a01f05f2306f2c34fc427f898d092d7f42dd7cd76cd041ed82690b99b50a862563adb88482e8dac86824535ba5c1278f26577b6f2eba14f86c7cd76b57d1e81ba5efe944c4749069faf207a04fba2e3c686abbf9d907c634b02ee646dfb81701921d8885fa9638431fbc2f14922fb3ad55dfff44c303df92a8db2a53e97ddc172f6513425d4a27f2ada45f934ac2e2f16db4283f16ad332b3d5bbc0ff7055a05678af14b2a5af2c4d60622ddbcbf8da96050981a9a3a29b04b4fa3e3dea2403ca35e8174a2d90c146ca2b91a82bbb1a477d7b2c4636651c8011968417e863ad5aeda386d272e26ce6e142186ce1eb957808b17f210f6ff7568800fc897ac39b6f17df2ab31330c3e586752b733119ff04e1927dcccda5dc68ff7fcbeeccb77dccaa1cfe55cdb19fe24d787f51d8b25234fbd2404171b1e527848d9cb97912f07c67a13a43665b1cd6a4ffc276931aae6606a0d2f7b03e35fdd2dd366ae3bfb5d69966a4c091cfeb71528df6c603d23ddc80845f5f969a07880280484cd3a12479795e69773f403ffd6a88f8e50f02b4e2f6a4bd9874fb92f703d5de18b42fc6119737f9355a74d17d14acc3df16e5e7ae0edaa1b166a9dc3b22a904444adc7b226c66aa9bb1365417b6a7ee6d2dc619f000c8ee017b86aa711e4e1a17cd3b26e8e0e3760214e52815796a1d8c0fae440c470be9d2e5618a158c5d3e0ae8eb7abdabd4670aeb44b6807029d9c0b388311097b84cc3ac58dd1f58b98d163a1b090ad6e56ef2c437306b290fc0beaac50a7cb175d74db3df2cc907d24d62e8cb07b122996801806b3e6c87271bbd8b8742a2533c4c31be522995be3586fe86c194a06655c3d9ea838e0a15db66170dbba3d3be56ed61c4a0a812021c19577e763868b818dc8ddd432089dd484a945f4c9389e1305155287ed6f7cad13e760390bd03d18ae0f4e18b9b32178deac9cb97f65ccd56d599a1bdcfd46b791abf60970f0976872a4b24fadbc7fe23f2373f85b1d92260a2ead9ba60e1da5be6763aef49004134eec2a3faa174c70782c635ec42023b74d4d0d547990dc14a598de1aff4bcbb5bce8f7211befa87aa28f9f3b3817fc73d7e1aad86597b7abe67c3f4c74276f8af027a646d9fa73aea61b8c154527676033b9557e0b75201bd27b912581ff81038584a2010c61e1b204f2f5e7e33007291ba676177c1c67d83a0967126f65a818def5f727237a01ae9a8b81875c67632e422817fc6ec8d89d1ba22ce7b885df0acbcab135492f58a816de219d0ab344b085a4e4fc26aa51769f1b3a75fc8fb2b1b83b7b045457bf78d57d180a206b3b4a482a13327796e0f5de8de79717e8fc3621767599d2f1262524f1e919e739f8dd5d6c0e53c82ee583660c5d853ff3b278bd7e23b19b7cb6ac340e588efc23fb50edd63be36f1b55aa52046f60c0dd94a34aa3f45a6b4adaa95197073d94e03976d1d35394e4cd1938bee73d67ee5ede661d93f51019e0013591b858a0eb7534fe6b07df10eeeadf554f22ee3f84d4369ec05407a7ff630bc1f392767665466f40a1b3dbbba36526b492b381ac93beed4d9aca5bc180831f05744641eb2378e12de519ba84f919069a7ffe2c31170ad5b91d6f6c8b032159d5a9054f7d8f849c3c7fa708a402d9ad7c7f446bd1191cdcdb309eab98e3ee1cc33178d3afa022c27675d3209d9db03a17e8bdea315426d19787e7d34c1219f397574e69a2d452ce6a0d3ec1801af312e7bb9cd94da072ba86a63b40415c6502692dab0127bdde07b78e10061021172aca939447635f3a3ca9603beef59691933456eebeeec68cb301fce5bed058b2026c5547a0782d2c49ac1a8422005163af595b31e099848184e994cb2f9b1e3685c09df4674d31f08982ea954789273b5b5781b381b25fa78b84ebcea98138dc77b15ad2ac75c231fc2b2898d5f7ab4bdfc94431efb9c39032c42e44a2c058372f0581b492b6139303d1548b5f937f6cc7adb50c1372587f6a097372ed7800233c2b503b2bd17c108821c121a81505e38bb26f752c4e012046f782a6b627b44bc757cc998a4214483aa16c6cfb44189f5fd5a369444698b85414bf9fe34214eab70e3a84362127b35d9a35bf730ab0739c28c6dc39e300e5223f2a8a3867ecaddca2846820fdb77090bff309145b68e0900047ab9e67cf9a8485d4736d668b778672c13e85d5d7c2c3d478727f91c17ed7275e3f6187b1260aa71829d8ea2f36e71565b9b71f8c37fa4267b77cca18d5e3bacef58364712c4177592679b6a47ce5ad5cf1134190f34ad627e02915cc1385c948620f4156fba7cefe7b2db9c4c4849eb08298dd17a2f64f582355bca05a6dc0beda547e2b47926ed9349b4d7e5fc216cfa44c97478f1e2b5d7b1aeddb0ce430bec6b19118eb5029d59ddd4c7a2b981d65f021bf0cef6de1c2dd6836abd4503c9d0e84aebbf6751fba26f1f45d1e39ded3d09a5c516e7171832c2be7636dc060148901c5a6c4f0dc413d6376e45df01c6c31ad5200dcc053ded5221b5609710d1a5817c12079e7059314a7b10ba3f878be31ddf38ea1320c6da7bf807f7f0edec02ae15a28a52dd0123af39985d36693c3378c02fa6cacb0e2596a345031a014c166e074fe93ef88526ec89de1429f764e1659e39eaed6a1b2471b104738b13c9c1adfdacd43f547bbe6b081c7cf7fda11e9da3d6d9fa7c252217c7e1d741ee0d0901c1d5e9c8b8b1a87be74f2261a0ab52628866fb5c97c0320bdc288dab744ca5057ab3fd3140afa07fc52c953be3f026a3c74c2141779c1aa9488985af4dd4f54a9e54f3eb49c26649dc16ddad9d1f02fc59742bec7caab1ab9706124cbefebe743f3dbbc78e5e470a42b0a9f99109b3f5b7ed62ee5b1feea53685a6f105f919980af7247d442fa94fdd7661d603da6a59b2c095a1b53718e58bf516a789be1037876abe3b5f2ab50e9d46b368e4962f74c090e8640628f8644a30d22fc2d70fc1b8ce71dacd73a1bc057e22cd4247ce26497e58e53e29266c9307d7143e722ec7e297e2333aa1420ada787ceaa727a22efb69d90186db93a7872009ff6de1973718c637746c0ec2a0babb5048a839a87b0a85458dff3439751d749d6e0e9ff388a99b3b02c22a37dd7623f6d881335de91e89f89a93bea231cc8654f1d07a112ab936f6ae216f5ef64584d1cf9a560e732c187468e0cc07b203e1cda9b98ac45aef0ded42ca1fe466738cf233b9b93377e8a82f9e8d660fe5e8038efcf57d74dd0736a2757bb4fdc36ce93f38d754fb2598d9ee028961f62caa9abb659fd4c2b5356227f7ad6796283b6de8a494c6c7c5fcae41d55381ed6384c412b96a2d364bdf2cdfe6381a0f2fd2901fd3e695f1d4f1c69a8708aad5d361660533aee7d94a38411cc93e6f63918d4d476e9011800e00ccab02fa052d4a12d2696ac6b9d5c7c185cca612ba8acd4fd466732b916a6756bf810282919575f5cdd55194be97bfcae3c44e131610b343319e84c2fff591c29488951de6abe8d1e9bf0aa242d14b85f2b94d164229ba5e397e52a2ef07c4f1933172c3537726d82cd6bfdca367c05915d13d2a9937fef136536e450bed4cb1da5a85130c2bc09f012876706eceae3bd5d9603e2dd5c5127d3f62ed2c114c1938781a01966e364ce2988d1dccaf998a8cc527c4efabd24388385884a2d11c29514ea4a25f033d3e4dbaa793534af6f3a865d0239a9c20242ecdb3c32e22ee29420b3b0626cf35b5799115dcf02dfcdc1633deb6a1eaa349c33c091e19318c1addf2d1f05754ff86a3f4d11cb0491768bf080a3dbf13ba80d63b4df0e62e9658b9e9d2cf0b1ed50e11f4295a2b631335d89a4e76344d9ae4188b179952e4d13e13c902673982a3cb2a45dd06f1b7e829a4c7c3466ff186514ed456324471dcb55f044028a9f9a0ea6828ec344a16209b39179d71860431e228657ee9851e6255aea3d071540e55638e94520e488496e7fcdd1cbf4ad991f495e9b9a9de47ed2824706d2ee05f925b777f0fdcfe46da731fd6a989609cb3cb2eb222d31c4fdba20ef5b5f3dc91bfb40131e1d358fdb02a16a408c486c586ca30817450d6db339f2336e33623807433b31bb321480b3a14cbb786eff3ea2c2ef4b2687ad825b6d6ba28bd40bcde953df538dbdde0ce76ee42d59049968f805d6f4899a7d47635b5ba845b8c1b22988ea38fa57b27320db3289011ecde3af1652df5eacf4c0054d9c05f92f94c07bf00e95c2a0f72ad2d224aed0771dacb1ff10288e5ee96ffc8a4d4b7c1d863aa1458cab99b00081c335281f516faa377398540db547daea16ce02c3b9a3f070bf9ffb779fa3d8134e95629ecc6e6920741870213674203da472b7091e", 0x1000}, {&(0x7f00000011c0)="3ab8ba3908bfc7b29cddfe17186bf489aadcbd9ca11fee4c3386da482aa0cf08764d091de8ec63aeca8f1834c104f2bcb92e6076f86edc0a5bf8a849bb714e0575497e2a701d31f850719789375110bf8a2f1632608df429424729ce5c92d5e3a370eb771c0352a61a043abe1fdacfc8f122d764dcd8eaefcf7d82cf777ff5cc3bdce0806ebfce2db79ee2b8ab7e6284b56c74c5752d3ae155b4fce63a648bc13f07af643d2daed48dc7b1daf1634e3ef51824", 0xb3}, {&(0x7f0000001280)="340fec7fb152ced6ec6ca51b3f5e3a5a637ae6877acdee570fc1e2aea9408ba813e9e64fd4c54c4220978855b897a257fd0b1d7457a7aa1ce8ca1e0128adf135d1262630d2f3c53f07945d27bdcdf1a5909ebf3fbf333d84b04e184fa5009d2d06e47df2ce431aa30a8f97505f4b60e5c05055e617541f4301132699d3600c803e4ad42479553bd644d812f218a697dcf72578dac67914b01ee724bea81ac40d01afcb", 0xa3}], 0x4, &(0x7f0000001500)=[@cred={{0x1c, 0x1, 0x2, {r3, r5, r6}}}, @cred={{0x1c, 0x1, 0x2, {r8, r10, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r14, r17}}}, @rights={{0x18, 0x1, 0x1, [r22, r1]}}], 0x78, 0x8c94}, {&(0x7f0000001580)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001880)=[{&(0x7f0000001600)="aacdc4962ec1340d5754e9feeb21e7762972448f7d640fbea3d5e257b5eaf205c11e7c60fd7477078b4e089583bb495c8a0ce6316a885e6f166933fdfcf12a8b71f4936e9593fff29fbcf404f89f360b17eca81fd697d299f57faaccf1792cc4e90a19b08feaf4254b1bf60de5b302cff7d5c2a1f28c1f7f3aca10d40d597c6fa428d1f691873d85969a9285eb4acadc354ee8a852fb20c7bc0def0736f0f881", 0xa0}, {&(0x7f00000016c0)="845b2d798100f41bb171f5d927748844318f0871e91fc6151a567ac13ae14ee802cb7ff6196baf773623353ca807532eb522a6d4bebe8e5b788e1b05912173fcab0e3510f75a065f26c247a70b4ae6f8685e9f2c4788546b04aef9a05a5510254b94e10ebe636bd4bb22a3e8d11f34ce958d2e65616c7a5b26a1fc8b17edd13b13236b0606b6e0530c6a7719f3c55b514aa2769305be9e6406cfffcebedf5d99deadf04c431a4b7a6a90d8e0458038b692d5c7ae5ecbece9b514ae681e55c33cd6ac6487492174edeedd7d5b62be7690445d186eb8e157f66026d5b663b0a0949bbcd3971da0eb84974ae6bdeb5eb8", 0xef}, {&(0x7f00000017c0)="b33ab9d021c49f954941c63dd32a8d1d0144dac6b1489e1d5bb13d6d6d4d71b2d1f9774528e3140220b74ce3d0d4985fcc7fa90c1a86a152de060ed2309224e44c7fd908bf85e0696fa3a1f3d2514353c26b126dbc05ed6834926491ca1835019cf4950d6f41286bd6813eb1cc3365", 0x6f}, {&(0x7f0000001840)="895c8917b8466b98ff19d45aedf222d42d0e696b6d99879e", 0x18}], 0x4, &(0x7f00000018c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r23]}}], 0x18, 0x4000}, {&(0x7f0000001900)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001e00)=[{&(0x7f0000001980)="ee47bda037531ae43e108b5d744cd8c44bf313b41ceea731428dcb85be75f15a301ef25959d9c928c49c88554f9d2aa5ed47a91113b20e885c0da37aafd2beeb80f86060e7d9e1a6dee94c9331a85779ec7c02165824b3cacdcb27a97a28cb4da7da62e1cc33fac9839fc34d623e474021bedc927c8157c2f771", 0x7a}, {&(0x7f0000001a00)="cb623d2188edc3244311213fdf7938d120fc78873beb1c070b18796514cf13c6ceb137886afdaf960f8f8fb74e3960cb36add1a16f35ab6e616802cf487fc50e9d482ad032a521c97ab0b60e270abd8ed47b6976279b253073d34451d8035263a7a33675a69ac578baec6be0f5221f92c86c6839889b9bdfaf0dfcec352995247693853287ad88862ddb25c148468f8457888bec23834c2c0c8f40988739ebecc00a7c228588f48bdf2fe218a57456fbcd5b368ec0fe3af2303e2be7cd9af0316b152bc977ff4d219b99be635d0e480b56a1b23018301cc2cb2dc4765eb9fc291988bbc189509db0970a7e9e91b656d7bc34dd7d22bcfea1058a249df00f83", 0xff}, {&(0x7f0000001b00)="cfb3d26199b52bd5cbc64e7d04440333f401e98259cc1b86d1aef72213908e620352bc849928a610fc049e4f702470195c88943850775544524560c25a224266ef084d430fe2dac4eebc5367149d5026d0ec7ddd381293f7e68eba4a008561b67c9c3ca05b912dc0f8e98f323b1b350c3328c6f5c17efc73cfdb0eb782d77418cec1455683cb2adda643a854e0a6d7307ed0009fdb01cf7367e888e609b9ad5231eb4adcfc2a22c09cb8039e9fb10cabcd2c450644e5e0c7b94a6fc9fb0b4f387576050f142fd067ed78d89256210962ebc409ccb223c88b0c1b60ff1cdfd3d08ffaeeb9", 0xe4}, {&(0x7f0000001c00)="b06bd501bc2e4801ded3aed43e6d8c57c84c0b6a1774cbc91764fc6f7c16d86b2e4fc126455f20bea7d2165de3744bc3b331d96ac92cd702eeb3ed624a6a33adc164bbfa8a54bbe8084f8055d3ddbddb70ddc72c48c998efbec136eb750584721fc8f209ae24986a8287aee5e0c0913a9dbb60de5a67dfff8e4759da41017c23b537c508f31b2181d93db78759a767aaa7260db8a2f809cd6d959d25758cd10e8b2b1d146e82b98446b93df6f1c4e4342dadefc26e627eef0101b075216855b285828ff34675dd3517c85887700c6ffe671275bc55024754432074c70b", 0xdd}, {&(0x7f0000001d00)="4ca8ae6d8f5cc478b872fd11a1efc43dcd5422a26eb7ccb58f9472719153e0feee4d5561f08373685ebcb27e3ae575001d48f30eeca8ee537e005936c9c94cbc3ae1f280c0124127ffa525fba96e471796161d5b1676cb36ea704915ab0410e481178fe8b2d48278b51fcc1e7f0d35607237c274f6b46e44a3c9d8d1f38374c8590f6f7d822085cdcd3be4f3ea170b0f96bdb9028c42267d39365a0f7e95eb66056409dde29e6a13f39030db330d1d02f5642ee81b84a984842cf93c21814e77a6acc55c29c7692329f529d676ece21560d1", 0xd2}], 0x5, &(0x7f0000002180)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r24, r25, 0xffffffffffffffff, r0, r0, r26]}}, @rights={{0x30, 0x1, 0x1, [r27, r28, r29, r30, r31, r32, r33, r2]}}, @rights={{0x14, 0x1, 0x1, [r34]}}, @rights={{0x24, 0x1, 0x1, [r35, r36, r37, r38, r39]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r40, 0xffffffffffffffff}}}, @rights={{0x2c, 0x1, 0x1, [r0, 0xffffffffffffffff, r41, r2, r0, r42, r43]}}, @cred={{0x1c, 0x1, 0x2, {r44, r46, r47}}}], 0x110, 0x800}, {&(0x7f00000022c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003400)=[{&(0x7f0000002340)="ab2eca5cd37c8e48271326f08ce82171192111c5ad70d92380546705fcd036d689dc400592b3b11037a60c263984618d4b52799cc8cf5bc435878ae0c765a400ddc91e3e283f8998a6e3acf93d184ad7979a34061ccff1233235c804eb29fd1e89cb0f4a17a93a3c9738dd9f20f22c263b372006d0733e10212808de3d922ac4e3216db0208d09a6c1a48eccac245672928c628bb2944d6eb6e3317c11d81d6ddff6001aca514aa54d4717841e5f190b0337eae225956d8d5b1d24b3ebbebbe756007d788658013be9b81f9f94be86b084d7e229a3957fb89b862ceffbf724f43eac301f3681f2d8e826391bc21e27f42db7af23aa6fe1e03556181dfb5667ff730dea73cb574bab9f307cdbaf99d2826a7b9e6a3204217612e75c485c2ce827c75044d31eb18e08ccfdf940d7447cbf031ebfae9bf80da85276adf3f2b99b07bfe1b32fa616e2e4e8b2d5069d090ae68d210b6d3c37dcd6ebdd9038973e013c76ba9901c2e59c36b1c19b534450f5ba405b61436f5c07da785d698d7195a2e327eac5f28e2e8ffca84637ba04082411be8fe117279e65b1603fb68301cf641f8a2c7f3a018beeacda4a9d44ab539ee4b92dcfb58e744a358df61a840a0382abfd9c97d56af80089144e8b095bf1eb4af406868fa4dbfe9fefade116ad19fa63e255d61cb39699aac3bdbbccd2534c1b2d0a350d26c7826a98cfa2f39a53808e5cc07a0ec3d8a14591c9fa71ca689ce5e49b5dfd09b32718ba2cc4363714ff754a5d1be5b63eb62601b5875eb869572cf55593a7e4d02232f0332d41ea66c169d8ec51cd8279a6c1396ace9ce682807a97b355441faeedac8025debb932391b614587ddfeacb7f03ea12ce1c21b9b01a5d877f46729c091c8b18c797237a277e968061f3f7216d3f808584a211d223ed36a0868dc2eaf3c5833226ff1fa80802dadccd0a57b1360b940d39f49c4ba6fbb9bf329b0af3af20e1a24e886ea87227afc978e65ec9b0e26e6a953a773729bde21ea36748a90922b21d2dc99b85b6ce6b61b7a71cae82c0437e798e3a048b8def45e189b00105508ef539cda4efc12b112e24005e716dcfb2af53c152b45f84c546a39fa43166fd63b57de62f8550f2e56214e4550aef10d1d9cb59f5bdc4834c2d87bf7b35f652ac2ea58255dc5d95d82575c928d7a80a58294ef05f115bef218810fb3d645adb185187caf34d81f3888226219b6b598dddfc008d5566a5fb31b2c3b0e40c4291ea465b2a4909e0776ba25b9ef701a4d61a84599fdca0392a9c562ffcec05c9c0b62e78765caddae2ceeacf2da4a4cedb775839c4082a8e9523e64a0a42338822e92446d0339e871cb552c0f581a62a60e17cf692d86363b382110ce84366a4293fd7f807d01a1a50a7a7103296d8a6b168e9d731d1c097755d4d79df45815fe2fffa027a5d9e2315b96e7fe3149eaddf9a2b39e52143d37a59e1e3b374a9a6fac5cc345ec4d55f5d205c1c0e98a5bb7b4cefbed9d71bcf44f96bf1b8bf54a9debdb2ef7972ef20a7d823493a5614dfba0f68fb77d6a1f78ba00e339b91aa4140d9fb1ce943e09fb7b09b97d4d4dea9eba513c252338f32668ee67f30d5c38314b9a23238a154dbf0594c9879ee9a32434672a41393a035d6cdfe49406f1933940947c643069e091117ed24b17692c7032b85ca5ff8dc277296242eefdb91514e015614cde89ae0a3eea1c534d6c1377235b841678ae3b9e5a4359832918ac3b578a914190c00e2f933e3050409b1a524aec47a0adaf30851f12e35d21c899d2ae38ee9f7dad9c372522b58d1917c8df3f038ee9fc6049adcd4ec0a89d6c4bf8f81e8b3a88e946a8343d2c8417d258b14655b07ac95ee93427cc4c464b7a1c76d9879b85a5f8ee93ba6b0130e674214ed5d37412a7dfe7c10ecb9acfa3b5b646daf4935a06697cd09b9c50f920cfe7af4f02dbc6f9da36464fe533a3b053bdc0da023f9f2d7838117c9a2cad43ac4d454ee85fb27f566d7281de10c14aee5ecdf72ebf5faeff1360efc42c8711717248bbe57382654618d2a9a27e96116d06ee054b34fbeac7ad0b0f4bd45ca5a351e2f4b01e36a338e951256b152a941185222b990e28a716b5a248700d390333660dd3ad148f0b9462a7e4f63e0f209d3725b52263bd7b7b4d6d73bc05bd977ea6415821c53f122696fe7589c369a041a9e77183609223d4d204f2f95e18b300124a00c777b8c0cf147ed9550ba0ba7224fcbeb5d63d8c6b03e3be98df65a3d5e522f576fab8a1bf60347891f905990c62413e760b29ec9a013367e6c9cc099e93afe98e92f57e33a1227eb9d79843cb3f940c1248b8144fd0085c11a61d2e0c1b628fd5ffdd10ea7c77a83bb5b8a28e3a39207defe6e17160eb04b671b62288d9ffc476e62cb9be77dd61c30de591c5958fd87da417c06f3193dc631fcbe40c0bb14f31705834ddfe05e9674ed1a8dde49d8d27d3a85be0f7eef5fef2a4144735c99945ea3762ba7412823d14042aa67ca692500154e8ec357416c74155685d0d69ee11d8634b3df276dfb6aaf376bc939666b97ea3b8b030c5d881ed10c5b3c8cd42f5a9e9305f633c585c8c87316f3b69d492091888ceeea7bd19b55c4bd4c46fd8f65683dcbce012f6a1e5f13e3da8836be40678564de695573e2f121d51dba154cd6ff79a2637de82289f673845879bce74c91bdeb4dbe56f9b3def7aac7c75e9cc8d1216fd83f7d4a857f1974a72e4ea1b6b95c5ff8e36e2b97c9c2cc3dd100ca48087b6c9326fb6af76157bd8cfb4e467d0ec96369f1379c2bc2ea58974d482a4449df1f6b581890006c02f91ccd5c38ec0add06cff7aa01614927de6232385dcda52fec96379cd06b03d9263152cf858a58936761b53e6aeb42585acef389c15d2769af1beef26856d52b27f3b12b5130db33ae84901c2a4134096d8af984674f011dc92115630edbc81225ae5e466411e50fff601bbbc55958fca977d1f06e91104bceb76c3adeb18d5e9730a89924cb3d1ff2a2a53df0c6f8d7fe48f00b53113189efd3c6c1f2a97cf63b7495d24b56f93dc7c3b3ac7e03152674a9f8853463d99eae323b53a6b4bf8519f993b3bcffa097d1ae13290a40e0bc77c7d785be4d40d453623f6c8ebbf05989f150b9617ce7d11c80c9a56707b8fa41f78b943875d5f1037590dcd415b0fe9d51d70f6db6c58edc20f01a32f2d34dc3b045cabb35bd1885ce497b655cec710b82f43a165b3cbd45fa468303eccd2b66c52e9a3de755f47be538d26e49455fb1b2cc7a6302d92e5dc959b423651415ebe208a44257b329128fe22690185bc1e7b762cb02a2d4c02c48117552391c0d868148f3a4088810b641883e8c069c036374e0f7f183df9f0e26f8d9aff308122f6dce89b7aafff0ff1910a1a79ffd63a137ae5ba23d4dbd8cfc314ee0c3b6d832c848c42de9eafe34fa89387446762b1a2b4642a5c6eb668c99ad0ceffc787cd260f62319243c6c65d3de7e486a54c397fffd95c525d2a4b3bcb8b34f7fddc57743069d9060f58a349969ec2e5e7a3d53bab473e0ca32c03fc1cb898fb30c5ac665b073d73ed735671c9d3aa0b10c47f4f1ffe68075911d10683c75122e1fb9aedd82be831ed7a8506bf5b07b65448bb8621474184bb1b95d6d1cd4fe31339df6fffbf7beade1f999b6e2eab590670e32b93f40914d35baf80a39e488d9403a231aefbf99a8d1c05664e5e1e05512423ed950cd7dfd9cef726c7ff32ace5ef6d256fda25519ed8fbafd18612f841e2f06e09820ba93ddad748f363be2dba96bed9abc16aba45b17dea25f4029a9d6db87910fadd612f9e95f4fb54f91cd4320a3ec1cb5d4b611b91df9d48bbe7c5b0fad7bfa1aee56442f0f0b10ce444042520c870b51a7f7afc278797eaa5ccb75193a0c1652f3899ebc4ee746e7f04484efe64b3fe8d6ba68e1f37a15723d4f38255359186d7278d5a8e37b45a77b806e840fcb76bd33c149e58050d5ca310388a8aaff96e33b6bf0f3281a115cb83360858344f64deaed3cb42eed49f1e9ae2fd1efcd0e68ae843cbe1a89d014dc88dd2abe7784fa754f65ba8842859e41744b4cbc1855051bd56517ba9de7e9ceae8079086d738db5d3f117d5aa3eee3c6f2e10a99fd160a52f474b5914b13cc6449a09120e85db786ebcf03c57b6c6533e9d91225065beb87f648760ef17b17946b65c5dcf84b3b55e22b02ae88e41552dd1a69483e40e39b45620e015d2837ec68f8b7d7c05b1c5ed4644491facb76e42a4e389bae3ad8ef4b43bbeaac85f6e13a3a7e183d0433bdd88d2b7d720bb2e67709f1a2d8ee5aec220f47aa087046eb6cb0b86497c3192afe43b7cc1f98d11cf4405840c613ce30665fda13803244a0ec900ecb19d264430f5258c91073fba3271b34037b8d7171dae7c76fa77d9a4f608f6369f41e6a785b9a3dab7c471c6e9d0d21bbe5e046f076c7623c5b798cd602dfa293fd6d924f27db683b04d624e123a39db1de28cd8668c4e84f17e3c1f700d2410a4968f0e8729e0013bfe66cc2d52ccc2524e1628ad28b5fa763c3e9f9378c1ac110fff678a40bbec45d1f7078c88f535ad9d02b0524e951ca9dbb910b424a3fd912639272644111df87701089df6956c169cbf45a29bbbd37f5a8f9217ad917e46d08e52e90c93dd1eeaf20845ee2b38f030a75635c6e7216c26b1887187138c36e2639cc07c3eed4f2c4581c9c5798780646a87d6def4478c8f3dcd5321508d8f5d083392c9de7620e360f0bf27030c020391b0e2ed430dd379f7843f2257ff80208f917fffa1f78c6cb528dd1c5b4f4f0cb35e7d2e9d1e1f5f3ff1356ddf9e927b91c6b9ececc7f990e99b5609d8fac023114415e6a6d1940d0696af98bd7dd16acc79151bba3ccee268ea4f42fcf21e0d44144a45436ad150dbefaa571143464dc4658e68b1f77f147db3eae035d901172bd4cca1fb58d42e9fa687059162a93b52d6a169233f5b9718283ec5cd42cef2cb696e719e25ce353d45a2a709a4f1f2142e0292d7138a45aecd30a9d0e1e405890eb7716c82f4cf6438bea14bfabda4e60578e5f1cfb0ad7cde59181b9770441b17f2e05c53c0d3ab0c105443f58c322958ce1a2814f343fe807137ab0b703decfde7ce87883e7f527394660986dd463f6f38b5a41a2d8ea75ef4df3c858d66ce51b2737a427e91da6bf4e9a2a4cc809e6343b9aa5e18ad710f363af2ecffce5f982cb68e25cb1ddaf76456f58a97e76842393a7237d8d4c7380762d8f535a981ea289292b4b4a8875ff345799b3305b5cacdee1ffa2f4217c4c07c73cfa14bbccbd2058c76af17e2dee1e50975b0db3c1e528224aba6377db2e0c1e1ae443514b962f0ee15be97b7893562d572d95e0052924f73d92335016b986f695bf3071ac256b78c4e4fc8e54246f155e1f1e36c134f725db154ecd7f0c1b4d7f997c05538540e029aab69be3103fd15adbdaa6b425b03fe55cbc1db4902a6c059914c77cbf389eea76e83d6152d03b5f1dcff8fd5097aaca57231889762bf9ffab6849c75361fd61141de1618e5076b7367f1028fcdf061c96fc312a4316d70220936077541380037ee567bc43186c881490702f2610a2dae092c0e991f6863f88e29974a307c4745b0cf58075b5f615815c43a01e9c9891e216ad1647b4e94c8a8e66432f86a0c3f5a6e344c329f1a064b331176b7becd850698b338e7b9dfca98c11f5104f853b9b8accd2c4b9d3fb31911af2ad51d2dbcf8268206cb3254f47f1d724b97d5ba442afe24", 0x1000}, {&(0x7f0000003340)="b3b0a8b76da92b07af0c62cd7bd0227ccb57f91db738b54acb32e0f4925ff652168034ea96f7a2774d5d32c492fcf6d03fe3a08913dab3fa29cd8a08077ef00c4bb24ba67a7a5ecb9d78ed1c5007bffde59af6650d474675fda075d7694739aeb95d9e9d8a155a27ef87bfbebd7030019edbb78208f56f2a44219c1bcf23f97563fc54328fd5906a4cf47becd6edfcdc9138be3604eac0e9926c2e5ba0a20029ee403ece98d0ffd49775", 0xaa}], 0x2, 0x0, 0x0, 0x800}, {&(0x7f0000003440)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000003800)=[{&(0x7f00000034c0)="7e6a87248c19d5abcc3d2d46e498a3e090178edd4476b10104588c77302b8d80e5d58e2393755c9bfbd7bc67d2e2657f85754b44cd87f935e83f39b7d0e98741c3e428367954fc65823fafb77e5e2445ab5db52bf17b32353b0abbd9f671695da67320d7015bb648a4f9e7908c0bf5ea4dc85fcc421942a1dba62a26d34c028c73a0ed5a673eb96669d132ea19ed41d25e96f815dfd77d63785cbaa427518d4cc72afb10a8511ef3d5de235cc29af17defc06d46af5c8623c464f96e7f0fe37864d2cab9cef549ccfd825f", 0xcb}, {&(0x7f00000035c0)="77510204f1b2ce6e374e0b0e656c8f059db7f30261a023a5c5da43cef0d6e6d954ea701354520a4be0c173e4dcd62d7acac2a10733bd3ffc974fbc8bdfecdab77b6890aff14fa6d621d79d2e485af4edc4b17ab07ff2d5d2a0494c34d5d3bde1fbe6884035f07ca83a969ce5a14586f44c36e301c4e00c766e5d67e0aa46f72b58bc8df684433cc5880edc3afe7c3c84f6d77d931794f68a3d52873f020f93af1e378af1115f8b1a6c66727916154d843277f019fab3c0c236b4", 0xba}, {&(0x7f0000003680)="e56bfe4b2738364aa00b10f5271095d8e1f77cbabda28112c46cd9f4359c2ea785d6084520abbe7c1291dd3cb4eb775670baf45e8379e691ad294fe59afe785e223c0917ebf654de156b1a9cc3465c4dfcf7fed7c759c101d64cc5d345955284630d05dc06fe2cb11bfdc24250f09ef5df5ea597115ba114f32dc2ce", 0x7c}, {&(0x7f0000003700)="0e21f7c9959ae69a7c97ba942e26254cf52be055a451558c8b8387650c26c15d17dbc6234865537ad96e3214a138194c096d49913928336fd819df3c8c50831149ac4d37f022fb311eb74155bdb8055384736be4f6d627141b105d1170544c0980e215e06587ef0c705b0ba78b41ab13b7323b2130030d1915a4d4e7b5683e2fe1e9f7b204b8ed3c5dc83bbaf71ff4262b4dcef33f0f0c606dc4f507767867bf4c57401bc1651a57ad043f9f0f303f57089ef74066ec93cc967d6d4825e0add308e27cafdfac4bd8b2d4c66cf0c140299f326f3f958b8be4ae465325810594794767e9", 0xe3}], 0x4, &(0x7f0000003880)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [r1, r2, r1, r48, r49]}}, @rights={{0x18, 0x1, 0x1, [r50, r51]}}], 0x58, 0x800}], 0x5, 0x4000800) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 509.708373][T12584] memory: usage 307060kB, limit 307200kB, failcnt 289 [ 509.715293][T12584] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 509.752862][T12584] Memory cgroup stats for /syz5: [ 509.753159][T12584] anon 308215808 [ 509.753159][T12584] file 102400 [ 509.753159][T12584] kernel_stack 368640 [ 509.753159][T12584] slab 2412544 [ 509.753159][T12584] sock 4096 [ 509.753159][T12584] shmem 81920 [ 509.753159][T12584] file_mapped 135168 [ 509.753159][T12584] file_dirty 0 [ 509.753159][T12584] file_writeback 0 [ 509.753159][T12584] anon_thp 272629760 [ 509.753159][T12584] inactive_anon 59686912 [ 509.753159][T12584] active_anon 15376384 [ 509.753159][T12584] inactive_file 0 [ 509.753159][T12584] active_file 135168 [ 509.753159][T12584] unevictable 233172992 [ 509.753159][T12584] slab_reclaimable 675840 [ 509.753159][T12584] slab_unreclaimable 1736704 [ 509.753159][T12584] pgfault 44055 [ 509.753159][T12584] pgmajfault 0 [ 509.753159][T12584] workingset_refault 0 [ 509.753159][T12584] workingset_activate 0 [ 509.753159][T12584] workingset_nodereclaim 0 [ 509.753159][T12584] pgrefill 133 [ 509.753159][T12584] pgscan 137 [ 509.753159][T12584] pgsteal 33 [ 509.926564][T12584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12564,uid=0 [ 509.946710][T12584] Memory cgroup out of memory: Killed process 12564 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 509.983495][ T1062] oom_reaper: reaped process 12564 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 510.265351][T12614] IPVS: ftp: loaded support on port[0] = 21 18:52:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:23 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x29}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:23 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:23 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f0000000280)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000200)={0x400000, 0x0, 0x0, 0x1, 0x1, 0x8, 0xfd, 0x2, 0x0, 0x13, 0x0, 0xffffffff}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x390, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) r8 = gettid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) waitid(0x2, r8, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r7, @ANYRESDEC=r8]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r7}}, 0x18) write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x33, @dev={0xfe, 0x80, [], 0xc}, 0x800}, r7}}, 0x30) readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$EVIOCGMASK(r5, 0x80104592, &(0x7f00000001c0)={0x1, 0x88, &(0x7f00000000c0)="5238d29aaad99cc5f54254a1bce34010b6d60e3745b1912c98522a7c11379cdeaecbb0dcc3fb327a3862e43cc4281cb05c3872eddbe629c2f2efb6e3c07fa122b4e170fcbc281a923c54b0dc938910537690b655b716387742a65d6bb38adf85cd6bf7492eecb6fe838de49e52793b17f3ba70a2f7208be940e5f4ab199cc83046aa6d816a74e007"}) r9 = syz_open_pts(r4, 0x4000000000060041) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r10, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r11 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r11, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) epoll_ctl$EPOLL_CTL_MOD(r10, 0x3, r11, &(0x7f0000000080)={0x40000000}) write$rfkill(0xffffffffffffffff, &(0x7f0000000240)={0x6, 0x6, 0x1, 0x1}, 0x8) sendfile(r9, r0, 0x0, 0x6f0a77bd) 18:52:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff0) 18:52:23 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) modify_ldt$read(0x0, &(0x7f0000002340)=""/89, 0x59) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) kexec_load(0x3ff, 0x5, &(0x7f0000002280)=[{&(0x7f00000001c0)="d53b5a7de2c09d5c1992c0585285a85fb1fcace04746876849ac9aeb625a1e86d99ab1c44a561e17dbcc98ba10d1b54984ac739387f6170ddea2c8c2cf7e22d53c2efee15f6ecb1a4ae983c7652a5834b35fd1b766358b38266ccfdf43b576d984b89277f7f96eea92f79fc68f7d66ffcb05953ddc82e53481a898ddd201edd110f2c85c8722b151b9b2ab0f53e73cd22e1fd98920a0618ac8ac753efad9f61b07ca884d34042543e1d38b0fb0c30970e9704ad53f32e5b11b243c58deae15641432edadd29567619c44131a4abf9624b78a92a86641847bc01913f9ceb8e3f3e0e11fdcee18466266bbc60bdc584cb566e28f54339aa2b86e655e004a82d99421fcac07fd3d9293162bf81eb1d008d743525810630f432406b6bf25dffe462c9655f6aab40ccb9a81c4e495b476e63ec4eb606001e7b9bc85f8051d4aa92d2f81e9b3ce7bedbeac5c70133d5f3bbf9c3cebe3275cdad6c4cb7738dfafaa16a2cfbd95fb6df514b913741f958b653c2f8f7e08326a34e80227685cf78fe3017f9199d9eb9b6161d37a1a13106cf60febc111a6cbaccef8d0a6e9845e9044437cf4d494b0188d07b642e9b0c54e8282e9f5cd25eb0f711ebd1a166f55edbb16dadb6e347ccad89064c91c3cb2dd15f27ed921bbadac6657eee52ba9ec03367539638cb868e7c5c52156990885f892abf992a00f678a81b658f7a5f3f3d238c20d23cca19d5571501a3626e33784bfc5af449a74f2333d62d59e553603448f6fce5fed7bd98d824d95106f7d0399f6af783f7df623e08101f6b19a67ed1a8872b3f670598fed0c44de77c120731b1574f9e78ed202623c2a376d0f628f0bc2b894d79668c5e7f937f0568bd08b655809c89f7c9edd41f55e5d65ae5f81f0aaeb15c940425288894cc4cfbf236cc9442d862c042d61e1b36e3f7543dce28f8fcb4c1ac0f2063a77e843b929b0e989e979f7dbc58bfbe5a4c52e2311c8f47ac45c07a287441ce57e5bb1b5b9dcfed353bbe1df71ac11ffaf0d110c61fa0fb4cbe70371a27e42d05db810a1913afdd44008a3593c16d90848508dcdcbd7035eefaeb2c31bee446cafc4972b83b4a4b6dca9ab7e6ea2e1cf3a226c3f737ec1e59924d9e2324746879b9ffe1ab27081c3dbb32759f296e11b12fe0eaf24684cbc7de990595f59e43c26e368b277a64445673ed89585c58d2990c4b343d6c16af6f5aa96f69396cf40f5cf4062662d13601499fbe62fa7ccd52b1d3da615b1af89ab859f1d952652e90c90df21494414f7d7e9b0012aa0443a4245d1bcd4dd6e16f673af6fdfd2a94ea05fcbb089813c1e4e2b0837fde74ee1113cb3baf2096093a08b48b471c1f9f1fa5dd9a242a75359b6f3eb85aabaaf51ce81821a11b16be2d5d34c7ab95c48736083872b20716605c3b7a814186e2a11c82d5ef925efcb4117bcfc77eded2e6610ff92767d912586e1d9a380e807feb58b6ddfae9ad8a15fccb78519b3eb6cba5f9eeb887c255cd7d818fefa9de0f4adde8a8429c49f73b7381416b3125b7da7e03354a8b7a961df68777c3069c6e465f27fdb0da56a787c077562a537221bfe7aabfbd9260e452abba5ee316b85c90da2ca6e96996972a2cfe3f9e96209344f23c12eac24194ba53823c41d13b907d3eb03417a89375e9d698adf205bba8e517f21bd93dc48f9848af05b3e41e235e579d7cdda13198cfed6e2029ea0c3cf481801923f8a7d6fb89c682bc5534e02ef4f57c38701c397fe44ccbd2cc8fd42389d9250423d7e7bb0105bff50a81a3efbe2a0f8cb080300f5d110d169071ea9a2f90ce688aa0f79b4bb0e97c203e9d3d32c3e22a43e720beae2e87b2bc505ec7c113c22998b99abf51aae96f6c6c4ea1bc770ab4d838bd927bedb8aa079e0b05166ef2b1564c173b3c0dc6d53c9eb64c6f76d012080ba08518d1b3a971fae33942a8aaa5ec249215526b3f3d04719f25520e6ea6e58e8f3df4e95872079b20c64aca0e521061a2d4d56f63deb7f4324464d3270521571d6c88fc97d2377f7f52eb753b5b820cd7dc6db421f64e6e8e41f1532659355473eee2e21e7eed411222ab4b93933082679a198d1c932456d99fa6555a8a8f139061a3d3c85c0eca5380f7f2e790dcb16bb6ee7f5cde7cd0c37857e6f4e2520ac957223bfcadf235169df5bad51824c45214f21d948ce5156ffbadeadc6d8920aa2194003c30883fddacd3105e0654c92cbc2ddce6d25e57456bafe9456344af77b80c8662850530e374b9f4f9cccbee9919dde67f0a20ea3f1797fc5e951052f038a6fbd545b41f85274c68ae37fb1a541e92a319b239e1d64be010938453664a8ee0cabcda6bbb3d452f40c6f6693b4bfccf74d9025016d60ebee31caa9c07ad165626daa4f46fcea047aa1da28fc77503e3f0bf9e7ea5b5de7ad93615b23994a853b3de7578701e75eca110c8ca29b71fa931c5352749e1fc4f52350d29d7ac9498492bb2b3b7abcbcbc9302ccc23cdf3f3e025a9879f3792313c0a902442ab425f8c61529a15c5db7a63b032b6d1a301f627ffe0cc15836e2b72887649bd943f7312478e891209e18bb71ed515601c33f816bc9165786ec2924f48ce229e390108f9bfb362328acf44c4ed694b3c5a78bdcc8b7d16a910a1aeb971ba5cfbfdf62adb0d0f7c1b745eb85664e93607ee4be990780584414cc7eb2e82f22f1bd9023d2a65c60288a9975fb24a2c3dfe25ac39ca3a1936ba6cf9bc2a059f2f16ddc7da881ed0906b1bfc6da1a462e6b332e9242cfc1743baac3e2727bc15ae304c8dd5a7aa318951df0877158f123a444ee70382e0e2f707a570744b47f6574967ac08f1b3dcc048103cb64db4457edcac72040c17e3a6f60c109ef2ce6183d98046f08bb25d1906f213177c979c9cfc2f08f67182bfc11867b73e90bcf5872ac085e414a6dd21de383eb9cf15c8f8a147adcc9fb56bd552a1b036e6319de8b5c1c017c062cb5bc90966b589d0258f9e45277055c82c9435aad2b649b74f7414837cb4ba6a7da22d47165c73d1967eaf10e013cf67e214dc17224994c3ee09e039724c25c1004551ee1fd83934e7bb4bc7f6ef240cb41d57f4597095259edba5b632329c5f3f4a2a2f16eeb5f6d17dc830bbbe49824fcacf82b3e8bc36c4c5e6ebe9e50962b026d8d1f896d56fb730024eef20ef59d4136f9dcf191a99e28884d32fb1b05d5cae244cc4c13b41a13193462720d20413e39646cf1fc2f8405d1bf302a8eea11c5375a653baaca54e28f8ed7447b02a2102ded56cec4d8249c6219472ccd4f70b2fdf9e44584f69871f3e4a79c7b949ce2713ca8790fedc3f90a545eff6f8427923811e7d7977030dc1a6b9b5a03d69fa5a936b4a92b01a04783ad094b3d1b862425a011546667c7e21171689a4a49b3693358b7288e4fa1b5412ee84025b4de1042ecd92d95869d94e2624219908b73688b414805f21076775f45cd0e09ed76ef69817491e6e0e70db361e640ebe0965e86acbddd0606043cd6bbe5b96bb58fe5b4f2e4b1a4d957ccca432d57a6d0ee6f16390cd2729d78ec309147c0986b56c6ccd06fd816346c7d0be210ce9ebd994070b2e08fed6ca60c81f6b10af4fb2948f0f82a460c435def39005172f9505f4c70fa3cd7b76c2437e7586c31be1e1b382e1d75c727b6fcc9e0518a805bdc7ee02c550029f9045b0c076ea437b8b860a06374080d545344b0c3d2759ec1edbf96f3f91bd6047e896e741edaa41629a82f14ca682b72a4cb7009743d7163691798aaa014fb6036c03a8f1ad0aae4b81cd14db7445319eadf2cc9bc0ab23b7c71343b5eef4791af6429f1ff63bf20bc4130f821ada0a3f4686f5bb1bcd26b8cb6b94917acd82d5bd82856eb2c32e693bbb832f711841a206eee2ee5bc22afe9d7dda726167dfde3baf5d06267efb4b6d4448ef8368f65c0192ca9afff3a0064ad2b461167782a6f2227d86f053a9492b13be36121ccee5a84828f8cb196a218f7d5401b36b609788fbc5ef79ea1092552ccda8f84aa2db2df255cd54b7b275c5f51310a0f0771c5de8516134ca68530a66125f9a114dd141775406ae0b157f9f79a05cf66053cd959166ff4fc0389d2b2f6f05835c5a1586019fc4b6355a6b939d51d6b992d0496412e8a50a00ac0d41b15918fe599f1f8a8b31e36b64b3f819a8e0df5305341dde4e98128bb7a37620eaa46223687b8c18b7e948d596795bf62ea66adcbd8a2443bec1c65fcfaeef1b0dc5a5b6b1340f43ee99abe86777c9afcee11ea209fd4bcd5af1c1625e2d68efa19c98054ab039b789d57137bf87b281e5f85d6fe289fdc38787176be0828765316adbaa34e59117dd588bfaff01b2af037e7a03e27d3f3975b3e75461d4c32feacc824ccdb9060455aff8b4f4471f8956906e661f647a69f0fb6a395e4e67d232c21a0e2253bdd42ea6727e2eb631e70171406888f808420986bf275d5ad8041e792301673499ac89216c166f653e81f22f12d30ed32c6904771687c2273c1f168f39332c0e30160218014d0fbe73fb4486b91b8de9d4d05b022c36d6f04a022fe02160285a7858ea8bbf6c67c67f6f901a461f93a05422fff9d6f3170913def77b5ced93d7d6db4446059d7606305895b7c6e57cc4a002fcd046a696a2f986b49a5563e398ab3e89f6c27c9605e48c23578b9c8e65a67c5699cbbd29cb4bc5817813377a11d084b94292e492a95df2f9d2e5a93d0aa313ad3c0b5f29683d6e3232ff924594841e1c540fb98f507230fa5d2dea2cabe4a5616bc677b04fb463c23613d76c7b761d348bfb6de954893a9693d89190d955d051b596c62767d145a537835d277e90507b0251d8918eda4568203c9e620ebd856278ab5626f1ba6b5fab175d85ea011ebec1cbde3a37ed3132372029aa485c2867735ccba562c8da1da420da696f2b4c2451a0275c468fb3a27ce691c3e5e009bfe9cb7fa4f4f1aecea5ad9279a93665b2c4b00c4d729cb130de24ffcded4bf9c3e95016497347f1b1beb610849c4f2b44d03bbb6a8ecca26793ed6aa7f176e9d69c728a100c36df20858ae4180a7e5e559f6f623675b16a7bfc44c0c19e658f568f92628371b46bb89f99a6ed3c5e81ad492462c6e3080c4f50d4f99f8151df1fedc65dd6e83013dd9262789a56637e8ae29385ff62d1aa5c2fa5f6616a3efd945bf7ebf060c9caa5723e0d8721f12338dda085d7da16e4c42f4b75da56a806045266b3bd54aec501ea7d0a57781313256b2dafad467b010bbe1136b20043f21a290b2a1c921a1ff34c45528d682c8adee9e17b81d759ca4b5e1ca9c271b134d2d388fd72245aae3cd57e4dc65d92693b2bf02ad4e386e3dde178ac7596023adcd94c72238991b3307a01510dfdf34e11c5366fc4cd7e9c886aca440a596c9a2d611712abb480ec8298f415b5104a51659608ea509f6bd6f966a51e946c2d7e583c82866b4a54b8e5d8e9e8989879a9c55c2d1868c3da5a137f85066b8d3f4b51e3ffbb15b069bc96a4b4b8923acfebd5d25a5c63cb74636b592ee0de40d2ba1846afbd414b3853127f57201831fef83037308a854e63c3ad8b2b6b082a359e6f442cc9fe15384917c3b1811a5e74c45a040be6042f85a9223fc499a63c2d747efbd2edef61ba4d371f957da2381d787e1596f48ea5dcb0b3cbddd63be3387e3065b018d3532cff01deab342852c22c4724bc1a7c5c79b2ce6973e04c83d304e1d682272c9f4ee69ee53f0e8676b4c10ca8a776ba10bac3ea6093ab996a266ab16e90dbc29d978c4", 0x1000, 0x7, 0x80}, {&(0x7f00000011c0)="b783359693ab80b952a0a3b2105adef423e3a7c97091ec7cad1e0330838d00907fb95870ac8a7c5e4923d932562768bb0c59c08d9900992baa8742b9d9f6a49d252d140840f5cba09149678585c7a689a9aa4e8f64d36fb5caf384987b8d63302a5a45f673018be7db14587d299c40c39aa1c53372208a756bbe2d783a6f3bcf61187a9fccd41126c3d84a21061e2de4433533b84a86ef019baa8670281d240b10c166ced15f6e7e135b1c465f1875548607232e1d965082d16714be0fb97e2fa37f11e4d54759ac058d67ebde8696f2b217bad3b73cb585f9708601f763f7da7905aa4a02bf10eca68defa07d2c418d430be102fc32113b5e4f554a2da12b32c57e2da5d5307a5646a886474cb1a87b3c9b518d7b6f1059e0e55363b4bea8166360c1bf5337eb4d9f5aec98f8a6c599abb3c0f986bc6a5c932a3f2c98537340a4d4df6d31d9a62ff44d5e532a04b1edabed57a4499b47cf46a7a2c8132bd19c471840b9e14d1a328cb0764dc0e142097cb9b8d394fd8b138278691b4eb0297d693cd9be84d9d95d6a20dd6d74ecca416b2b82c5eb55f7be24803670c7cc5be42a7aebc6a7576bfc2c3c2ff06cfc31d79142e85c40d3e28d6e975e904f076d5b90c1dfd5e5cd18f4dbb75b578bae9ad2b335fc4dfde6ed40f84b2ea8aa3ec98f4c443bb71d52a0775d4060442fd659127e4d76a3a2dde291c42e6e480fc5169e584e489fe05ff144c24256b04cbbd75e01b69c185818b5a6780b1bd209f4766f176981e8cb7f374e892e03bc8627879d05cc4f15af3c9f569ab025770f6448d146e959ca3440530dc23f402839557c4db868df73c06c0c0188040a37d961966970e184ea4fca549970ea59b322f11ff580eee2b14bcdc9c75190e0fadac071c2c2d52a645e115bd4375caac042b76c35d72ac972bf1d0484e5acdab763188af06f7f33c3bbb6f689078c05bc376d56048f790a5099160c35efb0d5aa7ed02d5c32d7395b5dccbabda1c615882c8fcb07fd56f452f66f4383b2093095c6c67efcea2ed5c8210f0db019426d34c7d7220dc580fc853e0c533b21e4b1886153e26ad3e51b4802105cf6ece075cd61851a9da57b7c653530e1c2abd7006569caea7bde139b7160b2c4bb33e0f6f958a0e62887d23d3824810531bf102ffa1f7d0101a2af1752d4bf2946e38951a2a351f18bdc28ec55fc457cb15c188a6dca658742cce60eb5a33bc253a90e4b57e882ddd304c16eff596023347fc44d0e72cb08835542ad36e9361b69223d29d9a1a05a1c7582ceb021c86deefe76884214b5f7100ab698fb4b664df8d143ff05bb150536dec6237d5e02863d30aa5518e7090a9d1dcf32eb9db44999e566fe958cc0daa915eaaace58e9e03d360be16439550d3544d615792bcfcdaea48f77a4829108e9276df3c01e19cd323150b3340022bc4c88b146a3dda9087f7851d51d85932b74adbc415c1be59eca8d4b70c4d5cee1ab5e855162334d24bd79062f8c14049d9eb0da6098584ef3bc076188a038222f336dc2895a8ac4f863711f545ed07990804e1952b92fb751ed7452d26168b9ef4ad925c7ccb5ed8a3ef3b2c9d629a1c389f868ff66cd59e13b5ec5e0554b5ef2f43d86aa3a7f91afad638280d435f9680d4fa5585d72888db51947b4393ee971a106cf4d03f074d5302e3e9fc2979103b079ea2a59675867d6fcdc7ad966527f761762b07347b39cf7278a5e770a07fe8a8cff817db8677b9a2ac660d856fe839c7f3f4f09dfb4bd1799e0cc241ba58be45f0e48d4962f53b35a7e47dabc0c8178695a30af7715a2d4bf360deaa157274bc69201e0bae9dff8304dfb53eeb3f05e4be6179f28d6a34091a2d39d54a0d6df0253d747d177d1d7c7aa9cf552920088cc86a282a765fe0dff749550785b2ff5b46948c767de001a4823a8b6b2b3e46465696155ca8cad3eceea2034e6825694c6568afcfd96b03616f41833a0131ca19c94da60199214151b55be39f5328779c77abfcebb85c26ebd937ca05237fb0bbc66f82c1d9bce713e6aea578a30754ec9f22449486c263248b8ac69271fd3cf97889fce942aab11e44833635c4325833886620ad36be81bbb7599d043128a54cd3a356ab4d4d09dd753a00178b11bf81f4ef071d24ca3bb8d2222e1da13b6959bf809943be42825f65a8402f0c243603e8dd88fb2fe52d27f144ff4f3abf4441bf87d9f940383c45e2ee38714c85d0549f6b570880813d94c73060cf362d51bb517cc03169f2576673e4e1f875b7c28f5c047c19b74972f5db2a8967234a8b7a6fb0d2571705d786b1d412e4ade279120a7c67c3b68563a893faff502c82eb41918b9be4a22542a3d45812c373eb2cd7cfd2c33ae0c4f1c76a3f6f65b2566f43c50d54a93b4e8348e12f14d19e2b749240f2028e46f8943c311cb5310797a4e7390bfd937d3ab1ae5118ed50aeba8cc3896ef6d2776650ad6c59e7ec14e386309e2c0e19b83184b9d3b49cecaab1fd9f92597a8f34189eae58b8cdeebea5221c76d51e1e5a77cd1fa2de4ba72ddc4307fc65271eca2ba25017134ea546f395ac3ef001f424ef5795ddd8c59fcf23680449c763606109dad8bbf0739859765dc4598ff9424461fadb9189722b27e473529feec63336a527ff5ae180b2c08d3e583266fbed63d4957666b9d4aee9a806e49a8dbc80e50688dc667712fe13a3d72783847ee53dfa8e7dd5ddc0396d9a73008f15f8a351cf91bd4da3bd4bf38c67e531e7fd498ac1a4e900cf46e518a1a1a5e85183c2894ce305737c8a400fd471db38565eab492ad572de445b2d6670e41a5fe8dbc70e809c20ffd442fe9278d456013f608ff3c8b805f94ff93b149c800dec9b17c665ef1d6de1adb9b06c5b7db40f252b544c2b3c855d0e3160e60381b13ecb79a4d0bdac489a7970cd945ad5bb81f94e69c97b49f6e34d4902e7af271e125f9d48b2b6ab0eff6adcf6c864604bb7a072a0ad7ad74012cc180eaa090852a360ad1e1c701adcfdcf971356814e32e339227485b8f49da79b109cd6f6912725bb621bc2810c86bb65f91f5e2de9c66c64770cc9215c7bca9ee85f83f3f86682da8cff767b8f45ae36acf666cf55d47d4f4762a5a92605922f9c22f3c60bc3e9adf1a4830dc780138a367a3f942c1156caa89ad850d3a4e98651283278f68c57902a1530acc3796dcd9487b041c28595fbcd7dec5124608902a7b6d9bf409428d46a4154e580224558b5bb9173e0450b31344304f927fe8d068f57ebe0edbeb611a3724cd0577d92123f39089afacacd3c6ef6df926bfd6177ca1f88112e5f2a78cbc5d01a28a650cb396de67defc53a2079557a47608ec39c5777b8b60402a5222fa6c93c193008d0aac6a3dc258f27b17ef795d98fcdbb4966c4efa9893a980a57ec9028190ba0e64057806ca2c01737bf870b2a26da6f8105b832c632338ddfc4e80693fa087c3e3741d5e1b851f67c1cd151715720df2051c4eada21f5b333827e07cda870f722d25cb0321e3e2ae59b658928742e39f83910123678b6af034b9d91613d3a1bfc8474cc09a07a00c685680fbf2a99573e0702222342419b9eaf1f3d8e0e6204364eab433194728c161df512f9de80e18c4dde6d4319d8969f03bd8ff80eab7b17569f3c6dcc161514ccec9d125335b1fd4f95b9ecb55aa398f37d776bc35bd1a4665c985c773f8e8af8cf8e882011f65a064e0a667bcc5051e6ef3497a5522c8d5cb3d3267a1327d0767bc1f5b1763e3a4190da359d645aa1665fb532221a372c170b2fb5650b33e6741167ea2efc58f9e93806b78ab51fa470624da62926353c77ce2c9301f9d400806252ede40cd4844ce15aee446bb2939a29517c5e54e07633b856290d052ed5a80836fc5b501c07cfb953415943f98d016df685af3f942317874e0bfce51b161004befddcf7d9045c0868c47023449dc5fbd38f04d8dff4346dc177f7bf90e2f144c86383a091a06942614ef58e208dcaa0f2da79f21b28067d62895460934f29ec1e539ce831dc3f890822ea13b64f29fd99509bc1034674ffd77c625b466116efce9bdc4c5e796b300bd8e09003f8dc5db51eaa757abc0597c1eabb870d9494ebd86c963268bbe538a4b0d52024cb42c35c296353887d735a2bc4f05a90b99835e2113f8392014b9f2c4e148f740fac443b80808fb78267cfb5e68cc4d588f9fab9ae24fcb28cb430742095a71c03a749ae7c2dfced7f5af0bd706d7c2d219b2002d14a099e573b2361df63950f76c2483040080c365c6f4025f601608ba9141c881d501eb099eb5a5d803f8ab4effe16a8a9065936004621fa212666af617f277d2abfd3f921c91f37e36dbaf31361090260d47ad3740d19748f8d2073bbe343c97708a3fa544818a3eb300373eedccb4d4b9da8d4b6410b92a8acfaea3ba729acc3f9e2ff0a58a71329be0de9e570446ddd0de072ad14ae71a05b7cb611edef4793af9c01b88a62dadbb34216014224e3e7080149bf4b11a660d6fa44e1b7dfe5af5f2540c8132d36e11f93f384370fa1a57d0127f85dd3eb937da30a7ccf3acc5ba286d9cdd0623631b2ed16cc683e825f00517a0f408756ee33cd77927f794f5fe25c273f0025365ad4b81d8371506224fb7135a5625ad8c6ea978b73983a225f4c50f62f946607b0bb21150c1b51b2b143954b385807ed5f7a138b354241049cb5dadd72e1a1103e8cd90a399ac093cb7f904a3cea1f4844f89c90ab1ba7f55db0f072932d506acdd376bd7519d9c978b69cd701db8614a0c05b1983f39bb92a3366ad30ceb9d002dbf198b0378ab8a1acd9e723781a1f1ae94ee0eb2a48b7f17d9f80dbef85fd673e7bfa70c2d0b9c185cac40835fcfc3f4c56914fed507870cf39dd8948534480849d396eef51307170626bc5c7ea99a93c66050a73f59b7de1cb8a933869acdc33819bd6ca844976d12d32df55924ce1b8b071bbb8409b1881691d6f47e5483c1e6898ca55dba2b2b37ad9aa893bea26b57571a5b96361a1b88d8271448e98fd465ea727b7c3cab2ef03e35def4a5c947590ba1ef6c50fe7adf6120f68cc3883069617328ee0cd2289934a2873af217daaaa0a9569ad91edd51df775504bfebbe9f80362e34bf80d59f74ce1e353566c2e5f2fc181a1f729876726c25c2916542b853b17aa9c44bf737966f352b8daf6797b5307d7a4a56885a5fbb042b00d8cd5dc5251e43cb98c7c51039df554058a97a227ddb48c57c275701f0c10d9d82c32c0357e0b3aac1629a3f01e84db0bf18b7ec8e0889c253a646f7cb47ceb1457a7264b855ed1c2a96e6468af31aa19f848e99379c61217f902d2e5cd42307e0033dec1c3d09c27a319db285870ee462f36635a509a3b7b01d80442ecc7b02d09caa909a8a56b18dea2e075d0552022169040db7662842f6d49b8c1b3c0157c1f719c5d224d8924104927f56296cfba6c508e3896bbce40af8eb0c25a4da9f9f635b83d8be5dbd29d6f0ac359c03902d953657b9b9d15ab346e5016d147fb04119d335b3b2344533abed29f7eda49888067b6ca8d68bf38fa8a40fc58a462f767df73b4fdc87b602508cfd2e5df9af4f61966777df9e98a7a7ceef430fe5011d901452741b78df50e5f4c81fa92358aa8875c442909c454df7cc6d4bed864edd7e3142ef06b314dc2045b92e4de9bf5fd96880175ce06c34038ff4048253f114874335a665a8fd39db3c6db1bba3e6fba56c51eaf14590cf6ecf75460bbc57edabc6fc239a1dabcfb6443ca0ad76169596fc", 0x1000, 0x2, 0x100000001}, {&(0x7f0000000080)="c55982c2795faabfaf09a7c8827561d0734cff3480572e891a58956873d47ef0", 0x20, 0x7, 0x4}, {&(0x7f00000000c0)="85b5b9637d0af7bb75df6ef577d8b1ae17c07e869264937fa8d336f57d88a3841be062ba48f89a2475241f0333c0120d0e2084b02dc8f268ef9497e25d1b29dd4796007c5e09211da191e9b6a593532f0453321ce46defe2cc96ac9e1e6e461c9c0d78444cc40282116a8e3aea78c75861ede13a889b63dc263fec55e83c858e3ca3777b35b6753461bf6a50099c378000be5a4ec18dbc9f8e9f5a277933fa14c8d35ac3ac", 0xa5, 0xee, 0x95}, {&(0x7f00000021c0)="5826aa27a9c3329d9b06f269add15e94bb7c6fa4985404ac5d705116ad10836e5ebb9008fbb45124f70ea476f12dcb55853fa553f3b95eda802a4fdc37039da57c41d3b0381b718919a9bbb80a1bf082b8e1e323c2f39d2c9ed5058f86d45231bb3319b5875500351f836206b90c1c1380a7fb69a0360efb78ec512430a057e2b97c401160f799fcb14438539263378c8057f2d1d5f25a517ced56063603eb709f1cc265a5f660efa6df7b83ff65a156c34979a3469c856806516554478ab1", 0xbf, 0x7fffffff, 0x3}], 0x160000) 18:52:23 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:23 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:23 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000080)={0x0, 0x6, 0x1, 0x0, 0x4, [{0x7, 0x0, 0xa2c9, 0x0, 0x0, 0x100}, {0x2, 0x8, 0x22c, 0x0, 0x0, 0x48c}, {0x6, 0x9, 0x2, 0x0, 0x0, 0x2}, {0x5, 0x6, 0xff, 0x0, 0x0, 0x8}]}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e21, @multicast1}}, [0x33d400000, 0x5, 0x2, 0x1, 0x9, 0x80000000, 0x80, 0x3, 0x7ff, 0x55, 0x40, 0x0, 0x3ff, 0x5, 0x100]}, &(0x7f00000002c0)=0x100) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000300)={r4, 0x4, 0x4, 0x7, 0x5}, &(0x7f0000000380)=0x14) r5 = syz_open_pts(r2, 0x4000000000000002) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$netrom_NETROM_T2(r6, 0x103, 0x2, &(0x7f0000000340)=0x7fffffff, &(0x7f00000003c0)=0x4) sendfile(r5, r0, 0x0, 0x6f0a77bd) 18:52:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff2) [ 511.214604][T12633] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 511.297258][T12633] CPU: 1 PID: 12633 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 511.305195][T12633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.315288][T12633] Call Trace: [ 511.318601][T12633] dump_stack+0xf5/0x159 [ 511.322872][T12633] dump_header+0xaa/0x449 [ 511.327308][T12633] oom_kill_process.cold+0x10/0x15 [ 511.332454][T12633] out_of_memory+0x231/0xa00 [ 511.337066][T12633] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 511.342739][T12633] mem_cgroup_out_of_memory+0x128/0x150 [ 511.348327][T12633] try_charge+0xb3a/0xbc0 [ 511.352738][T12633] ? rcu_note_context_switch+0x700/0x760 [ 511.358413][T12633] mem_cgroup_try_charge+0xd2/0x260 [ 511.363736][T12633] mem_cgroup_try_charge_delay+0x3a/0x80 [ 511.369459][T12633] __handle_mm_fault+0x179a/0x2cb0 [ 511.374654][T12633] handle_mm_fault+0x21b/0x530 [ 511.379529][T12633] __get_user_pages+0x485/0x1160 [ 511.384600][T12633] populate_vma_page_range+0xe6/0x100 [ 511.390087][T12633] __mm_populate+0x168/0x2a0 [ 511.394711][T12633] __x64_sys_mlockall+0x2e3/0x320 [ 511.399769][T12633] do_syscall_64+0xcc/0x370 [ 511.404364][T12633] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 511.410259][T12633] RIP: 0033:0x459f39 [ 511.414275][T12633] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 511.433983][T12633] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:24 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x48}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 511.442409][T12633] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 511.450392][T12633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 511.458394][T12633] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 511.466430][T12633] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 511.474415][T12633] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:24 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 511.927749][T12633] memory: usage 307200kB, limit 307200kB, failcnt 310 [ 511.934649][T12633] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 511.942185][T12633] Memory cgroup stats for /syz5: [ 511.942527][T12633] anon 308232192 [ 511.942527][T12633] file 102400 [ 511.942527][T12633] kernel_stack 331776 [ 511.942527][T12633] slab 2412544 [ 511.942527][T12633] sock 4096 [ 511.942527][T12633] shmem 81920 [ 511.942527][T12633] file_mapped 135168 [ 511.942527][T12633] file_dirty 0 [ 511.942527][T12633] file_writeback 0 [ 511.942527][T12633] anon_thp 272629760 [ 511.942527][T12633] inactive_anon 63881216 [ 511.942527][T12633] active_anon 15310848 [ 511.942527][T12633] inactive_file 0 [ 511.942527][T12633] active_file 135168 [ 511.942527][T12633] unevictable 228995072 [ 511.942527][T12633] slab_reclaimable 675840 [ 511.942527][T12633] slab_unreclaimable 1736704 [ 511.942527][T12633] pgfault 45705 [ 511.942527][T12633] pgmajfault 0 [ 511.942527][T12633] workingset_refault 0 [ 511.942527][T12633] workingset_activate 0 [ 511.942527][T12633] workingset_nodereclaim 0 [ 511.942527][T12633] pgrefill 133 [ 511.942527][T12633] pgscan 170 [ 511.942527][T12633] pgsteal 33 [ 512.037347][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 512.037396][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 512.037449][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 512.037479][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 512.062141][T12633] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12615,uid=0 [ 512.083485][T12633] Memory cgroup out of memory: Killed process 12615 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 512.325209][T12663] IPVS: ftp: loaded support on port[0] = 21 18:52:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:25 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfffffff3) 18:52:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r0, 0x4000000000000002) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x9, 0x301081) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) write$UHID_INPUT2(r2, &(0x7f0000000180)={0xc, 0x9c, "01a7f8e24c3c84796a49f53bcdfccc268a9291a23d668e6889c719dc1f2b196b55f8e9bcfcd127900259bdc3e637d1315c914b8deb1bfa14913d97705568b21bcdf2867a9d8a9bd24c8c17be414c94d88d125dea937a7f1ea3637432c6071645a6813c6fb35b79e0f50c13bebc500f3d14942724b1a76c1a2b28fd082dcfba565d5812f9f864f27943e519921323e340ea751bc998d5fdedfb7e2f9d"}, 0xa2) r3 = accept$ax25(r1, &(0x7f00000000c0)={{0x3, @null}, [@netrom, @default, @default, @bcast, @netrom, @netrom, @bcast]}, &(0x7f0000000140)=0x48) r4 = socket$key(0xf, 0x3, 0x2) sendfile(r4, r3, 0x0, 0x6f0a77bd) 18:52:25 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x80}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:25 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:25 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x50}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x200000003) 18:52:25 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:25 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev\x12ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffff, 0x0, 0x100}) r1 = syz_open_pts(r0, 0x4000000000000002) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x3}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6f0a77bd) 18:52:26 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x8}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000080)=0x3) [ 513.455255][T12684] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 513.501253][T12684] CPU: 1 PID: 12684 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 513.509180][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.519247][T12684] Call Trace: [ 513.522563][T12684] dump_stack+0xf5/0x159 [ 513.526893][T12684] dump_header+0xaa/0x449 [ 513.531255][T12684] oom_kill_process.cold+0x10/0x15 [ 513.536484][T12684] out_of_memory+0x231/0xa00 [ 513.541199][T12684] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 513.546913][T12684] mem_cgroup_out_of_memory+0x128/0x150 [ 513.552534][T12684] try_charge+0xb3a/0xbc0 [ 513.556891][T12684] ? rcu_note_context_switch+0x700/0x760 [ 513.562553][T12684] mem_cgroup_try_charge+0xd2/0x260 [ 513.567781][T12684] mem_cgroup_try_charge_delay+0x3a/0x80 [ 513.568370][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 513.573431][T12684] __handle_mm_fault+0x179a/0x2cb0 [ 513.573480][T12684] handle_mm_fault+0x21b/0x530 [ 513.579216][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 513.584289][T12684] __get_user_pages+0x485/0x1160 [ 513.599702][T12684] populate_vma_page_range+0xe6/0x100 [ 513.605166][T12684] __mm_populate+0x168/0x2a0 [ 513.609783][T12684] __x64_sys_mlockall+0x2e3/0x320 [ 513.614838][T12684] do_syscall_64+0xcc/0x370 [ 513.619434][T12684] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 513.625339][T12684] RIP: 0033:0x459f39 [ 513.629279][T12684] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 513.648890][T12684] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 513.657312][T12684] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 513.665394][T12684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 513.673381][T12684] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 513.681370][T12684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 513.689346][T12684] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:26 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x60}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 513.697679][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 513.703556][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 514.058464][T12684] memory: usage 307200kB, limit 307200kB, failcnt 344 [ 514.066469][T12684] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 514.083181][T12684] Memory cgroup stats for /syz5: [ 514.083499][T12684] anon 308207616 [ 514.083499][T12684] file 102400 [ 514.083499][T12684] kernel_stack 331776 [ 514.083499][T12684] slab 2412544 [ 514.083499][T12684] sock 4096 [ 514.083499][T12684] shmem 81920 [ 514.083499][T12684] file_mapped 135168 [ 514.083499][T12684] file_dirty 0 [ 514.083499][T12684] file_writeback 0 [ 514.083499][T12684] anon_thp 272629760 [ 514.083499][T12684] inactive_anon 59596800 [ 514.083499][T12684] active_anon 15310848 [ 514.083499][T12684] inactive_file 0 [ 514.083499][T12684] active_file 135168 [ 514.083499][T12684] unevictable 233254912 [ 514.083499][T12684] slab_reclaimable 675840 [ 514.083499][T12684] slab_unreclaimable 1736704 [ 514.083499][T12684] pgfault 47586 [ 514.083499][T12684] pgmajfault 0 [ 514.083499][T12684] workingset_refault 0 [ 514.083499][T12684] workingset_activate 0 [ 514.083499][T12684] workingset_nodereclaim 0 [ 514.083499][T12684] pgrefill 133 [ 514.083499][T12684] pgscan 170 [ 514.083499][T12684] pgsteal 33 [ 514.180077][T12684] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12664,uid=0 [ 514.195996][T12684] Memory cgroup out of memory: Killed process 12664 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 514.364473][T12713] IPVS: ftp: loaded support on port[0] = 21 18:52:27 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) dup(r2) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800f0ff24000705000000", @ANYRES32=r5, @ANYBLOB="00000000fffffffff6ffffff0b000100"], 0x3}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r5}) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}) sendfile(0xffffffffffffffff, r0, 0x0, 0x6f0a77bd) 18:52:27 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x61}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7f74f5fe4d80) 18:52:27 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0), 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:27 executing program 0: r0 = gettid() tkill(r0, 0x3c) r1 = syz_open_procfs(r0, &(0x7f0000000180)='net/dev_mcast\x00') r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendmmsg(r3, &(0x7f0000007240)=[{{&(0x7f0000000080)=@nfc={0x27, 0x0, 0x2, 0x5}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000100)="883303d7ac2f327e2ab519fab766c4382de489e5c2d6f88e13d95758190612861e199190d99113465802261ca3c205a4f3f06cc59c258f35eb04f200e3beb147287c6ccb389d987d8733e780ea4514c17ae7bc9a0297bd", 0x57}, {&(0x7f00000001c0)="7a53528d6b057ad030ee6be7bd7bdcbf13a4efee375141d2d1bdd60da02d0e55e38af622f782ded3673bd68bb479f6e8e2c849aeedc89f2f2225ff093ee4974f637d7cb67993c23ed3bd7691947affeadabaf799ede46d2953e4a1be33b66f88ab01da3e41d6b97dc4d4ae009816b2385595010a1fe8748d3c14087b2069a266d4a02f5cfa8f6fef47f2d42a47747cc3e8ad7e3475c4852e8f6463747d7cce7ade5c5c3366de978b54595975c52095d3836c961eb65cab35274ff4c08801f4a47722c1e90a10797d6bd8cd3730eb76cb79f6aae0450967ab8f", 0xd9}, {&(0x7f00000002c0)="8562e1345ff91c745fc0f5f2851b96d71e2e2a4e261114ac81b49abde5214646c0accf4f2ba72ca1b31134f52d166cf37d639fd1455d2c312279979cc84773866262956700a98f556477dfb6c513d2b9d4e9d07b813fa6883acc5ec9864bdf105b57cd6da04a13a1158f00c1495edd327a4b4d5b5a1561e7c7f01c6b5acca5fb5427209151b363abb1c2e12bd1f4e456d5f9067a491458d1f01b48", 0x9b}], 0x3, &(0x7f00000003c0)=[{0xb8, 0x105, 0x80, "b61d0de6ec94f7b7f58eaf7230a6f87b1906047b62cb3af1b0a96968888956cff5d3c009fa90a80e62d0b16d11082159cb376080b3c41667469e8e6a6324962923c26f9efe7da973870c323394bf06243596d1f111c3c2a344a2a4acbcc2b3a9909f61efa9ffc7f39bb6ef7b2fcb6070ff3f8e008707adeefa5768388e3c0309e89e95925078c4eb62e84ae20ef0dae0f5bddaefec6582913cf62a5f643fb84093292ca1d9"}, {0x110, 0x10a, 0x7, "58674c7b623962eec0eec37c65fe57d06248ca95bfe9788de28ab4ed8b8f27638f77bc5c4cf69bc8fe24c7aeaca2cdec42c04c5ac5b4627631e6343640a19afcf394b3e9a8028583e34fea0540375054ceeeb0dcbd5ce9fe32433d0f39d670d9c0d4d8430cef2a788f07580c2c29aa39bbbaecc47b0df74639db8a646101766ec4f948b761c72e4618970dd28bab53dfdbd7900b0f804cdac89f9b349075820d0bb65fd7771a1fe74cd95bad618f8f4f75137c88a61b58373e662c5022e1328739d81f03c464277c956d79134bae95aaf8fc5399e7764c2842c27dc3ff564599af3e0fed8a52d87ab98fd90b0bcc1801535e6096a7271c50f85d"}, {0x70, 0x10d, 0xfffffff9, "3d5ee9aeefc5b5a018cb55ef4bed68123a5890190f14d590127f0c6b202eecdb06aa255c32b55c192c42389784a5d2c83f74fe67cf6a25dbdec54684de8893ce4b16c50b98e6ddc6960511dba95ac7bb61d76e545fd12aabc9711cb29875fb"}, {0x10, 0xff, 0x8c}, {0x80, 0x114, 0xde, "6d14f19a562714b96976621e66cb2c3dc70cb33850f0cb3d9cb89d284d93e1222b5c9b6e277cbe604194bca6350f8fc2b7a19627c329c446c30b12d6dcdb89cedd08880b687c17f8eb715649e7e7d094d9ac38017c0c9928fd550c36de661ee62453cfef752f5dd34cac8cb36ee1"}, {0x18, 0x0, 0xfff, "fc4b02c5c20ca0"}, {0x100, 0x10e, 0x6, "c0959b0263aa97f354d9be4c12615f04528464de40e46c783c552edaedef1ae8478b70774c63cd1689f409b6c13c54cb9587457c986a0a06232e555e95bf2ec1053b5efaca891a9605daae0b2a6d5518d12bc71c8a495b915e792825bd001d50985d17db37280399d4657d2d35e5345b9bcb808d6f174a3e7a7796de6a2ebc07689a8d990e113a01335aa282d96eccec93059a016dde6208a6cd03d97340213b8177379821597bb06a5dd7597bbd2a92efea731ec899287a56fc9c6cd136ee84a1dd35e7b5f8884244c555409306e2b89025724b31964f1afdfbc5c4fbf02b9c25cdec39aa917833ab"}, {0x20, 0x104, 0x2, "15e15daa31f8251c4925"}, {0x38, 0x130, 0x3c8, "44dc1e2d2cf9c2117689db9abffe782aef7a167139a8c7c2633b422a09093476a3a866c5"}], 0x438}}, {{&(0x7f0000000800)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @remote}, 0x2, 0x0, 0x2}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000880)="15b180a9669038f858ae69a771ec6c49a80f05f59369083b8f59b7cd81dda69b5a83d5fe1d69a7a9a2bb6f3705b274edd6818512e33650258591f82beb78c804e474e45028ca95d518908fe0496143eacb976302d3d31549756b5d8fcefa41a3842854d91ad48e109f634a8c3fa355c9e922986bd90eaa0968011f5b52af133d49886aedc60360b38e53e9b8af0f64072de75a2785667c001040bc64e3cdcd82f3d2f5", 0xa3}, {&(0x7f0000000940)="0d31dbe2ca24ae2c502c253b82c568ad5f48c34a8a0ff757c4d07ddd9a3ac622c06683bfba00dee59d7ebe698ca0967c146eefefb00b59f15c9a8f17233876b1e4481061d14ae76df15237c04344b2e09371a69c13556555f666fe873d743e0ec7ca", 0x62}, {&(0x7f00000009c0)="2b9f3161281c5206af84547f52e09f39da1ebe503a5f31040fab54a65d0625e1fd491a48b0a27db12b5db228d56ba8f7ce32cf3c8f83db5b341e0da3a63d56bcbf4876c2239543ee0c76e6cab325b0eda7bc818a4684a0fce02f08b84aa41137de1c3d128be1fe9febb784024b1807fed7254eb490ca1d7d3aedb37c76f6fb06ba5dc08e7546ef566ec73a4482ef0fcb2150d068e0b8974432800124a792002a2f83ac66f5fc4ace928ebc98fbb67cc0ff0b6425d96e6900d706fbb34200536ffd5a28ed", 0xc4}], 0x3, &(0x7f0000000b00)=[{0x88, 0x117, 0x962, "15b16a3192dc02d0aef54442ba213a4f06cc883d3f819c7af03659872fbd0b0a226c8010f8b8884e9413cdc3d5418a9ad2852bb437364f8550a605ddc2a3c920db3e8d8bae7746b8bb940ba8420f9561f9a125f90707ec68bb2c8a4a414ed07fcbbcfdff4017636f0453250be91a01d970f339cd589a8a"}], 0x88}}, {{&(0x7f0000000bc0)=@nfc_llcp={0x27, 0x0, 0x0, 0x7, 0x8, 0x8, "048a993b8b12503060703ed80108ee27f23225c473e92a407e385d0f5c127ff0158394bb34771b991705964a9a12f08ff82ac44fea1e5123e9671ccc385e01", 0x3c}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000000c40)="b0041b431fafc2ac6d66379d56689f635f75a140ec603bb69e8fa4fc0b91b6f85803e1eeb2a82688efbc43d8c2a928a18ece55d3017e365c0e382f5dee4579a517d011de9eddba2c055b17b01f657a59f7b608106006bba84048df45ca2d212a8cb4a8aa451602346b30f111c45d70b8ec34791dfed532af4022b68b0042b120abd415a0677b713e1068d7f831ae0b676254e08ca92eb7de9e2d362adac571a91d01bfc29b69761de4632a655a9a41e5f096496e855927d204737beac0e25a6f7c349a4dfe5672d3c629bf666d844e6e14e41558c5ae6f69f5495ab6d737b6650310350c0026ad960edb40d474fcc920bee0eeab4acfab353d5031e9bd3cdb6d6a67e5405dd92d4e57f1f72c7941c38d6227fb164ad90d823be3ac27f3c430d9a7e164b00c0eb10c1f7e473c413e12b81dff95e119e22bd2eee4b98da65438e43a8984d193018a9a81e7a7995ec64c745859d0654e9b37e31a1a46928980643b6ce3b9b09c0740441f55f949765c0924fb3aaaeced00383d8371fc794e03de0c33dc6bd3a42e923eb9638e379cf8fa396f3fe8e3643dbcfbd8e3ed03ac68e55becb3fae66a6cd281fe796cc3b6893db761d896ca6ade780c7edd04505f62a12e4eacc2d4b8c6a7f851cf2f79e900fabede8188bf59e77074ad361cf834c61fd8e383c9196f72ea7483cd1d70a42cd465442671c4645fbad6614231ca6a0546026307844a89028a6d0fa95ee8e77a903a9c0f6e6d7f6263c789e204485cdab202666430e93e3c0c3247afcdd66772fc8de904f3e4a1219245c853f663d65943a802b7128670110df021d9020ab18fbc54b172e885da93a4ebc790e3ae6f38acfd79749df0151048a54951b79cfa29e4c3b10d23a611d8bddfd3c45205da2d556228dc295d95138827fac649bf2377a56dda88af6d51da8aa077e9c07c7d159d1209811e86c01e6ac256ef930d6826c1dc11f4c35bed251412c9ddbf37f0d8b4c96c0982dce16d12e43c6feec9adcf1a8d63c8c9c0aaeb76e81a085b2fbb9b21a592f322f03bca2581dc852e4da73f2d822dc4107248265189a1b9f8f83515d5f16704e80d2edb7c9f3a8ca78c64aceb3698ad7509a3b1d58fe18b931ecb42e90d6f365c6dc4f2352af0484971cdab48c6e67bbdf697ada5017ba165a50e1ed7ff9d1e11f30a4eb8a02008286a5fa0790289f1635c551c474a4053c2c0468cfd26bc96b2465e08e1fcddbfbc5cf033c60f25748be7c922938489f678ab602b028ca415be2fb4c2e5dc5d1b019343ede57262bebe423fc0e5770cb354f0145b5be0f75e59436edb740c881e831f43c989f66bdae66c22f80284dc9d811d8ecd622ec0cba560622d6a3468c2263594fafdaf0417f56fdd1aaa965539e93dcd8cdb4d6acf9c6eee3c2a2f4ba93ff727b5d590e57ad7862df7c6fe64ca88dbb58c9a1a3628ab7ade1aa74f020d7cae8173cd37c9fecf53eba7e7fb7c3edc07ee06db39e35b822dd04ba9275f10047d1fc600c88ef8f6b6543566e3600c417e37ec842c49b0952c69822129cf991109d1e2831c260fe37653c5241ae251d29270a5a2dd090e3ced5fe08a57f49f3baa3bd7c79a352b0432a8c2cf6bdfe1071836a2352c73555ec923d655da3356cde01e5db8ec9098f960514607ae30547ed7ed8796e72a75442f544db107500fbe0580d0af0c52dfe434d713c73c9c6bcdf258efc6036a08cafc7d6a9e4cd694397c467290143ce371b739200d3ef8bbc80162e95d258c2d748b826541a45d9ff80cb472fab6d61a3ced4879dda1190c26bc0dc5c8df11040197a597b91deef8d7f1027769ac0ffa8398a0f32d712dc1446d87353c39404cdab1c0fe8b246b6b088ad609933f02ad1b2c194634c42fba40bf18406b93bcb1e931817ab642688f5ae8bd656fb1f15923dd53ba0bc3e3c791471fa7d4eb200e1c1251cf645fa78ade373f5bdc3b8a7e18e09e346f6be287bd07ec25e437d19298c824deecc0b32953d4c37f691ca8314bf576c9d7d17c98fbdbfef55d560aa18c04ae0ae728b658bfde7766891fd98dd29a4b9c97f15a13d005927df66ca30526433cb90fa4fc59c8bd251efeeb77f5ef941e11ee27424f409aa749fe3529fb1325791ffd6a59fa4f0cee485cbfe34a70b44c68dd4e58b18f0c671053f115305eabc9bd8666c09c2b698696bb33b9f871238fa71c96ba701665be65a52a77b45be6c60a27953353f7d96884e5415036bbb7cb6b94e15d54a9d516b257fe0e9e1b0a6944767f6d6fb26875eed1510d9337162948791b0df06a1075587fa6d99cd402f7fb0a0ed1607613baecdf9ee9ef6208b939cbe19d8391cc3d1b95c0960cace82b485bce7ce605ddcdeded7330c749edfe8ac14ccdf4a78bc148acb3cc3d5db57898f2a76a8da2cdbe82128365ee17dfcad325ca7a89eb2f831a43922e157a317ad5f38c9096bd0bdd5a182c98a838ce050c24ef860372fe605b4b7241d6be136a74eb227e102f5ef860358ece235b656c81cd2dbfd8d23c93842f87342879c501fd6f2d5d16b70fdd171ca5d1f96435be90fa23d18d8e84584c9a263c84f5ee8e2df4f22af4ec5cd84e79e10ee86c9406d3482051fc555ac2c5a9716fc5c13e1d0c10f18056615d4810682d194a8c648446e58f8b932cbf2d3dcde3550f2addaee2656714e5e16d87df048ea05d3574f5256c37d016cefe49f72520eac4a02306455e364da60d67d5d15a976db138c52f600c8b89bca61e1e3980aa2519f9ca68b4cd29dc27dd65f031f99d0def1ab16f845bd56efcd5c275936d3291820069af2f32cc5458c02a8a6055ce1046f51966ea41d6134e9daa30c292e9be31715cadf1ccd718d9d8367ec977f3a38dcc35dd424567bb7aec2d5455b640305a280a7053aa83857eb64aa31ca4091506c2c46199eeca412d1c498dd384c0abf73da0eece35f67c994bb4a35638121b2c1913007d5537416b8f94a6d684a3dc210ee6b4033ea21aa00843a21f848dbbdf790da7fb5b68a21062c96d9b017d5d77f555210bada62bb7fcb256e97186dcc632ba85ca781fd72a4a9fd22c097c43fb43fb7e1dbba08bc8ef36822e397656a67b6c8e9b27bb8bf67b241a2dd0683588bca109a5df7afb3b241c0cef8a8e3d5c302212e1d0db1a473753bd70d7d33ae1f112ac79932d36e51090ae55315622f48abaa37a10d04fe525fe451f20ebdabc2f2161c2b9bdbd192b6a981e35c2b1071e6fe76e3e99ccbf649a7e2a7c4331014244cecfe9aff55e48aaaf66d81c2e473af2dd951e240d70ad3a64e7afd21e8f373c9a55257e60ff38f9a4a5ff1c69e3c642ac12bdbcfaee98ab0feec879e8da3f8488eb9fd34770c987f5dc6552c638877a688130fd7aeddc9cc8d2a7b9b534a57b0b1628b87f591f3fe08a41d377c2acb4e61b2e7e34ba3c54fff00fae0bd1b5c0e879bda313c48723ee4b0e1765af904acfc73d0c9ce022b2fc2ca0a83b18e599799e8ca711ec54c335825ae9b3c1ed41e8ef346b0d28fb525ad9d3df9d673ade057749e5c0fbb4bf32c2fe78316f55e73818b0644304e35988d4751c1bc217910001b05e765d4dfad09fb78e9d13825e816e4e427a63374aa318c85adcabd28724b5981bc1aa2455cc78c889334cb2b1c92aa558accb20bd3e1d986a9e2fb1e9211061727dce9a389abab5c01913a99e27db2c39cdfdaa69bb368ebe4dda40733479ead595d224167487e26c06b4101cc7cd535a4e339e1ddcab1c95adef42f7ce1205b57b30377fb96cdbbcbf77f90715f9e16ae69ba3ad13654beccbb4629a821c12ab187f6edfab38022bda24e5b53e3db0ff0ea3582df972eeeb397395444d0d6958aca524c4d181b95b88b5268d94d4062fb874b5c15e3700b860a9170e4c959660230adb513bcc60afa6d022bfa97e97200f0b9b87ec3c3e4274746bd404f3b93b2c323a6688c14bcbc3962ea52c27bc3b54f1826828a008ec175ab58c0460e9497e9f8043392ea705b70ccde569f490b262f9fde2c6a34b026a245f5f2b5d57db3ebc5bcf126f74ba5e29e9546432e0b158a2cce058bba5907d48340b60e098e952f8684288f1f93fc66c4928e27212b695fa6da341f1ca136d49f9deecb17d49b896de4d83b5c74bdde7e11f8cec361226296b9b66683ff94cf7b4945d3b7841691e9548521381b4d091f60fad3fd80c9ab02b7ece74b1eb051aa96da1dd11f86fd72a4e0a5ec5b523c1eefdc57e0be3458841ec96793a6e902d3131a3bd8c8689d8b4964c9f0a777a0d5dfd2a7a14ca1a5f5fda424b7a6b805b900a396621abe4972e89d2fa54a4f204bf3b9c41ff561c4ee43792286987e4a930a744b9cfce28a8b5b7ea8289bbae049b9d7c39ccf77179f1da1c0d0e456df2ead35cb2da51ae17b830a4c51c7d72c00b9778dcc19ae02216e3a4878c8f7d76bbe9551490570fa69d9c800f4942a300a7b679ae23124c89420c5b504cd5ea99f36ede7a8ed461ba50391b097afd5f1ffbc20892092a14d8541c6a1c1f667a8ed1032fee5fb3e0c16105551b29590df596db6f8974453e1488507ee0d2cf8e11052b8897156ddfbec7a006b0e0b89f1537703af4375f2b0ef507f926f472a465b8bd10cb3486147c08fa597235fae68a34462b852772222d85c8fb988cd52bdda7df193d252c4a893e0a13457654906511cf48ea65304e3dc527fcc1e68d1787490d49059aabfb4013b6b84c84f13c0b36c47b4be88743dd6a13eeeb3aea64c513e7331299ef014ccb2da67dbcb5158fb29351f4d2ea5c499ea46de30790f2de950f8a3118edcc1a889fa4ef535025ac1be8101250e549910ec53d88fc609c598cab1763f8a1b1cdcd7c3a025604e1b87e5d636f2df1cd5e9c16dd670ce522be7e261f5f6e48e770a8678cded77e9063e3353510a0b856ada1bac1fbaca6a24200f6bc0872c73ea75611427720983bd839e89e9b4eaa684c620991d1c34d0298f42421b83ef0f60a5c79bcc172d159868545aa47dd5ab07f186e63996b81f29a1e9181a3c69191b775d7db7d4c5d6722ec541ff149bfdd76080c7ec4307b6f39d2b2ac59e2d508788bcf86c176094e06850f8b54e9e0343d2caa2ff3bb151f6d3dda8208d1725ff773b7b3f862b5f7c2c33e6148ddb34e60270d7821e93d10a69aebf9739fb7818ad2719fc187f994b11931518a87343bb1511bc80e7738f9565460a1e0e0788dfe48f947c644aa6438f709e4e35a691ba3a7ea894947c4f6cb8cdb0f3dc0db09868f41dbf9e47fa52e55f703e0fa4e6afd534cef196d54f44b4d3849c668af5ef34a22ca0b3e50a649f87aa5df1bbe5180b3b1628e4c0b312f4618622c70af64b9867d130ccf236dfd5bfcb72ae252c94a26c695dc27ec602a89b53409fbbe1b12856e8a8cf2797688768e1af6e804a51a08f3b8ad4ddb6e6c4e75ec345f287ea5160ebd5f7dd091a7a90da6e4b90ee3fe8085f57a331b6f07c396dac0dafe5c3c38861c65eea19f53b4685faa7bf39fe5bf6f4f40cd8e929ea2dc7b8774283d8d6b3a53ee7679a22175e2d55fa4eef446b2ce33864f9f81debe6236ec3583744e670a674cffb3432f1ad0ab8a672456f81236e482b0a970781f2a1c7ed25bb6e7d04e6746fe5d54a85fdecfe1271d24a82afc24e389d65d3b3ee0281bcec669f39df83c4369930110335e4a9aabb1406db887abc66cdba933f50fdd9d81cd8b1efdeeb4b8922ec4b08ca988901d3d0d01cf63e41ff1f1e1ec247b5b2573c9c271b1b2a56d5bb850435fbfc5d4c2516cbdcc4769363294", 0x1000}, {&(0x7f0000001c40)="32968cbe27abfc2b4a6bd94688b3a854ec113adec875e0aea8df80ad806985cbcbc5e5d4af183f773c46684c8da1f54d6dddb71b8a7e75ab9c1f87e6e03bbde5360c253b0cab14bc9bec9b9d35b17ff3c1cec447529f459aeaff836ae5b375d3213bb834ac6780153990a9909ea507ed4ab720cc6ac0a1f897fd22611f2181", 0x7f}, {&(0x7f0000001cc0)="7dfcc71bc9afc62f4737a76b33b68172fa3221bcdef4496f50830f03ee9459516f99a8a7f719cabdacdc1e87776c906aaf4f0978bb0e6506b37b62ea5571d53e2b1339b08966004eef71d013a03cdaf237079d7033098737fc7d89fa508b9ce6486b26c39d42ab5cc89e971f37e3275c5574ddc716bea0cb13c150039d7ba9852e832044b6df9652a787d9deb4f12412b14b10a85fae8dd8b8e478b8fac1b71881e94381fb5ec1b4aea31a7dc48182f6a8379dfa3e060d196e54acb72baa8177d876369c04e3362811015d69b14b002cf52ae126b3087549", 0xd8}, {&(0x7f0000001dc0)="a1fff4e0f52eedc6f7b55357", 0xc}], 0x4, &(0x7f0000001e40)=[{0xc0, 0x113, 0x7, "e7050bb4c3c5ffa5699dc70b911e29a6f82715fcebc30172d5e9684753719cacdb38fe07fdd5ca460d103109e7226faf28184837e5ca263078d169b8f65d8eef5ac64c500c4b5efc46daa37ca032c458e0c575b20667bf9105251c5fa6506931c2c04b82ff99e24933ca5858c593bd84418270ce3659d231592e5a7e0e6690ceee99678ee69ffcd25e170b422a1cddd0640efbe335a7c36137fbc64431dfc48efc3e8a5dbe82300cd3c3"}, {0x1010, 0x109, 0x3, "6be7a82845a4494835bff744515e42e1a5a08507a140dda86971fa0fabf1ac7a7426a5ef17ea70553929e2f4694b4d6c5ba6bcd4e9e4e28ceb1cd6de52fd744e8fc22bb5f6eb061ad4f763a7a65e33d8f7fdbc815828485fdaa5de5722244c74005067f4f2d67a7f261c9c9f5294479de3ccffbe580bf58d83601cb16976259aa43287493acfdff6503ac1b44a1218cba1cb7e9b049a0d21eda2c40e059456f6e0aaf165e99191c3490af3665177c398142589409ba2fe9a5c6d6b32e189ef92baa70415ffb43d528ae7509b788af2c151455cc0c5b380c917b60e87e8b957136b0426743eee82bb92349499dfca15af5f979118d20c3af2576a8f4df4fc8d7acf8f96d048aeb606c930f00b382d855fc4f4e1f9b3e18a92b35c839487fdbb0b7f3dbfbceac99d331d473910cd4cbdbf3cc52a436bc1709ed85a6e99d3009ef4f4348570c60ef694d8fbc4358ce0d52d33087b2576ae04880418785e056812e17c117a8103da1ef197779f1c5d2f3dbbc8ac08929f734e52f55cb9a08288bd599e4036b10a5838eab86587cfb9debf5e11b1d4863d1bc40de416327708a25c951f9d57dc1e7f9f02e7054dac1410481abce0505a02b09c23e172b1ec8e6673af5c15985f2a03e9510bf81a476be090ec6884ee122630bd2575fa9778b4c1c2d88c7776d5912f6c7627a5a6684e350a645fc9006d4ee16b22ee578d745f557d1c171e28963eef6ce042c09c520d407f8c13b1d8c99ba1067c9a87b4318da8fbbbb896263b270e6098f8432b712eee8ba1aa7c0f1ed4f60bc750fa189e1fc830f267ff26623f3206a27d9ce96ad85e5d5c772441583495d08913b02a6a82ef264114dc30c1c9bff63a47fc5dcabd4849b88102181cc2e183886392864b0e0aa9b2e16e9c207d0fc9887cd85123eccff519ff5b151f96ece424078e43d9cc2e2d4f213c66cb724435990447bdd8d53b7b5393dc1eb00467df7aa7c65d6fd06185496a23d543317c30c2407e110381d503567b5bd4f06b1f916cb127a984be907b351eefcd28e105270e5f37aee18acd8c63a30a137b6f9e515919ecb4abfda52bea0f502eeafee0a5b42ce1bddeec22ed9141a05fc3393c89c84eaef37edbfdd23a3318c6d77ed8f49164ea232dbc806a4d011557eceea8d8774f06cb132a8502f7a5d1f04d0c56b29efce594f76835789089f917f86e79245d0d0deade6765d92cec0ef48a07eb9c9aba03bb6297084eea35f5d5e4a25451aa96ca91e4c77853c9f541be03e55f14a0cf9ca25498cbcae5780cb107e2eeada1e3ea7125238ac4e94e84ccdb2d8c80bd1fcbc3d0b9a25b60589c62dc7976cc3ab17da5c340e81df7650e5e228a235877f247e2bb9f0e1c4df573b574b77fcf251ffa1f948b3e2ea197b20dde48a30a49d239f763627eef8de6f3760b43a6130b2592afb783e762ac01fbe631fb0fa1395f6698c9bc45bfe7cb5faa319b9a048627ddcd4c4560d149a6daff89c7228d95c068f55f5e6ce93abe212bec083cfe6a8cfb62d8ee7e58f6c577eae81c5a1eff1df66e1a4834e961c0a63e3f2f7778a0f5895af34ce6518fafb29055e8db59671ea95ff71ee7f1eddec4d78f2b0e6836216f35490b93c307815c30fdf202ed49eec13bbfd35219fe45045f93faf126649be73ac21dc9bd31e49e6ef039e8902b3ecc55498481e73c0d8fdd0071fe16946d493546bfe0e46f3c895d2b9b70b013360e47630b8aa09ef97e2b20030dabbb097992f1c548c1febc9293338380084bfd701d0c6380572efcacd1a3cb2dc711d81512c49190cd11ca4dbee94f793f1852e36a85f2fe3bf68920abeb98da8949ffbcd6692a418e290ba1a3dbadcb5c450538e04e2148b64da57aca6aa8598f3fbd6aecb3f0d9a1082a8c4a0df22f4a5ea23adceda57be2fb01d8f259876db437ebd1a16bbf741ff8b2ef913d20d42ca582b36846153977932f0e76c99171a3a71612283bf4f1212505a49c556820a0cc20459cf1c975e0c41cd8481ea5ca7a3d4fbad56644d549bfcf35526ce9ac9023492fdea3f79559472bfc97dd6a5e469d3928aabcaf5daed34a0119e5ec0d98d19828accd4e0ecb1965126d0080ed1b47ddc7f20edb5e5396e0b881117f17ae7a58accd2bbc8f2e390a6e9975213122eb366f9541962869a5b3c888ff304ceae7dc9be5cc66edf026ae2c2938601bb4f195f7a6ab6d0ff6a004e742360ff1517b90e2787577468f849cc0155a5b7df17b3f25cd6b8d50ea4effb259130eb3a36178b4cd4f32df6788fba1978eb3053a70f051f260d50827e3f7e80aee6929a6139e849a5db17e5ceb585d202cd7255b53824f00ada6e7831e6d2e973eec1f0664100b7186a7de2cdf473191a591678b2cc7831d8b6f216ca63c07c16479c3ca9733bed41d9b2e370a660e7582e4624d86ada3222b89482408fabb527fb8c3c665479920c9a3a14a8c98219145f35444ba40cd72b76012154c76950f60036d3609081987c661f55d989b3f4b7b02a67c4962926eebf47ac113d7785ed35eb25c61b88bb919c27e64763591c9f9fd46e0583012e1a5ad4b5c2daf0b58c5a9102eebffdd5ab1360eaef01f2f074544baad5bf423d33dbe38454b1630f499db63c8efec5d3131ebe57fe7fbd1562441d6c57b778b785fdffff031d5ba8be708f31d8c535bd6e45f10feb103a2d3a3c8f272a6d075edc59f40a7678cfb39cdf8346a618b639e22f65d352898389940977b5fc4cffdbf616049e7566c923e83d4dcc52d67a470c206521d6d7f2f6149d22dfbb569d42a9392bb27eaf9f74c95571007cf3a15ea386501db54167085e4f05c6bdc776fd415bac5c750313577fa66932165ffdcbe3b2d41d73225beb4b42b7eaa86c4de80cc9babb42dceeeac352893c9c678413666804dc2ec106e56c931a4509689624768777052ae784e76b60795177881dddf30b37865c13f1c0cd8b3c4570cb2f2ec361089a48ea8a140875df2350507c24f8fccec724fbab0a616cafd4ffe5f819ec859548a32b083d086702cbda2175c58df4cd0259e5dfff2eb02bce4b384fa0744f455b1039846d9e2941a6e038848ea640c2ec44428a156954aeaafaa8659ce2c72e1ab35dbf24ca7f43addd7789c4cf141c7d1e2f80320f2890f4cb67e590446ca2e351455891dca7278419a390432db11eea67f47192423bab2638a1f3ac39020e81f4983aeae7104f7c07be7e8f67cf3e6a50e81c2da0962f1bfe8e81c682e5d9ae81339e6232d78f516dd4498fb1cfad3b61b3c43709098751976699b6cc0afa556bca862ee0e8cf809972faa2ceb0ac1fcead00a94690b4b505745f3944042c8c5db574e7d1046e9ce60263ab84e2b6e2140cef41d432dd93b979876ad430a8eff49c8188304c8275e0789189b6046bdcbbfc37a7dcecc5084eeb4f801052aa9fdd5aab5c59bfb31a7e490dfac3d52a345d032a08b1d9d417563275b86a99d517adb751c3b31f813d99b07b78aba11f1c8a60631168d7db9b65463f1fc2cf132f8a79d83eb29e6a79ca011553e6356c9df39b7292ce6bce41f120f27c9d11bb956337b80e71d572513efedbe5cb9ed5511b8811cee46ec63bb8f78a74a57c6da3d11a0c046afe6271e268d59de6f817a0867439a2ff55b74ab7fb26e2b8ed721bdaf1388d9c7a19f44538c53d4d1c18bfa6c2c2d47de6af7d4810704bfe6b1d1122d204804fafd2cb04f34042fc28219faea9a0b03a88ff06f923fa70654f9e09bf02e7a2a45d7f79fb4d8cedc2e91cc7a0fb81ee1b5a818bde86ad18112d1986c430e3a308564e4c906cb9429b47e8f6b3df2b78e785f533e5ad77c15bdc6f731ee717327e90fd2477d2576eb52950fa0348b1b33052f4812381da680e30f9b24792ad7b787b93a5bcdb0bbd049fd17d156a68f6eede5cb5a209a199932b908cc787f900cc1002be8a75afa8bd600e0fe7ed4d115320707cf9a48bbeacf9b998aecaacec4e281c93b342cc5998c1f97bd3515c1b3d0bf32de9d80929fa99eb68f5df06064a26e9d0ee583e4493d7c7da105c938ab937a0429648e4fe4f4bae1d47d1adb9e4bd62b73bc69fe80b3cc56e094f0fb5166ebbd15996b9c338c5c6a2c33d1bd397c9ea5ceb32b3bc30028affcd7339f0bc3baf06e0950458f8bd4e7882272a62c6eadb2b0ec9396bd8cd4ce833c4ea2a43bd0b43b0ff960d46b7d446bc28c6fc8d4612eb464948fca412be837ffe38eb754c34b6adff3d3b9f5e09459694d0f1ffb2d8e4f9c51b806c6a1da5be8f3a8a584d83e290fc6b2c1fbf2fbec7c0c6c2a6a1f8dafea004756ecd5ffd9ff180aada903768e0f03e0a329277bbb739b0f020e46e1a3d651d276fbc1643f911dc05b429b371e9f2529f28bbe183f5ab800ea99775bd3eff3bef6f6727def46871d4621878daf1e0c4db665f7d2b11c86b05503b88ef31722eb09d149cb99569a09218baf92bbec63b455468e0967805537ab378e0ae3a2f24a0cb40664d16fce01b395f04924802257c99a22e65f0f5f0c67ac62ff44fa5d24175116ce53b54fb98597668133b7f1527d6e5de6fba484529da1688103701328225685772f05ce8f1857c5d1c1f30c9ae4c422c6d8667a0ed48e4b62ff43aed0014bc25ba411872fc4c814eb76b96ed3cbd85f0d1e6a22242d0968a144f4a4ef67408b5e38df349ae48abd5de8866716041ce307ee4a723ff4bd7b4af4b385ee333939c8b0468fce153156581ac07cd2b68597e6dd6a68d448147df605ce5bf672efa38f6ee5ea27edd065d17c6e088df0affe3ff66ed693df474c6f340a199823b745f55185ed9be35d0a88283cd20cbaa46bd4b743245eeba254ebc7e7b2fd4074de4c3f7d4208076a6a6ca8633492f4aa6b95c2c1d033a32132ff2ea8656c944518c4eb28470ba0e1b18c63d34a4218d132eb4b6e90ee055cc2da3d9db6710649c53d7beca0d6b9885e7d1a6f0d47b57fc0b1ab00c3080cb6fc9385ec2ecf9b0c741e9e0c0686d18f7fba6c4f883d5cd6324a7e16b8b49e727bc4d809502b5f9fa6e34a6c0dc760febea4b03d54785be484f621c44efc6f46b872c27c1632582f051b07d2d92994b708e62ae8863fe414cd9231fd55afc942bfa6f56b798399585ff3ced1130e582053a606cb811cf265ea900c7a5114910d5e14bc7cb55f79c6afd73e0e79843ce2bdda7e37ebbcc14b320069ec95f0aa293eae5e7a0f49077c08aa65d5047fa087da728aec11a588ff8c1da6f87d2da27ec63d5c9b212a8867285adc4adf17542aaee11d3bf51bd18b18c9e071d99c0e5970a5a385be5313629dcc41e577b279b5ef7dc6a1520bb894532cbed0234b0d4892421f0db919fcbbe492217a01769dfc002113a743f869bef3d32efd186d32348ec3b4ca74a08e73a486ffcdd03e4b04f4af7cc95ccd9abd86a288cfbfaa68c880c114c46677cfe05cb3fcf054665434177a66ce17fbf77af5dd8282e1aeb8e01a0729d8b8888aa67072a4b92d1a77de2e3660633f455bf9667e5df1f54118c1c1979aaabbe85c7dc4236f4015369f4f6a469b2493b97c5dce9e22b14e6d41b82db28e04261ff5fa13e347f8baab220182586edb4cc6ce9e62e515ceaa4d941d7edf41e5e384942b8efb03901f6bfe074f43ab652812da87a61ec9b3ddbe5ea199e3ec37d319d31781694fce0dbdfa19e198e1769179f77e37541066446354cea0b665799e928097e093aa01d82ab677b53ba6549faec36751a653f2ada597d0fc2ec97814d83e8282defc7508b94fe3c1f297ff0c8d72c15ef0f590"}, {0x1010, 0x116, 0x3, "175ffa028e28a57933c7459b30220c1bf6909207b4bff8601d51c79d66959eb3086b9993e98808b33d379a8657b216145ebdf0ee885c6dcb8cf3a30640b08f9fe402dcb0ea6bb85640d66572d5ef2316cce174e5e7bd3c847c58c22dc3b256ebe88179d570fcdae324499f579a15440a34c38d45e09ca784eee1a777c4e85fe51e2e9131b728dc036de8c385abc302d5e97fbc9b7655a5b1785c1c0cbf60c5a2d98a5ee52d43371aa01c7c181bd7f395650617ea56e5beb7e638c74012f1c099f500299d2a15e6e5eb2f412ba3761e27910db5878b272e7ba87db512d6c87f2815ecc22df0320901cf46b21a6abf94e563564b624fd6121713bf886577555220ef0f8da0d66c42358b898ba5d39e3ef3f86b8cb9d2b173b3c1c50965a9ea3c08d7db22b481b635965d1d72db44a98d0772fb3fc79102f63be7cbfb4f51cb52a4880343f0bc599bb9d081a220cf9d7e295c6ba46580a915211ec0977a373b67f3f6289470d53c2491b994d228fcdbae4d65de5efb5751aa93c33e51c830529dceb0a43631fe0eb61f621c1807db042dbbde85acef22ad6af4c42f7f5e3066ab5f52ada22bdb8b8b4500e3a2b830531a41ffa82881967cb078d3cece0a1c42f7e99078e95fe31090e0b86991361c5fb78e3758e63f6bd4627b02690e821186fab3532008b818ab932c82f8c06177ffdb5aafbb0a8be1cef068a3692a9e513dd967fde4c09b315c930c30f5576adc09cf4a9f27649e071ad096032c3ff01e7231bf8ad8fe36baabdb2a2b7701afba4898006f298176a62f5bcd66594c3c535881cb8af4d93b3d9abc451ea9be924e5d58c466e7f33880782f35c7afb3ef5309009589566d328d252248e8645cc89c43575e848830482fce9c41e2803138be9a8eb6b9ff7248845f04e7ca5ec5a87a4667fc8ba192bf8e6cda4312062259b76aa312bdbb36965ada03aacb29a1544e537d7840c7938ae81810089dc211666a863e02c2787d987d705fd5c27226681f604c2bad1dbec9fb8a957fc260e1561e7b44d6bcc9899d6848d7cf63c6eeba45135be4320fbc7f0ebe5c0b889e0480c23ca1b4e40da038cf18e991841f81467645d33e6d14cf1680ef147945f8366a5b9ca2c54ac9c48eb3ed00bbc64457e2673d9ac3cc3f608a5ee82684a7e089d7773a70adec325772a9b0312a141873b6fbe73ee522d65729114fb1d004a70e35e8a17e48d3f487c9a5c2adbbbf5254878e91fdf801161040e401d9e40ef1c905b3d94b2f39a63db2ff6564fa5f555b76e24ba200b2f8c6034b7a9aecb3c5ad1674ccebefffcf914f182a26aac4b526f1f63694ff7e6120b64070fc216b62a4d890b54773a0d43769c60da9c99c70eb0d4119d4a4e02174d5ea28042213133b56bbbd2ffdcfe34fbdd8b2aaf89bda67bc5b4c36235b69b8ab4ad23d9bfee2251f20f173ae92d53a970a9a035def2b5634d3dc7ea05c0c8f37b47f91bc60532a9e886d2e63b75673b22711cfcde3d72e52c9132bda1d3108306215680225d5c7696961f0eee4d5f87935f115a87c674201d652941f69f6be38409918d4943eb6c5f4d54f3bcae2718886a45ce2c55c12ea3fb8eb1d7037928fe47659b0e7ff4373f9bf5187d1004dcaecbf2b045b0fa1834e4bd9bb58ba1de3e15a32ca53ab91afce64172cf58c34049d07bfb9957158fc74cd9151d7f20812c7475fed5977a479fbf7cb1d56eb94addc63b8e485c72b411be813cbfcd11d6737634f8c49cda9aaa8cfcf8ea35269f835ef0fce80d9bcb59d22babb9f62a2de2ab2f5bcfebe331f26fe5ef3de910013864e7d08c5a03774729e69b375255f23af1aa2a1200091c1bb11df4019daa50da81355532f86bb4afed598dc8175206f3dbd90922dc42d4dce0ee9e7a3a7ce717939e5cbc9148f0c7dc44522fea054063792fd9d4781e7043e7807792d0a2f8d502a2b9cf315852d0ac713bd5099f9f2789a1ea1dafcc76e87e27d36e734c6457ce4311ff53fe2aab094831dc7328babb31244d3e5e4e719bdbff9c5edb02dc694128546e3c7628d970d493a034cb545534fd7c461a4a7409df31665465ebcadd575031e40aefe320bf8f0cd34662c78afb547c7d64fcdde1a67174d7139831ccc9b5eaee1a5438bf54ad082876a56b473cfdcc3932ef031828812b98b31b1bb08505cba7124af2a55bbfedd55ff4741838270e86b6979c829b9110a88ac8e263159e43e110c0ed2da90b5bf618eaf9035ac3669676add76072ed367bfd133f821e7b52c6c9580899a043245515c521944b6d4e4aeef33b0fef072d8f838385fa03befedc99db5bae1bc186486bc41e30de1e68bf01eb30e9a382aca13c44c210347670278084f9181b2bc9b67ef65285be5e757f5bca84b0ca08268f3bfabc19dc8bbc13a27e5bd6c52df63bcabe86e60ace619859a8c5662e649141d74d53beaaf319d21748fe6f88911869dd9eea1242e25ea1d8422f8f15c80c2cd81311838dab9a3d677d31b2af32270088e1d6477ff66b15a735412f00d77c50ebb6ef4bc33897234ec2a64ff13dae9ac93437903683eb631169eab2221d954c8e9ad24a43c67f5b096aa95b03d840edba514c58a80e52d0bbbb6b6a2a91e5912cb87e480457ab742231f7a99c2e972ca62af5dab17a3b3eaa0b5a787f9f811d65170d967c1bf9984e663a64e67a3e8fd585ce87a43dd10ee5a5e71ccc0fc323f2cc9eaf762351612ab68b2e43215ab3f343489de94da95c6a6561da06b9a60423661de6141b1b16c84c9260f52c3800948c6e3539b660242222b233573cb0c6eeb3939988b49da2f0bc7961d75a39aad16674dd509510b99e9e216c976c0f8bb631e6a85564e1a29ff2fd28d757a47f4582de42b7cae9e87bd9091da24b910203555b176fc464a79bc00eb1f39477a12c301c24393f8eb16db2dc75815782148694118ee06877f653048a9a312ef0dbbf5615cd9ec033d457d75c4fcc88af6485ec2e061e82ec7d34e47ac01732ba5c36880fab45c080ee53255a203ac7b75a37b1db8ae08d115d89acb0b6285d64d101e93f35cd7aa2a03feae8d6060712c958c7e8d415e81ef1cfc2d380181805ec1eebcff962dcb9c80ef2270e1b79ad47c732d557093c1462b472ff021d2b0ebbd954fa59436255fa09f35c716822abbb941a7671e43882fa0f8dd0ddf4ed852c9b0cf461b7f1739f8e31962cf473fb75efa376b953d0bca13e87a64c8861127e8208b7a506cad43d7d24b3b7310de6d07a019caade63de9c56d7bfce3ba8775bc08a3b55e5d16cce4061363d2694d64efe7feeb727431195fa5c22550699c16fa360a654714f0a50487293a0524d4bc8eed0e99379290dab418999fb81f38938566c339dfc89a893a276137b978393961325c3c2d3ecf3cfa0f9754b6dd962808e6f42020ecbe022b7646ed2c3bda9f36bd42372fc3cd5ac1ad935fcae56f4cd1a952090e278c8caad2b3d0e220db922a48d33d4410e40ec0a06abc32cb2a64372cd0d86d1447ace7e0efb7e91ae3873d2d6fb66753d0aa460445832eba6b2813162a21aafb53768afe69a9cddc81177e939ac6a850952ae56195fd94e4f37feb928315ff6fd3d2716a061bcf62e6535e49feedbb011e19c8a0f95b8e3791e7b5ce836d6514e9800bf191b170afc6f661f5413c41a73845d7ac9d30d87503fb7b5635d4f5c37fcb0342bc8b9c1061577918a18fbb952e1aa5335ab6af806bc915bbd23915e531189845aa74c4713059c8db183936261214453b13817101f24bfd62f5a0d0252ae51827d7ef6a2ffedf914affe327a76c24337320e9ff1b499694971a1c24330112d83672902755dbb7ab9489b3f13def5fdbf17eb4430ec69ffbab43889a4c1fca4116426d69ae40cde055e47fe03e2a2047b3eb523dbf67f3a6d020cb8e117ed3a8f491a6e4a0e600b492a46c7f2bea6f73b8376b2b4d3b42063a9330f374ed151a08d177b52fb970f318e8f3a9c1b6fe19a15a27ed804ea4e9adef9324e161beb9fe670fddb9f24a295d36a2b0ee448978e9fe7100480190a6303b5cbb59e13128f00e6c78182c62f5b2c1ca12008e93b37ea68412ad3849780593f1fc69d906edf06fcec68ded73692f867f1f53cef68513428e2e4be7ec616c9076974df2f61a599ee5eabf66e133fc4e6714013f8a8bdb4d28590645f8169baf46f7174c70ab5cae260dd4d8d783a23151aeb40db62b71d62baf60e8611d6ece697c8cc629873c28382c7c4827d258e770c7698919d9d86bf84bffd648b4d576056c9f4156978da0188d185e9eb1e908508f5b6b3f813b535c8b53ecb8a9079bb2930bb895422788198b07e0658bda78d741d883adb684c40342df94f19dc4f15608f06d9ede09584342d0078cd1586456e7f48ba7c3ff8295ca48e10661537fe09e0465ce87e293cc4d82607f2440f6e4ad5083c692beeea2516c9818f579c8c139e5d3fffdb99976e7f801979377f24ff21a82a2a6e64bfe055775a342ed9deb9309d3dae816c5b23df54149e2a3a8d21dcf92c9a2b789775aedbae13768d0432b93cc43cc4767ea39ba5ebe11b72a6bdc2632f1a406125da6799dee9355db4736e0cca5fbd5e69a9ce0b9b13c35a8058f8ea00c659abd99391fc8458ac7f8b896f14fa241b1c8d5284adf6792b4b89dadd8c374cab776a034d6aef336cb052c83916e4476f3cb7ab2670a984c33ba8def826b9486c0dccb2852a6dc10ce62122460a2c4c4f9f22eb182ac74468243d1943211b451c95b9603a9c4ae5cf223f26766c8339b54a56636b149969905bffe0c8974d887bf4dbf1a89c467bab771ea599a669ece6335a3d20bdc8c30dd6d7182efe3eda057e186f6369cea44820b173054d93ca00df629b7f8a29e01788f4edad7924cc3e788c6fb3f85e8791d00632bfe01bbbab0240290874fb094f933e244b92780c173cc79987204d6c3a5a927d4b62c20e213d4d9eb94ed071e19d5fb9a05d652b93d6414e684cc1b1dcdac3f528285ba65037fa858a001fb41d92e0dbad67bdb7d8fd922dc6d43f50342faafb5fa496fd178dd84740dae3195671cb4e190479ab54c1e7bdb9ac928061b9c3719b6acf2d1aff90848707a7835f83e297bae7a7c9d2ff23e2e88cb614abc87af70d688a841f1e2e9ae614775976542b34ed3a5496fefb030b92269f29d34b8530ac51eb60010d9d9c6faee4f41328fb2c2dc481c229367788266fc795021337562f08dc2f6f99b2457fec26e42a9d8f20bbbfb9c3b23a3c17198ff03f180582d523fa61a2e57b3d5485bbfaa287002adb4afc59379a953766e299f452a5dba6cc818b8243a5be9b4729909974db6f49c425758d2062d11da3061382ff4bb0569046edfbf697eefa20927cdaebec69fc90fe44b2872ef7ada9613813964121d5aa1871a4822e47912dd3a2b55ad2eaed7d6e7eced75e4d684fe12fb428771ae5394ae3542709be6bb5b944c055eae202cc5b9c2118c8f49332810b6043f2eb0d51bcb50bb2d66041a880def5e15035a3587344a525fb89116c05c547e419c92c644bc171b3d3b6a6297c4bab62558c2a8d67559a577dcdb012c6cd7ff1da445b31264a00c1515c119fa2fdb43fb93f3c8a873a4df8c518f9fcd1bac1f60669c4059d3ef97f1e089d972bb2e9809b07f65b7c7182ed97c16ce5e0dc27a61995a5b481a4d94f7af4c25814bb5d02297ce3d5cac05597c1ce2dfea0f844e1a58cd25f01b93f9dffd56c8d3d3ff39a7830adf4197bba3a6f144ebe18f1047ccbf29cbc810a006d896f10b62e6c416"}, {0x98, 0x104, 0xf2f, "e111effa5655828d0207ce004abdc118ec191a5b5d6d49586b00ee80d4b0cc4028af6ad30aed72ae4b7427150c37a2d3290cf8de6e3b6bac97a6ce4b0688e087cc03f3a10fb20f2fd1a31cca3d3d06236e8eeae55d5173568c57cd685cb645fd61edc1d1c28fdb5e82672b5470e52472a6e50cf85ccdc0618ce03d3b0853efa1c690250083"}, {0x28, 0x10e, 0x80000000, "914384a31aea13fe1d5f86a11143fcdcadccccc204"}], 0x21a0}}, {{&(0x7f0000004000)=@in={0x2, 0x4e22, @local}, 0x80, &(0x7f0000005200)=[{&(0x7f0000004080)="4c1c38903670275e27cf8c7ec505f2560d312dea6efb52184039deac7dc7f7f34bd9e1ecb8cf1c82bec861d2d7f1b900b15c1ee7b1e9fa5ac68d47a13938b7cf6ddd7b8ea419af2c0c5f34012bee73ed05be7acced4237a4a3d0ab8e795ea6eff397dae6d40efb1225ee22501b0dd661c671b8382a696d7076baf40dd76e3073d4fd57fa73e61790e7ceb65462710bfbc8dcf2c6dfc9b3c419651bb321b0214fe688f71cbe1900a0c13b191fb0165b94b1e5218ccec7694e1812d94a664c6ff2ef55952094f4ba9da30d3528ab243aa932e98bb2480ea34022dcfc9125a5285ab8ca98e9847b9f6284fb9a5593d2e016695fa72a1a5a9af004a908b792d3248f6adaff847bf5f41ab482499f4d7aa8f1a45e81d89d4c86e87822fe67c1c198e51fb5a5d2c9fb4de2b70e558acbde2e9433a5add083a9afa65c3183906ae0a23865692336168b661129259a0a1b9bd2122bb5f8c9229bc9fb528eaae9d14e86422a616a7f266a5f19848ddf30dc93b77414e3b36ee0b40c52daf8c12289c391e041070973dbd15ab25b58490555a42d5a3f9d0ef7014c7d089b49b47a6a9509005ddca5faa39ab811d69e462ca31b0776d2748bffeabe64bd62da2732390c73c8dd0950217b4e9b191b583b88b43a565d649ea00a48a901f23f7737412189937514df80328093152c21a9a8ff84c6b5db6ae89b3b054fb9dc69a76928407930318ac0ebfef882b75135020af5786495b36ac85c67b0cf66d93e26282eac45d776b205eb6216d954dad819e98e8dc144da49bde7c1b89a69881fb824e7ce4f81497f46a3ca30094bc0e9580d315c37a3a6c2903ea14f543ebceef173f70ec88b1e2f63462f3949faf1cbde0c70eec4a49373584cd97b78829f53623a5df7d486034ef5cf6c3dfd37ca1a3ccb981343c3433d60efba5dd62c213fa2f9833d0d739a38ba2bb211b0788a67cf4adf69de820ebed7a8923dda3f5ce1812dc08b490afa0eac5a5f0ee6d189ac852a43400f6e393a95417b8be9be11d3106612f7e4ad2b5abc9813f15f3ae8c0f6cb9ab22c845b5207a65ffb33582f913c5cc9b0a5159c646104595405f07b1882c61a3e9c0de116ab4dbac561d1cf640f4c7141e757840900e9f15b6a6d0ae7734fd453e6ef095f3eb83470ba1a77b6d5ab0e34b61cfda5e1a66b3c58fdee83ba0eb7baae66eba82671be25cafa506af1109f0480c60d80c115ba97436ef33e3791c171b6ba307db13ce37bc0327313c946ce3186a9c349192a16d4c85a3aaea9ed053b2668b9a8fbc65316eca393fb9ecc3579b57c29ac61960546c3e75547daac141e101f9e5030834d4edaaccb1812b91c2df020ad702956cefc9cf4c3eac1b1095342be1fddc21a3a131a39ac826da8b306d2f0af4143091d4de59b1a691d15bbb7243eedc968b399606e67d5317470362fbc2ce238f70149fab4452ecdd869ffe5b71ce710ef60ef18b9c3525540b50027b264ebeb67cdc808617bed279f9800ab9845bb23a90b329b5c5dad811eb5715ee75c03e9df7139c785e63b205fd52fd4ea9186e5401cacbaf6346696ede34e31eae0f0ab94256941dc1c305374e788049a3431d6dd28c58afe1dad1967663e06492c6d35691352bdd09a0a8cfc58d38f7661f38130dae3b03e507af3d291bb55bc6fe7004cc6f65c62ad8dec08cf296d1c5c3ebaeb03e5598480d547bad1baddaa2f4f02965fbd9749cb77a92583a7e0d2849405bc02d2477f3c4826241ea9deda460c14ad2f57374be553e84d06bcf7ca152d0f30fe66f37a07dbbc63a053c82bbf76a7f41bc44ad9f8cfa57c54da14b2caebb9e0893e24391026affb98f449f0b12a946b4f6ed5e9426fd87f83f51096ec9f812de358b1c7724efe8db28fe559c49f77bbbdfc92d5451da34db8689de343ae0a8f3f6c6c1fb478787d2885d5ea87f6e7ea9a71b2aa714de95d0722ea3eccf79cf84eebcb13ac803fa0e529705b1f3e32bfce8430f7080420693cba24f5538babee9d840dd74750e0380a8d8aac7306d4289c163bae2dd334018a4b6abca7180e720becc057b2187ffca8d4aa332adc00d0a59a29c877be0dd97c427197daad003e79db7dcabcdf41f0f3b42e8a96cdad30d3d69aa2b9eaf2142a59cf4694ee08da004544dbdee0f2b5837f7273f4c28ea6364529dbcf4eb56977bf64e8ca0fa72b42699ff6a411e25e9882cb355f3b1410af85da18fcfbe76105ec37080f8fedaea663890e95c5dd80338ac800452de38a4a303e4de1dc6c144969b424468d082b551e6af9ab76921483e724cac57ba50cd83920b24d8250e27d0e3df1d197e648d9b22a75fdc68d9e5e2fd44f2ab85e69c1574d4600d31fd7a191c2b51742e83df269e18ea58a23d5da9aa180f93c6b1c27650af31368afb567df771c325947f1d4560c7014c3c0174fbb364aac53ac34dc4cc8dc87068c6684ad6edf6500b929963098467591267317828b9d041016139137ac17d549dc99c4822a907d18fe87138315ea1dacbc83cf80163e2e953bced15da7f268cae9c1def09cceb1aeae918c90c9a9b01709862354699437cca507e9dab36b6e4e36650679554fc965f816e2f7051760231f060ae3c77e14243d1c06deae6e627e12e33c2a55de2d555ee2f03eaa45299e3f0c681294739bee8223f0a0f763c950f2e7ef989aefb57f5c2e4afd7231d8fd7ee9d6c7feef1c660335b7af9c6de5d54511946ec5c0efabe542c2721fbf95ff61d16686eb86558ffea639843e26ac49d7db3d787de42e04cbab899484bf6c8ce6d83b3cc9fe121a43e26386007dbdfd21c83a3afa0241484bfa20a75f755cc6a67290f5088d1d97c087adc627a14b96fb632e3b78df29b0feb4979e0ef368b581e7274e2f9e9751409a9e4f3242be52ae46ce3a3cbe563d0746ba92b45a0be7c692958823c6aab17e532cb6584168bdf085c995ec4441370b1fe267a46f4aaf3e291a3403ec1d7795cbed7c9abf0152374a5fd9295b6c1cff3e624bb98d4f54339562af9d49a0bcfb94271a197a93df07b7ccccfb5e83421ac58d8f979b74acaf8b6abacef92aca8f0cb425156f2dc05e83d60ecf0e7f0914a99840bd3233c256789b5c6f0bedd235307200c0009c0113ab3b1aaa32145dba54c4a37ee99d3e5d5bc362424360d410a4e5aa46d242bd6e63e6782e9b96f8621d958efcfe434a9c7ff80e8a24baa0b20c526dee60497c9d470452aa1fd005d4b2f18f55cd2b6e6bd6fdd0bc721b95cd2519a192225c186be8c69f6a61f7de4314f1abbf46067f6afe010485e9110371e392836f3b60974e4b3f046788c764da1483c5fcced38f3108085532f054584b9c578e7f79b8274902ac45c481041bfea94f0367b76cbdd607cb761858f0a8ebd09b093e225739161186ff7d4ff74e4d8825f0c4ca929d662b0c3561322b2949039f40fa05e9aa12b505bf09975e22e07203ba3c76934dc768669d8ce332bc261b8747af20b046a693a3f03a9d604bb4266e1d46ea9edc0e7cbecf8e46209681aaf4bb07483a8f264cf45d51f7c2bc025ba157dc1fcfc0a6452ae5674a019a2e1acc31fce2d3895b30eebece79cfa0e2757f712d8460ab4d04ceefd800afceab0e3730b601160349a94e7bb4eb76e74056ba9e60feae42f0a625909e7d7b3bc1a69bf2287d442847a438fc07c7315cfe918bf2f8cb02070ade404891852088ec88dbab664864cff25f4481345ca1530ce23a6582e72f390e7151dbe35bd344b69cf8814526091a04a44208346f95f8eea662506449091ecbac9aa9c5280176a27a3e7d322c8783222fc0f979a26a36492c6a44b045b527d32ce909ab260ef4edceef9d793ec9cb97264290f9f90031fa886741d4fe75e3dc0942413ada595ce0db408898dac9a694da49b92e11883b5b0f3a8b567bf4e91b9007c2577cc152c8b780b7c709df2e437d53faf3e7541644c75a8a642fa52a02f78c5dc9bc4b05d055764072c9867456881f7821ec5e69226fb2b51a5340745e0d0c90bf15bf868c25000070a2bb1ca6d71f532b3576de58563598f06cc7e0a840b2c320c268e46950ff7a534248a04e0e30eb68618af53bdd18307992b6cfa5f02f00f350f16e792684cd87df009a22d410bc3cdb3a1658a747b8c84ca5731806a9c7f1457207dc8129d18cc4e1586a0bb002328c8cdc8b263f3a4c06bcb98b2a85f3e9cefbb5d2a0bbe9be686cff2a7f71ae8aaf420d9d3dd15755e5fb9fd2639c5ae8eaa1eb029692a5632c378cf56208c0903229a7e405cc04522b772fd1a010aaeb5a3bd23efb5034904025079e2050105ab69fa2c4cc71bd2e5b56a696a91ae0dd26a37a32cb0e09aa14754bbea5e8c7fa2a08002b3f73bc2a11a695f01458adbe4283df14162ab9fd54e366c1526a5d8881d1c2e12e7ddd1f40626261d1bd879d2dcfa5f82488317ac3f6231196fe813cf0624b59e8c12cfeb3ed96a41cfd09eb172f3503720ece318f950079f46ce4ec6a3732c433c4e5cb3621f1404765ae39b816fbbdf49970360c75ed185102b18f23a270996874229d8ecbeb37ab5342875315786466d2a683b0d6af19d0abba4f8b2107980d063dd1eda27a707b5a550a5df3f8aa96be177d5eff0044146bd1c97ee2909264e6f6ef6d4a0338900bcde891a8cc212283ff31daae9a5f92998a4c569084fea940007a4667f8338829fb3769aa8d71b36aebfbf726eecdd83a13d9de579e03990de30820f8515401e622a15386e8dc6cc70c96f3b73a6f39cd87bf477ddfef4ea18134f23efef7c814c2da4ad49a7962e545e6ff6ea6dfb5cbb06ef243136c53aeec6020eef81b9ef4c73d88f532a1cf2934f68527431fc3951ff6498152a5b52728217204f40d85852bf9abf1c458c53334878752c7c85f9b90e3b0966f51f28c89ddfded1d2dca142273f7070bc098e2c764e52e1afa6897bba3114850567d974b3939807c9f48d09f0b41f99a2e1cda8d1cd188c44f8037973044744ca0f14f866423d21806eedc5c163c85be12bb3672bbd1c5b50ee8923e5a746d33f2605dcf06ed943ac4e5858358470b6324b993fe69e6459278a536b4ab797648ca420bbfd0f797f8516a3323fd7bca5a34953f700f3faceeb35cc17654cbfb6aeea8701a370e2289db80e3b9e2fa1abcdb3f8332c159f9dd1f47d96f7879ed9866eb2014a03ca50550f995a9d6116c75df7b5c5901d56bad9d0465eef145892171148c53459c1a18587770546179299668d06f257d05d8c54778e30dadcb6dd3f2d6a35275eae9b49885e639beb2558e93da23074dd321feb32c4b5112d54261f482c4e17b517bd237f87183d3d3474bc2644bc9dbcf39f9700c2dbc094274becef201a6c43ec2c80cb42e714f4740314139628593d910eb6a089f6b7fb8ac1e2686ded30187bdfc60622b19916fedd29ac507e07fdc9cad0a709fd50f7a4fa4712af764ec0b61b50ed3fb41119f7220de885a881ed0f7db0dbc3bfda1e00c5cbe1b8b2fdd5a43e57ebf2aa908fd971c8d72a8a2f5e6a8821b750a3010727e18651b40fd7929522d65494310d822065e4cd0d61b0bc62a73de8a0d6f872eb06f0fec5e657afa26c0ae84270742782e658d39212346fcd7895226ff309cdf5819e40a51a317bb04cf8d5c3abe588165e735d81b8951e391c8696336552b02c6c2e142c684273ccc3d9da8f488d90808e3301db6bb66a3959a96cc1767cc5426ed01ea8d6d3bdfc3477ff5382768fa06cc840127892d16068b28a7451222e6b69224cdc3408380f73eb57e2b126387c46d", 0x1000}, {&(0x7f0000005080)="43b92fa2b765f71ece2bd9bf444f3210401aff583cf6db10ab1608147ec04bb8143674d0b136466a2b8686ec12122e0ebeabf1e8fecaea185239269e1e18f48d4700a30f52ce11fd851e7631897d", 0x4e}, {&(0x7f0000005100)="8f89206d67a0f863781bd6a2d2f91aa9e4bebbcbd39cfeee894e6ad0a1578fa713a3bf7cde11ad0beb5288e4044e5c6ea526e8da1c70fb7bd23de31c0efe5459316986b20a36e0e12ab69b3359683d13fd1199231766cbb237451acbd256ecbcc6f7e9e1c2ff0d0d669877a53e3e9cc75992e96a410296e6ce632a7af8bc70fb5780bbee12072179e1f6ea8fbd700f0b7214a40ac06203e6f2d5cdf9a227549c7417cb9f110fe103c578744a6c48", 0xae}, {&(0x7f00000051c0)="a57fab6b01d03ee8a6e8b9ef7bebc9953402d9af", 0x14}], 0x4, &(0x7f0000005240)=[{0xd8, 0x3a, 0x80, "48239819ed8ac7e370c2f27c53f93ddc6664b7ba72c6b72d4c75b3a198bcdc52066956980ae545c5a4f7c88ecebda06fb4f92a8ff50c49cc4f84ccc28a2c362bde077507ddc8bf47ccca5d07b54674ca9ecedd0f8efc6f4959fbe0ae770b7fcd38190f4febf8ae4700907d3ac8e80c6799471903796959708fb6a0493fdaeba1271466f054a9cf014f9965b73c503efe6d5a77a3d53ea4679ca972f882f16bc76bd06f943b170787919ca416c1805398ee6809d85efcc8b8b41adfb7f82f0a0d141237bd593a0fcf"}, {0x18, 0x21d, 0x6947, "df35034764"}, {0xb8, 0x280, 0x800, "c73e4746c860276c370837cbd29b78be814b0014f4574be4974c209359846684ab77daa02959dcfb10b537228ffb91d1317cb920cf52fccff23a81be70740567d2c85568b55199fe5fc4e6c2e3682c07eeb28c10f246809385de947c85f8aa1009fa64957a0e817768ba8c9f600949b7516b48768a16c73c8dd77dddd73ada7897cc387aaaf3d75cd16530d3604852422077df0c2b4ba1fa6a434a75f81b129b6b4900f2400f"}, {0xf0, 0x117, 0x19, "5ae7c4fc0cd6ee0a493caa5b6f08e9e4db164118d6b7087311207ee11444f4f46273f56d6937d7221138609afb9831ad58a182249059bd7a779d69e7a2341055cba47d30789528fa268f374a241fe945580d716a83d647a28ed22819e1a0c7411f3e31571d987c427a4c70dd5bdbc1673dd6e1eef9733934c0375ef8967665af3c521473c625d021cadca23a6693a26f646008884278babccfb5c04924dbe2c46ac88e37fa34fa4cd43abbacb1509f08a016d7d5b7438601328db9625e0fc8c36c2a4da75af72b0a53497bb310b20dea762ebb50bbbe041ca63b7d"}, {0xa8, 0x109, 0x76b, "f05d0a8c2659b82855a8cb72186b5871f891eac2bae0797bd7fd618a68419fdac8911a0fa663e868c752950bfc9d5328d3314812f4b722ec5d4570b2a88d5852b3ec0c200929aae5490b43f6bd029d8e5f62775f07560fd5839645e9c039cbb5fd6909315372a3a590e2ac05c215393ebca7e2cf388c28c2a454d52a1f9db5fe9abedc362ef4d7859a594e01f12daca309f030"}, {0x1010, 0x108, 0x7, "b725dfb5c61693fcdedb72b5c78d6bfff9f2cd6faabfbf8dc61d4cb655ea215fe8ae0b29fa8559f0ec1a290b3329b6a4313d3218a6d6346a329ba01d956d23b94f8fa6948b1220e60986a26396842aa36bac632ce2440d84422ec70a4681b81faef885db17b082afc29bf98f77965c75a2200e55d3c53793150c443847ee4c069d4aeced7e8994d2c3dadd11510be302d0fb2b7a289a63c7f7cf30df52695d488a75d106aa6c238a8b835a660839470f79f2882614345e622aa18af17457e4f12746e804587e89fa73a010c7c3a58aa8ed8a50513fd7520a6c4efe8c55deb9dbb120827b670352d8227104d8e66dace12711c71f199ff17a22e83af98fc7b739c950bedc6a8a2c3b750455bf51ba233e7d319d7d1fadb9c80c33a71732f8060028f3195da7f5e3de770b765928c06df7a68b3dde511467f9b72e39683d8a464e2074b77f888432102c99d976fe836797f38350ddf384a8974cb9c2f578094a4f738c7640cf1daba027b2932712cec430d96ac83b9b61d45e918606c11dae91916feef449117f7787321eac5b101ca68f8c9f7c79a7e0e7a39b8647075ff966da2dda4e74f5dbab16d4e1465f9aa2241b4ca61c0c83f25bf62db245a02a7f7ba3370de3e530a15bb81b52f632bce7705049983f79ee1b386a73ef770d284d0ecc47c753e26b4e7db6f2d516512260db572edaf3b4c479f709fa0fce494999153a397ac5b32b3aa91b250731453c8684b9d658b02154c992834b4b87eb043b7a5d09332e068650002c6bb1c48ac437bb1c3a66b0c140762e700639b0cb2f52df0bada526fbba87425bd13cc893b63e7c74fbc47ea8b02bc8880c4a696f0ae4431fbcd23917f486808672be6e8983e408434141fc21ff8eaa72be7369e812342eacdfe593c3c1f551c178bb9239ead453c3cea2079b1f46eaaa23d33b41c934d6f51f3234088cc7c7f1293deadd8c899cd187910731b90360ed459ceb8ce052c2d314d28133bc06a11d922641bd3686f41ec34662b6ab673471c4608b3d2109ed0e9b3585bd0283eefb445000c9190c4fdfc772427c7ccf15748523b468bb7fa865cd00e09e20e703838d5576d78290a88f2cc2a0dae78a9dd3bdaff8a59d2177ac00be5d089fdec306235c124b918fe368e85a846eddd95b6d7a6a3d19697e126c3cbce217c4924e50e10a129639db34061c75c53f9bac0265430b35585b6d7745c4b9a1e833dc673e8c6109ba292d22c051594f58c4ad4f8dba19d5a18289e430375b9ea316e26c227e35cd91a8802cd4371dc3e5d828ef08efb223cfc3312273378621901f51561643fc493ac531cbc9797010278d345e13aaec3362e7d6d9105efdd1d64e65a4879fd9c4fe5ba4839c3edd0e1d95916533a498e85f6bc817630db790743623ef678f71bb9c5ac7997aad18af2d9ee92689818c5860c27fe67dba16e7375728e5ea56cb834f0be09bf50ce90d64907bde3136d3f5a056fe34e09c10a8d07b4343b825b3e1b58d0d72c0443f384b24d74836f59b693b999f5b2a2f3b3df0bd5a8f4e4391bc5f7a44d541473070a690bc9c495fb0545c2f4f166e80e228f17a45c8276d755171dfdf274e9e74daf5b1c660b289144d0df5a48a2cf48060d5a9c5d9bb3e7ea39ad93da51e97e71cdf1a4452725c2e00fce4878bda7a5d187e6d1a83c145b846da0e3fa51d37b52fd1bbe8da6360ad6b531e0850889bb28704ae0dbbd1d11876b646ef1a1b525a1fd065f9d763fb08c1d63289516281d1a1cf13e652deee36d1d333be8be6061452b0ba20cd133acbb285d030bcb9ade1203cf465da50c76b6ae4ea5f516d0ec148a03bb8152b87415864a2cdb3b0c78e1dca6b3299705877902c274a1cf726ffc65438b0b40818b1f102bf7a1b0df6cafc3acf12d28d87f6648347e87f239c71b7b9bfd2cf1471f7fa77df23a9a24227ce918e94402a9ed587d6edd8de423021bc107c171885d7661bee93568b270dfb7d7ad374cc840e9c5fdf9dd80c728778ee3dae043254257c970d18ecaae2db79fee0726995347d6fc439d8188ea84f409db42b6f7fc7cd7b10a14785856ad7d99d63ae232666c56967958141c9a1e2ea0b4cb1fd9b76eaa7baf83f2b205176f1fd36b3d11b5598c89a6a565e5e897f45b679f703ef4191120695055632c36c27a472021136110f840677b69cf93529bd09ae705378853cface51bbc370af6bdf989605df40b5044b40b3092569f18ed5acb25cd0653d0941d7fcf43eae29aeb773fc7728174479d44d4cca58f5c926a6f79b24f59c541adf5727032e66393a83a90fe1a5bd25e0f54705577a18b58c4f8c5f0d6cc676fd9375ded421b87b52d9f23753bfd03e39b91ca8fc0517d0674547a1511cabc21f78d8f87ff8023caec468ab983d5275e5e2dc1151ed2ef1124c208f9c0eb2f4e4d1cbf488ee860f8a783118f9f397ec3c1eecf0816fd423deb2ce4e290ed5b07b13775d3a0c6ebd2242c0b4118bb8daf48e419336e54ab83892d0177a0644788398c57ff1e238d8e798c324937ac434fad7ec14d5ab746a789bf9605adc7497be7bd82580072595e8b0c1b7bc2c244a9eb3b01541d5dfc20a8ab0fe90dd423cbec622723d5a88ebc32fa4bf98afaf5474da150abb8025b43e01672e1d443b52102c5a1d7c8611a2aa46e2ec00fe4663c084c44187549c75fb8224e5c8f7d044673859e9d30b2be044a91af792a6dd1eee8dc09c28f118df7a192e2ae808c8e9ef2bbcdb2318120e9b648016b424a932b984fc20e1fe1c9fae657e287e6852c46ddf59bc35fa907019e1ddaf23dc3850ca6ba8b8cc6731b7304688ad3012796e52580d80460d96e11f5c2ca2c3f693e44ddaf21436467ff63610806eb844e0de568c9b597fe1c8253237734281103ac2e748d19e97808a8819854dee93134291af0a78349a5a154b4316fea783814339002511596649a90780f3fc73b557a20ff158abef40612655b307c063cfac32da04593079d19be407307aa89cc287f140677a701a61ed4391dce373693f53564bd716a410ba76bc3b5fb3f5533f7984835d8ed67f05f704075593192ac508acd58fa7ec620f3dfcb9b6f05c76c8f8e4e760c58ab5dbd71bc796ee16a553ff4d41be3c77863418e138b492ffa40c5078c31110abff4e48375623587560cd3b8d32b9b5e5b1374db01dc0a541eb1bea5336e440497dd985e28491227edc6d0050b2276e0009855eddfd2766fd7ebe6eb9b25d25d2710d39832dba9fbc19ac0bbac5c0339eed47add2da7252c60f5133051e93b23c5a8d1e8f14004a9d46e22bff7eaf9cfbf9a36e7ef4fe116528b65931be4d77834b66d507cb4a40a80efe6d31979e33ebe2d58b1a5fe8831f3b691424b673cad8225b0a74cca0f49e3c1686bceb17538e45c5d557bb2dd543ce45b4ea14c6af3b2418df0ba5eb216bb17f64c322360da41755e4b90e920591a90708456b9bb21a2abd9828bfe85aaff525774c58c275d04535008c59c8fd1c33ea8f525d6d185af30c46bb8c7f967effa352b33948d6513254eabd32d8473d3d589e80f56b139fb8bc622ef4c7da9cd492f90941c4a5dd726ef2645c9ebf4d66e535ea40dde34a2421976c7861a77cb2a267a072365945b47029d8319339c73a81fecf28a519efd3e8d81eebbc5001eaec8a84cf8a3c6b09c1bed5bf5b89f8ce585b9952d7bd1c41063a509e502ab4281f493e7e983f8cb992e5cb3ddccaaf6053de4b88243a8d6bc39db04c965bc6a04ca4d60bff45686fa2e6928d51ede3314f58186cf5908829a0db209bd22c7dc74f89edeb3ad709a26ec1e78c98e89420082273b57ae2fde4797b3a6c16536961563ae24ac4cb2bebc6a2a0593991f7727d16b7b4d2329031337892683d3c665c8740da29741129156ac9811b3f74e9be7827d510c81e55572958f213c6f17102460473109c5775aef6b81be4e5235165cc76e069064e5ab94989b9fa4bb565a1663277a87d55697e3d03d0200b614b89021b2bb282e15893fca77ffb8a089994760f3188dd8bcb262198f5de91fe3b1dd43fc06910d3b9448ea44366e2da6566cfa90ec1c1d7c7a1a0e43878044ea87296d8fb9ba46bb199f2151286dc98e45c6b0da40cbbc227d4189678239f5d6b17d451c26abe3c9ff58e32fa93d8ef34c55c4fd7c808f18a2b981fcf1fad3755332181483a63bd226f77758c31cc41f7938d39ba12e866c4d27093db22ef358fd3757af156149cee86f63b6e404dd7ce0df93901cf08617755078b34c03e810bac107254a1d9b03641f4766e6d3dab2569223c490b1e6c35ab3be3678419589b790a8b700fc2b68233461e78043f941876dc19cea2ded6948fbad5e382f868e84f30b98fe4c0d74976c5f88f50b78a60efdbb6547388d414ac7ebada5843c845f133f6049c9b7c4387884f8dbcb82ed2cd17de80850eed462836f301e1262f414a9bb9e9eba50bfbe9390c5d9a2081004bda374b32f4e92021c3cb47a5bfa4d3655a3b354a26ab960fac36813573a14858a158214ca6294561b463f1561cd1be8d20f6a2ae8525329066e8bd2049615f747c5f00e17af077b55543b368fc7ca24a72d9c2de4c75d1876f20e0717eb6d6db774c86f09b7d0c906c89c8c02d30091e6611a5f75f908a1831272606ecbb495b36fe5e8f78e352a402dc020756d1cb2e8c96f1c4ee1b51ae26754f7dd882baf1b3edd534dbeda248d5e678b2963607958d94cda0d56f08c7084c3e21bf5fc470900ae303f6e9edb3404614cfc5a148d916b1c61c91de2b3e0570cda04ab4cb8cf6a606a0f4112a393fa43472e00a939f43f84787d368a78fb1f0ed4c968bd0a87d136166410f8a39ec0a2d68fb6c0a036606e9cd144d7c1cc942c7d1ae593949748cc412d5f1d1b7a8a2151333afbe1d9862c23220606ed405f7cad43181378d362eb863864cc6d3759e61c16ef2d4f64d78faa44c2b896aca67c99001e0d80e5717e67da1744aea1de8447fcfeacdaa2d3ab6452c3b739ac2671ca1af62f6666d3ed9aee8e9bc22370146d33d42ee6adc7e39c14c9b53ca1a8f0dce484d65596847a8da2ab2edc14201983fb36756306ca444ead0c97499834327c689644400cf8f64d5014cc50f523c0d7da2ca0cd5e3e5acbcb32d2ae129aeb4517aeb0b6b165fbde589c78967216cf5e6f9e52dd61867b6c95777447158b8a97307f8806fb8129b265e67f861659572e5b47fda01610cf7213e8a8650317b5be4f25c5be6b9bb7972a228fafbd7a39b0a99f44b6c407829608e19785a07365fce41067cd6fb19e7d0206688a5c706d9f00372ccd346201a5d6f823500dfd23981436e3daf2d98aaef8d6d4d4c35120d8834d44533498d610c283784f7219f1db72017436f034f865d6e729c27fdb4be39726def175d10ed5ed31b7a220bf42190359db66bc9dd5fb3b2c451a80dcdf8094aea98d7332a26f550fc3a5de2227317f58943cd7cf395df67dc59e0234c0355f79382aa127486c3668b65f6377842f938eb2542d3417424a006d22dbe2bb60a23451998010823ab00da75b0dc70eacd69b3d7e1c4ed9b91b6fabf1a58d16a3fa90f8e0e0486b37095662e00aea4b6324579f06b0b4410ee0b2b3dc696464a20853b36719780d70b50cd67ff6ba444e5bf6480421347191e71b953b8fe3ba93fd8d4a5c0ce42a0bb39c7f63a95b552707bd41a4ae6a7875b6cfabb220b0c3b34ee4d71a4b51766be3c0a8a168ffde3bbe26d1dbabf0d9f37fdfaef2d9936b35166df35dbd2c581a7bddd46a21fc888ef"}, {0x100, 0x100, 0xffff, "c16cb68f830a9304e3c481acdf3b2e1b0fd75ef9ea22f8f0ef19a8c7699be6584626a14202c23470083338c21bda771c483fedb3b7edfaf0e9ec226fad22ae9cf77e4c803c275502c10d03c1c0f3d1ecbccbfaff58889f82dfaae24e5dee9bb8b275b09d34bfe3448608d76c5a2a94425d8097f4a4ed105d9d685bb4bd5a76813dbb2158fc514fd350b701c41c350d67754b97c50b91a74cd1546561d2da34886c608b3dcbec3b98a9c9107195b62bab70a8aeb13758445dd26a69fe2332285ccf089b07f056d57c57dec9c6e6f24aed9d66f12d9049332b5f2f8908e7360561ba2b077daf2dda5e33e96d2e507654f6"}], 0x1450}}, {{&(0x7f00000066c0)=@isdn={0x22, 0x3, 0x3, 0x0, 0x1f}, 0x80, &(0x7f00000067c0)=[{&(0x7f0000006740)="73e3f6e19bcec2faeef9fec0b9c19c8eb40f192d88642d1c5f92cd3055427d5125d0feee9207f864dec15a453237bf8e90a734b70275d007786021a6045700d64bf68b2845b991180f821df2931fdf20c1b585119bdfbab4d545e9f160d2ac05", 0x60}], 0x1, &(0x7f0000006800)=[{0xa0, 0x88, 0x7, "5f371be83f49b40bb78e61d58e87269822d1242cc1402250aefa7fb55a4422942215c5dca1cbee63cb932b56bb0a2529a954f5ff653b488a11f9562ef4f1a3ceff86445ac66c54d0847ddbe758c1c56748e386dafe655232d700863be081e0c2e1c167ccd5f224b9e133e8867769c6bbcbab373adad54e367105ff11c6e22f6feda54c07dfe8a32e53320d38dc"}, {0x18, 0x117, 0x2, "7f18c3fb"}, {0x80, 0x83, 0x10001, "656ed8024cf019a343186111d74100ebea154f1d8823cbee1b2c3eabb544a18f2104fd40364e847b5a223d59f633091ccc4a6d744af6917a18062647a8928cb1f777e461cda0f1b32dabb618adbf68e2e14feb54cc0ace30f092a47c6890685be895926fdd031ac0d054f77c158c7b82"}, {0x58, 0x0, 0x80000000, "00f1819925553018869d959cda1f978e2aaf43a9a7085337435d54d7003c87a9f462b3d4e754075db0b5f100972e0414cf8b46d12204b13f3a9859dcd36f9222df3831d0b412"}], 0x190}}, {{&(0x7f00000069c0)=@in={0x2, 0x4e24, @rand_addr=0x401}, 0x80, &(0x7f0000006f00)=[{&(0x7f0000006a40)="a2d2903ddcb31dc819b7b5be9c95134f9ffbe0bf6f350d5a76eedc94990191614f215e035a8c36f92941b394a3d2279fa10ccc2bbf267b9bc49e620a34271f05fe43688f876fdb491dfebc4bd8991fe47f25439f0d2856c016be93e24494068a021bf7e659bb865e12abe05741d72c48db011441a653457293059870e7cd7a185bc816ab7befbe245ea01025cbf86138e8f6823ec3d69a93a823231612bb1c35a15b70dc373380da17595aeb1f0229a850603bc81ee415b90476f1ce0baf317c95d36dd314a0a47b540df36b8df5a055da62144f1cdb", 0xd6}, {&(0x7f0000006b40)="6fef9df969fcb82590d9a257b2dff4f428dd017bbaaa8acdef487c235ac5", 0x1e}, {&(0x7f0000006b80)="7664f8d76ecc1f598386b8b831b968811f76d3543f1bcff900842e80811c4e5d127b2af16697cc7ae33980359d553efcc9dbf9eb346861d55c3e843a4e18ba910e8886c78c09d38993439586e14646fbd83ce0825d910afd542f72b6dfc8ee6a069c337cc873178d5d20680acbda33ab34624a49131f4dfd852c47d68ee947e067c135f3dbd223d930f18816b8b44a9652898a8b1192796ca058ac66dad3747b2834f0b9138d7793acc7df52f79f90e95a719b8e153e72fb52a4e654ffca478ba3507c991b30ce9708ce54cfdb8c9d654392c0bfdddc33", 0xd7}, {&(0x7f0000006c80)="3bf781f367a8dafd39bee533fa57caa5b777c3d5c78e4df3b7b93a51afa2a6661ed9c96103e9bcb8e56a79f2b6", 0x2d}, {&(0x7f0000006cc0)="febd801b23e25e14fa95b28d63ad8432ca62603a0da0c57ccaab557ba279ee63380367d524ac0ec76d2b88959ce14a6e7f5258a1077e376134", 0x39}, {&(0x7f0000006d00)="fb84b5947054ef61b17dbdf7938653ba359f37254ca59a6d655794e5f1e95800639b3a31e28f7ef880a428a23147cc676ff74dcd56756542c9103fcd64dcaa6340ac00dfb97ed0b72bfa750a935d927cdeef05f01703b17d52ada086b0a99010d6e1fc27c787b0f7d231c701cd109e93b2ba32b9ef35120e5d24cb9e05a218185a6ae1ab606db2117628e3e528a8e1f631e3d9af219a416f9236d62a5f3ad738a4495afd", 0xa4}, {&(0x7f0000006dc0)="df9478cea6f69bf7cd2a7d958d7b520b6cf9eba560aed4efdcac1f", 0x1b}, {&(0x7f0000006e00)="9fb3e0ba5dd4dbba0f13c953f2dd0e1e1376849114b06ac32b114761d18098d36eddb447010b53726b012fddb7c80a3e78388645134908316ae3ae267684a1205e464dcae57fb31bde608c944300d8ef3648b83828e2b5ce01537214b926efde7d5f02ef85cd683a300528fa632069b264accc55921f539498df98e25231cd03f3cba33f92eb39b898450c399deb851a07968a483983fbd220", 0x99}, {&(0x7f0000006ec0)="71339a76f84a", 0x6}], 0x9, &(0x7f0000006fc0)=[{0x80, 0x115, 0x1, "dda6509f61d8cdfa7e9584b52010db9bc3bb1046b9918616e719c16615e0962981ee57faf2dde918d8037b05cf62d462c5da4e8c05e4bf60b571cd51a545a20663f7cd905bbdacbf5f09286f60d64474e073f19c55535c40eec41361d8fec36531996afb6c5eae5075d53fe2615c"}, {0xb8, 0x3a, 0x200, "0844f6e3febc8f5462455d22fe4512579efb86a75c7f82024eff15930701c26bbb9350ccdda37beabf4936879d651e95d116a1847dff956f516b9a973cdc4b808fb61f98ecf0513eb76ca2b50198138faba7a1e8c6586d1a3ad07964598d7e1c2e7b7a2cc1b1205b94d22277f31f0f783d4090ee325cda096848080630168225da9c053e977f401066af4f0d10db6a620f9e36485df4fe5c9ed0438a7bff424afd"}], 0x138}}, {{&(0x7f0000007100)=@sco={0x1f, {0x81, 0x81, 0x20, 0x6, 0x1, 0x81}}, 0x80, &(0x7f0000007200)=[{&(0x7f0000007180)="a139a66b700a4581a333a26c698e14ef9fc122bf79d0fe9ddb2a938f34a9f3814ec021f262e207dc6dccb9a924d2e4abe0234f43d6f956cc71c53a0be2cc1f68324bc1ff06ab02daad8e50e01bb5ab34f6bd2cc8f4e00a", 0x57}], 0x1}}], 0x7, 0x44881) r4 = syz_open_pts(r2, 0x4000000000000002) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r4, r1, 0x0, 0x6f0a77bd) 18:52:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:27 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x63}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:27 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f00000020c0)=""/4102, 0x1006}], 0x1) ioctl$PPPOEIOCSFWD(r2, 0x4008b100, &(0x7f0000000100)={0x18, 0x0, {0x4, @remote, 'veth1\x00'}}) renameat(r1, &(0x7f0000000080)='./file0\x00', r2, &(0x7f00000000c0)='./file0\x00') r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) r4 = syz_open_pts(r3, 0x4000000000000002) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r5 = gettid() tkill(r5, 0x3c) pidfd_open(r5, 0x0) sendfile(r4, r0, 0x0, 0x6f0a77bd) 18:52:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7fdf9b040700) 18:52:27 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 515.243831][T12731] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 18:52:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x68}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 515.300803][T12731] CPU: 0 PID: 12731 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 515.308723][T12731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.318785][T12731] Call Trace: [ 515.322101][T12731] dump_stack+0xf5/0x159 [ 515.326375][T12731] dump_header+0xaa/0x449 [ 515.330791][T12731] oom_kill_process.cold+0x10/0x15 [ 515.336004][T12731] out_of_memory+0x231/0xa00 [ 515.340619][T12731] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 515.346295][T12731] mem_cgroup_out_of_memory+0x128/0x150 [ 515.351885][T12731] try_charge+0xb3a/0xbc0 [ 515.356309][T12731] ? rcu_note_context_switch+0x700/0x760 [ 515.361970][T12731] mem_cgroup_try_charge+0xd2/0x260 [ 515.367196][T12731] mem_cgroup_try_charge_delay+0x3a/0x80 [ 515.372845][T12731] __handle_mm_fault+0x179a/0x2cb0 [ 515.378023][T12731] handle_mm_fault+0x21b/0x530 [ 515.382887][T12731] __get_user_pages+0x485/0x1160 [ 515.387956][T12731] populate_vma_page_range+0xe6/0x100 [ 515.393440][T12731] __mm_populate+0x168/0x2a0 [ 515.398058][T12731] __x64_sys_mlockall+0x2e3/0x320 [ 515.403115][T12731] do_syscall_64+0xcc/0x370 [ 515.407673][T12731] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 515.413616][T12731] RIP: 0033:0x459f39 [ 515.417619][T12731] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 515.437228][T12731] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:28 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x1, 0x2, 0x4, 0x0, 0x40, 0x0, 0x0, 0x0, 0xfffffffe}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0x8, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffff}) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 515.445703][T12731] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 515.453718][T12731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 515.461720][T12731] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 515.469700][T12731] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 515.477707][T12731] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7049bdf7f0000) [ 515.596365][T12731] memory: usage 307200kB, limit 307200kB, failcnt 366 [ 515.618877][T12731] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 515.642655][T12731] Memory cgroup stats for /syz5: [ 515.647316][T12731] anon 308043776 [ 515.647316][T12731] file 102400 [ 515.647316][T12731] kernel_stack 368640 [ 515.647316][T12731] slab 2412544 [ 515.647316][T12731] sock 4096 [ 515.647316][T12731] shmem 81920 [ 515.647316][T12731] file_mapped 135168 [ 515.647316][T12731] file_dirty 0 [ 515.647316][T12731] file_writeback 0 [ 515.647316][T12731] anon_thp 272629760 [ 515.647316][T12731] inactive_anon 57495552 [ 515.647316][T12731] active_anon 15257600 [ 515.647316][T12731] inactive_file 0 18:52:28 executing program 0: syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) write$P9_RXATTRCREATE(r1, &(0x7f0000000080)={0x7, 0x21, 0x1}, 0x7) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}) syz_open_pts(r0, 0x4000000000000002) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) prctl$PR_GET_SECCOMP(0x15) [ 515.647316][T12731] active_file 135168 [ 515.647316][T12731] unevictable 235347968 [ 515.647316][T12731] slab_reclaimable 675840 [ 515.647316][T12731] slab_unreclaimable 1736704 [ 515.647316][T12731] pgfault 49368 [ 515.647316][T12731] pgmajfault 0 [ 515.647316][T12731] workingset_refault 0 [ 515.647316][T12731] workingset_activate 0 [ 515.647316][T12731] workingset_nodereclaim 0 [ 515.647316][T12731] pgrefill 133 [ 515.647316][T12731] pgscan 170 [ 515.647316][T12731] pgsteal 33 18:52:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x71}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 515.825913][T12731] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12714,uid=0 [ 515.906607][T12731] Memory cgroup out of memory: Killed process 12714 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 516.045251][ T1062] oom_reaper: reaped process 12714 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 516.401506][T12780] IPVS: ftp: loaded support on port[0] = 21 [ 516.855299][T12731] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 516.865984][T12731] CPU: 0 PID: 12731 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 516.873959][T12731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.884073][T12731] Call Trace: [ 516.887381][T12731] dump_stack+0xf5/0x159 [ 516.891702][T12731] dump_header+0xaa/0x449 [ 516.896059][T12731] oom_kill_process.cold+0x10/0x15 [ 516.901268][T12731] out_of_memory+0x231/0xa00 [ 516.905876][T12731] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 516.911576][T12731] mem_cgroup_out_of_memory+0x128/0x150 [ 516.917235][T12731] try_charge+0xb3a/0xbc0 [ 516.921584][T12731] ? rcu_note_context_switch+0x700/0x760 [ 516.927252][T12731] mem_cgroup_try_charge+0xd2/0x260 [ 516.932457][T12731] mem_cgroup_try_charge_delay+0x3a/0x80 [ 516.938109][T12731] wp_page_copy+0x322/0x1160 [ 516.942779][T12731] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 516.948423][T12731] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 516.954048][T12731] do_wp_page+0x192/0x11f0 [ 516.958481][T12731] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 516.964179][T12731] __handle_mm_fault+0x1c07/0x2cb0 [ 516.969290][T12731] handle_mm_fault+0x21b/0x530 [ 516.974084][T12731] __get_user_pages+0x485/0x1160 [ 516.979082][T12731] populate_vma_page_range+0xe6/0x100 [ 516.984464][T12731] __mm_populate+0x168/0x2a0 [ 516.989118][T12731] __x64_sys_mlockall+0x2e3/0x320 [ 516.994167][T12731] do_syscall_64+0xcc/0x370 [ 516.998659][T12731] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 517.004532][T12731] RIP: 0033:0x459f39 [ 517.008452][T12731] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.028093][T12731] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 517.036532][T12731] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 517.044520][T12731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 517.052549][T12731] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 517.060502][T12731] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 517.068455][T12731] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 517.076990][T12731] memory: usage 307200kB, limit 307200kB, failcnt 433 [ 517.084231][T12731] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 517.091408][T12731] Memory cgroup stats for /syz5: [ 517.092773][T12731] anon 307965952 [ 517.092773][T12731] file 102400 [ 517.092773][T12731] kernel_stack 405504 [ 517.092773][T12731] slab 2412544 [ 517.092773][T12731] sock 4096 [ 517.092773][T12731] shmem 81920 [ 517.092773][T12731] file_mapped 135168 [ 517.092773][T12731] file_dirty 0 [ 517.092773][T12731] file_writeback 0 [ 517.092773][T12731] anon_thp 272629760 [ 517.092773][T12731] inactive_anon 51699712 [ 517.092773][T12731] active_anon 15257600 [ 517.092773][T12731] inactive_file 0 [ 517.092773][T12731] active_file 135168 [ 517.092773][T12731] unevictable 241098752 [ 517.092773][T12731] slab_reclaimable 675840 [ 517.092773][T12731] slab_unreclaimable 1736704 [ 517.092773][T12731] pgfault 50622 [ 517.092773][T12731] pgmajfault 0 [ 517.092773][T12731] workingset_refault 0 [ 517.092773][T12731] workingset_activate 0 [ 517.092773][T12731] workingset_nodereclaim 0 [ 517.092773][T12731] pgrefill 133 [ 517.092773][T12731] pgscan 170 [ 517.092773][T12731] pgsteal 33 [ 517.187834][T12731] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12727,uid=0 [ 517.204036][T12731] Memory cgroup out of memory: Killed process 12727 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 517.225260][ T1062] oom_reaper: reaped process 12727 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:30 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:30 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x10001}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:30 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x73}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x10000000000000) 18:52:30 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) readv(r1, &(0x7f0000000040), 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=0x0) r3 = syz_open_procfs(r2, &(0x7f00000000c0)='net/sockstat\x00') r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f00003b9fdc)) r5 = syz_open_pts(r4, 0x4000000000000002) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r6, 0x111, 0x4, 0x1, 0x4) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) sendfile(r5, r3, 0x0, 0x6f0a77bd) 18:52:30 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x74}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:30 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) 18:52:30 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 517.979115][T12798] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 518.003925][T12798] CPU: 1 PID: 12798 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 518.011847][T12798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.021905][T12798] Call Trace: [ 518.025267][T12798] dump_stack+0xf5/0x159 [ 518.029535][T12798] dump_header+0xaa/0x449 [ 518.033894][T12798] oom_kill_process.cold+0x10/0x15 [ 518.039036][T12798] out_of_memory+0x231/0xa00 [ 518.043665][T12798] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 518.049397][T12798] mem_cgroup_out_of_memory+0x128/0x150 [ 518.054993][T12798] try_charge+0xb3a/0xbc0 [ 518.059350][T12798] ? rcu_note_context_switch+0x700/0x760 [ 518.065022][T12798] mem_cgroup_try_charge+0xd2/0x260 [ 518.070243][T12798] mem_cgroup_try_charge_delay+0x3a/0x80 [ 518.075911][T12798] __handle_mm_fault+0x179a/0x2cb0 [ 518.081161][T12798] handle_mm_fault+0x21b/0x530 [ 518.086017][T12798] __get_user_pages+0x485/0x1160 [ 518.091069][T12798] populate_vma_page_range+0xe6/0x100 [ 518.096479][T12798] __mm_populate+0x168/0x2a0 [ 518.101140][T12798] __x64_sys_mlockall+0x2e3/0x320 [ 518.106251][T12798] do_syscall_64+0xcc/0x370 [ 518.110776][T12798] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 518.116693][T12798] RIP: 0033:0x459f39 [ 518.120616][T12798] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 518.140261][T12798] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 518.148701][T12798] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 518.156755][T12798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 518.164740][T12798] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:52:30 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7a}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 518.172739][T12798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 518.180722][T12798] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:30 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) readahead(r2, 0x5, 0x1000000) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r4 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x9, 0x410000) ioctl$SNDRV_CTL_IOCTL_PVERSION(r4, 0x80045500, &(0x7f00000000c0)) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) bind$llc(r5, &(0x7f0000000140)={0x1a, 0x321, 0x9, 0x3f, 0x3}, 0x10) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x98800, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0}, &(0x7f0000000240)=0x14) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) sendmsg$can_bcm(r6, &(0x7f00000003c0)={&(0x7f0000000280)={0x1d, r7}, 0x10, &(0x7f0000000380)={&(0x7f0000000300)={0x1, 0x1, 0x2, {}, {r8, r9/1000+10000}, {0x2, 0x0, 0x1, 0x1}, 0x1, @canfd={{0x3, 0x1}, 0x33, 0x3, 0x0, 0x0, "c4d9c8284f18dac301366330dc273ce61aad0c5bc0cbe0dd45bb8d6c5c0705ba72b0d82a6124e824be8a922eb82d6a86405512804f9c4a488a870d853bf486c1"}}, 0x80}, 0x1, 0x0, 0x0, 0x4001}, 0xc000) sendfile(r3, r0, 0x0, 0x6f0a77bd) [ 518.506227][T12798] memory: usage 307200kB, limit 307200kB, failcnt 457 [ 518.514398][T12798] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 518.530331][T12798] Memory cgroup stats for /syz5: [ 518.530634][T12798] anon 308109312 [ 518.530634][T12798] file 102400 [ 518.530634][T12798] kernel_stack 331776 [ 518.530634][T12798] slab 2412544 [ 518.530634][T12798] sock 4096 [ 518.530634][T12798] shmem 81920 [ 518.530634][T12798] file_mapped 135168 [ 518.530634][T12798] file_dirty 0 [ 518.530634][T12798] file_writeback 0 [ 518.530634][T12798] anon_thp 272629760 [ 518.530634][T12798] inactive_anon 59637760 [ 518.530634][T12798] active_anon 15306752 [ 518.530634][T12798] inactive_file 0 [ 518.530634][T12798] active_file 135168 [ 518.530634][T12798] unevictable 233250816 [ 518.530634][T12798] slab_reclaimable 675840 [ 518.530634][T12798] slab_unreclaimable 1736704 [ 518.530634][T12798] pgfault 51282 [ 518.530634][T12798] pgmajfault 0 [ 518.530634][T12798] workingset_refault 0 [ 518.530634][T12798] workingset_activate 0 [ 518.530634][T12798] workingset_nodereclaim 0 [ 518.530634][T12798] pgrefill 133 [ 518.530634][T12798] pgscan 170 [ 518.530634][T12798] pgsteal 33 [ 518.627182][T12798] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12781,uid=0 [ 518.643269][T12798] Memory cgroup out of memory: Killed process 12781 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 518.673321][ T1062] oom_reaper: reaped process 12781 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 518.895592][T12831] IPVS: ftp: loaded support on port[0] = 21 [ 519.280728][T12798] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 519.291490][T12798] CPU: 1 PID: 12798 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 519.299392][T12798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.309461][T12798] Call Trace: [ 519.312799][T12798] dump_stack+0xf5/0x159 [ 519.317064][T12798] dump_header+0xaa/0x449 [ 519.321469][T12798] oom_kill_process.cold+0x10/0x15 [ 519.326601][T12798] out_of_memory+0x231/0xa00 [ 519.331199][T12798] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 519.336849][T12798] ? mem_cgroup_out_of_memory+0x85/0x150 [ 519.342501][T12798] mem_cgroup_out_of_memory+0x128/0x150 [ 519.348075][T12798] try_charge+0xb3a/0xbc0 [ 519.352518][T12798] ? rcu_note_context_switch+0x700/0x760 [ 519.358186][T12798] mem_cgroup_try_charge+0xd2/0x260 [ 519.363481][T12798] mem_cgroup_try_charge_delay+0x3a/0x80 [ 519.369161][T12798] wp_page_copy+0x322/0x1160 [ 519.373761][T12798] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 519.379409][T12798] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 519.385071][T12798] do_wp_page+0x192/0x11f0 [ 519.389528][T12798] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 519.395183][T12798] __handle_mm_fault+0x1c07/0x2cb0 [ 519.400379][T12798] handle_mm_fault+0x21b/0x530 [ 519.405172][T12798] __get_user_pages+0x485/0x1160 [ 519.410168][T12798] populate_vma_page_range+0xe6/0x100 [ 519.415564][T12798] __mm_populate+0x168/0x2a0 [ 519.420210][T12798] __x64_sys_mlockall+0x2e3/0x320 [ 519.425303][T12798] do_syscall_64+0xcc/0x370 [ 519.429827][T12798] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 519.435721][T12798] RIP: 0033:0x459f39 [ 519.439645][T12798] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.459319][T12798] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 519.467741][T12798] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 519.475717][T12798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 519.483692][T12798] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 519.491730][T12798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 519.499736][T12798] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 519.511369][T12798] memory: usage 307200kB, limit 307200kB, failcnt 488 [ 519.518256][T12798] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 519.525670][T12798] Memory cgroup stats for /syz5: [ 519.527026][T12798] anon 307986432 [ 519.527026][T12798] file 102400 [ 519.527026][T12798] kernel_stack 368640 [ 519.527026][T12798] slab 2412544 [ 519.527026][T12798] sock 4096 [ 519.527026][T12798] shmem 81920 [ 519.527026][T12798] file_mapped 135168 [ 519.527026][T12798] file_dirty 0 [ 519.527026][T12798] file_writeback 0 [ 519.527026][T12798] anon_thp 272629760 [ 519.527026][T12798] inactive_anon 51748864 [ 519.527026][T12798] active_anon 15306752 [ 519.527026][T12798] inactive_file 0 [ 519.527026][T12798] active_file 135168 [ 519.527026][T12798] unevictable 241102848 [ 519.527026][T12798] slab_reclaimable 675840 [ 519.527026][T12798] slab_unreclaimable 1736704 [ 519.527026][T12798] pgfault 52569 [ 519.527026][T12798] pgmajfault 0 [ 519.527026][T12798] workingset_refault 0 [ 519.527026][T12798] workingset_activate 0 [ 519.527026][T12798] workingset_nodereclaim 0 [ 519.527026][T12798] pgrefill 133 [ 519.527026][T12798] pgscan 170 [ 519.527026][T12798] pgsteal 33 [ 519.623155][T12798] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12796,uid=0 [ 519.640066][T12798] Memory cgroup out of memory: Killed process 12796 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 519.661543][ T1062] oom_reaper: reaped process 12796 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xee0f0000000000) 18:52:33 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:33 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb0}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:33 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(0xffffffffffffffff, 0x4000000000000002) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) socket$inet(0x2, 0x800, 0xe2) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) sendfile(r1, r0, 0x0, 0x6f0a77bd) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000100)='tls\x00', 0x4) 18:52:33 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB="41007e142903d826efff70616ce0fa7335218000", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x82, &(0x7f0000000000)=@assoc_value={r5}, 0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000000)={r5, 0xff}, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={r5, 0x9}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r6, &(0x7f0000000140)=0x4) 18:52:33 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc0}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 18:52:33 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4) readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TCSBRK(r3, 0x5409, 0x7) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000000c0)={0x0, 0x6, 0x100, &(0x7f0000000080)=0xf0}) [ 520.960253][T12853] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 520.999076][T12853] CPU: 1 PID: 12853 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 521.007000][T12853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.017057][T12853] Call Trace: [ 521.020411][T12853] dump_stack+0xf5/0x159 [ 521.024683][T12853] dump_header+0xaa/0x449 [ 521.029052][T12853] oom_kill_process.cold+0x10/0x15 [ 521.034192][T12853] out_of_memory+0x231/0xa00 [ 521.038862][T12853] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 521.044598][T12853] mem_cgroup_out_of_memory+0x128/0x150 [ 521.050273][T12853] try_charge+0xb3a/0xbc0 [ 521.054632][T12853] ? rcu_note_context_switch+0x700/0x760 [ 521.060333][T12853] mem_cgroup_try_charge+0xd2/0x260 [ 521.065608][T12853] mem_cgroup_try_charge_delay+0x3a/0x80 [ 521.071254][T12853] __handle_mm_fault+0x179a/0x2cb0 [ 521.076404][T12853] handle_mm_fault+0x21b/0x530 [ 521.081253][T12853] __get_user_pages+0x485/0x1160 [ 521.086289][T12853] populate_vma_page_range+0xe6/0x100 [ 521.091704][T12853] __mm_populate+0x168/0x2a0 [ 521.096322][T12853] __x64_sys_mlockall+0x2e3/0x320 [ 521.101376][T12853] do_syscall_64+0xcc/0x370 [ 521.105902][T12853] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 521.111802][T12853] RIP: 0033:0x459f39 [ 521.115742][T12853] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.135465][T12853] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 521.143880][T12853] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 521.151902][T12853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 18:52:33 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfa}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 521.159958][T12853] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 521.167943][T12853] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 521.175954][T12853] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 521.228449][T12853] memory: usage 307200kB, limit 307200kB, failcnt 534 18:52:34 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 521.275837][T12853] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 521.337148][T12853] Memory cgroup stats for /syz5: [ 521.337412][T12853] anon 308121600 [ 521.337412][T12853] file 102400 [ 521.337412][T12853] kernel_stack 368640 [ 521.337412][T12853] slab 2412544 [ 521.337412][T12853] sock 4096 [ 521.337412][T12853] shmem 81920 [ 521.337412][T12853] file_mapped 135168 [ 521.337412][T12853] file_dirty 0 [ 521.337412][T12853] file_writeback 0 [ 521.337412][T12853] anon_thp 272629760 [ 521.337412][T12853] inactive_anon 59711488 [ 521.337412][T12853] active_anon 15314944 18:52:34 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x300}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 521.337412][T12853] inactive_file 0 [ 521.337412][T12853] active_file 135168 [ 521.337412][T12853] unevictable 233127936 [ 521.337412][T12853] slab_reclaimable 675840 [ 521.337412][T12853] slab_unreclaimable 1736704 [ 521.337412][T12853] pgfault 53229 [ 521.337412][T12853] pgmajfault 0 [ 521.337412][T12853] workingset_refault 33 [ 521.337412][T12853] workingset_activate 0 [ 521.337412][T12853] workingset_nodereclaim 0 [ 521.337412][T12853] pgrefill 166 [ 521.337412][T12853] pgscan 170 [ 521.337412][T12853] pgsteal 33 [ 521.463443][T12853] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12832,uid=0 [ 521.483937][T12853] Memory cgroup out of memory: Killed process 12832 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 522.059812][T12885] IPVS: ftp: loaded support on port[0] = 21 18:52:35 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r2, 0x10f, 0x84, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r3 = syz_open_pts(r1, 0x4000000000000002) fremovexattr(r3, &(0x7f0000000080)=@random={'trusted.', 'em0\x00'}) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb53dbb91, 0x0, 0x0, 0x81}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 18:52:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:35 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x500}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:35 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:35 executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r1, &(0x7f0000000240)=[{&(0x7f0000000280)=""/61, 0x144}], 0x1, &(0x7f0000002540)=[{&(0x7f00000001c0)=""/63, 0x3f}], 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x1e, &(0x7f0000000480)=ANY=[@ANYBLOB="850000002200000007000000000000009500000000000000c256f81ceef4a74d2e3914e3504ee11b525f202c33178114ec6a58e99e37ec61d16ecb6731f0ecd6afb660d265cf02ffdb2d942f36242c7fede3e2d1ea3874207b546b2e6268bd4373cf3066d525719ff1468100ac561d9a62879597f681dcc5df1ca3b13a80d68f760601de6540c6ac368eb59bc166bd592f53267e130ee772d98b686d49006afe2111fa694278b371d2a9e7133a6a7b782f16a53d0fe942a0359f0d93a6d3e42b7d0b1b2a3c459327015abc3a5570a06e16a6efa46156fb165c3535e5c12c4b1fa704024ee38a0c8e9818e8c9454d4208772355dc52"], &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xa}, 0x10}, 0x70) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r2, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000003c0)={r3}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={r1, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000180)='-trusted(&}\x00', r3}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000100)='\\\x00', r3}, 0x30) fcntl$getflags(r4, 0x40a) r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, &(0x7f00000001c0)={0x2d07d1b363145399, @output={0x0, 0x1, {0x8, 0x2}, 0x3, 0x8000}}) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$USBDEVFS_DISCARDURB(r7, 0x550b, &(0x7f0000000400)=0x7) r8 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x8, 0x200000) ioctl$TCSETS(r8, 0x40045431, &(0x7f00003b9fdc)={0x1100004, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0xfffffffb}) r9 = syz_open_pts(r6, 0x4000000000000002) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r10, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TIOCGSOFTCAR(r10, 0x5419, &(0x7f0000000440)) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x200000, 0x0) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) prctl$PR_MCE_KILL(0x21, 0x1, 0x3) sendfile(r9, r5, 0x0, 0x6f0a77bd) [ 522.626438][T12889] ptrace attach of "/root/syz-executor.2"[7187] was attempted by "/root/syz-executor.2"[12889] 18:52:35 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x600}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 522.855536][T12889] ptrace attach of "/root/syz-executor.2"[7187] was attempted by "/root/syz-executor.2"[12889] 18:52:35 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000080)={0x28, 0x2, 0x0, {0x3}}, 0x28) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x1b}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) [ 523.049624][T12900] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 523.112843][T12900] CPU: 1 PID: 12900 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 523.120787][T12900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.130842][T12900] Call Trace: [ 523.134226][T12900] dump_stack+0xf5/0x159 [ 523.138483][T12900] dump_header+0xaa/0x449 [ 523.142829][T12900] oom_kill_process.cold+0x10/0x15 [ 523.147951][T12900] out_of_memory+0x231/0xa00 [ 523.152545][T12900] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 523.158335][T12900] mem_cgroup_out_of_memory+0x128/0x150 [ 523.163900][T12900] try_charge+0xb3a/0xbc0 [ 523.168292][T12900] ? rcu_note_context_switch+0x700/0x760 [ 523.173991][T12900] mem_cgroup_try_charge+0xd2/0x260 [ 523.179204][T12900] mem_cgroup_try_charge_delay+0x3a/0x80 [ 523.184843][T12900] __handle_mm_fault+0x179a/0x2cb0 [ 523.189979][T12900] handle_mm_fault+0x21b/0x530 [ 523.194834][T12900] __get_user_pages+0x485/0x1160 [ 523.199842][T12900] populate_vma_page_range+0xe6/0x100 [ 523.205228][T12900] __mm_populate+0x168/0x2a0 [ 523.209876][T12900] __x64_sys_mlockall+0x2e3/0x320 [ 523.214963][T12900] do_syscall_64+0xcc/0x370 [ 523.219475][T12900] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 523.225466][T12900] RIP: 0033:0x459f39 [ 523.229375][T12900] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 523.248998][T12900] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) 18:52:36 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x0, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 523.257411][T12900] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 523.265461][T12900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 523.273437][T12900] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 523.281411][T12900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 523.289384][T12900] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:52:36 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x200, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(r3, 0x5, 0x0, 0x0) [ 523.368385][T12900] memory: usage 307200kB, limit 307200kB, failcnt 552 [ 523.388473][T12900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 523.395335][T12900] Memory cgroup stats for /syz5: [ 523.395593][T12900] anon 308031488 [ 523.395593][T12900] file 102400 [ 523.395593][T12900] kernel_stack 331776 [ 523.395593][T12900] slab 2412544 [ 523.395593][T12900] sock 4096 18:52:36 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x700}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 523.395593][T12900] shmem 81920 [ 523.395593][T12900] file_mapped 135168 [ 523.395593][T12900] file_dirty 0 [ 523.395593][T12900] file_writeback 0 [ 523.395593][T12900] anon_thp 272629760 [ 523.395593][T12900] inactive_anon 59686912 [ 523.395593][T12900] active_anon 15306752 [ 523.395593][T12900] inactive_file 0 [ 523.395593][T12900] active_file 135168 [ 523.395593][T12900] unevictable 233009152 [ 523.395593][T12900] slab_reclaimable 675840 [ 523.395593][T12900] slab_unreclaimable 1736704 [ 523.395593][T12900] pgfault 55044 [ 523.395593][T12900] pgmajfault 0 [ 523.395593][T12900] workingset_refault 33 [ 523.395593][T12900] workingset_activate 0 [ 523.395593][T12900] workingset_nodereclaim 0 [ 523.395593][T12900] pgrefill 200 [ 523.395593][T12900] pgscan 204 [ 523.395593][T12900] pgsteal 33 [ 523.568333][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 523.574115][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 523.579914][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 523.585688][ C0] protocol 88fb is buggy, dev hsr_slave_1 18:52:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x300000002000000) 18:52:36 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x0, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 524.048346][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 524.054152][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 524.119085][T12900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12887,uid=0 [ 524.158641][T12900] Memory cgroup out of memory: Killed process 12887 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 524.350857][T12905] IPVS: ftp: loaded support on port[0] = 21 [ 524.441983][T12900] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 524.452849][T12900] CPU: 0 PID: 12900 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 524.460839][T12900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.470892][T12900] Call Trace: [ 524.474200][T12900] dump_stack+0xf5/0x159 [ 524.478466][T12900] dump_header+0xaa/0x449 [ 524.482788][T12900] oom_kill_process.cold+0x10/0x15 [ 524.487886][T12900] out_of_memory+0x231/0xa00 [ 524.492545][T12900] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 524.498235][T12900] mem_cgroup_out_of_memory+0x128/0x150 [ 524.503783][T12900] try_charge+0xb3a/0xbc0 [ 524.508114][T12900] ? rcu_note_context_switch+0x700/0x760 [ 524.513741][T12900] mem_cgroup_try_charge+0xd2/0x260 [ 524.518946][T12900] mem_cgroup_try_charge_delay+0x3a/0x80 [ 524.524612][T12900] wp_page_copy+0x322/0x1160 [ 524.529223][T12900] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 524.534862][T12900] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 524.540530][T12900] do_wp_page+0x192/0x11f0 [ 524.544937][T12900] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 524.550658][T12900] __handle_mm_fault+0x1c07/0x2cb0 [ 524.555880][T12900] handle_mm_fault+0x21b/0x530 [ 524.560675][T12900] __get_user_pages+0x485/0x1160 [ 524.565683][T12900] populate_vma_page_range+0xe6/0x100 [ 524.571075][T12900] __mm_populate+0x168/0x2a0 [ 524.575724][T12900] __x64_sys_mlockall+0x2e3/0x320 [ 524.580777][T12900] do_syscall_64+0xcc/0x370 [ 524.585272][T12900] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 524.591235][T12900] RIP: 0033:0x459f39 [ 524.595144][T12900] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 524.614763][T12900] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 524.623158][T12900] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 524.631128][T12900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 524.639109][T12900] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 524.647062][T12900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 524.655017][T12900] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 524.663233][T12900] memory: usage 307200kB, limit 307200kB, failcnt 613 [ 524.670147][T12900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 524.677324][T12900] Memory cgroup stats for /syz5: [ 524.677643][T12900] anon 308101120 [ 524.677643][T12900] file 102400 [ 524.677643][T12900] kernel_stack 331776 [ 524.677643][T12900] slab 2412544 [ 524.677643][T12900] sock 4096 [ 524.677643][T12900] shmem 81920 [ 524.677643][T12900] file_mapped 135168 [ 524.677643][T12900] file_dirty 0 [ 524.677643][T12900] file_writeback 0 [ 524.677643][T12900] anon_thp 272629760 [ 524.677643][T12900] inactive_anon 53653504 [ 524.677643][T12900] active_anon 15306752 [ 524.677643][T12900] inactive_file 0 [ 524.677643][T12900] active_file 135168 [ 524.677643][T12900] unevictable 239128576 [ 524.677643][T12900] slab_reclaimable 675840 [ 524.677643][T12900] slab_unreclaimable 1736704 [ 524.677643][T12900] pgfault 56265 [ 524.677643][T12900] pgmajfault 0 [ 524.677643][T12900] workingset_refault 33 [ 524.677643][T12900] workingset_activate 0 [ 524.677643][T12900] workingset_nodereclaim 0 [ 524.677643][T12900] pgrefill 200 [ 524.677643][T12900] pgscan 204 [ 524.677643][T12900] pgsteal 33 [ 524.772790][T12900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12899,uid=0 [ 524.788511][T12900] Memory cgroup out of memory: Killed process 12900 (syz-executor.5) total-vm:72848kB, anon-rss:18488kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 524.806718][ T1062] oom_reaper: reaped process 12900 (syz-executor.5), now anon-rss:18488kB, file-rss:54336kB, shmem-rss:0kB [ 524.806949][T12949] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 524.830277][T12949] CPU: 0 PID: 12949 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 524.838167][T12949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.848231][T12949] Call Trace: [ 524.851569][T12949] dump_stack+0xf5/0x159 [ 524.855840][T12949] dump_header+0xaa/0x449 [ 524.860195][T12949] oom_kill_process.cold+0x10/0x15 [ 524.865340][T12949] out_of_memory+0x231/0xa00 [ 524.869964][T12949] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 524.875647][T12949] mem_cgroup_out_of_memory+0x128/0x150 [ 524.881316][T12949] try_charge+0x8c1/0xbc0 [ 524.885669][T12949] ? get_page_from_freelist+0x8c0/0x1650 [ 524.891318][T12949] ? __tsan_write4+0x32/0x40 [ 524.895959][T12949] ? __rcu_read_unlock+0x66/0x3c0 [ 524.901045][T12949] __memcg_kmem_charge_memcg+0x4a/0xe0 [ 524.906523][T12949] __memcg_kmem_charge+0xde/0x240 [ 524.911594][T12949] __alloc_pages_nodemask+0x26c/0x310 [ 524.917010][T12949] alloc_pages_current+0xd1/0x170 [ 524.922050][T12949] pte_alloc_one+0x30/0xa0 [ 524.926490][T12949] __handle_mm_fault+0x296f/0x2cb0 [ 524.931632][T12949] handle_mm_fault+0x21b/0x530 [ 524.936502][T12949] __do_page_fault+0x3fb/0x9e0 [ 524.941369][T12949] do_page_fault+0x54/0x233 [ 524.945893][T12949] ? syscall_return_slowpath+0x1b8/0x220 [ 524.951537][T12949] page_fault+0x34/0x40 [ 524.955694][T12949] RIP: 0033:0x459f39 [ 524.959598][T12949] Code: Bad RIP value. [ 524.963663][T12949] RSP: 002b:00007f2866202c78 EFLAGS: 00010246 [ 524.969782][T12949] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000459f39 [ 524.977768][T12949] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000040002400 [ 524.985800][T12949] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000 [ 524.993817][T12949] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662036d4 [ 525.001787][T12949] R13: 00000000004c05bf R14: 00000000004d2a70 R15: 00000000ffffffff [ 525.013201][T12949] memory: usage 296652kB, limit 307200kB, failcnt 614 [ 525.024898][T12949] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 525.031779][T12949] Memory cgroup stats for /syz5: [ 525.032063][T12949] anon 297402368 [ 525.032063][T12949] file 102400 18:52:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:37 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x2, 0x4}}, 0x10) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000002c0)={@remote={[], 0x2}, 0x8000000c, 'bpq0\x00\x00\x00\x00\x00\x00\x00\xd0&\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\xe4\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\xa4}\xfe\x1f\xf0L\xfc\x95\x00'}) readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$DRM_IOCTL_INFO_BUFS(r4, 0xc0106418, &(0x7f0000000080)={0xb134, 0x3fc, 0x8000, 0x2d6e, 0x2, 0x5}) socket$inet6_tcp(0xa, 0x1, 0x0) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:37 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) 18:52:37 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x7, @mcast2, 0x9}, 0x1c) 18:52:37 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x0, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 525.032063][T12949] kernel_stack 331776 [ 525.032063][T12949] slab 2412544 [ 525.032063][T12949] sock 4096 [ 525.032063][T12949] shmem 81920 [ 525.032063][T12949] file_mapped 135168 [ 525.032063][T12949] file_dirty 0 [ 525.032063][T12949] file_writeback 0 [ 525.032063][T12949] anon_thp 264241152 [ 525.032063][T12949] inactive_anon 59838464 [ 525.032063][T12949] active_anon 15306752 [ 525.032063][T12949] inactive_file 0 [ 525.032063][T12949] active_file 135168 [ 525.032063][T12949] unevictable 222420992 [ 525.032063][T12949] slab_reclaimable 675840 [ 525.032063][T12949] slab_unreclaimable 1736704 [ 525.032063][T12949] pgfault 56265 [ 525.032063][T12949] pgmajfault 0 [ 525.032063][T12949] workingset_refault 33 [ 525.032063][T12949] workingset_activate 0 [ 525.032063][T12949] workingset_nodereclaim 0 [ 525.032063][T12949] pgrefill 200 [ 525.032063][T12949] pgscan 204 [ 525.032063][T12949] pgsteal 33 18:52:38 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 525.374964][T12949] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12287,uid=0 18:52:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 18:52:38 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 525.639295][T12949] Memory cgroup out of memory: Killed process 12287 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 18:52:38 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1800}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:38 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f00000020c0)=""/4096) r2 = syz_open_pts(r1, 0x40) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000080)={0xffffffffffffffff, 0x7fffffff}) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r5) getresgid(&(0x7f0000000100)=0x0, &(0x7f0000000140), &(0x7f00000001c0)) r7 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r8, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r13, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r9, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r10, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r7, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r17 = socket$nl_generic(0x10, 0x3, 0x10) r18 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r17, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r18, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r19 = socket$nl_generic(0x10, 0x3, 0x10) r20 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r19, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r20, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r15, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r20, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r14, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r16, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r17, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r14, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) getgroups(0x3, &(0x7f0000000240)=[0x0, 0xee01, r16]) setregid(r9, r21) ioprio_set$uid(0x0, 0xee01, 0xffffffffffff8001) fsetxattr$system_posix_acl(r3, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {}, [{0x2, 0x4, 0xffffffffffffffff}, {0x2, 0x0, r5}], {0x4, 0x2}, [{0x8, 0x1, r6}], {0x10, 0x2}, {0x20, 0x7}}, 0x3c, 0x3) 18:52:38 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1c00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 526.249394][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.311985][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.382176][T12994] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.429364][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.491258][T13002] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.509732][T12993] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.525677][T12994] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.548362][T13003] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.616186][T12976] IPVS: ftp: loaded support on port[0] = 21 [ 526.820109][T12982] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 526.834837][T12982] CPU: 0 PID: 12982 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 526.842732][T12982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.852788][T12982] Call Trace: [ 526.856098][T12982] dump_stack+0xf5/0x159 [ 526.860414][T12982] dump_header+0xaa/0x449 [ 526.864770][T12982] oom_kill_process.cold+0x10/0x15 [ 526.869948][T12982] out_of_memory+0x231/0xa00 [ 526.874561][T12982] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 526.880214][T12982] mem_cgroup_out_of_memory+0x128/0x150 [ 526.885776][T12982] try_charge+0xb3a/0xbc0 [ 526.890191][T12982] ? rcu_note_context_switch+0x700/0x760 [ 526.895837][T12982] mem_cgroup_try_charge+0xd2/0x260 [ 526.901046][T12982] mem_cgroup_try_charge_delay+0x3a/0x80 [ 526.906693][T12982] wp_page_copy+0x322/0x1160 [ 526.911289][T12982] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 526.916941][T12982] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 526.922589][T12982] do_wp_page+0x192/0x11f0 [ 526.927013][T12982] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 526.932672][T12982] __handle_mm_fault+0x1c07/0x2cb0 [ 526.937832][T12982] handle_mm_fault+0x21b/0x530 [ 526.942685][T12982] __get_user_pages+0x485/0x1160 [ 526.947713][T12982] populate_vma_page_range+0xe6/0x100 [ 526.953098][T12982] __mm_populate+0x168/0x2a0 [ 526.957762][T12982] __x64_sys_mlockall+0x2e3/0x320 [ 526.962806][T12982] do_syscall_64+0xcc/0x370 [ 526.967319][T12982] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 526.973212][T12982] RIP: 0033:0x459f39 [ 526.977218][T12982] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 526.996820][T12982] RSP: 002b:00007f2866202c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 527.005234][T12982] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 527.013200][T12982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 527.021247][T12982] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 527.029294][T12982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662036d4 [ 527.037265][T12982] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 527.055517][T12982] memory: usage 307156kB, limit 307200kB, failcnt 645 [ 527.064696][T12982] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 527.074246][T12982] Memory cgroup stats for /syz5: [ 527.074521][T12982] anon 307982336 [ 527.074521][T12982] file 102400 [ 527.074521][T12982] kernel_stack 331776 [ 527.074521][T12982] slab 2412544 [ 527.074521][T12982] sock 4096 [ 527.074521][T12982] shmem 81920 [ 527.074521][T12982] file_mapped 135168 [ 527.074521][T12982] file_dirty 0 [ 527.074521][T12982] file_writeback 0 [ 527.074521][T12982] anon_thp 272629760 [ 527.074521][T12982] inactive_anon 52969472 [ 527.074521][T12982] active_anon 15400960 [ 527.074521][T12982] inactive_file 0 [ 527.074521][T12982] active_file 135168 [ 527.074521][T12982] unevictable 239681536 [ 527.074521][T12982] slab_reclaimable 675840 [ 527.074521][T12982] slab_unreclaimable 1736704 [ 527.074521][T12982] pgfault 57750 [ 527.074521][T12982] pgmajfault 0 [ 527.074521][T12982] workingset_refault 33 [ 527.074521][T12982] workingset_activate 0 [ 527.074521][T12982] workingset_nodereclaim 0 [ 527.074521][T12982] pgrefill 200 [ 527.074521][T12982] pgscan 204 [ 527.074521][T12982] pgsteal 33 [ 527.169683][T12982] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12967,uid=0 [ 527.185239][T12982] Memory cgroup out of memory: Killed process 12982 (syz-executor.5) total-vm:72848kB, anon-rss:18488kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 527.203505][ T1062] oom_reaper: reaped process 12982 (syz-executor.5), now anon-rss:18488kB, file-rss:54336kB, shmem-rss:0kB 18:52:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 18:52:40 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:40 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000500)={0x8, 0x3, 0x3, 0x6, 0xb, 0x7f, 0xf8, 0x41, 0x1, 0x0, 0xffffffff, 0x40000000}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$VIDIOC_LOG_STATUS(r5, 0x5646, 0x0) readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) vmsplice(r3, &(0x7f0000000480)=[{&(0x7f0000000080)="51acafd563647f14c78b1ecd857b229ca72368857528e70470808c2696e7b5ac0c6d3b48042a4caf8014f40329eb9f0f59ebea1275c104a33c1a6912818f", 0x3e}, {&(0x7f00000000c0)="d6c4b943647047e33147eee6ee24a8e778930bba89e4d98db31413c0a3f5b52ae38d74b79395ec11c0614da1e397610eec3abf762bca5074b61f83c1b2cc2bb9d81f5d16fd2f208c4bb074be0ee1c33485e239cc1c33df32b9e60213108049fc370b0f84511772935ad53697caa279ea6e637dda", 0x74}, {&(0x7f00000001c0)="680b635cf0da30b4e2e5cb6ca6222c8b357dc759600765a0cbe1d94537fc92a6706eb470d7b6fd8052d66b596e034d2e48d63835601294b70f5ea902a1cbe4a2e613092654b0f2c4d73536a7103ef75ade3077d5436fd69b41059ff53192f3224cd977b20ff59e6da6f29c8930416b222654c6f6b1caa0f01018c1748f5f848853c8139d245e28873789", 0x8a}, {&(0x7f0000000280)="17fd1da34b094a3bdb5e51e6f092a9b8b01c9afd1a05e80d1b71a0b892df8f48b1d29d7ee05c1e7e73af62982079f5936a8b245ff72a77f5354c18e378f664d9caeb226493e57cde30e4915f8174258cd401fbf54a869dbe85d855cd9aaf46f751bca12e0c0095fdb721ce8badea2361264b84c9355f61a246b8b3b16af63353e9095fc670951741e471e04af72a7ed547ff66c01e29a285bb6204268067", 0x9e}, {&(0x7f0000000140)="78c204189d3b031ee523b2bec71217c20aa75f367aa1f47b8b9b9c8352009df1714ef547be6f", 0x26}, {&(0x7f0000000340)="591fcfe2a970454e2ff45d199c55f41cdc1efd0f30c23179296984ba208e59871cc64b3a03cc132bba0a7f1c04617ff6cef931af5a3d7de1e50a181f62546df17aed0ed5aa3eff69b1c137dc80ce5d1aaffe95c6f50d38c5e3251ce78b6430b819c3211754b830b6421e0b06f206341fbbd0d4697d20df190b3853fa53639544a603cd8b6c25de6e283ccea5670cb6f85968233ab789fc1ce42d3c396d8be32dc0cd60a66acfdc2a4955431fc038f26c4cb11822a1b7f7125c452a8300453aa8c7a0eb296c5e1d3a7e15e5f357c90d0f2ab96a54417c05688cb17092e7b0677e978908ba33105c06aa7beb1bb14b8468e15bbece", 0xf4}, {&(0x7f0000000440)="349d01356d116c96f4750900002d49f37cd95958a4ae4af1fbd63fea3b88cb9dd084acbcb77aa4ba95e7bdf743462d", 0x2f}], 0x7, 0x5) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:40 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:40 executing program 0: syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r0, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8020}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0xd0, r2, 0x10, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xcd}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x401}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xfff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}, @TIPC_NLA_SOCK={0x28, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x500f}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffffffff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x18, 0x5, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x1}, 0x4000800) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r3, 0x4000000000000002) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) [ 527.595165][T13016] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 18:52:40 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2900}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 18:52:40 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 527.857126][T13027] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 527.912403][T13027] CPU: 0 PID: 13027 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 527.920340][T13027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.930404][T13027] Call Trace: [ 527.933774][T13027] dump_stack+0xf5/0x159 [ 527.938044][T13027] dump_header+0xaa/0x449 [ 527.942393][T13027] oom_kill_process.cold+0x10/0x15 [ 527.947565][T13027] out_of_memory+0x231/0xa00 [ 527.952174][T13027] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 527.957907][T13027] mem_cgroup_out_of_memory+0x128/0x150 [ 527.963560][T13027] try_charge+0xb3a/0xbc0 [ 527.967919][T13027] ? rcu_note_context_switch+0x700/0x760 [ 527.973583][T13027] mem_cgroup_try_charge+0xd2/0x260 [ 527.978807][T13027] mem_cgroup_try_charge_delay+0x3a/0x80 [ 527.984461][T13027] __handle_mm_fault+0x179a/0x2cb0 [ 527.989657][T13027] handle_mm_fault+0x21b/0x530 [ 527.994520][T13027] __get_user_pages+0x485/0x1160 [ 527.999527][T13027] populate_vma_page_range+0xe6/0x100 [ 528.004933][T13027] __mm_populate+0x168/0x2a0 [ 528.009607][T13027] __x64_sys_mlockall+0x2e3/0x320 [ 528.014686][T13027] do_syscall_64+0xcc/0x370 [ 528.019216][T13027] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.025112][T13027] RIP: 0033:0x459f39 [ 528.029066][T13027] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 528.048680][T13027] RSP: 002b:00007f2866202c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 528.057107][T13027] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 528.065085][T13027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 528.073160][T13027] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 528.081136][T13027] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662036d4 [ 528.089166][T13027] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 528.100800][T13027] memory: usage 307200kB, limit 307200kB, failcnt 693 18:52:40 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x1960c0}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = gettid() tkill(r3, 0x3c) r4 = syz_open_procfs(r3, &(0x7f0000000100)='numa_maps\x00') openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0xd26712447592bfb1, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000003, 0x10, r7, 0x0) readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KDGETLED(r4, 0x4b31, &(0x7f0000000080)) [ 528.107601][T13027] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 528.147937][T13027] Memory cgroup stats for /syz5: [ 528.150532][T13027] anon 308031488 [ 528.150532][T13027] file 102400 [ 528.150532][T13027] kernel_stack 368640 [ 528.150532][T13027] slab 2412544 [ 528.150532][T13027] sock 4096 [ 528.150532][T13027] shmem 81920 [ 528.150532][T13027] file_mapped 135168 [ 528.150532][T13027] file_dirty 0 [ 528.150532][T13027] file_writeback 0 [ 528.150532][T13027] anon_thp 272629760 [ 528.150532][T13027] inactive_anon 59662336 [ 528.150532][T13027] active_anon 15249408 [ 528.150532][T13027] inactive_file 0 [ 528.150532][T13027] active_file 135168 [ 528.150532][T13027] unevictable 232992768 [ 528.150532][T13027] slab_reclaimable 675840 [ 528.150532][T13027] slab_unreclaimable 1736704 [ 528.150532][T13027] pgfault 58443 [ 528.150532][T13027] pgmajfault 0 [ 528.150532][T13027] workingset_refault 33 [ 528.150532][T13027] workingset_activate 0 [ 528.150532][T13027] workingset_nodereclaim 0 [ 528.150532][T13027] pgrefill 200 [ 528.150532][T13027] pgscan 204 [ 528.150532][T13027] pgsteal 33 18:52:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000) 18:52:40 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2fff}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 528.246072][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 528.246113][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 528.470940][T13027] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12233,uid=0 [ 528.497051][T13027] Memory cgroup out of memory: Killed process 12233 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 528.534990][ T1062] oom_reaper: reaped process 12233 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 528.867953][T13023] IPVS: ftp: loaded support on port[0] = 21 [ 528.949186][T13062] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 528.959438][T13062] CPU: 1 PID: 13062 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 528.967405][T13062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.977447][T13062] Call Trace: [ 528.980731][T13062] dump_stack+0xf5/0x159 [ 528.984971][T13062] dump_header+0xaa/0x449 [ 528.989332][T13062] oom_kill_process.cold+0x10/0x15 [ 528.994436][T13062] out_of_memory+0x231/0xa00 [ 528.999016][T13062] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 529.004675][T13062] mem_cgroup_out_of_memory+0x128/0x150 [ 529.010215][T13062] try_charge+0xb3a/0xbc0 [ 529.014554][T13062] ? rcu_note_context_switch+0x700/0x760 [ 529.020225][T13062] mem_cgroup_try_charge+0xd2/0x260 [ 529.025418][T13062] mem_cgroup_try_charge_delay+0x3a/0x80 [ 529.031043][T13062] wp_page_copy+0x322/0x1160 [ 529.035707][T13062] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 529.041395][T13062] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 529.047101][T13062] do_wp_page+0x192/0x11f0 [ 529.051527][T13062] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 529.057174][T13062] __handle_mm_fault+0x1c07/0x2cb0 [ 529.062306][T13062] handle_mm_fault+0x21b/0x530 [ 529.067156][T13062] __get_user_pages+0x485/0x1160 [ 529.072122][T13062] populate_vma_page_range+0xe6/0x100 [ 529.077617][T13062] __mm_populate+0x168/0x2a0 [ 529.082219][T13062] __x64_sys_mlockall+0x2e3/0x320 [ 529.087265][T13062] do_syscall_64+0xcc/0x370 [ 529.091797][T13062] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.097690][T13062] RIP: 0033:0x459f39 [ 529.101603][T13062] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 529.121267][T13062] RSP: 002b:00007f28661e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 529.129756][T13062] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 529.137723][T13062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 529.145692][T13062] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 529.153662][T13062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28661e26d4 [ 529.161707][T13062] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 529.170977][T13062] memory: usage 307128kB, limit 307200kB, failcnt 747 [ 529.177856][T13062] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 529.189501][T13062] Memory cgroup stats for /syz5: [ 529.189848][T13062] anon 307957760 [ 529.189848][T13062] file 102400 [ 529.189848][T13062] kernel_stack 368640 [ 529.189848][T13062] slab 2412544 [ 529.189848][T13062] sock 4096 [ 529.189848][T13062] shmem 81920 [ 529.189848][T13062] file_mapped 135168 [ 529.189848][T13062] file_dirty 0 [ 529.189848][T13062] file_writeback 0 [ 529.189848][T13062] anon_thp 270532608 [ 529.189848][T13062] inactive_anon 61358080 [ 529.189848][T13062] active_anon 15249408 [ 529.189848][T13062] inactive_file 0 [ 529.189848][T13062] active_file 135168 [ 529.189848][T13062] unevictable 231284736 [ 529.189848][T13062] slab_reclaimable 675840 [ 529.189848][T13062] slab_unreclaimable 1736704 [ 529.189848][T13062] pgfault 59730 [ 529.189848][T13062] pgmajfault 0 [ 529.189848][T13062] workingset_refault 33 [ 529.189848][T13062] workingset_activate 0 [ 529.189848][T13062] workingset_nodereclaim 0 [ 529.189848][T13062] pgrefill 200 [ 529.189848][T13062] pgscan 204 [ 529.189848][T13062] pgsteal 33 [ 529.285500][T13062] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13018,uid=0 [ 529.302064][T13062] Memory cgroup out of memory: Killed process 13062 (syz-executor.5) total-vm:72848kB, anon-rss:18488kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 529.320570][ T1062] oom_reaper: reaped process 13062 (syz-executor.5), now anon-rss:18488kB, file-rss:54336kB, shmem-rss:0kB 18:52:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:42 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:42 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3c00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:42 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:42 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) socketpair(0x11, 0x5, 0x4, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$IMSETDEVNAME(r2, 0x80184947, &(0x7f0000000140)={0x7de, 'syz0\x00'}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x3, @local, 0x1}, 0x1c) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$VHOST_GET_VRING_ENDIAN(r5, 0x4008af14, &(0x7f00000000c0)={0x3, 0xfff}) readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TCSETS(r4, 0x40045431, &(0x7f00003b9fdc)) r6 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r6, r0, 0x0, 0x6f0a77bd) 18:52:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) [ 529.808350][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 529.814193][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 529.820008][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 529.825754][ C0] protocol 88fb is buggy, dev hsr_slave_1 18:52:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x1007000000000000) 18:52:42 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:42 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 530.018695][T13081] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 530.073719][T13081] CPU: 0 PID: 13081 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 530.081642][T13081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.091793][T13081] Call Trace: [ 530.095129][T13081] dump_stack+0xf5/0x159 [ 530.099404][T13081] dump_header+0xaa/0x449 [ 530.103774][T13081] oom_kill_process.cold+0x10/0x15 [ 530.108966][T13081] out_of_memory+0x231/0xa00 [ 530.113570][T13081] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 530.119230][T13081] mem_cgroup_out_of_memory+0x128/0x150 [ 530.124819][T13081] try_charge+0xb3a/0xbc0 [ 530.129190][T13081] ? rcu_note_context_switch+0x700/0x760 [ 530.134898][T13081] mem_cgroup_try_charge+0xd2/0x260 [ 530.140123][T13081] mem_cgroup_try_charge_delay+0x3a/0x80 [ 530.145832][T13081] __handle_mm_fault+0x179a/0x2cb0 [ 530.151003][T13081] handle_mm_fault+0x21b/0x530 [ 530.155820][T13081] __get_user_pages+0x485/0x1160 [ 530.160844][T13081] populate_vma_page_range+0xe6/0x100 [ 530.166290][T13081] __mm_populate+0x168/0x2a0 [ 530.170906][T13081] __x64_sys_mlockall+0x2e3/0x320 [ 530.175996][T13081] do_syscall_64+0xcc/0x370 [ 530.180583][T13081] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 530.186497][T13081] RIP: 0033:0x459f39 [ 530.190467][T13081] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 530.210079][T13081] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 530.218506][T13081] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 530.226488][T13081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 530.234508][T13081] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 530.242486][T13081] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 530.250459][T13081] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 530.430655][T13081] memory: usage 307200kB, limit 307200kB, failcnt 762 [ 530.445894][T13081] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 530.483770][T13081] Memory cgroup stats for /syz5: [ 530.484086][T13081] anon 308031488 [ 530.484086][T13081] file 102400 [ 530.484086][T13081] kernel_stack 368640 [ 530.484086][T13081] slab 2412544 [ 530.484086][T13081] sock 4096 [ 530.484086][T13081] shmem 81920 [ 530.484086][T13081] file_mapped 135168 [ 530.484086][T13081] file_dirty 0 [ 530.484086][T13081] file_writeback 0 [ 530.484086][T13081] anon_thp 270532608 [ 530.484086][T13081] inactive_anon 68050944 [ 530.484086][T13081] active_anon 15237120 [ 530.484086][T13081] inactive_file 0 18:52:43 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) [ 530.484086][T13081] active_file 135168 [ 530.484086][T13081] unevictable 224669696 [ 530.484086][T13081] slab_reclaimable 675840 [ 530.484086][T13081] slab_unreclaimable 1736704 [ 530.484086][T13081] pgfault 60423 [ 530.484086][T13081] pgmajfault 0 [ 530.484086][T13081] workingset_refault 33 [ 530.484086][T13081] workingset_activate 0 [ 530.484086][T13081] workingset_nodereclaim 0 [ 530.484086][T13081] pgrefill 200 [ 530.484086][T13081] pgscan 237 [ 530.484086][T13081] pgsteal 33 18:52:43 executing program 0: r0 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x0, 0x2) write$nbd(r0, &(0x7f00000001c0)={0x67446698, 0x1, 0x3, 0x0, 0x4, "3c3bb967e37594ed639ee6312c2316b50952999ca34910edec5e53806436cb94b989f36f3efc70483c168d099de7c6ab29792724a3299bffb46191c3441315520d2ab2d3d37b401e70bb0541e8c4e606cf9c66326a8524fb822c0f9c5eab01a6a68f7866f34ce8068fbc3843f994a544a54b4955c55f0671a625d68b2fb6abde0c69dcaf10d8bf87cce8f52f532b56b70f40662203351567606f8d5179b2113e22e1b6905a95f66bc9151e3faaf7aed52cecde09285c60d93fbf8be14471e467d801b31b56294073"}, 0xd8) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)) r3 = syz_open_pts(r2, 0x4000000000000002) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r3, r1, 0x0, 0x6f0a77bd) [ 530.930380][T13081] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12163,uid=0 [ 530.946467][T13081] Memory cgroup out of memory: Killed process 12163 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 531.235955][T13113] IPVS: ftp: loaded support on port[0] = 21 [ 531.346933][T13081] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 531.357223][T13081] CPU: 0 PID: 13081 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 531.365181][T13081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.375230][T13081] Call Trace: [ 531.378609][T13081] dump_stack+0xf5/0x159 [ 531.382856][T13081] dump_header+0xaa/0x449 [ 531.387212][T13081] oom_kill_process.cold+0x10/0x15 [ 531.392334][T13081] out_of_memory+0x231/0xa00 [ 531.396911][T13081] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 531.402624][T13081] mem_cgroup_out_of_memory+0x128/0x150 [ 531.408239][T13081] try_charge+0xb3a/0xbc0 [ 531.412684][T13081] ? rcu_note_context_switch+0x700/0x760 [ 531.418334][T13081] mem_cgroup_try_charge+0xd2/0x260 [ 531.423539][T13081] mem_cgroup_try_charge_delay+0x3a/0x80 [ 531.429228][T13081] wp_page_copy+0x322/0x1160 [ 531.433809][T13081] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 531.439433][T13081] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 531.445073][T13081] do_wp_page+0x192/0x11f0 [ 531.449476][T13081] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 531.455122][T13081] __handle_mm_fault+0x1c07/0x2cb0 [ 531.460266][T13081] handle_mm_fault+0x21b/0x530 [ 531.465034][T13081] __get_user_pages+0x485/0x1160 [ 531.469988][T13081] populate_vma_page_range+0xe6/0x100 [ 531.475352][T13081] __mm_populate+0x168/0x2a0 [ 531.479934][T13081] __x64_sys_mlockall+0x2e3/0x320 [ 531.484953][T13081] do_syscall_64+0xcc/0x370 [ 531.489485][T13081] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.495358][T13081] RIP: 0033:0x459f39 [ 531.499246][T13081] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 531.518922][T13081] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 531.527323][T13081] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 531.535406][T13081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 531.543379][T13081] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 531.551335][T13081] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 531.559359][T13081] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 531.569910][T13081] memory: usage 307200kB, limit 307200kB, failcnt 842 [ 531.576723][T13081] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 531.583758][T13081] Memory cgroup stats for /syz5: [ 531.584056][T13081] anon 307970048 [ 531.584056][T13081] file 102400 [ 531.584056][T13081] kernel_stack 368640 [ 531.584056][T13081] slab 2412544 [ 531.584056][T13081] sock 4096 [ 531.584056][T13081] shmem 81920 [ 531.584056][T13081] file_mapped 135168 [ 531.584056][T13081] file_dirty 0 [ 531.584056][T13081] file_writeback 0 [ 531.584056][T13081] anon_thp 268435456 [ 531.584056][T13081] inactive_anon 70619136 [ 531.584056][T13081] active_anon 15237120 [ 531.584056][T13081] inactive_file 0 [ 531.584056][T13081] active_file 135168 [ 531.584056][T13081] unevictable 222220288 [ 531.584056][T13081] slab_reclaimable 675840 [ 531.584056][T13081] slab_unreclaimable 1736704 [ 531.584056][T13081] pgfault 61677 [ 531.584056][T13081] pgmajfault 0 [ 531.584056][T13081] workingset_refault 33 [ 531.584056][T13081] workingset_activate 0 [ 531.584056][T13081] workingset_nodereclaim 0 [ 531.584056][T13081] pgrefill 200 [ 531.584056][T13081] pgscan 237 [ 531.584056][T13081] pgsteal 33 [ 531.679540][T13081] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13073,uid=0 [ 531.695268][T13081] Memory cgroup out of memory: Killed process 13073 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 531.727835][ T1062] oom_reaper: reaped process 13073 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:44 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, [], [{0xffffffff, 0x101, 0x6, 0x4, 0x9ce8, 0x1}, {0x6f, 0x5, 0xc9b, 0x1, 0x0, 0x5}], [[], []]}) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x45, 0x321000) ioctl$BLKROGET(r3, 0x125e, &(0x7f00000000c0)) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:44 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x1107000000000000) 18:52:44 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4800}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:44 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r2) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r4 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x9, 0x40000) ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f00000001c0)={0x4, 0x6, 0x5, 0x800, r4}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:44 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4c00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 18:52:45 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f9, &(0x7f0000000080)="47a0533eb5e8928fc71800055ad67a6eaa3fab3681ba6d72442f392bf8cd3cef") 18:52:45 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:45 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f0000000080)=""/132, &(0x7f0000000140)=0x84) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x6, 0x6}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:45 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 532.528863][T13131] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 532.614912][T13131] CPU: 0 PID: 13131 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 532.622851][T13131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.632907][T13131] Call Trace: [ 532.636248][T13131] dump_stack+0xf5/0x159 [ 532.640518][T13131] dump_header+0xaa/0x449 [ 532.644882][T13131] oom_kill_process.cold+0x10/0x15 [ 532.650051][T13131] out_of_memory+0x231/0xa00 [ 532.654697][T13131] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 532.660404][T13131] mem_cgroup_out_of_memory+0x128/0x150 [ 532.666014][T13131] try_charge+0xb3a/0xbc0 [ 532.670374][T13131] ? rcu_note_context_switch+0x700/0x760 [ 532.676120][T13131] mem_cgroup_try_charge+0xd2/0x260 [ 532.681354][T13131] mem_cgroup_try_charge_delay+0x3a/0x80 [ 532.687004][T13131] __handle_mm_fault+0x179a/0x2cb0 [ 532.692161][T13131] handle_mm_fault+0x21b/0x530 [ 532.697051][T13131] __get_user_pages+0x485/0x1160 [ 532.702043][T13131] populate_vma_page_range+0xe6/0x100 [ 532.707533][T13131] __mm_populate+0x168/0x2a0 [ 532.712213][T13131] __x64_sys_mlockall+0x2e3/0x320 [ 532.717377][T13131] do_syscall_64+0xcc/0x370 [ 532.721897][T13131] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 532.727798][T13131] RIP: 0033:0x459f39 [ 532.731727][T13131] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 532.751411][T13131] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 532.759889][T13131] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 532.767879][T13131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 532.768325][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 532.775950][T13131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 532.776032][T13131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 532.781767][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 532.789669][T13131] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 532.811457][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 532.817201][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 532.857644][T13131] memory: usage 307200kB, limit 307200kB, failcnt 884 [ 532.875094][T13131] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 532.912618][T13131] Memory cgroup stats for /syz5: [ 532.912943][T13131] anon 308027392 [ 532.912943][T13131] file 102400 [ 532.912943][T13131] kernel_stack 368640 [ 532.912943][T13131] slab 2412544 [ 532.912943][T13131] sock 4096 [ 532.912943][T13131] shmem 81920 [ 532.912943][T13131] file_mapped 135168 [ 532.912943][T13131] file_dirty 0 [ 532.912943][T13131] file_writeback 0 [ 532.912943][T13131] anon_thp 268435456 [ 532.912943][T13131] inactive_anon 76509184 [ 532.912943][T13131] active_anon 15241216 [ 532.912943][T13131] inactive_file 0 [ 532.912943][T13131] active_file 135168 [ 532.912943][T13131] unevictable 216473600 [ 532.912943][T13131] slab_reclaimable 675840 [ 532.912943][T13131] slab_unreclaimable 1736704 [ 532.912943][T13131] pgfault 62403 [ 532.912943][T13131] pgmajfault 0 [ 532.912943][T13131] workingset_refault 33 [ 532.912943][T13131] workingset_activate 0 [ 532.912943][T13131] workingset_nodereclaim 0 [ 532.912943][T13131] pgrefill 200 [ 532.912943][T13131] pgscan 237 [ 532.912943][T13131] pgsteal 33 [ 533.018468][T13131] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13114,uid=0 [ 533.059335][T13131] Memory cgroup out of memory: Killed process 13114 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 533.126899][ T1062] oom_reaper: reaped process 13114 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 533.340892][T13163] IPVS: ftp: loaded support on port[0] = 21 [ 533.416649][T13131] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 533.427036][T13131] CPU: 0 PID: 13131 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 533.434931][T13131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.445122][T13131] Call Trace: [ 533.448440][T13131] dump_stack+0xf5/0x159 [ 533.452695][T13131] dump_header+0xaa/0x449 [ 533.457017][T13131] oom_kill_process.cold+0x10/0x15 [ 533.462138][T13131] out_of_memory+0x231/0xa00 [ 533.466725][T13131] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 533.472353][T13131] mem_cgroup_out_of_memory+0x128/0x150 [ 533.477945][T13131] try_charge+0xb3a/0xbc0 [ 533.482288][T13131] ? rcu_note_context_switch+0x700/0x760 [ 533.487995][T13131] mem_cgroup_try_charge+0xd2/0x260 [ 533.493200][T13131] mem_cgroup_try_charge_delay+0x3a/0x80 [ 533.498862][T13131] wp_page_copy+0x322/0x1160 [ 533.503542][T13131] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 533.509219][T13131] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 533.514867][T13131] do_wp_page+0x192/0x11f0 [ 533.519288][T13131] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 533.525069][T13131] __handle_mm_fault+0x1c07/0x2cb0 [ 533.530199][T13131] handle_mm_fault+0x21b/0x530 [ 533.534956][T13131] __get_user_pages+0x485/0x1160 [ 533.539932][T13131] populate_vma_page_range+0xe6/0x100 [ 533.545384][T13131] __mm_populate+0x168/0x2a0 [ 533.550043][T13131] __x64_sys_mlockall+0x2e3/0x320 [ 533.555141][T13131] do_syscall_64+0xcc/0x370 [ 533.559785][T13131] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 533.565677][T13131] RIP: 0033:0x459f39 [ 533.569601][T13131] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 533.589189][T13131] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 533.597718][T13131] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 533.605683][T13131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 533.613641][T13131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 533.621607][T13131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 533.629578][T13131] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 533.637823][T13131] memory: usage 307200kB, limit 307200kB, failcnt 944 [ 533.644641][T13131] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 533.651549][T13131] Memory cgroup stats for /syz5: [ 533.651838][T13131] anon 308170752 [ 533.651838][T13131] file 102400 [ 533.651838][T13131] kernel_stack 368640 [ 533.651838][T13131] slab 2412544 [ 533.651838][T13131] sock 4096 [ 533.651838][T13131] shmem 81920 [ 533.651838][T13131] file_mapped 135168 [ 533.651838][T13131] file_dirty 0 [ 533.651838][T13131] file_writeback 0 [ 533.651838][T13131] anon_thp 268435456 [ 533.651838][T13131] inactive_anon 68677632 [ 533.651838][T13131] active_anon 15241216 [ 533.651838][T13131] inactive_file 0 [ 533.651838][T13131] active_file 135168 [ 533.651838][T13131] unevictable 224321536 [ 533.651838][T13131] slab_reclaimable 675840 [ 533.651838][T13131] slab_unreclaimable 1736704 [ 533.651838][T13131] pgfault 63690 [ 533.651838][T13131] pgmajfault 0 [ 533.651838][T13131] workingset_refault 33 [ 533.651838][T13131] workingset_activate 0 [ 533.651838][T13131] workingset_nodereclaim 0 [ 533.651838][T13131] pgrefill 200 [ 533.651838][T13131] pgscan 237 [ 533.651838][T13131] pgsteal 33 [ 533.747191][T13131] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13127,uid=0 [ 533.762896][T13131] Memory cgroup out of memory: Killed process 13127 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 533.785816][ T1062] oom_reaper: reaped process 13127 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:52:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x2600000000000000) 18:52:46 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:46 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x20000, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}) sendfile(r2, r0, 0x0, 0x6f0a77bd) r3 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x1, 0x200) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) 18:52:46 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:46 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x2) ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000140)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0xc) 18:52:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x2900000000000000) 18:52:47 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6100}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 534.368339][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 534.374142][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 534.609050][T13184] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 18:52:47 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6300}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:47 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 534.689947][T13184] CPU: 0 PID: 13184 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 534.697948][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.708011][T13184] Call Trace: [ 534.711324][T13184] dump_stack+0xf5/0x159 [ 534.715645][T13184] dump_header+0xaa/0x449 [ 534.720005][T13184] oom_kill_process.cold+0x10/0x15 [ 534.725228][T13184] out_of_memory+0x231/0xa00 [ 534.729843][T13184] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 534.735516][T13184] mem_cgroup_out_of_memory+0x128/0x150 [ 534.741140][T13184] try_charge+0xb3a/0xbc0 [ 534.745625][T13184] ? rcu_note_context_switch+0x700/0x760 [ 534.751290][T13184] mem_cgroup_try_charge+0xd2/0x260 [ 534.756519][T13184] mem_cgroup_try_charge_delay+0x3a/0x80 [ 534.762181][T13184] __handle_mm_fault+0x179a/0x2cb0 [ 534.767402][T13184] handle_mm_fault+0x21b/0x530 [ 534.772206][T13184] __get_user_pages+0x485/0x1160 [ 534.777189][T13184] populate_vma_page_range+0xe6/0x100 [ 534.782588][T13184] __mm_populate+0x168/0x2a0 [ 534.787216][T13184] __x64_sys_mlockall+0x2e3/0x320 [ 534.792277][T13184] do_syscall_64+0xcc/0x370 [ 534.796893][T13184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 534.802795][T13184] RIP: 0033:0x459f39 [ 534.806714][T13184] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 534.826337][T13184] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:52:47 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='\x00\x00\xe7\xff\xff\x7f\x00', 0x309001, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40000000}) ioctl$TIOCNOTTY(r0, 0x5422) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) r4 = syz_open_pts(r3, 0x43001) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfda0, 0x0, 0x20}) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000080)={0x6, 0x8, 0x1ff, 0x2, 0x4, 0xa, 0x3, 0x8, 0x7b, 0x7f, 0xf85, 0x6a}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) tee(r6, r7, 0x2, 0xc) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @remote}, 0x10) sendfile(r4, r0, 0x0, 0x6f0a77bd) 18:52:47 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) connect$x25(r3, &(0x7f00000000c0)={0x9, @null=' \x00'}, 0x12) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) ptrace$setsig(0x4203, r4, 0xe46, &(0x7f00000002c0)={0x9, 0xf709, 0x9}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x10) readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$bt_BT_SNDMTU(r5, 0x112, 0xc, &(0x7f0000000100)=0xff5f, &(0x7f0000000140)=0x2) [ 534.834820][T13184] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 534.842842][T13184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 534.850861][T13184] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 534.858840][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 534.866819][T13184] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 535.048361][T13184] memory: usage 307200kB, limit 307200kB, failcnt 974 [ 535.055254][T13184] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 535.097378][T13184] Memory cgroup stats for /syz5: [ 535.097704][T13184] anon 308150272 [ 535.097704][T13184] file 102400 [ 535.097704][T13184] kernel_stack 331776 [ 535.097704][T13184] slab 2412544 [ 535.097704][T13184] sock 4096 [ 535.097704][T13184] shmem 81920 [ 535.097704][T13184] file_mapped 135168 [ 535.097704][T13184] file_dirty 0 [ 535.097704][T13184] file_writeback 0 [ 535.097704][T13184] anon_thp 268435456 [ 535.097704][T13184] inactive_anon 76505088 [ 535.097704][T13184] active_anon 15233024 [ 535.097704][T13184] inactive_file 0 [ 535.097704][T13184] active_file 135168 [ 535.097704][T13184] unevictable 216518656 [ 535.097704][T13184] slab_reclaimable 675840 [ 535.097704][T13184] slab_unreclaimable 1736704 [ 535.097704][T13184] pgfault 64416 [ 535.097704][T13184] pgmajfault 0 [ 535.097704][T13184] workingset_refault 33 [ 535.097704][T13184] workingset_activate 0 [ 535.097704][T13184] workingset_nodereclaim 0 [ 535.097704][T13184] pgrefill 200 [ 535.097704][T13184] pgscan 237 [ 535.097704][T13184] pgsteal 33 [ 535.236612][T13184] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13164,uid=0 [ 535.276521][T13184] Memory cgroup out of memory: Killed process 13164 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 18:52:48 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6800}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x2e00000000000000) 18:52:48 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:48 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x1d, 0x9, "44dfa3f3013809a9660abfc09d5ac84c924251cbd785fd317308293b2ed99c6e29b08c6e06e0fd8b0efec675e3c778ff784aaa7fba3b0d6b0c0dc2cf3644ee37", "03df71d871a5109620ac345573144128f5864e1ce464071577a1bf64870dd31c", [0x9, 0x2]}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_pts(r2, 0x4000000000000002) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2401, 0x0) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) close(r3) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:49 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6c00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:49 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x3051020000000000) 18:52:49 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000080)=""/36) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x6}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r2, 0x0, 0x6f0a77bd) 18:52:49 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7100}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x3600000000000000) 18:52:49 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:49 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7300}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 537.283126][T13275] IPVS: ftp: loaded support on port[0] = 21 18:52:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:50 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000280)={0x8, @win={{0x9, 0x6f81, 0x5, 0x3f}, 0x3, 0x200, &(0x7f0000000100)={{0x2, 0x3, 0x7, 0x6}, &(0x7f00000000c0)={{0x80000000, 0x101, 0x7fffffff, 0xbb}, &(0x7f0000000080)={{0x1, 0x0, 0xa79a, 0x5}}}}, 0x1000, &(0x7f00000001c0)="96cbd624df532e6992ccf18a2e33adf9a31ec8e7f31b8d84978c4f5c951aa25ae0ae0d6cdd046defc84ce8c85c5e7b9d775c4e9bc588ad6e67b8163881fc064d4ffc223a6afe150c7a0fd2377627db8a6b7075346c296466344a056ccb1a75a01d63751e077b756ffe0e9a6c3b7a1f1b36bd06dcde98ce5fffe5ee9531c6e6ffc4e687b96adf1c4e253b1bc8f5a67943163a37882cdbd71b04c19b8cd286920f"}}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) r3 = socket(0x2, 0x1808, 0x9) execve(&(0x7f00000005c0)='./file0\x00', &(0x7f0000004c80)=[&(0x7f0000004c40)='net/dev_mcast\x00'], &(0x7f0000004f00)=[&(0x7f0000004cc0)='\x00', &(0x7f0000004d00)='/dev/ptmx\x00', &(0x7f0000004d40)='proc%\x00', &(0x7f0000004d80)='Zsecurity,wlan1\x00', &(0x7f0000004dc0)='%\x00', &(0x7f0000004e00)='/dev/ptmx\x00', &(0x7f0000004e40)='/dev/ptmx\x00', &(0x7f0000004e80)='/dev/ptmx\x00', &(0x7f0000004ec0)='net/dev_mcast\x00']) recvmmsg(r3, &(0x7f0000004a40)=[{{&(0x7f0000000380)=@tipc, 0x80, &(0x7f0000000480)=[{&(0x7f0000000400)=""/66, 0x42}, {&(0x7f0000000140)=""/29, 0x1d}], 0x2, &(0x7f00000004c0)=""/170, 0xaa}, 0x3}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000580)=""/8, 0x8}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/99, 0x63}, {&(0x7f0000000680)=""/248, 0xf8}, {&(0x7f0000000780)=""/115, 0x73}], 0x5, &(0x7f0000000880)=""/242, 0xf2}, 0x6}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000980)=""/173, 0xad}, {&(0x7f0000000a40)=""/156, 0x9c}, {&(0x7f0000000b00)=""/21, 0x15}, {&(0x7f0000000b40)=""/76, 0x4c}, {&(0x7f0000000bc0)=""/215, 0xd7}, {&(0x7f0000000cc0)=""/175, 0xaf}, {&(0x7f0000000d80)=""/110, 0x6e}, {&(0x7f0000000e00)=""/76, 0x4c}], 0x8}, 0x8}, {{&(0x7f0000000f00)=@nfc_llcp, 0x80, &(0x7f0000002140)=[{&(0x7f0000000f80)=""/62, 0x3e}, {&(0x7f0000000fc0)=""/50, 0x32}, {&(0x7f0000001000)=""/117, 0x75}, {&(0x7f0000001080)=""/4096, 0x1000}, {&(0x7f0000002080)=""/164, 0xa4}], 0x5, &(0x7f00000021c0)=""/4096, 0x1000}, 0x5}, {{0x0, 0x0, &(0x7f0000004500)=[{&(0x7f00000031c0)=""/95, 0x5f}, {&(0x7f0000003240)=""/4096, 0x1000}, {&(0x7f0000004240)=""/8, 0x8}, {&(0x7f0000004280)=""/240, 0xf0}, {&(0x7f0000004380)=""/206, 0xce}, {&(0x7f0000004480)=""/91, 0x5b}], 0x6}}, {{&(0x7f0000004580)=@l2, 0x80, &(0x7f0000004700)=[{&(0x7f0000004600)=""/102, 0x66}, {&(0x7f0000004680)=""/100, 0x64}], 0x2, &(0x7f0000004740)=""/179, 0xb3}, 0x1}, {{&(0x7f0000004800)=@un=@abs, 0x80, &(0x7f0000004940)=[{&(0x7f0000004880)=""/29, 0x1d}, {&(0x7f00000048c0)=""/124, 0x7c}], 0x2, &(0x7f0000004980)=""/132, 0x84}, 0x200}], 0x7, 0x2100, &(0x7f0000004c00)={0x0, 0x989680}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:50 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, 0x0, 0x0) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x3e00000000000000) 18:52:50 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7400}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 538.138356][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 538.144504][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 538.150523][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 538.156557][ C0] protocol 88fb is buggy, dev hsr_slave_1 18:52:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) 18:52:51 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7a00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:51 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, 0x0, 0x0) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:52 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) 18:52:52 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000340)={0x3ff, 0x2, 0x6, 0x1, 0x7fff, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x4000000000000002) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r4) mount$9p_xen(&(0x7f00000003c0)='eth0-eth0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='9p\x00', 0x97bfb2a119a38964, &(0x7f0000000480)={'trans=xen,', {[{@access_uid={'access', 0x3d, r4}}, {@cache_fscache='cache=fscache'}, {@access_user='access=user'}, {@uname={'uname'}}, {@privport='privport'}, {@mmap='mmap'}, {@nodevmap='nodevmap'}, {@version_u='version=9p2000.u'}, {@version_L='version=9p2000.L'}], [{@audit='audit'}, {@smackfshat={'smackfshat', 0x3d, 'GPLtrustedeth0bdeveth1)vmnet0proceth0eth1vboxnet1'}}]}}) clone3(&(0x7f0000000300)={0x40000000, &(0x7f00000000c0), &(0x7f0000000100)=0x0, &(0x7f0000000140), 0x36, 0x0, &(0x7f00000001c0)=""/136, 0x88, &(0x7f0000000280)=""/117}, 0x40) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) socket$inet(0x2, 0x0, 0x5) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$PPPIOCGFLAGS1(r7, 0x8004745a, &(0x7f0000002140)) r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000020c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1400820}, 0xc, &(0x7f0000001500)={&(0x7f00000047c0)=ANY=[@ANYBLOB="b41100000c0600082cbd7000fedbdf2500000008d4105b0010004a002f6465762f70746d780000003f6a7132837037a5dfee9b960fcfbdba269f83e70e19c293d7c22be00d7ad757e6a8076f06668bc4f4a787c2e0d514c3d58f72c277c03defdb01b165d0c38ea42699b6602ad869ebc46944e552f7f12a60e229ddf3ed464ac7b731edb0d8c33cd1b3e01c2d45a8b8b6cc7d8d35d888c3f433e20221d051d20ae64a0acfc23295df36cd3a98b0a1626e4cf7cb4dd0f653d1d4547e81a04fe6d9c82d0047983750438c28211f42e4483a33bb4230e9ea66d7c72223e95caf862680931dfabfabfcb5e44618b7ed2c4caa34b1583893a3b7a6e33987ee41852d6a625cdb6e8e219801c649571e684aa20af1c5e4090371f8a837b6d60f389bc8bfbe8f78552f6291ed5bdba4e09b65202ab8957264489f5c7d6901b53fe8cfdee6f1dd51f1163ec472ee9471671d1cebea9374be33ba2cee4b99b77011efa4212987e7597b0ff26c4c52108db1fbdd0be034382873e37a749d01f0fa893dc20a53c90c3102d9d8b2f32654c63620b8484a8f3aac9ce1e3e1d9d044123bc9d5e90b2ea6e6d6de387817523585399536e385611ca15cf8c9af15825acac5eba7aaa86db0598bb14ad9b8c841875aeb4cb8f18c5d3dceddf0a71a2483e69dfc2195c107cc07f86d4b0eadc13592c6c40bfb4a9d7187d07a78c852e3f461f5e082c6426c8e2bb5919178b6b695f5285d2bb7dc5bc6e573b69579e708a296d14a5a6a9ca38714765aa09542a9ab0a48945fd00e7aa9c42bcb24d396a78ad67d6ded3639cb3505266d73fbf982352d6cd506bc3aeafde5c23946968bf9c1f0efedf9907e3c12cc8cbd5252b0e16a8fc0a7f36f3b26a77787c858b21fb57d9e147f8467c79ada5767dd55adf80e3895d977d958192287c758a25cc0c00ce8e79df84c9855c467905fc238c989e03f4b79c78ec99193f186bbeaa20e088914ad45768412e436c6ed65ea9cf049cce385a32ed76b13ec5202507ddcabbce1a63575a136146f22790e15911ac15afa40b02c46b5d7613f9501df81303f4290c45762189716e195a74049021057ff1f1d8d129643f0133a38dcfcabe5624c0a3517967843047f0a5b0e7eab06d805102ac2d8b693959e58e5b7fd60c0775c64cc9467f71b8550a197a384d6c7dab7dcc041c3a9ba976aeb246e98c92419df330a236ef102701e97c66b74e4d2485cd550e058398f048244211bcffeb6fb8a67b87ac85c6fb32dcb9efca6ea5a450dfa5a5e3a7aa0af205d0c3ea0073ad216f9c4787ea956bf4af67478dd9667cfae557e5004bae4372cc9839b4b8bb084634150513a1de8b75179ec6c96ae56ee601817c6a9238165461c5e39d1df5f3af239c66dc265392b35201e55dc292fcfd110a7dc562ee980a4aacf16eff972f3919f0c7c79012fc00608256be017fa48927715fdec98fb1c78fe36043913b226da59eae279b941eb5ec393c48e46859d2b8d929003e2303490dd472aeb6e5220fd88f6c7bef94b54986b5fde24496f6e3992f6935973f36623c128681efc9f19bdac3eb622466ffc04f916d9ff2a41dacf7528328199a8dfcce47d3a21095db951ff6b222ab3a42ca7095898767094f8a43571010e272c7e2dd68fc9c7cabdf0ed97d0d7cb27b0d97a566332ac130333554c26314d846591aa47db36b2242cf2c870466e3efe4b62743e960f599ede6166ced111f82e8c24def8f07335ee6075a4deb72b452d8b49ff2174c617278c57492acea0e49cbe524dbce876f739e9f0dcbaf845d4a2c73f450b3b2ed828c2fcd4d1eb864307cbc154f88fe156822502d1a6255b7371aae0523fec9cefd604fbf2bede8d11512555d7b0c6e4416af2417fd1c3073139f6a0570aeb5dbb0630ad1a3d39230d73d0ad93316c3f605588b1fefde958abf089d4fbcb02726a2e549e39da3a514c653782373cd61384e58d8ee5058cbfabc49e28e928f2fbe527e162ca7bc243d8be484284c3ac5ef4a153ea0270cad9f92aad7c20c57a14a08fa475cdaed9948086bf1bc49ec4fcfcd12de2676070952350f5842870b34f1b846d89c719509ea7cd03cea6955a650e0f9968c81e48996e68e1b9ef7cf5965e8f346d70fe3cf1a6e5ddaba70c6015cd52faa3500ea24d493b5c0849c235c60c5e0898455b0bfd00b9daf309c8a786b989ac263e242325a32cbf1c3a4064258fac70861be96cce7ef5d7f1fdb179bd7c4e11f634b82ba1f34a7c5b76f605a30e7039c45226ad19351bb99a4a2620db562ef9c24d27bab3243d34d7b6b99c4d565a9d1a2814fad6f1a70d02d332d03b861c542ff824bdb30b8d519546ca0064590982b81c77958fa1dbf92f053152de6a3848deebc043803d2312e4ade46be69f68a420835303234cec90d03e492d981140a962220c64fcdbf083c315db77c4263dacfd588f92f12fcc2fc169a5abd559783ebf89333b7b524bfaabd8fe2ed0d5a2083d9e3a2057c09ae60f907f46bd611c80210541d5081956bf57010a3f0c28d08550ef7740efd1aecc065024f9e7eb3951d1088bc949fb4c1b4e329fd7002497ea12f40f361c542f519d152ab49a13f0221564d215b2fc0a3ed712717790e509a55b200259103eb19cca175e6cfcdcf760167e4a6c82bbfd5bfea68554f904192bcd9438adfebaf0ff88cf459af3cf7c5c6fc14e6f6e489b875f41bfcebf128a1746eed7b2ce0530e229450daf42ce4c4b0289df7ec7c8987b503af18f0ee59ae6631c25e350f40dd1a6161a23cc3b2819a31e6dacae14d6c18b9c40bb97c665dee33d5d5eb1621273baffebeefca9b3cc9102e44f3db6cef519e95ca190fc3adb083a4b7613399b8e7f3899542707bd9365ae68131a816d1706d40a93e64d06924ed0dfd6568ed87283f5c6073bdd55b3edb0600c643fc733f5770374146c58c219eb592a7117ff1ac2e38c04b0fd248ecb6e6af14bf3b95ae4a7286ce610be00b3313ca8a48436e9401a0bc1132a475e9313a0c3bb97d9b6e6e3738645e2dfacf66ac34fa24c9ab9e58c4d24795be590a6728a476c3b95f064c74e0c0e82b04069f2b75e512a7a0d39c9346b2aa0400377582e1cee631f8d8410ba7d4a0e24804bff1a79a519818b581f4bb0bdb208109d2937f8b4e38233c6765acde63cdf5c338ad6d8088e29e48760b3677a26d94342b719439d5621d895be6c7c41b31a95d708fa11693eb3a8b985004f48062c6be8089774f119affefb4b3c3b0bc94519c6c97dccb3374c803c63a480f48facde16b9b28c5f07113e554f02a2a426f768b45b35dbb146119b875f6d8b2d7989520c7d43513c316f889c9b22d8ce8caa184c4c26d47dbd12aaf3c1125dda8818fc9eed5294693f6b4579c060c9232faa6963d4e9a8dd115631b8f0227faf16682f9c6dabb3215118a1090a853410b2acb799323bd443b857e423039f4e31a56dc3347829d3b2807c1822647ece7e1ac355674a6de019f8a2f6a0f6884b6253b380a14e582ab756b64ba3b78c488db5131e8ee895bab4b23e81da4bca54d10067adf06c38d593f98db2b4cdfaa637f78348049026878c39dd811a548c2b8ecccb6183aebac9169a21ddeec734421d94512ff5c7875f3d8995ff38ecda4a20a6afa836ecadcec0c109f396578670bb1ca94ffc836561a035c89ddb960b99690a05dba511b9e63ec4b9cc9b734e6935e1451b55f0cc80080a268872f83cb3d50867b35298c33a0d184b91e28d163965971b7eaa07006c15d757721a8454471729c1f93a43ab3f37b584da267ef75e5d05c955e0fc7a10f2e8840e18286dfb1b46dbf85657660d7f99a16975c6a2f25dacec43d319c7af07855fefa620f57121cd58e96abc322e2691f9c6785669080e2878f3ae88da137ccd2e4200aaea649dfb7752109cd7f1dc06a37345ba90192f02f649a2a2482857d9d78240d1a0a8ca89ff0e06c77ce838254678fafaa132ad15ebacc76191d4d2d739b34d16619d285fe297267afd3978f1f525a4ef582cbf3c42bfbd5b7693b9c186ff03e3320dc4b65ce9a6905349bf0196955feb0616c703b7c10e5e5b47124d4d849fdde3a0222224f16c73519bc2976f614d2e23ed65bd9ab70921d3af33487d1a222e7dd0647772599888f5870d0ac9117631375d9360732616adc21c27f86e0e9276546f1f5c8649510c3a940a25d7e758d6d2234eb641627121a93be64d254b81c212c9c7da6afeedc6dada0de20d77eb450e47058b0cc32fe37d92f849c1a430dc2b53b1eb3acf246779fd932ce496729c179617bf4d8ff31aa75c26ecb9502adfecccee73bb4d2ec5a5e777887e45457449c97b7d0a7b26292bfab7b73f09cd62440f13c70d8ea367581a1f352bed33ee64b9c8dfb699e3ca32898106a7094433d7ede773ee804197a641e78bc1eeacf44f6be257afea9c5a5d4eeff6f81ade647c2d9d533c944228b2e873a11918e5228c9d6939bc46cf5a3b85dee02cc19142f5ab4ca2472fb7410eaef954ee2dc2581a2a9e25397b4c2fdf7cf7c926726073b59dbe33963cc3f143cdb6900373ea38880d555d203f15ec7f88fd3f061d02adc79fa456c168ebe419e6efbb568cffd45ad603d4f3b590d053f013727a29f6964c0fb31a6364354968d1da0f73829d6a1fd693e8a0bfa94ae5715bf031aeec529991a60aa8d19d0b2727f6c7562e16ccd24979dab68e67f575ad6cd67825653be66b96d36774385857528cb07db75f376b52378bbabc167d7ad4e84d772c971e5202b53f32c635babb0e8f2579ecc3d54d07f0ddbd912289c0fe1abe0d01bf4d9c1af5e265b5b118439573356ef3147f972942890003f6d4fc85c0ac54672f46c0b4fd4cd0e2c1cc93b377d306d0b0e96fb5e78e62048b2dd4c86f8053f110f565dee0fb0fdf0ca0789e7d8e5e865d67897ca075f5a49a1f38551b0414a251cdd8ab30794f8cb36687421f6da1534b259a2c5c3e0eca89be934d2e6cd579ba7ca4be4d762e8b3d855761fadc84f05b2df3e06f26417911f8668fca481e05f9f1d93e321932f2cbe4dff09633d78984bf75e848e76c1af247470d751b13d7f129959924e3d9a45542d083907a4e646a7482ecf6a3979658b6eb509b4e54ae948b8b1c3e725ade23907b0d01cce4e9c9afb46ac202cf25e0dd17e1fb4876a3ccb0a23b7bab2aeb57c87137879903537609161798005e8cdedd13fa4cb23f3c55598eaaf05017a36b4eef1cbaeb9a875594008894b3e5b4acf35515b91edd4a0488d75628d60ea39c316ebc53306e00e5606148368fe6ab3a69ee689575a83cebda9427d0dd0a38cd4c07abf6351dfac5dd6b42e4ecc01ee7eeec66234b2f329640d1e6cea36ec50c986d8ca11d9998d1d4a643e386f17bbb1d014f2a214fe46410cbb2140663056b54c51d20cdbc083d81ff2e9b535847de4b6cdd2f9d50d9374b5e193e0a4f57ff0c2d36c9cba812ab4bff996e17996974a932e3f60aa344fbb78335075907cddfc187c65f0ed1f118b3611e05df3104290901d6fe327ad13b62405a746ad46d3108040da951778d709efa1b16313992e1cd76de0dffbe698e5c74adebff7596e5362fa0aaca6a9e74c0acc636aa0d2e21e623d76a311832a5a896b6c8c67a1b6e6802e53b320ba120528fc734e668312d5c30897b61322e4d827b562a9c4597c37dff619e0368bdbb8203d6b0d0e0000dcad2c7584a9c4c418591698eb5cf81ea7ba1633a291ce01b06f5b87431a7f9f2e061dd0df50faa8d37b3873ef266fd1b33bb7ede88a8ac4bed8d6b2709aafd24a3a9e12135700dd5152c2fa8ebe00bad668e8c4bd0f19cffd177ba584cd4d91692595ba39f45628f4f0a4d0f9ca3d7eecc0a2dc07afbfe72ee97f25c48d319c54650520e7d14cae3f1f2943737d1fde808f9980ad5bcfe91b1e185c6b478167929bc2869b706371effefd58fd4b15106585b6329dd10496b518395cd4dd186cbeefe78fe2affddeb38918930be9cf46b407aaaa4c7a7dafe2f4432ba0bc6549d1cb664e0caff5e1b6bd811d9ca0fdc3812a1639b4c86ed97c532ef6711c8756b033b376b4d12d4d62a83e9e9ba59cd95d40718898449f433ee6e0b4832116fb0e0b2356733e64c1b250599fe75830826bcfcb2b30542d062b5b7d1a975bce30a33fb6fe10057a2c51448151150077b291bab2771457537e3ddfc3e7b29cc114e1841865a338a070dea64b9e5cb5081236647b6e332b949d1760c630bd9724685eb7fe937918962ec7035abd48b99552e038f8c9d323764b818947449ac0e3a6e32cbbbbeaf1a7e0c8b73ff667b14a78fae01572c96267b", @ANYRES32=r5, @ANYBLOB="dd40be174a2df427c7734b4ffce68cb3f3d2f2e01c3f905b8217742168f35d1e8f83d5432b61d280ebb64764e64627bb9db40e7cf5f50bee7fe917249ea16708005600", @ANYRES32=r6, @ANYBLOB="14002700fe8000000000000000000000000000bb0000b400130091c45404d72a9f397163b8616f95e22fe2687c7e9b0b127114b4e654052d0a2b9ac0ca75dc9779650b14119b834cdc18536d65fccf64503e8be8e9293af05ab7236c6dec202ec2276429e0265fb1f740fb6a9f3f8a027c367ba107152bfe7bad1c5d65ffbefb428bc3e5d763b3dbf349a389cd656a8b76c65fdaa9da4e338184246e8a352b9ce55357cd60f5e59311cd37214020d203a23e540015e714007200000000000000000000000000000000010c007e00090000000000000008005a00", @ANYRES32=r8, @ANYBLOB="040081003ee0ce752c25c594f22eb432ec0fa3f6bb920583ac6e119343e7dfca3aa717a2e1403d7ff8adf1909a13591597a7d2c95400d90d8bdc7c14352a93081c0ef9b6b7bc9cf5b087bbc270e70da66d2e66ec394a65876b901102d8c4270a59992861b5729f309548300a8ebd84e613e61c408ab6b03b03e6d1c371b3a34c4f9614dbbb6b1a6bcf5f1296da12b76cf6e73b2c3a8eb1689072a16b8d76262a233eac7e39b7713be658add888c20774367f81a54127a752ca2ba6a34eb82405ce886c1e8c0e6a640e1081825dde763c"], 0x11b4}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c800) ioctl$TUNSETVNETLE(r6, 0x400454dc, &(0x7f0000002100)) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800f0ff24000705000000", @ANYRES32=r11, @ANYBLOB="00000000fffffffff6ffffff0b000100"], 0x3}}, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'nlmon0\x00', r11}) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:52 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x4400000000000000) 18:52:52 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, 0x0, 0x0) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 540.022644][T13326] IPVS: ftp: loaded support on port[0] = 21 18:52:52 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x4800000000000000) 18:52:52 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:52 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:53 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfa00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:53 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x4c00000000000000) [ 541.088402][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 541.094186][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 541.099997][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 541.105770][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:52:54 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x1) setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000300), 0x4) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000002c0)={0x3, &(0x7f0000000080)=""/120, &(0x7f0000000240)=[{0x2, 0xd, 0x3, &(0x7f0000000100)=""/13}, {0xfffffff8, 0x3b, 0x9, &(0x7f0000000140)=""/59}, {0x6, 0x59, 0x83, &(0x7f00000001c0)=""/89}]}) sendfile(r3, r0, 0x0, 0x6f0a77bd) 18:52:54 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:54 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xff00}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x4f00000000000000) 18:52:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:55 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:55 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xff2f}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x5800710000000000) 18:52:55 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:55 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000080)={0x0, 0x100, 0x20, 0x0, 0x6}, &(0x7f00000000c0)=0x18) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000100)={r3, 0x9, 0x8, 0x6, 0x7, 0x59cd}, &(0x7f0000000140)=0x14) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f00003b9fdc)) r5 = syz_open_pts(r4, 0x4000000000000002) ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r5, r0, 0x0, 0x6f0a77bd) 18:52:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6000000000000000) 18:52:55 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x11000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 542.720702][T13420] IPVS: ftp: loaded support on port[0] = 21 18:52:55 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:55 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 543.168370][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 543.174185][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 543.180081][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 543.185841][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:52:55 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x17000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6018230000000000) 18:52:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:57 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:57 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x101}) r2 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r2, r0, 0x0, 0x6f0a77bd) 18:52:57 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2b000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6400000000000000) 18:52:57 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6500000000000000) 18:52:57 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100100}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:57 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 544.889603][T13472] IPVS: ftp: loaded support on port[0] = 21 18:52:57 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:57 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:57 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev_mcast\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040), 0x0) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000080)) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}) r3 = syz_open_pts(r1, 0x4000000000000002) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0xffffff85, 0xfffffffb}) sendfile(r3, r0, 0x0, 0x6f0a77bd) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000000c0)) 18:52:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:52:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6600000000000000) 18:52:59 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:59 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x400000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:59 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, 0x0, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:59 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0xffffffff, 0x4, {0x2, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]}}}) r4 = socket(0x40000000015, 0x5, 0x0) dup2(r4, r0) 18:52:59 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:52:59 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0xffffffff, 0x4, {0x2, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]}}}) r4 = socket(0x40000000015, 0x5, 0x0) dup2(r4, r0) 18:52:59 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x500000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:52:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6700000000000000) 18:52:59 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, 0x0, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:52:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x2, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) socket(0x0, 0x3, 0x3) [ 547.318821][T13544] IPVS: ftp: loaded support on port[0] = 21 [ 547.328363][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 547.334184][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 547.340002][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 547.345751][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 547.524550][T13545] IPVS: ftp: loaded support on port[0] = 21 [ 548.035812][T13521] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 548.051344][T13521] CPU: 1 PID: 13521 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 548.059311][T13521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.069368][T13521] Call Trace: [ 548.072741][T13521] dump_stack+0xf5/0x159 [ 548.077030][T13521] dump_header+0xaa/0x449 [ 548.081385][T13521] oom_kill_process.cold+0x10/0x15 [ 548.086600][T13521] out_of_memory+0x231/0xa00 [ 548.091208][T13521] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 548.096874][T13521] mem_cgroup_out_of_memory+0x128/0x150 [ 548.102453][T13521] try_charge+0xb3a/0xbc0 [ 548.106810][T13521] ? rcu_note_context_switch+0x700/0x760 [ 548.112520][T13521] mem_cgroup_try_charge+0xd2/0x260 [ 548.117740][T13521] mem_cgroup_try_charge_delay+0x3a/0x80 [ 548.123460][T13521] wp_page_copy+0x322/0x1160 [ 548.128136][T13521] ? preempt_schedule+0x30/0x40 [ 548.133036][T13521] ? ___preempt_schedule+0x16/0x20 [ 548.138185][T13521] do_wp_page+0x192/0x11f0 [ 548.142616][T13521] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 548.148968][T13521] __handle_mm_fault+0x1c07/0x2cb0 [ 548.154147][T13521] handle_mm_fault+0x21b/0x530 [ 548.158955][T13521] __get_user_pages+0x485/0x1160 [ 548.163944][T13521] populate_vma_page_range+0xe6/0x100 [ 548.169352][T13521] __mm_populate+0x168/0x2a0 [ 548.174017][T13521] __x64_sys_mlockall+0x2e3/0x320 [ 548.179143][T13521] do_syscall_64+0xcc/0x370 [ 548.183669][T13521] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.189568][T13521] RIP: 0033:0x459f39 [ 548.193496][T13521] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.213114][T13521] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 548.221537][T13521] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 548.229522][T13521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 548.237504][T13521] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 548.245487][T13521] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 548.253540][T13521] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 548.270518][T13521] memory: usage 307200kB, limit 307200kB, failcnt 1018 [ 548.277570][T13521] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 548.290082][T13521] Memory cgroup stats for /syz5: [ 548.293244][T13521] anon 307806208 [ 548.293244][T13521] file 102400 [ 548.293244][T13521] kernel_stack 405504 [ 548.293244][T13521] slab 2547712 [ 548.293244][T13521] sock 4096 [ 548.293244][T13521] shmem 81920 [ 548.293244][T13521] file_mapped 135168 [ 548.293244][T13521] file_dirty 0 [ 548.293244][T13521] file_writeback 0 [ 548.293244][T13521] anon_thp 270532608 [ 548.293244][T13521] inactive_anon 69722112 [ 548.293244][T13521] active_anon 21966848 [ 548.293244][T13521] inactive_file 135168 [ 548.293244][T13521] active_file 135168 [ 548.293244][T13521] unevictable 215937024 [ 548.293244][T13521] slab_reclaimable 675840 [ 548.293244][T13521] slab_unreclaimable 1871872 [ 548.293244][T13521] pgfault 70752 [ 548.293244][T13521] pgmajfault 0 [ 548.293244][T13521] workingset_refault 33 [ 548.293244][T13521] workingset_activate 0 [ 548.293244][T13521] workingset_nodereclaim 0 [ 548.293244][T13521] pgrefill 200 [ 548.293244][T13521] pgscan 270 [ 548.293244][T13521] pgsteal 66 [ 548.395932][T13521] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13512,uid=0 [ 548.417795][T13521] Memory cgroup out of memory: Killed process 13512 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 548.444714][ T1062] oom_reaper: reaped process 13512 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB [ 549.198805][T13545] IPVS: ftp: loaded support on port[0] = 21 18:53:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:02 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x600000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:02 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6800000000000000) 18:53:02 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, 0x0, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x2, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) socket(0x0, 0x3, 0x3) 18:53:02 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x700100}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 549.831111][T13565] IPVS: ftp: loaded support on port[0] = 21 18:53:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x6c00000000000000) 18:53:02 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={0x0, 0x0, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:02 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:02 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb00000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7400000000000000) [ 550.771425][T13595] IPVS: ftp: loaded support on port[0] = 21 [ 551.586831][T13569] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 551.597268][T13569] CPU: 0 PID: 13569 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 551.605250][T13569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.615306][T13569] Call Trace: [ 551.618639][T13569] dump_stack+0xf5/0x159 [ 551.622904][T13569] dump_header+0xaa/0x449 [ 551.627259][T13569] oom_kill_process.cold+0x10/0x15 [ 551.632399][T13569] out_of_memory+0x231/0xa00 [ 551.637004][T13569] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 551.642686][T13569] mem_cgroup_out_of_memory+0x128/0x150 [ 551.648313][T13569] try_charge+0xb3a/0xbc0 [ 551.652693][T13569] mem_cgroup_try_charge+0xd2/0x260 [ 551.657918][T13569] mem_cgroup_try_charge_delay+0x3a/0x80 [ 551.663576][T13569] wp_page_copy+0x322/0x1160 [ 551.668178][T13569] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 551.673873][T13569] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 551.679535][T13569] do_wp_page+0x192/0x11f0 [ 551.683974][T13569] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 551.689644][T13569] __handle_mm_fault+0x1c07/0x2cb0 [ 551.694848][T13569] handle_mm_fault+0x21b/0x530 [ 551.699654][T13569] __get_user_pages+0x485/0x1160 [ 551.704720][T13569] populate_vma_page_range+0xe6/0x100 [ 551.710123][T13569] __mm_populate+0x168/0x2a0 [ 551.714760][T13569] __x64_sys_mlockall+0x2e3/0x320 [ 551.719821][T13569] do_syscall_64+0xcc/0x370 [ 551.724426][T13569] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.730330][T13569] RIP: 0033:0x459f39 [ 551.734261][T13569] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 551.754033][T13569] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 551.762568][T13569] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 551.770566][T13569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 551.778552][T13569] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 551.786606][T13569] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 551.794620][T13569] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 551.807147][T13569] memory: usage 307200kB, limit 307200kB, failcnt 1045 [ 551.816486][T13569] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 551.826349][T13569] Memory cgroup stats for /syz5: [ 551.827788][T13569] anon 307789824 [ 551.827788][T13569] file 102400 [ 551.827788][T13569] kernel_stack 405504 [ 551.827788][T13569] slab 2269184 [ 551.827788][T13569] sock 4096 [ 551.827788][T13569] shmem 81920 [ 551.827788][T13569] file_mapped 135168 [ 551.827788][T13569] file_dirty 0 [ 551.827788][T13569] file_writeback 0 [ 551.827788][T13569] anon_thp 270532608 [ 551.827788][T13569] inactive_anon 69742592 [ 551.827788][T13569] active_anon 21938176 [ 551.827788][T13569] inactive_file 135168 [ 551.827788][T13569] active_file 135168 [ 551.827788][T13569] unevictable 216199168 [ 551.827788][T13569] slab_reclaimable 675840 [ 551.827788][T13569] slab_unreclaimable 1593344 [ 551.827788][T13569] pgfault 72072 [ 551.827788][T13569] pgmajfault 0 [ 551.827788][T13569] workingset_refault 33 [ 551.827788][T13569] workingset_activate 0 [ 551.827788][T13569] workingset_nodereclaim 0 [ 551.827788][T13569] pgrefill 200 [ 551.827788][T13569] pgscan 270 [ 551.827788][T13569] pgsteal 66 [ 551.928884][T13569] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13567,uid=0 [ 551.949986][T13569] Memory cgroup out of memory: Killed process 13567 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 551.975796][ T1062] oom_reaper: reaped process 13567 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:05 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb00200}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:05 executing program 2: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:05 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={0x0, 0x0, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) [ 552.895959][T13618] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 552.967452][T13618] CPU: 1 PID: 13618 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 552.975435][T13618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.985500][T13618] Call Trace: [ 552.988816][T13618] dump_stack+0xf5/0x159 [ 552.993104][T13618] dump_header+0xaa/0x449 [ 552.997636][T13618] oom_kill_process.cold+0x10/0x15 [ 553.002779][T13618] out_of_memory+0x231/0xa00 [ 553.007428][T13618] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 553.013132][T13618] mem_cgroup_out_of_memory+0x128/0x150 [ 553.018713][T13618] try_charge+0xb3a/0xbc0 [ 553.023068][T13618] ? rcu_note_context_switch+0x700/0x760 [ 553.028810][T13618] mem_cgroup_try_charge+0xd2/0x260 [ 553.034101][T13618] mem_cgroup_try_charge_delay+0x3a/0x80 [ 553.039752][T13618] __handle_mm_fault+0x179a/0x2cb0 [ 553.044910][T13618] handle_mm_fault+0x21b/0x530 [ 553.049774][T13618] __get_user_pages+0x485/0x1160 [ 553.054758][T13618] populate_vma_page_range+0xe6/0x100 [ 553.060211][T13618] __mm_populate+0x168/0x2a0 [ 553.064899][T13618] __x64_sys_mlockall+0x2e3/0x320 [ 553.070005][T13618] do_syscall_64+0xcc/0x370 [ 553.074535][T13618] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 553.080431][T13618] RIP: 0033:0x459f39 [ 553.084352][T13618] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 553.104041][T13618] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 553.112522][T13618] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 553.120537][T13618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 553.128523][T13618] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 553.136511][T13618] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 553.144493][T13618] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 553.189544][T13618] memory: usage 307200kB, limit 307200kB, failcnt 1080 [ 553.196506][T13618] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 553.208761][T13618] Memory cgroup stats for /syz5: [ 553.209109][T13618] anon 307761152 [ 553.209109][T13618] file 102400 [ 553.209109][T13618] kernel_stack 442368 [ 553.209109][T13618] slab 2269184 [ 553.209109][T13618] sock 4096 [ 553.209109][T13618] shmem 81920 [ 553.209109][T13618] file_mapped 135168 [ 553.209109][T13618] file_dirty 0 [ 553.209109][T13618] file_writeback 0 [ 553.209109][T13618] anon_thp 270532608 [ 553.209109][T13618] inactive_anon 82735104 [ 553.209109][T13618] active_anon 21868544 [ 553.209109][T13618] inactive_file 135168 [ 553.209109][T13618] active_file 135168 [ 553.209109][T13618] unevictable 203350016 [ 553.209109][T13618] slab_reclaimable 675840 [ 553.209109][T13618] slab_unreclaimable 1593344 [ 553.209109][T13618] pgfault 72633 [ 553.209109][T13618] pgmajfault 0 [ 553.209109][T13618] workingset_refault 33 [ 553.209109][T13618] workingset_activate 0 [ 553.209109][T13618] workingset_nodereclaim 0 [ 553.209109][T13618] pgrefill 200 [ 553.209109][T13618] pgscan 270 [ 553.209109][T13618] pgsteal 66 [ 553.311592][T13618] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13602,uid=0 [ 553.332205][T13618] Memory cgroup out of memory: Killed process 13602 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 18:53:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x2, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) socket(0x0, 0x3, 0x3) 18:53:06 executing program 2: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:06 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc00000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:06 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={0x0, 0x0, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000000000) [ 553.722824][T13622] IPVS: ftp: loaded support on port[0] = 21 18:53:06 executing program 2: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:06 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 553.990630][T13629] IPVS: ftp: loaded support on port[0] = 21 [ 554.565231][T13618] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 554.581385][T13618] CPU: 1 PID: 13618 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 554.589295][T13618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 554.599353][T13618] Call Trace: [ 554.602666][T13618] dump_stack+0xf5/0x159 [ 554.606936][T13618] dump_header+0xaa/0x449 [ 554.611400][T13618] oom_kill_process.cold+0x10/0x15 [ 554.616703][T13618] out_of_memory+0x231/0xa00 [ 554.621332][T13618] mem_cgroup_out_of_memory+0x128/0x150 [ 554.626931][T13618] try_charge+0xb3a/0xbc0 [ 554.631327][T13618] ? rcu_note_context_switch+0x700/0x760 [ 554.637042][T13618] mem_cgroup_try_charge+0xd2/0x260 [ 554.642321][T13618] mem_cgroup_try_charge_delay+0x3a/0x80 [ 554.648032][T13618] wp_page_copy+0x322/0x1160 [ 554.652642][T13618] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 554.658304][T13618] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 554.664001][T13618] do_wp_page+0x192/0x11f0 [ 554.668429][T13618] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 554.674091][T13618] __handle_mm_fault+0x1c07/0x2cb0 [ 554.679246][T13618] handle_mm_fault+0x21b/0x530 [ 554.684086][T13618] __get_user_pages+0x485/0x1160 [ 554.689082][T13618] populate_vma_page_range+0xe6/0x100 [ 554.694500][T13618] __mm_populate+0x168/0x2a0 [ 554.699204][T13618] __x64_sys_mlockall+0x2e3/0x320 [ 554.704319][T13618] do_syscall_64+0xcc/0x370 [ 554.708847][T13618] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 554.714749][T13618] RIP: 0033:0x459f39 [ 554.718677][T13618] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 554.738359][T13618] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 554.746861][T13618] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 554.754873][T13618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 554.762857][T13618] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 554.770842][T13618] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 554.778832][T13618] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 554.800223][T13618] memory: usage 307200kB, limit 307200kB, failcnt 1134 [ 554.807343][T13618] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 554.819340][T13618] Memory cgroup stats for /syz5: [ 554.821447][T13618] anon 307806208 [ 554.821447][T13618] file 102400 [ 554.821447][T13618] kernel_stack 442368 [ 554.821447][T13618] slab 2404352 [ 554.821447][T13618] sock 4096 [ 554.821447][T13618] shmem 81920 [ 554.821447][T13618] file_mapped 135168 [ 554.821447][T13618] file_dirty 0 [ 554.821447][T13618] file_writeback 0 [ 554.821447][T13618] anon_thp 268435456 [ 554.821447][T13618] inactive_anon 67665920 [ 554.821447][T13618] active_anon 21868544 [ 554.821447][T13618] inactive_file 135168 [ 554.821447][T13618] active_file 135168 [ 554.821447][T13618] unevictable 218034176 [ 554.821447][T13618] slab_reclaimable 811008 [ 554.821447][T13618] slab_unreclaimable 1593344 [ 554.821447][T13618] pgfault 73887 [ 554.821447][T13618] pgmajfault 0 [ 554.821447][T13618] workingset_refault 33 [ 554.821447][T13618] workingset_activate 0 [ 554.821447][T13618] workingset_nodereclaim 0 [ 554.821447][T13618] pgrefill 200 [ 554.821447][T13618] pgscan 270 [ 554.821447][T13618] pgsteal 66 [ 554.923469][T13618] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13614,uid=0 [ 554.945926][T13618] Memory cgroup out of memory: Killed process 13614 (syz-executor.5) total-vm:72848kB, anon-rss:18472kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 554.970404][ T1062] oom_reaper: reaped process 13614 (syz-executor.5), now anon-rss:18492kB, file-rss:54336kB, shmem-rss:0kB 18:53:08 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r0, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x804dfef5747f0000) 18:53:08 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:08 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:08 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 555.648378][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 555.654206][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 555.660011][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 555.665775][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 555.959068][T13665] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 555.988389][T13665] CPU: 0 PID: 13665 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 555.996311][T13665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.006369][T13665] Call Trace: [ 556.009779][T13665] dump_stack+0xf5/0x159 [ 556.014144][T13665] dump_header+0xaa/0x449 [ 556.018501][T13665] oom_kill_process.cold+0x10/0x15 [ 556.023697][T13665] out_of_memory+0x231/0xa00 [ 556.028319][T13665] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 556.034003][T13665] mem_cgroup_out_of_memory+0x128/0x150 [ 556.039638][T13665] try_charge+0xb3a/0xbc0 [ 556.043990][T13665] ? rcu_note_context_switch+0x700/0x760 [ 556.049702][T13665] mem_cgroup_try_charge+0xd2/0x260 [ 556.054978][T13665] mem_cgroup_try_charge_delay+0x3a/0x80 [ 556.060625][T13665] __handle_mm_fault+0x179a/0x2cb0 [ 556.065780][T13665] handle_mm_fault+0x21b/0x530 [ 556.070582][T13665] __get_user_pages+0x485/0x1160 [ 556.075644][T13665] populate_vma_page_range+0xe6/0x100 [ 556.081100][T13665] __mm_populate+0x168/0x2a0 [ 556.085718][T13665] __x64_sys_mlockall+0x2e3/0x320 [ 556.090766][T13665] do_syscall_64+0xcc/0x370 [ 556.095291][T13665] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 556.101278][T13665] RIP: 0033:0x459f39 [ 556.105261][T13665] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 556.124985][T13665] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 556.133422][T13665] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 556.141404][T13665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 556.149403][T13665] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 556.157401][T13665] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 556.165417][T13665] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 556.197709][T13665] memory: usage 307200kB, limit 307200kB, failcnt 1164 [ 556.205338][T13665] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 556.212312][T13665] Memory cgroup stats for /syz5: [ 556.212617][T13665] anon 307851264 [ 556.212617][T13665] file 102400 [ 556.212617][T13665] kernel_stack 368640 [ 556.212617][T13665] slab 2404352 [ 556.212617][T13665] sock 4096 [ 556.212617][T13665] shmem 81920 [ 556.212617][T13665] file_mapped 135168 [ 556.212617][T13665] file_dirty 0 [ 556.212617][T13665] file_writeback 0 [ 556.212617][T13665] anon_thp 268435456 [ 556.212617][T13665] inactive_anon 82706432 [ 556.212617][T13665] active_anon 21934080 [ 556.212617][T13665] inactive_file 135168 [ 556.212617][T13665] active_file 135168 [ 556.212617][T13665] unevictable 203214848 [ 556.212617][T13665] slab_reclaimable 811008 [ 556.212617][T13665] slab_unreclaimable 1593344 [ 556.212617][T13665] pgfault 74448 [ 556.212617][T13665] pgmajfault 0 [ 556.212617][T13665] workingset_refault 33 [ 556.212617][T13665] workingset_activate 0 [ 556.212617][T13665] workingset_nodereclaim 0 [ 556.212617][T13665] pgrefill 200 [ 556.212617][T13665] pgscan 270 [ 556.212617][T13665] pgsteal 66 [ 556.473681][T13665] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13639,uid=0 [ 556.508865][T13665] Memory cgroup out of memory: Killed process 13639 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 18:53:09 executing program 0: chown(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x176c, 0x8000) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f00000003c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x7, @loopback}, {0xa, 0x7e4, 0x0, @local}, r3, 0x4}}, 0x48) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x0, 0x0) getsockopt$packet_int(r4, 0x107, 0x0, &(0x7f0000000280), &(0x7f00000002c0)=0x4) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000040)={0x4, 0x8, 0xfa00, {r3, 0x89c}}, 0x10) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x10}, 0xc) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3}, 0xb) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000080)={@empty}, 0x20) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000440)={0x6, 0x4, 0xffffffff, 0x200, 0x0}, &(0x7f0000000480)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f00000004c0)={r7, @in6={{0xa, 0x4e21, 0x7, @mcast2, 0x10001}}, 0x4, 0x1f}, 0x90) ftruncate(0xffffffffffffffff, 0x200004) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000080), 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r8, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @dev}}}, 0x48) 18:53:09 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:09 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:09 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xa83b3f0100c9ffff) 18:53:09 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:09 executing program 2: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 557.344917][T13712] IPVS: ftp: loaded support on port[0] = 21 [ 557.608873][T13665] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 557.619169][T13665] CPU: 0 PID: 13665 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 557.627088][T13665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 557.637128][T13665] Call Trace: [ 557.640411][T13665] dump_stack+0xf5/0x159 [ 557.644647][T13665] dump_header+0xaa/0x449 [ 557.649041][T13665] oom_kill_process.cold+0x10/0x15 [ 557.654145][T13665] out_of_memory+0x231/0xa00 [ 557.658734][T13665] mem_cgroup_out_of_memory+0x128/0x150 [ 557.664341][T13665] try_charge+0xb3a/0xbc0 [ 557.668692][T13665] ? rcu_note_context_switch+0x700/0x760 [ 557.674321][T13665] mem_cgroup_try_charge+0xd2/0x260 [ 557.679581][T13665] mem_cgroup_try_charge_delay+0x3a/0x80 [ 557.685210][T13665] wp_page_copy+0x322/0x1160 [ 557.689831][T13665] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 557.695466][T13665] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 557.701091][T13665] do_wp_page+0x192/0x11f0 [ 557.705494][T13665] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 557.711221][T13665] __handle_mm_fault+0x1c07/0x2cb0 [ 557.716325][T13665] ? apic_timer_interrupt+0xa/0x20 [ 557.721471][T13665] handle_mm_fault+0x21b/0x530 [ 557.726274][T13665] __get_user_pages+0x485/0x1160 [ 557.731213][T13665] populate_vma_page_range+0xe6/0x100 [ 557.736606][T13665] __mm_populate+0x168/0x2a0 [ 557.741240][T13665] __x64_sys_mlockall+0x2e3/0x320 [ 557.746257][T13665] do_syscall_64+0xcc/0x370 [ 557.750805][T13665] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 557.756678][T13665] RIP: 0033:0x459f39 [ 557.760624][T13665] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 557.780211][T13665] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 557.788738][T13665] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 557.796703][T13665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 557.804672][T13665] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 557.812663][T13665] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 557.820618][T13665] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 557.829617][T13665] memory: usage 307200kB, limit 307200kB, failcnt 1204 [ 557.836619][T13665] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 557.844554][T13665] Memory cgroup stats for /syz5: [ 557.845798][T13665] anon 307924992 [ 557.845798][T13665] file 102400 [ 557.845798][T13665] kernel_stack 405504 [ 557.845798][T13665] slab 2269184 [ 557.845798][T13665] sock 4096 [ 557.845798][T13665] shmem 81920 [ 557.845798][T13665] file_mapped 135168 [ 557.845798][T13665] file_dirty 0 [ 557.845798][T13665] file_writeback 0 [ 557.845798][T13665] anon_thp 268435456 [ 557.845798][T13665] inactive_anon 68104192 [ 557.845798][T13665] active_anon 21934080 [ 557.845798][T13665] inactive_file 135168 [ 557.845798][T13665] active_file 135168 [ 557.845798][T13665] unevictable 218030080 [ 557.845798][T13665] slab_reclaimable 811008 [ 557.845798][T13665] slab_unreclaimable 1458176 [ 557.845798][T13665] pgfault 75768 [ 557.845798][T13665] pgmajfault 0 [ 557.845798][T13665] workingset_refault 33 [ 557.845798][T13665] workingset_activate 0 [ 557.845798][T13665] workingset_nodereclaim 0 [ 557.845798][T13665] pgrefill 200 [ 557.845798][T13665] pgscan 270 [ 557.845798][T13665] pgsteal 66 [ 557.942743][T13665] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13659,uid=0 [ 557.958553][T13665] Memory cgroup out of memory: Killed process 13659 (syz-executor.5) total-vm:72716kB, anon-rss:18296kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 557.979784][ T1062] oom_reaper: reaped process 13659 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:10 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r0, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffffffffffff) 18:53:10 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:10 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:10 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001200)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000007000)) 18:53:10 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000) 18:53:11 executing program 0: r0 = socket$inet(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000380), 0xc) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="24000000120007031dfffd946fa2830012000a0009000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 18:53:11 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 558.611933][T13727] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 558.672724][T13727] CPU: 0 PID: 13727 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 558.680758][T13727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 558.690816][T13727] Call Trace: [ 558.694141][T13727] dump_stack+0xf5/0x159 [ 558.698426][T13727] dump_header+0xaa/0x449 [ 558.702773][T13727] oom_kill_process.cold+0x10/0x15 [ 558.707947][T13727] out_of_memory+0x231/0xa00 [ 558.712598][T13727] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 558.718265][T13727] mem_cgroup_out_of_memory+0x128/0x150 [ 558.723898][T13727] try_charge+0xb3a/0xbc0 [ 558.728248][T13727] ? rcu_note_context_switch+0x700/0x760 [ 558.733904][T13727] mem_cgroup_try_charge+0xd2/0x260 [ 558.739164][T13727] mem_cgroup_try_charge_delay+0x3a/0x80 [ 558.744934][T13727] __handle_mm_fault+0x179a/0x2cb0 [ 558.750121][T13727] handle_mm_fault+0x21b/0x530 [ 558.754907][T13727] __get_user_pages+0x485/0x1160 [ 558.759897][T13727] populate_vma_page_range+0xe6/0x100 [ 558.765285][T13727] __mm_populate+0x168/0x2a0 [ 558.770051][T13727] __x64_sys_mlockall+0x2e3/0x320 [ 558.775096][T13727] do_syscall_64+0xcc/0x370 [ 558.779608][T13727] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 558.785534][T13727] RIP: 0033:0x459f39 [ 558.789449][T13727] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 558.809057][T13727] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:53:11 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 558.817483][T13727] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 558.825454][T13727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 558.833423][T13727] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 558.841398][T13727] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 558.849370][T13727] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 558.878153][T13741] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 559.128805][T13727] memory: usage 307200kB, limit 307200kB, failcnt 1245 [ 559.135798][T13727] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 559.147434][T13727] Memory cgroup stats for /syz5: [ 559.147730][T13727] anon 308031488 [ 559.147730][T13727] file 102400 [ 559.147730][T13727] kernel_stack 442368 [ 559.147730][T13727] slab 2269184 [ 559.147730][T13727] sock 4096 [ 559.147730][T13727] shmem 81920 [ 559.147730][T13727] file_mapped 135168 [ 559.147730][T13727] file_dirty 0 [ 559.147730][T13727] file_writeback 0 [ 559.147730][T13727] anon_thp 268435456 [ 559.147730][T13727] inactive_anon 82804736 [ 559.147730][T13727] active_anon 21876736 [ 559.147730][T13727] inactive_file 135168 [ 559.147730][T13727] active_file 135168 [ 559.147730][T13727] unevictable 203616256 [ 559.147730][T13727] slab_reclaimable 811008 [ 559.147730][T13727] slab_unreclaimable 1458176 [ 559.147730][T13727] pgfault 76395 [ 559.147730][T13727] pgmajfault 0 [ 559.147730][T13727] workingset_refault 33 [ 559.147730][T13727] workingset_activate 0 [ 559.147730][T13727] workingset_nodereclaim 0 [ 559.147730][T13727] pgrefill 200 [ 559.147730][T13727] pgscan 270 [ 559.147730][T13727] pgsteal 66 [ 559.249136][T13727] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13714,uid=0 [ 559.278544][T13727] Memory cgroup out of memory: Killed process 13714 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 559.344888][ T1062] oom_reaper: reaped process 13714 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 559.614562][T13761] IPVS: ftp: loaded support on port[0] = 21 18:53:12 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r0, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:12 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x480100000001, 0x4) connect$inet6(r0, &(0x7f00000000c0), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f85e) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr="736560b460592a164a6d57244f5618cc"}, 0x20) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x19) wait4(0x0, 0x0, 0x0, 0x0) sysinfo(&(0x7f0000000000)=""/50) 18:53:12 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:12 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:12 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf0ffffff00000000) [ 560.198197][T13780] ptrace attach of "/root/syz-executor.0"[13779] was attempted by "/root/syz-executor.0"[13780] 18:53:13 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf2ffffff00000000) 18:53:13 executing program 0: mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)) mount(0x0, &(0x7f0000000480)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000500)='sysfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) unlink(&(0x7f0000000040)='./file0\x00') [ 560.534854][T13781] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 560.578483][T13781] CPU: 0 PID: 13781 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 560.586441][T13781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.596498][T13781] Call Trace: [ 560.599829][T13781] dump_stack+0xf5/0x159 [ 560.604174][T13781] dump_header+0xaa/0x449 [ 560.608537][T13781] oom_kill_process.cold+0x10/0x15 [ 560.613672][T13781] out_of_memory+0x231/0xa00 [ 560.618350][T13781] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 560.624001][T13781] mem_cgroup_out_of_memory+0x128/0x150 [ 560.629565][T13781] try_charge+0xb3a/0xbc0 [ 560.633987][T13781] ? rcu_note_context_switch+0x700/0x760 [ 560.639743][T13781] mem_cgroup_try_charge+0xd2/0x260 [ 560.644957][T13781] mem_cgroup_try_charge_delay+0x3a/0x80 [ 560.650597][T13781] __handle_mm_fault+0x179a/0x2cb0 [ 560.655734][T13781] handle_mm_fault+0x21b/0x530 [ 560.660591][T13781] __get_user_pages+0x485/0x1160 [ 560.665567][T13781] populate_vma_page_range+0xe6/0x100 [ 560.670960][T13781] __mm_populate+0x168/0x2a0 [ 560.675637][T13781] __x64_sys_mlockall+0x2e3/0x320 [ 560.680675][T13781] do_syscall_64+0xcc/0x370 [ 560.685211][T13781] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 560.691101][T13781] RIP: 0033:0x459f39 [ 560.695017][T13781] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 560.714655][T13781] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:53:13 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) [ 560.723078][T13781] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 560.731053][T13781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 560.739027][T13781] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 560.747044][T13781] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 560.755014][T13781] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:13 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:13 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 561.018398][T13781] memory: usage 307200kB, limit 307200kB, failcnt 1255 [ 561.026631][T13781] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 561.038639][T13781] Memory cgroup stats for /syz5: [ 561.038999][T13781] anon 308187136 [ 561.038999][T13781] file 102400 [ 561.038999][T13781] kernel_stack 405504 [ 561.038999][T13781] slab 2269184 [ 561.038999][T13781] sock 4096 [ 561.038999][T13781] shmem 81920 [ 561.038999][T13781] file_mapped 135168 [ 561.038999][T13781] file_dirty 0 [ 561.038999][T13781] file_writeback 0 [ 561.038999][T13781] anon_thp 268435456 [ 561.038999][T13781] inactive_anon 82681856 [ 561.038999][T13781] active_anon 21893120 [ 561.038999][T13781] inactive_file 135168 [ 561.038999][T13781] active_file 135168 [ 561.038999][T13781] unevictable 203612160 [ 561.038999][T13781] slab_reclaimable 811008 [ 561.038999][T13781] slab_unreclaimable 1458176 [ 561.038999][T13781] pgfault 78012 [ 561.038999][T13781] pgmajfault 0 [ 561.038999][T13781] workingset_refault 33 [ 561.038999][T13781] workingset_activate 0 [ 561.038999][T13781] workingset_nodereclaim 0 [ 561.038999][T13781] pgrefill 200 [ 561.038999][T13781] pgscan 270 [ 561.038999][T13781] pgsteal 66 [ 561.177879][T13781] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13762,uid=0 [ 561.232786][T13781] Memory cgroup out of memory: Killed process 13762 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 561.363799][ T1062] oom_reaper: reaped process 13762 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 561.512447][T13810] IPVS: ftp: loaded support on port[0] = 21 18:53:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xf3ffffff00000000) 18:53:14 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:14 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:14 executing program 0: mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)) mount(0x0, &(0x7f0000000480)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000500)='sysfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) unlink(&(0x7f0000000040)='./file0\x00') 18:53:14 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:14 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 561.968360][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 561.974143][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 561.979939][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 561.985678][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:14 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff00000000) [ 562.275304][T13830] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 562.295167][T13830] CPU: 0 PID: 13830 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 562.303294][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 562.313428][T13830] Call Trace: [ 562.316743][T13830] dump_stack+0xf5/0x159 [ 562.321019][T13830] dump_header+0xaa/0x449 [ 562.325418][T13830] oom_kill_process.cold+0x10/0x15 [ 562.330603][T13830] out_of_memory+0x231/0xa00 [ 562.335211][T13830] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 562.340894][T13830] mem_cgroup_out_of_memory+0x128/0x150 [ 562.346467][T13830] try_charge+0xb3a/0xbc0 [ 562.350952][T13830] ? rcu_note_context_switch+0x700/0x760 [ 562.356611][T13830] mem_cgroup_try_charge+0xd2/0x260 [ 562.361826][T13830] mem_cgroup_try_charge_delay+0x3a/0x80 [ 562.367475][T13830] __handle_mm_fault+0x179a/0x2cb0 [ 562.372700][T13830] handle_mm_fault+0x21b/0x530 [ 562.377498][T13830] __get_user_pages+0x485/0x1160 [ 562.382564][T13830] populate_vma_page_range+0xe6/0x100 [ 562.388042][T13830] __mm_populate+0x168/0x2a0 [ 562.392730][T13830] __x64_sys_mlockall+0x2e3/0x320 [ 562.397805][T13830] do_syscall_64+0xcc/0x370 [ 562.402337][T13830] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 562.408236][T13830] RIP: 0033:0x459f39 [ 562.412162][T13830] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 562.431778][T13830] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 562.440203][T13830] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 562.448209][T13830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 562.456196][T13830] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 562.464181][T13830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 18:53:15 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000000000"], 0xfdef) 18:53:15 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 562.472184][T13830] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:15 executing program 0: r0 = gettid() pipe(&(0x7f00000014c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0xfffffffffffffd10, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x1c7f1fd, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r0) tkill(r0, 0x16) 18:53:15 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x18000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 562.618431][T13830] memory: usage 307200kB, limit 307200kB, failcnt 1337 [ 562.672833][T13830] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 562.706396][T13830] Memory cgroup stats for /syz5: [ 562.706692][T13830] anon 308105216 [ 562.706692][T13830] file 102400 [ 562.706692][T13830] kernel_stack 405504 [ 562.706692][T13830] slab 2269184 [ 562.706692][T13830] sock 4096 [ 562.706692][T13830] shmem 81920 [ 562.706692][T13830] file_mapped 135168 [ 562.706692][T13830] file_dirty 0 [ 562.706692][T13830] file_writeback 0 [ 562.706692][T13830] anon_thp 268435456 [ 562.706692][T13830] inactive_anon 82792448 [ 562.706692][T13830] active_anon 21942272 [ 562.706692][T13830] inactive_file 135168 [ 562.706692][T13830] active_file 135168 [ 562.706692][T13830] unevictable 203427840 [ 562.706692][T13830] slab_reclaimable 811008 [ 562.706692][T13830] slab_unreclaimable 1458176 [ 562.706692][T13830] pgfault 79893 [ 562.706692][T13830] pgmajfault 0 [ 562.706692][T13830] workingset_refault 33 [ 562.706692][T13830] workingset_activate 0 [ 562.706692][T13830] workingset_nodereclaim 0 [ 562.706692][T13830] pgrefill 200 [ 562.706692][T13830] pgscan 270 [ 562.706692][T13830] pgsteal 66 [ 562.857745][T13830] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13811,uid=0 [ 562.911956][T13830] Memory cgroup out of memory: Killed process 13811 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 562.960345][ T1062] oom_reaper: reaped process 13811 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB 18:53:15 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, 0x0, 0x0) 18:53:15 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1c000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xffffc900013f3ba8) 18:53:15 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 563.488342][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 563.494166][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 563.568748][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 563.575058][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 563.989174][T13876] IPVS: ftp: loaded support on port[0] = 21 [ 564.386064][T13830] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 564.396718][T13830] CPU: 0 PID: 13830 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 564.404609][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.414660][T13830] Call Trace: [ 564.417978][T13830] dump_stack+0xf5/0x159 [ 564.422251][T13830] dump_header+0xaa/0x449 [ 564.426678][T13830] oom_kill_process.cold+0x10/0x15 [ 564.431811][T13830] out_of_memory+0x231/0xa00 [ 564.436465][T13830] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 564.442125][T13830] mem_cgroup_out_of_memory+0x128/0x150 [ 564.447693][T13830] try_charge+0xb3a/0xbc0 [ 564.452127][T13830] ? rcu_note_context_switch+0x700/0x760 [ 564.457805][T13830] mem_cgroup_try_charge+0xd2/0x260 [ 564.463104][T13830] mem_cgroup_try_charge_delay+0x3a/0x80 [ 564.468774][T13830] wp_page_copy+0x322/0x1160 [ 564.473396][T13830] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 564.479060][T13830] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 564.484718][T13830] do_wp_page+0x192/0x11f0 [ 564.489223][T13830] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 564.494968][T13830] __handle_mm_fault+0x1c07/0x2cb0 [ 564.500120][T13830] handle_mm_fault+0x21b/0x530 [ 564.504926][T13830] __get_user_pages+0x485/0x1160 [ 564.509992][T13830] populate_vma_page_range+0xe6/0x100 [ 564.515386][T13830] __mm_populate+0x168/0x2a0 [ 564.520041][T13830] __x64_sys_mlockall+0x2e3/0x320 [ 564.525089][T13830] do_syscall_64+0xcc/0x370 [ 564.529656][T13830] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 564.535553][T13830] RIP: 0033:0x459f39 [ 564.539502][T13830] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 564.559110][T13830] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 564.567600][T13830] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 564.575573][T13830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 564.583550][T13830] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 564.591540][T13830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 564.599511][T13830] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 564.618445][T13830] memory: usage 307200kB, limit 307200kB, failcnt 1375 [ 564.625537][T13830] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 564.658403][T13830] Memory cgroup stats for /syz5: [ 564.659395][T13830] anon 308064256 [ 564.659395][T13830] file 102400 [ 564.659395][T13830] kernel_stack 405504 [ 564.659395][T13830] slab 2269184 [ 564.659395][T13830] sock 4096 [ 564.659395][T13830] shmem 81920 [ 564.659395][T13830] file_mapped 135168 [ 564.659395][T13830] file_dirty 0 [ 564.659395][T13830] file_writeback 0 [ 564.659395][T13830] anon_thp 268435456 [ 564.659395][T13830] inactive_anon 68141056 [ 564.659395][T13830] active_anon 21942272 [ 564.659395][T13830] inactive_file 135168 [ 564.659395][T13830] active_file 135168 [ 564.659395][T13830] unevictable 217915392 [ 564.659395][T13830] slab_reclaimable 811008 [ 564.659395][T13830] slab_unreclaimable 1458176 [ 564.659395][T13830] pgfault 81180 [ 564.659395][T13830] pgmajfault 0 [ 564.659395][T13830] workingset_refault 33 [ 564.659395][T13830] workingset_activate 0 [ 564.659395][T13830] workingset_nodereclaim 0 [ 564.659395][T13830] pgrefill 200 [ 564.659395][T13830] pgscan 270 [ 564.659395][T13830] pgsteal 66 [ 564.760955][T13830] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13824,uid=0 [ 564.782077][T13830] Memory cgroup out of memory: Killed process 13824 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 564.806857][ T1062] oom_reaper: reaped process 13824 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 18:53:17 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:17 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:17 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, 0x0, 0x0) 18:53:17 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:18 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x29000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 565.893774][T13901] IPVS: ftp: loaded support on port[0] = 21 18:53:18 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r2, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f0000000800)={0x0, 0x0, 0x0}) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39) write$cgroup_pid(r4, &(0x7f0000000000), 0x10000000d) ioctl$TUNSETFILTEREBPF(r4, 0x6609, 0x0) 18:53:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0xffffffffffffffe0) 18:53:18 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, 0x0, 0x0) 18:53:18 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:18 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3c000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 566.128749][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 566.134785][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:19 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000100)="c4e155e95800b90b060000b800000000ba010000000f3066b889008ec00f01d1260f01d1c4e2bddf8ceba7000000b9800000c00f3235008000000f302e0fc7abf1000000b940090000b8951d5c96ba000000000f300f2117", 0x58}], 0x1, 0x20, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x5000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:53:19 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:19 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x0) 18:53:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:19 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x81, 0x481000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000140)="25bca274769e620aa734fa0095e0612687463915e38802a9d8aea872943afd874e2f98b479a7316270146d0e02f8e63ba8863cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000280)={[{@dioread_nolock='dioread_nolock'}]}) 18:53:19 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x48000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 567.319627][T13946] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 567.398502][T13946] CPU: 0 PID: 13946 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 567.406425][T13946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.416487][T13946] Call Trace: [ 567.419849][T13946] dump_stack+0xf5/0x159 [ 567.424114][T13946] dump_header+0xaa/0x449 [ 567.428469][T13946] oom_kill_process.cold+0x10/0x15 [ 567.433669][T13946] out_of_memory+0x231/0xa00 [ 567.438325][T13946] ? __kcsan_setup_watchpoint+0x6b/0x4a0 18:53:20 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x0) [ 567.444061][T13946] mem_cgroup_out_of_memory+0x128/0x150 [ 567.449672][T13946] try_charge+0xb3a/0xbc0 [ 567.454044][T13946] ? rcu_note_context_switch+0x700/0x760 [ 567.459697][T13946] mem_cgroup_try_charge+0xd2/0x260 [ 567.465007][T13946] mem_cgroup_try_charge_delay+0x3a/0x80 [ 567.470659][T13946] __handle_mm_fault+0x179a/0x2cb0 [ 567.475831][T13946] handle_mm_fault+0x21b/0x530 [ 567.480653][T13946] __get_user_pages+0x485/0x1160 [ 567.485689][T13946] populate_vma_page_range+0xe6/0x100 [ 567.491149][T13946] __mm_populate+0x168/0x2a0 [ 567.495778][T13946] __x64_sys_mlockall+0x2e3/0x320 [ 567.500825][T13946] do_syscall_64+0xcc/0x370 [ 567.505428][T13946] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 567.511340][T13946] RIP: 0033:0x459f39 [ 567.515408][T13946] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 567.535030][T13946] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:53:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x300) 18:53:20 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4c000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 567.543453][T13946] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 567.551441][T13946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 567.559422][T13946] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 567.567409][T13946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 567.575393][T13946] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:20 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 567.728471][ C1] net_ratelimit: 2 callbacks suppressed [ 567.728491][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 567.740053][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x4], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 568.048967][T13975] kvm [13974]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000016 data 0x4d00000000f [ 568.108408][T13946] memory: usage 307200kB, limit 307200kB, failcnt 1414 [ 568.117202][T13946] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 568.188438][T13946] Memory cgroup stats for /syz5: [ 568.188712][T13946] anon 308207616 [ 568.188712][T13946] file 102400 [ 568.188712][T13946] kernel_stack 405504 [ 568.188712][T13946] slab 2269184 [ 568.188712][T13946] sock 4096 [ 568.188712][T13946] shmem 81920 [ 568.188712][T13946] file_mapped 135168 [ 568.188712][T13946] file_dirty 0 [ 568.188712][T13946] file_writeback 0 [ 568.188712][T13946] anon_thp 270532608 [ 568.188712][T13946] inactive_anon 82755584 [ 568.188712][T13946] active_anon 21966848 [ 568.188712][T13946] inactive_file 135168 [ 568.188712][T13946] active_file 135168 [ 568.188712][T13946] unevictable 203493376 [ 568.188712][T13946] slab_reclaimable 811008 [ 568.188712][T13946] slab_unreclaimable 1458176 [ 568.188712][T13946] pgfault 82863 [ 568.188712][T13946] pgmajfault 0 [ 568.188712][T13946] workingset_refault 33 [ 568.188712][T13946] workingset_activate 0 [ 568.188712][T13946] workingset_nodereclaim 0 [ 568.188712][T13946] pgrefill 200 [ 568.188712][T13946] pgscan 270 [ 568.188712][T13946] pgsteal 66 [ 568.288604][T13946] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13902,uid=0 [ 568.326016][T13946] Memory cgroup out of memory: Killed process 13902 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 568.625873][T13981] IPVS: ftp: loaded support on port[0] = 21 18:53:21 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) close(r0) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0) 18:53:21 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x0) 18:53:21 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x61000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:21 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socket$netlink(0x10, 0x3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10200, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, &(0x7f0000000040)={0x1, 0x0, 0x2, 0x4, {0x10000, 0x7db5, 0x5, 0xffffffb2}}) r3 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r3, 0x4, 0x42000) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newsa={0x150, 0x10, 0x713, 0xd6787a297f000000, 0x0, {{@in=@multicast2}, {@in6=@mcast2, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "e59b133cc78cecc57debbcd162da13cd1a1514ae"}}]}, 0x150}}, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:21 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x63000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:21 executing program 0: [ 569.369000][T13997] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 569.423394][T13997] CPU: 0 PID: 13997 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 569.431327][T13997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 569.441391][T13997] Call Trace: [ 569.444701][T13997] dump_stack+0xf5/0x159 [ 569.448983][T13997] dump_header+0xaa/0x449 [ 569.453340][T13997] oom_kill_process.cold+0x10/0x15 [ 569.458492][T13997] out_of_memory+0x231/0xa00 [ 569.463154][T13997] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 569.468886][T13997] mem_cgroup_out_of_memory+0x128/0x150 [ 569.474462][T13997] try_charge+0xb3a/0xbc0 [ 569.478878][T13997] ? rcu_note_context_switch+0x700/0x760 [ 569.484566][T13997] mem_cgroup_try_charge+0xd2/0x260 [ 569.489872][T13997] mem_cgroup_try_charge_delay+0x3a/0x80 [ 569.495525][T13997] __handle_mm_fault+0x179a/0x2cb0 [ 569.500658][T13997] handle_mm_fault+0x21b/0x530 [ 569.505439][T13997] __get_user_pages+0x485/0x1160 [ 569.510448][T13997] populate_vma_page_range+0xe6/0x100 [ 569.515857][T13997] __mm_populate+0x168/0x2a0 [ 569.520463][T13997] __x64_sys_mlockall+0x2e3/0x320 [ 569.525514][T13997] do_syscall_64+0xcc/0x370 [ 569.530039][T13997] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 569.536017][T13997] RIP: 0033:0x459f39 [ 569.539958][T13997] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 569.559564][T13997] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:53:22 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) [ 569.567980][T13997] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 569.576068][T13997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 569.584040][T13997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 569.592013][T13997] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 569.599987][T13997] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:22 executing program 0: 18:53:22 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 569.698449][T13997] memory: usage 307200kB, limit 307200kB, failcnt 1449 [ 569.705452][T13997] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 18:53:22 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x68000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 569.791112][T13997] Memory cgroup stats for /syz5: [ 569.791384][T13997] anon 308211712 [ 569.791384][T13997] file 102400 [ 569.791384][T13997] kernel_stack 368640 [ 569.791384][T13997] slab 2269184 [ 569.791384][T13997] sock 4096 [ 569.791384][T13997] shmem 81920 [ 569.791384][T13997] file_mapped 135168 [ 569.791384][T13997] file_dirty 0 [ 569.791384][T13997] file_writeback 0 [ 569.791384][T13997] anon_thp 268435456 [ 569.791384][T13997] inactive_anon 82771968 [ 569.791384][T13997] active_anon 21925888 [ 569.791384][T13997] inactive_file 135168 [ 569.791384][T13997] active_file 135168 [ 569.791384][T13997] unevictable 203620352 [ 569.791384][T13997] slab_reclaimable 811008 [ 569.791384][T13997] slab_unreclaimable 1458176 [ 569.791384][T13997] pgfault 84612 [ 569.791384][T13997] pgmajfault 0 [ 569.791384][T13997] workingset_refault 33 [ 569.791384][T13997] workingset_activate 0 [ 569.791384][T13997] workingset_nodereclaim 0 [ 569.791384][T13997] pgrefill 200 [ 569.791384][T13997] pgscan 270 [ 569.791384][T13997] pgsteal 66 [ 569.808623][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 569.892774][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x4) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000100)) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$BLKREPORTZONE(r5, 0xc0101282, &(0x7f00000005c0)={0x3, 0x8, 0x0, [{0x400, 0x4, 0x4, 0x1, 0x80, 0x6, 0x1d}, {0x8000, 0x4e38, 0x100000000, 0x3, 0x9, 0x6, 0x20}, {0x100000000, 0x8, 0x10000, 0x0, 0x5a, 0x4, 0x3}, {0x2, 0x200, 0x7, 0xe0, 0x7, 0x0, 0x9}, {0x5, 0x800, 0x3, 0x3, 0x9, 0x1f, 0x5}, {0x100000000, 0x9, 0xffffffffffffffe1, 0xff, 0x6a, 0x47, 0x81}, {0xbf67, 0x401, 0x9, 0x80, 0x7f, 0x1}, {0x9, 0x80000001, 0x1, 0xfc, 0x6, 0x6, 0x1f}]}) [ 569.976800][T13997] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13982,uid=0 [ 570.002918][T13997] Memory cgroup out of memory: Killed process 13982 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 18:53:22 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6c000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:22 executing program 0: [ 570.522214][T14039] IPVS: ftp: loaded support on port[0] = 21 [ 570.883985][T13997] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 570.894343][T13997] CPU: 1 PID: 13997 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 570.902239][T13997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.912291][T13997] Call Trace: [ 570.915600][T13997] dump_stack+0xf5/0x159 [ 570.919859][T13997] dump_header+0xaa/0x449 [ 570.924220][T13997] oom_kill_process.cold+0x10/0x15 [ 570.929421][T13997] out_of_memory+0x231/0xa00 [ 570.934039][T13997] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 570.939705][T13997] mem_cgroup_out_of_memory+0x128/0x150 [ 570.945281][T13997] try_charge+0xb3a/0xbc0 [ 570.949664][T13997] ? rcu_note_context_switch+0x700/0x760 [ 570.955364][T13997] mem_cgroup_try_charge+0xd2/0x260 [ 570.960661][T13997] mem_cgroup_try_charge_delay+0x3a/0x80 [ 570.966344][T13997] wp_page_copy+0x322/0x1160 [ 570.970950][T13997] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 570.976607][T13997] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 570.982260][T13997] do_wp_page+0x192/0x11f0 [ 570.986753][T13997] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 570.992413][T13997] __handle_mm_fault+0x1c07/0x2cb0 [ 570.997631][T13997] handle_mm_fault+0x21b/0x530 [ 571.002533][T13997] __get_user_pages+0x485/0x1160 [ 571.007513][T13997] populate_vma_page_range+0xe6/0x100 [ 571.012975][T13997] __mm_populate+0x168/0x2a0 [ 571.017593][T13997] __x64_sys_mlockall+0x2e3/0x320 [ 571.022697][T13997] do_syscall_64+0xcc/0x370 [ 571.027239][T13997] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 571.033136][T13997] RIP: 0033:0x459f39 [ 571.037115][T13997] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 571.056729][T13997] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 571.065156][T13997] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 571.073133][T13997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 571.081113][T13997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 571.089088][T13997] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 571.097066][T13997] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 571.108440][T13997] memory: usage 307200kB, limit 307200kB, failcnt 1480 [ 571.115563][T13997] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 571.123196][T13997] Memory cgroup stats for /syz5: [ 571.124522][T13997] anon 308080640 [ 571.124522][T13997] file 102400 [ 571.124522][T13997] kernel_stack 405504 [ 571.124522][T13997] slab 2269184 [ 571.124522][T13997] sock 4096 [ 571.124522][T13997] shmem 81920 [ 571.124522][T13997] file_mapped 135168 [ 571.124522][T13997] file_dirty 0 [ 571.124522][T13997] file_writeback 0 [ 571.124522][T13997] anon_thp 268435456 [ 571.124522][T13997] inactive_anon 68026368 [ 571.124522][T13997] active_anon 21925888 [ 571.124522][T13997] inactive_file 135168 [ 571.124522][T13997] active_file 135168 [ 571.124522][T13997] unevictable 218034176 [ 571.124522][T13997] slab_reclaimable 811008 [ 571.124522][T13997] slab_unreclaimable 1458176 [ 571.124522][T13997] pgfault 85833 [ 571.124522][T13997] pgmajfault 0 [ 571.124522][T13997] workingset_refault 33 [ 571.124522][T13997] workingset_activate 0 [ 571.124522][T13997] workingset_nodereclaim 0 [ 571.124522][T13997] pgrefill 200 [ 571.124522][T13997] pgscan 270 [ 571.124522][T13997] pgsteal 66 [ 571.221240][T13997] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=13996,uid=0 [ 571.238170][T13997] Memory cgroup out of memory: Killed process 13996 (syz-executor.5) total-vm:72716kB, anon-rss:18300kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 571.260964][ T1062] oom_reaper: reaped process 13996 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:24 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) 18:53:24 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:24 executing program 0: 18:53:24 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x71000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x4000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000100)=""/155) 18:53:24 executing program 0: 18:53:25 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x73000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r1, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000180)=""/88, &(0x7f0000000240)=0x58) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000100)="0f0866b84b008ec0b9800000c00f3235000400000f30c4e2e19739660f388103b9800000c00f3235000400000f3066b8be008ec0660f388110670f009e04020f07"}], 0x7c03aa, 0x0, 0x0, 0x1d8ff8cecf3f439c) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x8000000000], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x500, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x9, 0x7bda3d8d}) 18:53:25 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) 18:53:25 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:25 executing program 0: [ 572.435734][T14058] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 572.506688][T14058] CPU: 0 PID: 14058 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 572.514616][T14058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 572.524695][T14058] Call Trace: [ 572.528083][T14058] dump_stack+0xf5/0x159 [ 572.532368][T14058] dump_header+0xaa/0x449 [ 572.536731][T14058] oom_kill_process.cold+0x10/0x15 [ 572.541883][T14058] out_of_memory+0x231/0xa00 [ 572.546512][T14058] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 572.552245][T14058] mem_cgroup_out_of_memory+0x128/0x150 [ 572.557958][T14058] try_charge+0xb3a/0xbc0 [ 572.562403][T14058] ? rcu_note_context_switch+0x700/0x760 [ 572.568132][T14058] mem_cgroup_try_charge+0xd2/0x260 [ 572.573356][T14058] mem_cgroup_try_charge_delay+0x3a/0x80 [ 572.579069][T14058] __handle_mm_fault+0x179a/0x2cb0 [ 572.584274][T14058] handle_mm_fault+0x21b/0x530 [ 572.589129][T14058] __get_user_pages+0x485/0x1160 [ 572.594167][T14058] populate_vma_page_range+0xe6/0x100 [ 572.599586][T14058] __mm_populate+0x168/0x2a0 [ 572.604214][T14058] __x64_sys_mlockall+0x2e3/0x320 [ 572.609271][T14058] do_syscall_64+0xcc/0x370 [ 572.613806][T14058] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 572.619860][T14058] RIP: 0033:0x459f39 [ 572.623864][T14058] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 572.643576][T14058] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 572.652000][T14058] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 572.659975][T14058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 572.668030][T14058] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 572.676034][T14058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 572.684026][T14058] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 572.728414][T14058] memory: usage 307200kB, limit 307200kB, failcnt 1498 [ 572.735691][T14058] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 572.798399][T14058] Memory cgroup stats for /syz5: [ 572.798655][T14058] anon 308228096 [ 572.798655][T14058] file 102400 [ 572.798655][T14058] kernel_stack 368640 [ 572.798655][T14058] slab 2269184 [ 572.798655][T14058] sock 4096 [ 572.798655][T14058] shmem 81920 [ 572.798655][T14058] file_mapped 135168 [ 572.798655][T14058] file_dirty 0 [ 572.798655][T14058] file_writeback 0 [ 572.798655][T14058] anon_thp 268435456 [ 572.798655][T14058] inactive_anon 82747392 [ 572.798655][T14058] active_anon 21942272 [ 572.798655][T14058] inactive_file 135168 [ 572.798655][T14058] active_file 135168 [ 572.798655][T14058] unevictable 203624448 [ 572.798655][T14058] slab_reclaimable 811008 [ 572.798655][T14058] slab_unreclaimable 1458176 [ 572.798655][T14058] pgfault 86493 [ 572.798655][T14058] pgmajfault 0 [ 572.798655][T14058] workingset_refault 33 [ 572.798655][T14058] workingset_activate 0 [ 572.798655][T14058] workingset_nodereclaim 0 [ 572.798655][T14058] pgrefill 200 [ 572.798655][T14058] pgscan 270 [ 572.798655][T14058] pgsteal 66 [ 572.954916][T14058] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14042,uid=0 [ 573.048492][T14058] Memory cgroup out of memory: Killed process 14042 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 573.103007][ T1062] oom_reaper: reaped process 14042 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 573.376791][T14081] IPVS: ftp: loaded support on port[0] = 21 18:53:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:26 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x74000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:26 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d"], 0x3d) 18:53:26 executing program 0: 18:53:26 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0xffffffffffffffff, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r5, 0xc02c5341, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0x1, @rand_addr="57b2bd256da4ea4d31dc9825e700c166", 0x5}}, [0x5, 0x856e, 0x6, 0x20, 0x8, 0x200, 0x5, 0x6, 0x6, 0xde, 0x80000001, 0x5d6680e3, 0x7, 0xf5]}, &(0x7f0000000240)=0x100) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000280)={r6, 0x3, 0x95f}, 0x8) [ 573.888343][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 573.894169][ C0] protocol 88fb is buggy, dev hsr_slave_1 18:53:26 executing program 0: 18:53:26 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7a000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:26 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d"], 0x3d) [ 574.203655][T14096] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 574.238159][T14096] CPU: 1 PID: 14096 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 574.246084][T14096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.256141][T14096] Call Trace: [ 574.259490][T14096] dump_stack+0xf5/0x159 [ 574.263807][T14096] dump_header+0xaa/0x449 [ 574.268174][T14096] oom_kill_process.cold+0x10/0x15 [ 574.273404][T14096] out_of_memory+0x231/0xa00 [ 574.278031][T14096] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 574.283729][T14096] mem_cgroup_out_of_memory+0x128/0x150 [ 574.289379][T14096] try_charge+0xb3a/0xbc0 [ 574.293742][T14096] ? rcu_note_context_switch+0x700/0x760 [ 574.299405][T14096] mem_cgroup_try_charge+0xd2/0x260 [ 574.304639][T14096] mem_cgroup_try_charge_delay+0x3a/0x80 [ 574.310295][T14096] __handle_mm_fault+0x179a/0x2cb0 [ 574.315444][T14096] handle_mm_fault+0x21b/0x530 [ 574.320279][T14096] __get_user_pages+0x485/0x1160 [ 574.325279][T14096] populate_vma_page_range+0xe6/0x100 [ 574.330765][T14096] __mm_populate+0x168/0x2a0 [ 574.335394][T14096] __x64_sys_mlockall+0x2e3/0x320 [ 574.340528][T14096] do_syscall_64+0xcc/0x370 [ 574.345057][T14096] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 574.350975][T14096] RIP: 0033:0x459f39 [ 574.354894][T14096] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 574.374539][T14096] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 574.383091][T14096] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 574.391081][T14096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 18:53:26 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYPTR, @ANYRES64], 0x3) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 574.399065][T14096] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 574.407198][T14096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 574.415278][T14096] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:27 executing program 0: [ 574.448358][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 574.454157][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 574.459999][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 574.465745][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:27 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x85ffffff}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 574.608409][T14096] memory: usage 307200kB, limit 307200kB, failcnt 1510 [ 574.650730][T14096] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 574.782556][T14096] Memory cgroup stats for /syz5: [ 574.782845][T14096] anon 308244480 [ 574.782845][T14096] file 102400 [ 574.782845][T14096] kernel_stack 405504 [ 574.782845][T14096] slab 2269184 [ 574.782845][T14096] sock 4096 [ 574.782845][T14096] shmem 81920 [ 574.782845][T14096] file_mapped 135168 [ 574.782845][T14096] file_dirty 0 [ 574.782845][T14096] file_writeback 0 [ 574.782845][T14096] anon_thp 268435456 [ 574.782845][T14096] inactive_anon 82898944 [ 574.782845][T14096] active_anon 21946368 [ 574.782845][T14096] inactive_file 135168 [ 574.782845][T14096] active_file 135168 [ 574.782845][T14096] unevictable 203747328 [ 574.782845][T14096] slab_reclaimable 811008 [ 574.782845][T14096] slab_unreclaimable 1458176 [ 574.782845][T14096] pgfault 88308 [ 574.782845][T14096] pgmajfault 0 [ 574.782845][T14096] workingset_refault 33 [ 574.782845][T14096] workingset_activate 0 [ 574.782845][T14096] workingset_nodereclaim 0 [ 574.782845][T14096] pgrefill 200 [ 574.782845][T14096] pgscan 270 [ 574.782845][T14096] pgsteal 66 [ 574.932945][T14096] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14082,uid=0 [ 574.949776][T14096] Memory cgroup out of memory: Killed process 14082 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 574.986468][ T1062] oom_reaper: reaped process 14082 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 575.151871][T14119] IPVS: ftp: loaded support on port[0] = 21 18:53:28 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000040)=0xffffffffffffffff) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x100, 0x40000001, 0x1, 0x80000001, 0xfffffffffffffffc, 0x4c8], 0x12000, 0x64044}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:28 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d"], 0x3d) 18:53:28 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR, @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:28 executing program 0: 18:53:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9cffffff}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:28 executing program 0: 18:53:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9fffffff}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 575.774160][T14128] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 18:53:28 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e3"], 0x5b) [ 576.022174][T14136] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 576.037855][T14136] CPU: 0 PID: 14136 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 576.045781][T14136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 576.055941][T14136] Call Trace: [ 576.059286][T14136] dump_stack+0xf5/0x159 [ 576.063559][T14136] dump_header+0xaa/0x449 [ 576.067987][T14136] oom_kill_process.cold+0x10/0x15 [ 576.073129][T14136] out_of_memory+0x231/0xa00 [ 576.077809][T14136] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 576.083524][T14136] mem_cgroup_out_of_memory+0x128/0x150 [ 576.089128][T14136] try_charge+0xb3a/0xbc0 [ 576.093478][T14136] ? rcu_note_context_switch+0x700/0x760 [ 576.099177][T14136] mem_cgroup_try_charge+0xd2/0x260 [ 576.104460][T14136] mem_cgroup_try_charge_delay+0x3a/0x80 [ 576.110114][T14136] __handle_mm_fault+0x179a/0x2cb0 [ 576.115264][T14136] handle_mm_fault+0x21b/0x530 [ 576.120080][T14136] __get_user_pages+0x485/0x1160 [ 576.125117][T14136] populate_vma_page_range+0xe6/0x100 [ 576.130551][T14136] __mm_populate+0x168/0x2a0 [ 576.135160][T14136] __x64_sys_mlockall+0x2e3/0x320 [ 576.140217][T14136] do_syscall_64+0xcc/0x370 [ 576.144745][T14136] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 576.150694][T14136] RIP: 0033:0x459f39 18:53:28 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfa000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 576.154740][T14136] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 576.174357][T14136] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 576.182779][T14136] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 576.190760][T14136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 576.198741][T14136] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 576.206713][T14136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 576.214694][T14136] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:28 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR, @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:28 executing program 0: [ 576.228511][T14136] memory: usage 307200kB, limit 307200kB, failcnt 1556 [ 576.261235][T14136] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 576.283803][T14136] Memory cgroup stats for /syz5: [ 576.284146][T14136] anon 308178944 [ 576.284146][T14136] file 102400 [ 576.284146][T14136] kernel_stack 405504 [ 576.284146][T14136] slab 2269184 [ 576.284146][T14136] sock 4096 [ 576.284146][T14136] shmem 81920 [ 576.284146][T14136] file_mapped 135168 [ 576.284146][T14136] file_dirty 0 [ 576.284146][T14136] file_writeback 0 [ 576.284146][T14136] anon_thp 266338304 [ 576.284146][T14136] inactive_anon 82714624 [ 576.284146][T14136] active_anon 21979136 [ 576.284146][T14136] inactive_file 135168 [ 576.284146][T14136] active_file 135168 [ 576.284146][T14136] unevictable 203558912 [ 576.284146][T14136] slab_reclaimable 811008 [ 576.284146][T14136] slab_unreclaimable 1458176 [ 576.284146][T14136] pgfault 90684 [ 576.284146][T14136] pgmajfault 0 [ 576.284146][T14136] workingset_refault 33 [ 576.284146][T14136] workingset_activate 0 [ 576.284146][T14136] workingset_nodereclaim 0 [ 576.284146][T14136] pgrefill 200 [ 576.284146][T14136] pgscan 270 [ 576.284146][T14136] pgsteal 66 [ 576.528344][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 576.534264][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 576.540085][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 576.545840][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 576.587715][T14136] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14120,uid=0 [ 576.728505][T14136] Memory cgroup out of memory: Killed process 14120 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 576.976450][T14159] IPVS: ftp: loaded support on port[0] = 21 [ 577.263319][T14136] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 577.273902][T14136] CPU: 1 PID: 14136 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 577.281785][T14136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 577.291816][T14136] Call Trace: [ 577.295100][T14136] dump_stack+0xf5/0x159 [ 577.299334][T14136] dump_header+0xaa/0x449 [ 577.303682][T14136] oom_kill_process.cold+0x10/0x15 [ 577.308787][T14136] out_of_memory+0x231/0xa00 [ 577.313361][T14136] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 577.319032][T14136] mem_cgroup_out_of_memory+0x128/0x150 [ 577.324659][T14136] try_charge+0xb3a/0xbc0 [ 577.329066][T14136] ? rcu_note_context_switch+0x700/0x760 [ 577.334734][T14136] mem_cgroup_try_charge+0xd2/0x260 [ 577.339957][T14136] mem_cgroup_try_charge_delay+0x3a/0x80 [ 577.345635][T14136] wp_page_copy+0x322/0x1160 [ 577.350287][T14136] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 577.355909][T14136] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 577.361589][T14136] do_wp_page+0x192/0x11f0 [ 577.365988][T14136] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 577.371608][T14136] __handle_mm_fault+0x1c07/0x2cb0 [ 577.376788][T14136] handle_mm_fault+0x21b/0x530 [ 577.381546][T14136] __get_user_pages+0x485/0x1160 [ 577.386487][T14136] populate_vma_page_range+0xe6/0x100 [ 577.391916][T14136] __mm_populate+0x168/0x2a0 [ 577.396534][T14136] __x64_sys_mlockall+0x2e3/0x320 [ 577.401551][T14136] do_syscall_64+0xcc/0x370 [ 577.406064][T14136] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 577.411938][T14136] RIP: 0033:0x459f39 [ 577.415901][T14136] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 577.435493][T14136] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 577.443888][T14136] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 577.452019][T14136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 577.459974][T14136] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 577.468005][T14136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 577.475985][T14136] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 577.484908][T14136] memory: usage 307200kB, limit 307200kB, failcnt 1603 [ 577.496739][T14136] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 577.503833][T14136] Memory cgroup stats for /syz5: [ 577.505494][T14136] anon 308199424 [ 577.505494][T14136] file 102400 [ 577.505494][T14136] kernel_stack 442368 [ 577.505494][T14136] slab 2269184 [ 577.505494][T14136] sock 4096 [ 577.505494][T14136] shmem 81920 [ 577.505494][T14136] file_mapped 135168 [ 577.505494][T14136] file_dirty 0 [ 577.505494][T14136] file_writeback 0 [ 577.505494][T14136] anon_thp 268435456 [ 577.505494][T14136] inactive_anon 68108288 [ 577.505494][T14136] active_anon 21979136 [ 577.505494][T14136] inactive_file 135168 [ 577.505494][T14136] active_file 135168 [ 577.505494][T14136] unevictable 218001408 [ 577.505494][T14136] slab_reclaimable 811008 [ 577.505494][T14136] slab_unreclaimable 1458176 [ 577.505494][T14136] pgfault 91938 [ 577.505494][T14136] pgmajfault 0 [ 577.505494][T14136] workingset_refault 33 [ 577.505494][T14136] workingset_activate 0 [ 577.505494][T14136] workingset_nodereclaim 0 [ 577.505494][T14136] pgrefill 200 [ 577.505494][T14136] pgscan 270 [ 577.505494][T14136] pgsteal 66 [ 577.601565][T14136] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14133,uid=0 [ 577.617632][T14136] Memory cgroup out of memory: Killed process 14133 (syz-executor.5) total-vm:72716kB, anon-rss:18296kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 577.638018][ T1062] oom_reaper: reaped process 14133 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:31 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(0xffffffffffffffff, 0x9000aea4, &(0x7f00000005c0)) 18:53:31 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xff000000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:31 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getrule={0x14, 0x22, 0x401}, 0x14}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@acquire={0x128, 0x17, 0x7, 0x0, 0x0, {{@in=@remote}, @in6=@mcast2, {@in=@dev, @in=@local}, {{@in6=@ipv4={[], [], @local}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}}}}, 0x128}, 0x8, 0x0, 0x0, 0x8}, 0x0) 18:53:31 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR, @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:31 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e3"], 0x5b) [ 578.853682][T14166] kvm [14163]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000016 data 0x4d00000000f [ 578.902910][T14171] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 18:53:31 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xff2f0000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:31 executing program 0: socketpair(0x0, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000200)) close(0xffffffffffffffff) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000240)={'bridge_slave_1\x00', @random="01003a1e2410"}) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000100)=ANY=[@ANYBLOB="01000600aaaaaaaaaabb26de256f6b1833fdf1c2ff000000000000000000006343a8ef0e"]) openat$cgroup_ro(r0, &(0x7f00000002c0)='nem\xf0ents\x00', 0x26e1, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) r3 = socket$kcm(0x2, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000280), 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x95c04305b7c9c355) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) write$cgroup_pid(r4, &(0x7f0000000000), 0x10000000d) ioctl$TUNSETFILTEREBPF(r4, 0x6609, 0x0) ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) socket$kcm(0x2, 0x5, 0x84) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0) 18:53:31 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:31 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e3"], 0x5b) 18:53:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$VHOST_GET_VRING_ENDIAN(r3, 0x4008af14, &(0x7f0000000040)={0x1, 0xee}) 18:53:32 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff85}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 579.610757][T14195] kvm [14191]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000016 data 0x4d00000000f [ 579.688766][T14195] kvm [14191]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x4000000e data 0x4d00000000f [ 579.936096][T14209] IPVS: ftp: loaded support on port[0] = 21 [ 580.439822][T14177] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 580.450555][T14177] CPU: 1 PID: 14177 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 580.458491][T14177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 580.468543][T14177] Call Trace: [ 580.471898][T14177] dump_stack+0xf5/0x159 [ 580.476206][T14177] dump_header+0xaa/0x449 [ 580.480566][T14177] oom_kill_process.cold+0x10/0x15 [ 580.485705][T14177] out_of_memory+0x231/0xa00 [ 580.490390][T14177] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 580.496197][T14177] mem_cgroup_out_of_memory+0x128/0x150 [ 580.501772][T14177] try_charge+0xb3a/0xbc0 [ 580.506126][T14177] ? rcu_note_context_switch+0x700/0x760 [ 580.511785][T14177] mem_cgroup_try_charge+0xd2/0x260 [ 580.517042][T14177] mem_cgroup_try_charge_delay+0x3a/0x80 [ 580.522698][T14177] wp_page_copy+0x322/0x1160 [ 580.527370][T14177] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 580.533010][T14177] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 580.538676][T14177] do_wp_page+0x192/0x11f0 [ 580.543111][T14177] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 580.548791][T14177] ? write_comp_data+0x1e/0x70 [ 580.553602][T14177] __handle_mm_fault+0x1c07/0x2cb0 [ 580.558834][T14177] handle_mm_fault+0x21b/0x530 [ 580.563740][T14177] __get_user_pages+0x485/0x1160 [ 580.569862][T14177] populate_vma_page_range+0xe6/0x100 [ 580.575259][T14177] __mm_populate+0x168/0x2a0 [ 580.579885][T14177] __x64_sys_mlockall+0x2e3/0x320 [ 580.584939][T14177] do_syscall_64+0xcc/0x370 [ 580.589522][T14177] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 580.595415][T14177] RIP: 0033:0x459f39 [ 580.599350][T14177] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 580.619043][T14177] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 580.627463][T14177] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 580.635445][T14177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 580.643517][T14177] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 580.651489][T14177] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 580.659555][T14177] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 580.668633][T14177] memory: usage 307200kB, limit 307200kB, failcnt 1633 [ 580.675684][T14177] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 580.683179][T14177] Memory cgroup stats for /syz5: [ 580.684688][T14177] anon 308207616 [ 580.684688][T14177] file 102400 [ 580.684688][T14177] kernel_stack 442368 [ 580.684688][T14177] slab 2269184 [ 580.684688][T14177] sock 4096 [ 580.684688][T14177] shmem 81920 [ 580.684688][T14177] file_mapped 135168 [ 580.684688][T14177] file_dirty 0 [ 580.684688][T14177] file_writeback 0 [ 580.684688][T14177] anon_thp 270532608 [ 580.684688][T14177] inactive_anon 69890048 [ 580.684688][T14177] active_anon 21946368 [ 580.684688][T14177] inactive_file 135168 [ 580.684688][T14177] active_file 135168 [ 580.684688][T14177] unevictable 216473600 [ 580.684688][T14177] slab_reclaimable 811008 [ 580.684688][T14177] slab_unreclaimable 1458176 [ 580.684688][T14177] pgfault 93324 [ 580.684688][T14177] pgmajfault 0 [ 580.684688][T14177] workingset_refault 33 [ 580.684688][T14177] workingset_activate 0 [ 580.684688][T14177] workingset_nodereclaim 0 [ 580.684688][T14177] pgrefill 200 [ 580.684688][T14177] pgscan 270 [ 580.684688][T14177] pgsteal 66 [ 580.781004][T14177] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14172,uid=0 [ 580.797641][T14177] Memory cgroup out of memory: Killed process 14172 (syz-executor.5) total-vm:72716kB, anon-rss:18296kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 580.821373][ T1062] oom_reaper: reaped process 14172 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:34 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:34 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:34 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74"], 0x6a) 18:53:34 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff9c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:34 executing program 0: socketpair(0x0, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000200)) close(0xffffffffffffffff) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000240)={'bridge_slave_1\x00', @random="01003a1e2410"}) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000100)=ANY=[@ANYBLOB="01000600aaaaaaaaaabb26de256f6b1833fdf1c2ff000000000000000000006343a8ef0e"]) openat$cgroup_ro(r0, &(0x7f00000002c0)='nem\xf0ents\x00', 0x26e1, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) r3 = socket$kcm(0x2, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0), 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000280), 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x95c04305b7c9c355) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) write$cgroup_pid(r4, &(0x7f0000000000), 0x10000000d) ioctl$TUNSETFILTEREBPF(r4, 0x6609, 0x0) ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) socket$kcm(0x2, 0x5, 0x84) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0) 18:53:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040), 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r5 = gettid() r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000180)={0x2, 0x0, [{0x80000008, 0x1000, 0x1, 0x3, 0x6, 0x1, 0x5}, {0x80000001, 0x7ac, 0x0, 0x4, 0x1000, 0x3dc, 0x3}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() tkill(r7, 0x3c) getpgid(r7) waitid(0x2, r5, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r4, @ANYRESDEC=r5]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r4}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x4, {0xa, 0x4e23, 0x80, @empty, 0x10000}, r4}}, 0x38) [ 581.808598][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 581.814461][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 581.820269][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 581.826011][ C0] protocol 88fb is buggy, dev hsr_slave_1 18:53:34 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffff9f}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:34 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 581.963341][T14233] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 581.998971][T14233] CPU: 1 PID: 14233 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 582.006890][T14233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 582.016956][T14233] Call Trace: [ 582.020280][T14233] dump_stack+0xf5/0x159 [ 582.024549][T14233] dump_header+0xaa/0x449 [ 582.028959][T14233] oom_kill_process.cold+0x10/0x15 [ 582.034146][T14233] out_of_memory+0x231/0xa00 [ 582.038763][T14233] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 582.044438][T14233] mem_cgroup_out_of_memory+0x128/0x150 [ 582.050022][T14233] try_charge+0xb3a/0xbc0 [ 582.054396][T14233] ? rcu_note_context_switch+0x700/0x760 [ 582.060104][T14233] mem_cgroup_try_charge+0xd2/0x260 [ 582.065331][T14233] mem_cgroup_try_charge_delay+0x3a/0x80 [ 582.071001][T14233] __handle_mm_fault+0x179a/0x2cb0 [ 582.076156][T14233] handle_mm_fault+0x21b/0x530 [ 582.080976][T14233] __get_user_pages+0x485/0x1160 [ 582.086039][T14233] populate_vma_page_range+0xe6/0x100 [ 582.091447][T14233] __mm_populate+0x168/0x2a0 [ 582.096063][T14233] __x64_sys_mlockall+0x2e3/0x320 [ 582.101175][T14233] do_syscall_64+0xcc/0x370 [ 582.105711][T14233] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 582.111618][T14233] RIP: 0033:0x459f39 [ 582.115570][T14233] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 582.135205][T14233] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 582.143636][T14233] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 582.151615][T14233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 18:53:34 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74"], 0x6a) [ 582.159624][T14233] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 582.167615][T14233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 582.175596][T14233] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:35 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:35 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:35 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0xfe41) connect$inet6(r0, &(0x7f0000000080), 0x1c) shutdown(r0, 0x0) [ 582.418471][T14233] memory: usage 307200kB, limit 307200kB, failcnt 1669 [ 582.458340][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 582.464131][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 582.472428][T14233] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 582.515450][T14233] Memory cgroup stats for /syz5: [ 582.515735][T14233] anon 308187136 [ 582.515735][T14233] file 102400 [ 582.515735][T14233] kernel_stack 442368 [ 582.515735][T14233] slab 2269184 [ 582.515735][T14233] sock 4096 [ 582.515735][T14233] shmem 81920 [ 582.515735][T14233] file_mapped 135168 [ 582.515735][T14233] file_dirty 0 [ 582.515735][T14233] file_writeback 0 [ 582.515735][T14233] anon_thp 270532608 [ 582.515735][T14233] inactive_anon 82817024 [ 582.515735][T14233] active_anon 21950464 [ 582.515735][T14233] inactive_file 135168 [ 582.515735][T14233] active_file 135168 [ 582.515735][T14233] unevictable 203620352 [ 582.515735][T14233] slab_reclaimable 811008 [ 582.515735][T14233] slab_unreclaimable 1458176 [ 582.515735][T14233] pgfault 93984 [ 582.515735][T14233] pgmajfault 0 [ 582.515735][T14233] workingset_refault 33 [ 582.515735][T14233] workingset_activate 0 [ 582.515735][T14233] workingset_nodereclaim 0 [ 582.515735][T14233] pgrefill 200 [ 582.515735][T14233] pgscan 270 [ 582.515735][T14233] pgsteal 66 [ 582.810149][T14233] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14216,uid=0 [ 582.868611][T14233] Memory cgroup out of memory: Killed process 14216 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 583.189507][T14265] IPVS: ftp: loaded support on port[0] = 21 18:53:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x4, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:36 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x26e1, 0x1a0ffffffff) ioctl$TUNSETIFINDEX(r2, 0x400454da, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0), 0x12) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x26e1, 0x1a0ffffffff) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFINDEX(r3, 0x400454da, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={r4, 0x0, 0x2, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0xc) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0) gettid() perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xc) write$cgroup_subtree(r5, &(0x7f0000000880)=ANY=[@ANYRESHEX=r4, @ANYBLOB="798c08786d11b7b6a227e4e1db470462daa3a3f89ebd95c322aa9f9726821bfeaaa83c87a0eab8f2e4381d1289a00ea7b2a8caf52f9acab8188ed086e7a586a023c79d", @ANYBLOB="d3d0498a281fc568f1879d8489e598fbb1ccafd145d936b0ccc0989c741b21c4507f06ea9b854f4e38c474b08ebb0241739e720fef5599e750277907410d9d00c30cb8e351a65e742f98cc5454db41e8", @ANYRESHEX], 0xb7) sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000002b80)}, 0x800) 18:53:36 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74"], 0x6a) 18:53:36 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:36 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x2}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:36 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x3}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x3000000a0160101, 0x0, 0x0, 0x0, 0x0) lsetxattr$security_ima(&(0x7f0000000740)='./file1\x00', 0x0, &(0x7f0000000800)=@md5={0x1, "9f49ec589f3bda11914e06370938ea16"}, 0x11, 0x2) mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) sendmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="fe4f82c93f6e74c911305bad12b472bf92dd503cee5483a897e20b2c42fb0698d1cacef18d3e7f760a22d26d12d2f71d6407c171014e6e760dc3c01eb11c10f36845ac23e9e1b607c5e1476e9d78f8649eb77ccf8b8cd379ba7abb8aaa9f20772ce133b2e42190a7be390a9171a7d53bc4c3363b2785637c9f3e04081816d6e356b853f0959cafcbd2b8c9a460f942416f740a484f280b5096c75fea38960d806f9dd10f332e7da09ec09ced018c0bd49a03198d", 0xb4}, {&(0x7f0000000380)="c1bb4932ef50741c243a2d7c45d8b28f59b7b0493fb377517ce8b07c523ffdd085c9f55187b9fe82077146080878df1212e44ce3a3ffc28c345d86109586d9351d533fa2df1026c6c6c3538e1a0f26cac310d702d30322b6c345037d57c5e1c303e0f858e20475574fb1d54b9ef5d82745061483f73606d4574a12701efdcc5498aff5929ad047f921be5146780004652f5edfe0e6d047f60aa8fabdfb95b8af9e00cb8c920a35966eeb777e4ee8308d860fb5d9", 0xb4}, {&(0x7f0000000480)="6ee589e3bf389fb10da34f07ff37077f1ba56a1410ba7042c469ad65466cd164e5305a7bcab901ab8d350dcd6a2b5b7076274220bf73b5c9c7d8148c443e35e3acfe8a68f6560fa16e857cac68b98a47cd71977c3c374ba78e", 0x59}, {&(0x7f0000000080)="cd92a473", 0x4}], 0x4, &(0x7f0000000500)=[{0x10, 0x0, 0x7}, {0x90, 0x3a, 0x0, "0863b374e918f3324884d59a27c58631d4f00cd9cb8286996478b035932bf4dfe5815e30e0c9bc2e61fca265cc7d5e8fa00104c91997c7c78d9cfb315271408545fdff68c810c33ce24234c73091dad3e13d9a1873f40e86d899114124606f1e15d84ddb2955eefdb29760f1d7e420be876ddb360b1c0691042c41129606"}], 0xa0}, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) prctl$PR_SET_KEEPCAPS(0x8, 0x1) pread64(r1, &(0x7f0000000280)=""/220, 0xdc, 0x0) epoll_create1(0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x8, @remote, 0xf8000000}, 0x1c) sendfile(r2, r3, 0x0, 0xa808) pipe(&(0x7f00000001c0)) r4 = socket$inet6(0xa, 0x802, 0x0) sendmmsg$inet6(r4, &(0x7f0000000580)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty, 0xffffffff}, 0x1c, 0x0, 0x0, &(0x7f0000000780)=[@hoplimit={{0x14, 0x29, 0x34, 0x8}}], 0x18}}], 0x1, 0x0) r5 = socket$inet6(0xa, 0x802, 0x0) sendmmsg$inet6(r5, &(0x7f0000000580)=[{{&(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="fd040000000000002900000037004ad78510000000000000c684f507ad31a329876b2684af6a339cd4f0a4afdfabb2a86f268dedde212e96942e274774e0972b2af0a99a7b945437e1e7666d81054742332f2bd95643132c3fc1206540023e3cf8b19a83ec020b092d0c716dc08cdd18912ede325f394a76"], 0x18}}], 0x1, 0x0) signalfd(r5, &(0x7f00000008c0)={0x2a87}, 0x8) setfsgid(0xee00) 18:53:36 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000040)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:53:36 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000"], 0x72) [ 584.147554][T14285] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 584.180086][T14285] CPU: 0 PID: 14285 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 584.188091][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.198252][T14285] Call Trace: [ 584.201574][T14285] dump_stack+0xf5/0x159 [ 584.205853][T14285] dump_header+0xaa/0x449 [ 584.210298][T14285] oom_kill_process.cold+0x10/0x15 [ 584.215533][T14285] out_of_memory+0x231/0xa00 [ 584.220163][T14285] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 584.225840][T14285] mem_cgroup_out_of_memory+0x128/0x150 [ 584.231430][T14285] try_charge+0xb3a/0xbc0 [ 584.235904][T14285] ? rcu_note_context_switch+0x700/0x760 [ 584.241767][T14285] mem_cgroup_try_charge+0xd2/0x260 [ 584.247000][T14285] mem_cgroup_try_charge_delay+0x3a/0x80 [ 584.252671][T14285] __handle_mm_fault+0x179a/0x2cb0 [ 584.257831][T14285] handle_mm_fault+0x21b/0x530 [ 584.262663][T14285] __get_user_pages+0x485/0x1160 [ 584.267703][T14285] populate_vma_page_range+0xe6/0x100 [ 584.273180][T14285] __mm_populate+0x168/0x2a0 [ 584.277824][T14285] __x64_sys_mlockall+0x2e3/0x320 [ 584.282887][T14285] do_syscall_64+0xcc/0x370 [ 584.287422][T14285] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 584.293406][T14285] RIP: 0033:0x459f39 [ 584.297384][T14285] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 584.317119][T14285] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 584.325634][T14285] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 584.333736][T14285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 584.341728][T14285] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 584.349881][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 584.357894][T14285] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:37 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080), 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 584.478510][T14285] memory: usage 307200kB, limit 307200kB, failcnt 1700 [ 584.488748][T14285] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 584.542939][T14285] Memory cgroup stats for /syz5: [ 584.543203][T14285] anon 308011008 [ 584.543203][T14285] file 102400 [ 584.543203][T14285] kernel_stack 405504 [ 584.543203][T14285] slab 2269184 [ 584.543203][T14285] sock 4096 [ 584.543203][T14285] shmem 81920 [ 584.543203][T14285] file_mapped 135168 [ 584.543203][T14285] file_dirty 0 [ 584.543203][T14285] file_writeback 0 [ 584.543203][T14285] anon_thp 268435456 [ 584.543203][T14285] inactive_anon 82821120 [ 584.543203][T14285] active_anon 21929984 [ 584.543203][T14285] inactive_file 135168 [ 584.543203][T14285] active_file 135168 [ 584.543203][T14285] unevictable 203292672 [ 584.543203][T14285] slab_reclaimable 811008 [ 584.543203][T14285] slab_unreclaimable 1458176 [ 584.543203][T14285] pgfault 95568 [ 584.543203][T14285] pgmajfault 0 [ 584.543203][T14285] workingset_refault 33 [ 584.543203][T14285] workingset_activate 0 [ 584.543203][T14285] workingset_nodereclaim 0 [ 584.543203][T14285] pgrefill 233 [ 584.543203][T14285] pgscan 270 [ 584.543203][T14285] pgsteal 66 [ 584.760167][T14285] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14266,uid=0 [ 584.776350][T14285] Memory cgroup out of memory: Killed process 14266 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 584.813866][ T1062] oom_reaper: reaped process 14266 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 584.953411][T14313] IPVS: ftp: loaded support on port[0] = 21 18:53:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:38 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x4}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:38 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000"], 0x72) 18:53:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x200, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r3, 0x7706, &(0x7f0000000100)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:38 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080), 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:38 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 585.448679][T14318] kvm: pic: non byte read [ 585.469755][T14318] kvm: pic: non byte write 18:53:38 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080), 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:38 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x5}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x1, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f30660f3806581e0f08b02f5f5ff30f2af8baa100b000ee", 0x31d}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000100)=@usbdevfs_disconnect={0xffff1a8e}) 18:53:38 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000"], 0x72) [ 585.749129][T14332] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 585.849167][T14332] CPU: 1 PID: 14332 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 585.857312][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.867430][T14332] Call Trace: [ 585.870767][T14332] dump_stack+0xf5/0x159 [ 585.875159][T14332] dump_header+0xaa/0x449 [ 585.879560][T14332] oom_kill_process.cold+0x10/0x15 [ 585.884768][T14332] out_of_memory+0x231/0xa00 [ 585.889402][T14332] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 585.895081][T14332] mem_cgroup_out_of_memory+0x128/0x150 [ 585.900676][T14332] try_charge+0xb3a/0xbc0 [ 585.905184][T14332] ? rcu_note_context_switch+0x700/0x760 [ 585.910979][T14332] mem_cgroup_try_charge+0xd2/0x260 [ 585.916355][T14332] mem_cgroup_try_charge_delay+0x3a/0x80 [ 585.922072][T14332] __handle_mm_fault+0x179a/0x2cb0 [ 585.927308][T14332] handle_mm_fault+0x21b/0x530 [ 585.932230][T14332] __get_user_pages+0x485/0x1160 [ 585.937236][T14332] populate_vma_page_range+0xe6/0x100 [ 585.942648][T14332] __mm_populate+0x168/0x2a0 [ 585.947288][T14332] __x64_sys_mlockall+0x2e3/0x320 [ 585.952414][T14332] do_syscall_64+0xcc/0x370 [ 585.957037][T14332] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 585.963063][T14332] RIP: 0033:0x459f39 [ 585.966995][T14332] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 585.986619][T14332] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 585.995060][T14332] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 586.003070][T14332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 586.011060][T14332] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 586.019057][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 586.027046][T14332] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 586.038395][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 586.044176][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 586.050000][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 586.055802][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 586.158383][T14332] memory: usage 307200kB, limit 307200kB, failcnt 1754 [ 586.168454][T14332] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 586.204055][T14332] Memory cgroup stats for /syz5: [ 586.204349][T14332] anon 307904512 [ 586.204349][T14332] file 102400 [ 586.204349][T14332] kernel_stack 368640 [ 586.204349][T14332] slab 2420736 [ 586.204349][T14332] sock 4096 [ 586.204349][T14332] shmem 81920 [ 586.204349][T14332] file_mapped 135168 [ 586.204349][T14332] file_dirty 0 [ 586.204349][T14332] file_writeback 0 [ 586.204349][T14332] anon_thp 268435456 [ 586.204349][T14332] inactive_anon 82731008 [ 586.204349][T14332] active_anon 21954560 18:53:39 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x6}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 586.204349][T14332] inactive_file 135168 [ 586.204349][T14332] active_file 135168 [ 586.204349][T14332] unevictable 203214848 [ 586.204349][T14332] slab_reclaimable 811008 [ 586.204349][T14332] slab_unreclaimable 1609728 [ 586.204349][T14332] pgfault 97350 [ 586.204349][T14332] pgmajfault 0 [ 586.204349][T14332] workingset_refault 33 [ 586.204349][T14332] workingset_activate 0 [ 586.204349][T14332] workingset_nodereclaim 0 [ 586.204349][T14332] pgrefill 233 [ 586.204349][T14332] pgscan 270 [ 586.204349][T14332] pgsteal 66 18:53:39 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 586.578364][T14332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14314,uid=0 [ 586.600436][T14332] Memory cgroup out of memory: Killed process 14314 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 586.786469][T14360] IPVS: ftp: loaded support on port[0] = 21 [ 587.167522][T14364] IPVS: ftp: loaded support on port[0] = 21 [ 587.636615][T14332] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 587.658421][T14332] CPU: 0 PID: 14332 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 587.666336][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 587.676407][T14332] Call Trace: [ 587.679782][T14332] dump_stack+0xf5/0x159 [ 587.684098][T14332] dump_header+0xaa/0x449 [ 587.688467][T14332] oom_kill_process.cold+0x10/0x15 [ 587.693701][T14332] out_of_memory+0x231/0xa00 [ 587.698513][T14332] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 587.704280][T14332] mem_cgroup_out_of_memory+0x128/0x150 [ 587.709952][T14332] try_charge+0xb3a/0xbc0 [ 587.714326][T14332] ? rcu_note_context_switch+0x700/0x760 [ 587.720009][T14332] mem_cgroup_try_charge+0xd2/0x260 [ 587.725244][T14332] mem_cgroup_try_charge_delay+0x3a/0x80 [ 587.731041][T14332] wp_page_copy+0x322/0x1160 [ 587.735659][T14332] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 587.741324][T14332] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 587.747003][T14332] do_wp_page+0x192/0x11f0 [ 587.751462][T14332] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 587.757194][T14332] __handle_mm_fault+0x1c07/0x2cb0 [ 587.762379][T14332] handle_mm_fault+0x21b/0x530 [ 587.767243][T14332] __get_user_pages+0x485/0x1160 [ 587.772392][T14332] populate_vma_page_range+0xe6/0x100 [ 587.777850][T14332] __mm_populate+0x168/0x2a0 [ 587.782477][T14332] __x64_sys_mlockall+0x2e3/0x320 [ 587.787591][T14332] do_syscall_64+0xcc/0x370 [ 587.792270][T14332] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 587.798359][T14332] RIP: 0033:0x459f39 [ 587.802365][T14332] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 587.822075][T14332] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 587.830509][T14332] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 587.838505][T14332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 587.846501][T14332] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 587.854498][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 587.862497][T14332] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 587.873122][T14332] memory: usage 307200kB, limit 307200kB, failcnt 1807 [ 587.880358][T14332] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 587.887611][T14332] Memory cgroup stats for /syz5: [ 587.890463][T14332] anon 307822592 [ 587.890463][T14332] file 102400 [ 587.890463][T14332] kernel_stack 405504 [ 587.890463][T14332] slab 2420736 [ 587.890463][T14332] sock 4096 [ 587.890463][T14332] shmem 81920 [ 587.890463][T14332] file_mapped 135168 [ 587.890463][T14332] file_dirty 0 [ 587.890463][T14332] file_writeback 0 [ 587.890463][T14332] anon_thp 268435456 [ 587.890463][T14332] inactive_anon 69885952 [ 587.890463][T14332] active_anon 21954560 [ 587.890463][T14332] inactive_file 135168 [ 587.890463][T14332] active_file 135168 [ 587.890463][T14332] unevictable 215916544 [ 587.890463][T14332] slab_reclaimable 811008 [ 587.890463][T14332] slab_unreclaimable 1609728 [ 587.890463][T14332] pgfault 98604 [ 587.890463][T14332] pgmajfault 0 [ 587.890463][T14332] workingset_refault 33 [ 587.890463][T14332] workingset_activate 0 [ 587.890463][T14332] workingset_nodereclaim 0 [ 587.890463][T14332] pgrefill 233 [ 587.890463][T14332] pgscan 270 [ 587.890463][T14332] pgsteal 66 [ 587.986956][T14332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14329,uid=0 [ 588.004564][T14332] Memory cgroup out of memory: Killed process 14329 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 588.024675][ T1062] oom_reaper: reaped process 14329 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:41 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000"], 0x76) 18:53:41 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:41 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x7}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x4, 0x20, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffffd], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) clock_gettime(0x6, &(0x7f0000000040)) 18:53:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 589.008335][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 589.014163][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 589.020151][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 589.025922][ C1] protocol 88fb is buggy, dev hsr_slave_1 18:53:41 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x8}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:41 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:53:42 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000"], 0x76) 18:53:42 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, 0x0, 0x0) 18:53:42 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0xa}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@empty, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8) getresgid(&(0x7f0000000340), &(0x7f0000000400)=0x0, &(0x7f0000000440)) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x10000, &(0x7f00000005c0)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {'group_id', 0x3d, r7}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x400}}, {@blksize={'blksize', 0x3d, 0x2400}}, {@default_permissions='default_permissions'}, {@blksize={'blksize'}}], [{@subj_role={'subj_role', 0x3d, '/dev/radio#\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'numa_maps\x00'}}, {@audit='audit'}, {@obj_role={'obj_role', 0x3d, '/dev/radio#\x00'}}, {@hash='hash'}, {@dont_measure='dont_measure'}, {@dont_measure='dont_measure'}, {@hash='hash'}]}}) r8 = socket$inet(0x2, 0x2, 0x0) getsockopt$inet_mreqsrc(r8, 0x0, 0x12, 0x0, &(0x7f00000001c0)) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 590.025449][T14405] IPVS: ftp: loaded support on port[0] = 21 [ 590.047326][T14407] IPVS: ftp: loaded support on port[0] = 21 [ 590.720887][T14381] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 590.744806][T14381] CPU: 1 PID: 14381 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 590.752750][T14381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 590.762816][T14381] Call Trace: [ 590.766146][T14381] dump_stack+0xf5/0x159 [ 590.770539][T14381] dump_header+0xaa/0x449 [ 590.774904][T14381] oom_kill_process.cold+0x10/0x15 [ 590.780122][T14381] out_of_memory+0x231/0xa00 [ 590.784750][T14381] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 590.790492][T14381] mem_cgroup_out_of_memory+0x128/0x150 [ 590.796097][T14381] try_charge+0xb3a/0xbc0 [ 590.800462][T14381] ? rcu_note_context_switch+0x700/0x760 [ 590.806201][T14381] mem_cgroup_try_charge+0xd2/0x260 [ 590.811432][T14381] mem_cgroup_try_charge_delay+0x3a/0x80 [ 590.817160][T14381] wp_page_copy+0x322/0x1160 [ 590.821838][T14381] ? preempt_schedule+0x30/0x40 [ 590.826795][T14381] ? ___preempt_schedule+0x16/0x20 [ 590.831961][T14381] do_wp_page+0x192/0x11f0 [ 590.836488][T14381] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 590.842157][T14381] __handle_mm_fault+0x1c07/0x2cb0 [ 590.847321][T14381] handle_mm_fault+0x21b/0x530 [ 590.852153][T14381] __get_user_pages+0x485/0x1160 [ 590.857165][T14381] populate_vma_page_range+0xe6/0x100 [ 590.862607][T14381] __mm_populate+0x168/0x2a0 [ 590.867244][T14381] __x64_sys_mlockall+0x2e3/0x320 [ 590.872331][T14381] do_syscall_64+0xcc/0x370 [ 590.876940][T14381] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 590.882851][T14381] RIP: 0033:0x459f39 [ 590.886788][T14381] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 590.906412][T14381] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 590.914918][T14381] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 590.922929][T14381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 590.930936][T14381] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 590.938997][T14381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 590.946987][T14381] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 590.958857][T14381] memory: usage 307200kB, limit 307200kB, failcnt 1846 [ 590.966074][T14381] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 590.973645][T14381] Memory cgroup stats for /syz5: [ 590.975857][T14381] anon 307666944 [ 590.975857][T14381] file 102400 [ 590.975857][T14381] kernel_stack 368640 [ 590.975857][T14381] slab 2613248 [ 590.975857][T14381] sock 4096 [ 590.975857][T14381] shmem 81920 [ 590.975857][T14381] file_mapped 135168 [ 590.975857][T14381] file_dirty 0 [ 590.975857][T14381] file_writeback 0 [ 590.975857][T14381] anon_thp 270532608 [ 590.975857][T14381] inactive_anon 69718016 [ 590.975857][T14381] active_anon 22003712 [ 590.975857][T14381] inactive_file 135168 [ 590.975857][T14381] active_file 135168 [ 590.975857][T14381] unevictable 216068096 [ 590.975857][T14381] slab_reclaimable 811008 [ 590.975857][T14381] slab_unreclaimable 1802240 [ 590.975857][T14381] pgfault 99891 [ 590.975857][T14381] pgmajfault 0 [ 590.975857][T14381] workingset_refault 33 [ 590.975857][T14381] workingset_activate 0 [ 590.975857][T14381] workingset_nodereclaim 0 [ 590.975857][T14381] pgrefill 233 [ 590.975857][T14381] pgscan 270 [ 590.975857][T14381] pgsteal 66 [ 591.073711][T14381] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14379,uid=0 [ 591.090996][T14381] Memory cgroup out of memory: Killed process 14379 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 591.111957][ T1062] oom_reaper: reaped process 14379 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:44 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a52000000000000"], 0x76) 18:53:44 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, 0x0, 0x0) 18:53:44 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0xf}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$isdn(0x22, 0x3, 0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) r5 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x4, 0xc0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x40000000000], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x1, 0x0) ioctl$KVM_SET_CLOCK(r6, 0x4030ae7b, &(0x7f0000000140)={0x7fffffff, 0x400}) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x14) 18:53:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:44 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, 0x0, 0x0) 18:53:44 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x10}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 592.288392][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 592.294217][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 592.300060][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 592.305833][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 592.316252][T14428] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 592.437904][T14428] CPU: 1 PID: 14428 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 592.445854][T14428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 592.456047][T14428] Call Trace: [ 592.459408][T14428] dump_stack+0xf5/0x159 [ 592.463688][T14428] dump_header+0xaa/0x449 [ 592.468064][T14428] oom_kill_process.cold+0x10/0x15 [ 592.473250][T14428] out_of_memory+0x231/0xa00 [ 592.477950][T14428] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 592.483638][T14428] mem_cgroup_out_of_memory+0x128/0x150 [ 592.489256][T14428] try_charge+0xb3a/0xbc0 [ 592.493646][T14428] ? rcu_note_context_switch+0x700/0x760 [ 592.499398][T14428] mem_cgroup_try_charge+0xd2/0x260 [ 592.504687][T14428] mem_cgroup_try_charge_delay+0x3a/0x80 [ 592.510480][T14428] __handle_mm_fault+0x179a/0x2cb0 [ 592.515789][T14428] handle_mm_fault+0x21b/0x530 [ 592.520614][T14428] __get_user_pages+0x485/0x1160 [ 592.525621][T14428] populate_vma_page_range+0xe6/0x100 [ 592.531046][T14428] __mm_populate+0x168/0x2a0 [ 592.535870][T14428] __x64_sys_mlockall+0x2e3/0x320 [ 592.540932][T14428] do_syscall_64+0xcc/0x370 [ 592.545464][T14428] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 592.551509][T14428] RIP: 0033:0x459f39 [ 592.555452][T14428] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 592.575080][T14428] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:53:45 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 592.583514][T14428] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 592.591508][T14428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 592.599498][T14428] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 592.607492][T14428] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 592.615480][T14428] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff 18:53:45 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000000000000000"], 0x78) 18:53:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = getpgid(0xffffffffffffffff) r2 = syz_open_procfs(r1, &(0x7f0000000280)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$RTC_UIE_OFF(r2, 0x7004) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f00000002c0)="f2a6bad004b01fee0f6d0b0b30bad10466b80600000066ef660f3806581e8f08bad004b0beeef30f2af8baa1000fd83dee", 0xfffffffffffffc38}], 0x1, 0x0, 0x0, 0xffffffffffffffc2) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/180, 0xb4}, {&(0x7f00000001c0)=""/37, 0x25}], 0x2, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000002, 0x0, 0x3, 0xffffffffffffffff, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffffd], 0x12000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 592.728422][T14428] memory: usage 307200kB, limit 307200kB, failcnt 1910 [ 592.735518][T14428] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 592.798481][T14428] Memory cgroup stats for /syz5: [ 592.798740][T14428] anon 307830784 [ 592.798740][T14428] file 102400 [ 592.798740][T14428] kernel_stack 405504 [ 592.798740][T14428] slab 2424832 [ 592.798740][T14428] sock 4096 [ 592.798740][T14428] shmem 81920 [ 592.798740][T14428] file_mapped 135168 [ 592.798740][T14428] file_dirty 0 [ 592.798740][T14428] file_writeback 0 [ 592.798740][T14428] anon_thp 270532608 [ 592.798740][T14428] inactive_anon 82661376 [ 592.798740][T14428] active_anon 21938176 18:53:45 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x18}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 592.798740][T14428] inactive_file 135168 [ 592.798740][T14428] active_file 135168 [ 592.798740][T14428] unevictable 203030528 [ 592.798740][T14428] slab_reclaimable 811008 [ 592.798740][T14428] slab_unreclaimable 1613824 [ 592.798740][T14428] pgfault 100419 [ 592.798740][T14428] pgmajfault 0 [ 592.798740][T14428] workingset_refault 33 [ 592.798740][T14428] workingset_activate 0 [ 592.798740][T14428] workingset_nodereclaim 0 [ 592.798740][T14428] pgrefill 233 [ 592.798740][T14428] pgscan 270 [ 592.798740][T14428] pgsteal 66 [ 592.919226][T14441] IPVS: ftp: loaded support on port[0] = 21 [ 593.008415][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 593.014215][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 593.378472][T14428] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14413,uid=0 [ 593.518554][T14428] Memory cgroup out of memory: Killed process 14413 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 593.577427][ T1062] oom_reaper: reaped process 14413 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 594.244755][T14462] IPVS: ftp: loaded support on port[0] = 21 [ 594.597174][T14428] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 594.607532][T14428] CPU: 0 PID: 14428 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 594.615405][T14428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 594.625506][T14428] Call Trace: [ 594.628802][T14428] dump_stack+0xf5/0x159 [ 594.633050][T14428] dump_header+0xaa/0x449 [ 594.637432][T14428] oom_kill_process.cold+0x10/0x15 [ 594.642549][T14428] out_of_memory+0x231/0xa00 [ 594.647202][T14428] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 594.652938][T14428] mem_cgroup_out_of_memory+0x128/0x150 [ 594.658570][T14428] try_charge+0xb3a/0xbc0 [ 594.662894][T14428] ? rcu_note_context_switch+0x700/0x760 [ 594.668620][T14428] mem_cgroup_try_charge+0xd2/0x260 [ 594.673820][T14428] mem_cgroup_try_charge_delay+0x3a/0x80 [ 594.679449][T14428] wp_page_copy+0x322/0x1160 [ 594.684070][T14428] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 594.689784][T14428] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 594.695429][T14428] do_wp_page+0x192/0x11f0 [ 594.699894][T14428] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 594.705517][T14428] ? __sanitizer_cov_trace_pc+0x1/0x50 [ 594.711105][T14428] __handle_mm_fault+0x1c07/0x2cb0 [ 594.716319][T14428] handle_mm_fault+0x21b/0x530 [ 594.721147][T14428] __get_user_pages+0x485/0x1160 [ 594.726087][T14428] populate_vma_page_range+0xe6/0x100 [ 594.731473][T14428] __mm_populate+0x168/0x2a0 [ 594.736067][T14428] __x64_sys_mlockall+0x2e3/0x320 [ 594.741102][T14428] do_syscall_64+0xcc/0x370 [ 594.745670][T14428] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 594.751611][T14428] RIP: 0033:0x459f39 [ 594.755544][T14428] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 594.775183][T14428] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 594.783644][T14428] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 594.791614][T14428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 594.799686][T14428] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 594.807646][T14428] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 594.815637][T14428] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 594.825418][T14428] memory: usage 307200kB, limit 307200kB, failcnt 1950 [ 594.832358][T14428] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 594.840946][T14428] Memory cgroup stats for /syz5: [ 594.841857][T14428] anon 307789824 [ 594.841857][T14428] file 102400 [ 594.841857][T14428] kernel_stack 405504 [ 594.841857][T14428] slab 2424832 [ 594.841857][T14428] sock 4096 [ 594.841857][T14428] shmem 81920 [ 594.841857][T14428] file_mapped 135168 [ 594.841857][T14428] file_dirty 0 [ 594.841857][T14428] file_writeback 0 [ 594.841857][T14428] anon_thp 268435456 [ 594.841857][T14428] inactive_anon 67837952 [ 594.841857][T14428] active_anon 21938176 [ 594.841857][T14428] inactive_file 135168 [ 594.841857][T14428] active_file 135168 [ 594.841857][T14428] unevictable 217899008 [ 594.841857][T14428] slab_reclaimable 811008 [ 594.841857][T14428] slab_unreclaimable 1613824 [ 594.841857][T14428] pgfault 101706 [ 594.841857][T14428] pgmajfault 0 [ 594.841857][T14428] workingset_refault 33 [ 594.841857][T14428] workingset_activate 0 [ 594.841857][T14428] workingset_nodereclaim 0 [ 594.841857][T14428] pgrefill 233 [ 594.841857][T14428] pgscan 270 [ 594.841857][T14428] pgsteal 66 [ 594.938048][T14428] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14423,uid=0 [ 594.954173][T14428] Memory cgroup out of memory: Killed process 14423 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 594.974254][ T1062] oom_reaper: reaped process 14423 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:48 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) 18:53:48 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x1c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:48 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000000000000000"], 0x78) 18:53:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10000, 0x0, 0x2000, 0x1000, &(0x7f0000010000/0x1000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:48 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) 18:53:48 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x29}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:48 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x3f, 0x40000) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000100)={0x0, 0x40000000}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:53:48 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e323e8da03df77a162b075bf5c82fc74f475a19f5a520000000000000000"], 0x78) 18:53:49 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f0000000000)=ANY=[], @ANYRESDEC, @ANYPTR, @ANYRES64], 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) 18:53:49 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 596.921664][T14504] IPVS: ftp: loaded support on port[0] = 21 [ 596.958851][T14506] IPVS: ftp: loaded support on port[0] = 21 [ 597.465828][T14481] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 597.490777][T14481] CPU: 0 PID: 14481 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 597.498686][T14481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 597.508755][T14481] Call Trace: [ 597.512068][T14481] dump_stack+0xf5/0x159 [ 597.516337][T14481] dump_header+0xaa/0x449 [ 597.520764][T14481] oom_kill_process.cold+0x10/0x15 [ 597.525902][T14481] out_of_memory+0x231/0xa00 [ 597.530514][T14481] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 597.536180][T14481] mem_cgroup_out_of_memory+0x128/0x150 [ 597.541765][T14481] try_charge+0xb3a/0xbc0 [ 597.546146][T14481] ? rcu_note_context_switch+0x700/0x760 [ 597.551819][T14481] mem_cgroup_try_charge+0xd2/0x260 [ 597.557086][T14481] mem_cgroup_try_charge_delay+0x3a/0x80 [ 597.562780][T14481] wp_page_copy+0x322/0x1160 [ 597.567382][T14481] ? __kcsan_check_watchpoint+0xa2/0x180 [ 597.573030][T14481] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 597.578782][T14481] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 597.584444][T14481] do_wp_page+0x192/0x11f0 [ 597.588874][T14481] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 597.594597][T14481] __handle_mm_fault+0x1c07/0x2cb0 [ 597.599766][T14481] ? apic_timer_interrupt+0xa/0x20 [ 597.604915][T14481] handle_mm_fault+0x21b/0x530 [ 597.609777][T14481] __get_user_pages+0x485/0x1160 [ 597.614782][T14481] populate_vma_page_range+0xe6/0x100 [ 597.620179][T14481] __mm_populate+0x168/0x2a0 [ 597.624823][T14481] __x64_sys_mlockall+0x2e3/0x320 [ 597.629926][T14481] do_syscall_64+0xcc/0x370 [ 597.634447][T14481] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 597.640347][T14481] RIP: 0033:0x459f39 [ 597.644331][T14481] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 597.663946][T14481] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 597.672371][T14481] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 597.680360][T14481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 597.688361][T14481] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 597.696350][T14481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 597.704369][T14481] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 597.874473][T14481] memory: usage 307200kB, limit 307200kB, failcnt 1988 [ 597.926141][T14481] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 597.942482][T14481] Memory cgroup stats for /syz5: [ 597.944507][T14481] anon 307793920 [ 597.944507][T14481] file 102400 [ 597.944507][T14481] kernel_stack 405504 [ 597.944507][T14481] slab 2424832 [ 597.944507][T14481] sock 4096 [ 597.944507][T14481] shmem 81920 [ 597.944507][T14481] file_mapped 135168 [ 597.944507][T14481] file_dirty 0 [ 597.944507][T14481] file_writeback 0 [ 597.944507][T14481] anon_thp 270532608 [ 597.944507][T14481] inactive_anon 69636096 [ 597.944507][T14481] active_anon 21880832 [ 597.944507][T14481] inactive_file 135168 [ 597.944507][T14481] active_file 135168 [ 597.944507][T14481] unevictable 216207360 [ 597.944507][T14481] slab_reclaimable 811008 [ 597.944507][T14481] slab_unreclaimable 1613824 [ 597.944507][T14481] pgfault 103026 [ 597.944507][T14481] pgmajfault 0 [ 597.944507][T14481] workingset_refault 33 [ 597.944507][T14481] workingset_activate 0 [ 597.944507][T14481] workingset_nodereclaim 0 [ 597.944507][T14481] pgrefill 233 [ 597.944507][T14481] pgscan 303 [ 597.944507][T14481] pgsteal 66 [ 598.121964][T14481] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14479,uid=0 [ 598.143036][T14481] Memory cgroup out of memory: Killed process 14479 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 598.167923][ T1062] oom_reaper: reaped process 14479 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000240)=0x100, 0x4) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r3, 0xc0506617, &(0x7f0000000280)={{0x1, 0x0, @reserved="1aa477e500d8181714de5edf0b7a664c813ab7fbf4b296ffb089e2177256903d"}, 0x86, [], "7e82190749c8ecc604c65b2208c09a6816332b9fc85cd5021dfcfeffe7e313a144758ae5db0ed5c344d95af6173323b625467ab5fe7b026258d83b459b6e1cdb4e518e60bd8e108ac7965bb09ff0353228a8585af2c0cea534e1751337f4313741585ae758f939925a518f4b41983d56c07f77a2531b8f70db50c3f5e18a0fb3b28a96970bee"}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000012000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x200000, 0x0) setsockopt$inet_udp_int(r6, 0x11, 0x65, &(0x7f0000000140), 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) readahead(r7, 0x1, 0xde0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000040)={0x0, 0xfa9, 0xff, 0x0, 0x3f}) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r8, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) fsetxattr$security_smack_entry(r8, &(0x7f00000005c0)='security.SMACK64IPIN\x00', &(0x7f0000000600)='\x00\x06\x00\x00\x00\x00\x00\x00\x00\xa3\xb2\x93\xf1\xd7\x1c!\x85k\xbf\xce\xd6\x01\xb6\xf5\xfb\xdd\r}9\xd6\xf4\x1928\xbc/\xf8\xfeE\xf9S\xbf\\\t\xe6\xad\xb9XL@\x8b\xe9\xee>\xbd6\xff\xee\xe5\x06\xbd\x0f\xb3Od#\xa7\x93\x94\xb3\t\x00\x00\x00\x00\x00\x00\x00\xb3\xf2B\xfb\x8f\xee\xb3yEI\xeb\xd4\xb9\xf1\x10\rt\xbe\xa8\xe8\xf3\xf7\x93\x15\x83W\xaf3/\"v\xcdR\xb1\xf8V\xc6<\x8074O\xfb\xee \xd6B\xae\x02\xb7d\x8b\xe8\xff%\x973t\t\xc1\xeb\xa4\xad\xdeK3z\xa3 \xe8\xcdN\xa3\xc7\xc0\x9a\xaa\xca7\b', 0x383a3a5d7fa78057, 0x2) 18:53:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$isdn(0x22, 0x3, 0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) r5 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x4, 0xc0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8, 0x0, 0x0, 0x0, 0x0, 0x40000000000], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x1, 0x0) ioctl$KVM_SET_CLOCK(r6, 0x4030ae7b, &(0x7f0000000140)={0x7fffffff, 0x400}) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x14) 18:53:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040), 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r5 = gettid() r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000180)={0x2, 0x0, [{0x80000008, 0x1000, 0x1, 0x3, 0x6, 0x1, 0x5}, {0x80000001, 0x7ac, 0x0, 0x4, 0x1000, 0x3dc, 0x3}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() tkill(r7, 0x3c) getpgid(r7) waitid(0x2, r5, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r4, @ANYRESDEC=r5]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r4}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x4, {0xa, 0x4e23, 0x80, @empty, 0x10000}, r4}}, 0x38) 18:53:51 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x48}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 598.805459][T14522] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 598.828539][T14522] CPU: 0 PID: 14522 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 598.836452][T14522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 598.846504][T14522] Call Trace: [ 598.849855][T14522] dump_stack+0xf5/0x159 [ 598.854211][T14522] dump_header+0xaa/0x449 [ 598.858564][T14522] oom_kill_process.cold+0x10/0x15 [ 598.863703][T14522] out_of_memory+0x231/0xa00 [ 598.868322][T14522] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 598.873992][T14522] mem_cgroup_out_of_memory+0x128/0x150 [ 598.879588][T14522] try_charge+0xb3a/0xbc0 [ 598.884046][T14522] ? rcu_note_context_switch+0x700/0x760 [ 598.889704][T14522] mem_cgroup_try_charge+0xd2/0x260 [ 598.894917][T14522] mem_cgroup_try_charge_delay+0x3a/0x80 [ 598.900560][T14522] __handle_mm_fault+0x179a/0x2cb0 [ 598.905698][T14522] handle_mm_fault+0x21b/0x530 [ 598.910479][T14522] __get_user_pages+0x485/0x1160 [ 598.915446][T14522] populate_vma_page_range+0xe6/0x100 [ 598.920838][T14522] __mm_populate+0x168/0x2a0 [ 598.925444][T14522] __x64_sys_mlockall+0x2e3/0x320 [ 598.930482][T14522] do_syscall_64+0xcc/0x370 [ 598.935017][T14522] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 598.940906][T14522] RIP: 0033:0x459f39 [ 598.944819][T14522] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 598.964433][T14522] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 598.972903][T14522] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 598.980876][T14522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 598.988847][T14522] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 598.996821][T14522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 18:53:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) 18:53:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040), 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r5 = gettid() r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000180)={0x2, 0x0, [{0x80000008, 0x1000, 0x1, 0x3, 0x6, 0x1, 0x5}, {0x80000001, 0x7ac, 0x0, 0x4, 0x1000, 0x3dc, 0x3}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() tkill(r7, 0x3c) getpgid(r7) waitid(0x2, r5, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r4, @ANYRESDEC=r5]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r4}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x4, {0xa, 0x4e23, 0x80, @empty, 0x10000}, r4}}, 0x38) 18:53:51 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x4c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:51 executing program 2: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xff2f0000}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 599.004793][T14522] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 599.028994][T14522] memory: usage 307200kB, limit 307200kB, failcnt 2025 [ 599.053710][T14522] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 599.070934][T14522] Memory cgroup stats for /syz5: [ 599.071214][T14522] anon 307781632 [ 599.071214][T14522] file 102400 [ 599.071214][T14522] kernel_stack 405504 [ 599.071214][T14522] slab 2580480 [ 599.071214][T14522] sock 4096 [ 599.071214][T14522] shmem 81920 [ 599.071214][T14522] file_mapped 135168 [ 599.071214][T14522] file_dirty 0 [ 599.071214][T14522] file_writeback 0 [ 599.071214][T14522] anon_thp 270532608 [ 599.071214][T14522] inactive_anon 82665472 [ 599.071214][T14522] active_anon 21991424 [ 599.071214][T14522] inactive_file 135168 [ 599.071214][T14522] active_file 135168 [ 599.071214][T14522] unevictable 203153408 [ 599.071214][T14522] slab_reclaimable 811008 [ 599.071214][T14522] slab_unreclaimable 1769472 [ 599.071214][T14522] pgfault 103554 [ 599.071214][T14522] pgmajfault 0 [ 599.071214][T14522] workingset_refault 33 [ 599.071214][T14522] workingset_activate 0 [ 599.071214][T14522] workingset_nodereclaim 0 [ 599.071214][T14522] pgrefill 233 [ 599.071214][T14522] pgscan 303 [ 599.071214][T14522] pgsteal 66 18:53:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040), 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r5 = gettid() r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000180)={0x2, 0x0, [{0x80000008, 0x1000, 0x1, 0x3, 0x6, 0x1, 0x5}, {0x80000001, 0x7ac, 0x0, 0x4, 0x1000, 0x3dc, 0x3}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000076}}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = gettid() tkill(r7, 0x3c) getpgid(r7) waitid(0x2, r5, &(0x7f0000000040), 0x2, &(0x7f00000000c0)) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r4, @ANYRESDEC=r5]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000340)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r4}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x4, {0xa, 0x4e23, 0x80, @empty, 0x10000}, r4}}, 0x38) 18:53:52 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x61}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 599.293040][T14522] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14508,uid=0 18:53:52 executing program 2: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e3"], 0x5b) [ 599.362363][T14522] Memory cgroup out of memory: Killed process 14508 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 599.469990][ T1062] oom_reaper: reaped process 14508 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 600.036494][T14552] IPVS: ftp: loaded support on port[0] = 21 [ 600.135317][T14553] IPVS: ftp: loaded support on port[0] = 21 [ 600.679176][T14522] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 600.701241][T14522] CPU: 1 PID: 14522 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 600.709148][T14522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 600.719257][T14522] Call Trace: [ 600.722572][T14522] dump_stack+0xf5/0x159 [ 600.726907][T14522] dump_header+0xaa/0x449 [ 600.731264][T14522] oom_kill_process.cold+0x10/0x15 [ 600.736402][T14522] out_of_memory+0x231/0xa00 [ 600.741009][T14522] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 600.746741][T14522] mem_cgroup_out_of_memory+0x128/0x150 [ 600.752386][T14522] try_charge+0xb3a/0xbc0 [ 600.756955][T14522] ? rcu_note_context_switch+0x700/0x760 [ 600.762679][T14522] mem_cgroup_try_charge+0xd2/0x260 [ 600.767961][T14522] mem_cgroup_try_charge_delay+0x3a/0x80 [ 600.773810][T14522] wp_page_copy+0x322/0x1160 [ 600.778419][T14522] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 600.784075][T14522] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 600.789742][T14522] do_wp_page+0x192/0x11f0 [ 600.794171][T14522] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 600.799901][T14522] __handle_mm_fault+0x1c07/0x2cb0 [ 600.805135][T14522] handle_mm_fault+0x21b/0x530 [ 600.809963][T14522] __get_user_pages+0x485/0x1160 [ 600.814988][T14522] populate_vma_page_range+0xe6/0x100 [ 600.820426][T14522] __mm_populate+0x168/0x2a0 [ 600.825046][T14522] __x64_sys_mlockall+0x2e3/0x320 [ 600.830124][T14522] do_syscall_64+0xcc/0x370 [ 600.834654][T14522] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 600.840562][T14522] RIP: 0033:0x459f39 [ 600.844565][T14522] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 600.864234][T14522] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 600.872677][T14522] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 600.880662][T14522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 600.888767][T14522] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 600.896826][T14522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 600.904804][T14522] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 600.985902][T14522] memory: usage 307200kB, limit 307200kB, failcnt 2077 [ 600.997171][T14522] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 601.150887][T14522] Memory cgroup stats for /syz5: [ 601.153404][T14522] anon 307666944 [ 601.153404][T14522] file 102400 [ 601.153404][T14522] kernel_stack 405504 [ 601.153404][T14522] slab 2580480 [ 601.153404][T14522] sock 4096 [ 601.153404][T14522] shmem 81920 [ 601.153404][T14522] file_mapped 135168 [ 601.153404][T14522] file_dirty 0 [ 601.153404][T14522] file_writeback 0 [ 601.153404][T14522] anon_thp 268435456 [ 601.153404][T14522] inactive_anon 67706880 [ 601.153404][T14522] active_anon 21991424 [ 601.153404][T14522] inactive_file 135168 [ 601.153404][T14522] active_file 135168 [ 601.153404][T14522] unevictable 218030080 [ 601.153404][T14522] slab_reclaimable 811008 [ 601.153404][T14522] slab_unreclaimable 1769472 [ 601.153404][T14522] pgfault 104841 [ 601.153404][T14522] pgmajfault 0 [ 601.153404][T14522] workingset_refault 33 [ 601.153404][T14522] workingset_activate 0 [ 601.153404][T14522] workingset_nodereclaim 0 [ 601.153404][T14522] pgrefill 233 [ 601.153404][T14522] pgscan 303 [ 601.153404][T14522] pgsteal 66 [ 601.252009][T14522] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14521,uid=0 [ 601.268127][T14522] Memory cgroup out of memory: Killed process 14521 (syz-executor.5) total-vm:72716kB, anon-rss:18288kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 601.290384][ T1062] oom_reaper: reaped process 14521 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:53:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:54 executing program 1: socket$kcm(0x2, 0x1, 0x84) socket$kcm(0x2, 0x2, 0x0) socket$kcm(0x11, 0xa, 0x300) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x3}, 0x3c) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1}, 0xc) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000040)) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x2, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="006d656d6f72792050d9df389594ae45c7d7d8d5c6210ee2f986ff273256545c1d06c74ba8627076bbd868e8dcd0df2c0251496231cc492516b0b1536d9b0a6545c628197d57005a0444cfaf798743fc526130f0fc9012e99ba2e3"], 0x5b) 18:53:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x101000, 0x0) setsockopt$RDS_CONG_MONITOR(r3, 0x114, 0x6, &(0x7f0000000100)=0x1, 0x4) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c9], 0x12000, 0xf42e7bc09b47bbcc}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000140)={'ah\x00'}, &(0x7f0000000180)=0x1e) 18:53:54 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x63}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) [ 602.225421][T14558] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 602.325271][T14558] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 18:53:55 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x68}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 602.479074][T14573] IPVS: ftp: loaded support on port[0] = 21 18:53:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x800) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r4, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000140)={0x10000, 0x3, 0xf004, 0x1000, &(0x7f0000002000/0x1000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) 18:53:55 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x6c}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000040)=0x3140000000000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0xc0100, 0x0) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r5) ioctl$SIOCAX25GETUID(r3, 0x89e0, &(0x7f0000000140)={0x3, @bcast, r5}) [ 603.253371][T14592] IPVS: ftp: loaded support on port[0] = 21 18:53:56 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x71}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 603.333719][T14597] kvm [14594]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000004 data 0x4d00000000f [ 603.427802][T14596] IPVS: ftp: loaded support on port[0] = 21 [ 604.209387][T14607] IPVS: ftp: loaded support on port[0] = 21 18:53:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0xd000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:53:59 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x73}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:53:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) 18:53:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) 18:53:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:53:59 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x74}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 606.963394][T14625] IPVS: ftp: loaded support on port[0] = 21 18:53:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-monitor\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x6, 0x2975d531de59a4e) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000140)="0fc7af02006766c7442400750000006766c7442402ffa0235f6766c744240600000000670f01142466b96f0a000066b80020000066ba000000000f30f20f01dfbaf80c66b8748c358f66efbafc0c66b8cb7a000066ef0f20c06635080000000f22c066b9800000c00f326635001000000f30660f73fd000f20d86635200000000f22d867650f01c3", 0x88}], 0x1, 0xb, &(0x7f0000000280)=[@flags={0x3, 0xc402}, @flags={0x3, 0x40615}], 0x2) close(0xffffffffffffffff) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r6 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r7, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet6_mreq(r6, 0x29, 0x15, &(0x7f0000000300)={@mcast1, 0x0}, &(0x7f0000000340)=0x14) ioctl$sock_inet6_SIOCADDRT(r7, 0x890b, &(0x7f0000000400)={@empty, @mcast1, @loopback, 0x9, 0x4, 0x8000, 0x300, 0x18, 0x20000, r8}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r9, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_ENABLE_CAP_CPU(r9, 0x4068aea3, &(0x7f0000000380)={0x7b, 0x0, [0x3, 0x401, 0x0, 0x100000001]}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 18:54:00 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x7a}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:54:00 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0xfa}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 607.590532][T14642] IPVS: ftp: loaded support on port[0] = 21 [ 607.630632][T14640] IPVS: ftp: loaded support on port[0] = 21 [ 608.034516][T14644] IPVS: ftp: loaded support on port[0] = 21 18:54:00 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:54:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0xca80, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000180)=0x79, &(0x7f00000001c0)=0x4) readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f00000005c0)={"8d5955a627a9b5782ef9e13e2632fcf55b552846c8eb871a8b1e5b8a77b93e9977ebb5f6381dd00980cf72b021fc48c75fb09f0946eeb727f1843728325167f8d49d9ecd44e76bbf571d2f2552c48595e63a5afc78e46f935595bf05e20cd1c1c72665969caee3f7e0eaf39cf35e36181db3136e74ba654b36e492640cc72f2c5ec44b9d2b0dcf512286d2227a4baaacde6636c61c961cbe6123563705b0515bb667872e6df8756baefe6ce84337c4b7f301e0c0c9417f2fcea713b330052637881bdfad8341e23a1a7452cb9ccc964d427db71b54e51aaa7a0f61db31401649e486f5000c4411bccb508d857ecd70087f41dc144a8bf701b92a9c1c9ce641922d06f9eaf39fa89a25915175639c5c52d20f3177687a209da544283c25e39c1bdfa71177f914f1d57fd040752a26b42284fdbf86aa2355873c5dcd6fe522936cc1af089d8e39361ebb80ba5a0215f56814dc6604c33dc9530c1141ca2cebcb1eba05d0b3431f6570bab651526da0e66db185c27bba34211d68798d204d14e66b1d9a273ec39f0e480d00b448fd78e38e34678e6ebe7f35b50fa590277217ef3e2653a296e9b0cd01280be611c6531c8c34ed16a01d1ab9ce394dad2b8e1e72654127593fd4a2a7a24e02042972dbe850302a47e0abdbcf5d67197694928baa6b7bee1348032f95aa418b1e70b65a53f866d329d7fe0ed15ef6fef9078c72bedc83eb15c38f8d2bd21ec17f7dc2c6ec581e657cb195d8f0cf4ff6b36401e0ee28aac522d5c42e7d2bce1e13fdda68a8fae9dd6c5b46d34cc1ddbefe685537429f1744317d21510f8230b120f58aa79d83c2306045ce9f17116c6225e8369ece83c16a838dad79b5f74cee4f68fd29e12673e24b999eca39f18e1641c80bab3a5d59667cfa988a3ea2eddb29af1c95dc461cbda46d2d7ac600cd4529e6996570b72cd335d3552a3f8cd33fcbe2ebf7add67980501a7b58432397e811c91e9815e3b29a83b34f01129ab82deaa089c43690195495cdf939edde86e16711f1a20747147bc873ed7a2df1e33a3bf1df3c3788d1b2b430df1fedf6ce97c2242007b6095fed0196cf73797f5d63e73c3f512ab2dd63abdf040fbcf97a3274af82e9fe7474fd13fff277130a43a2c15030972e31a661e176badfd8f73b30fa453df0b28c80dedd79a0588f18116a437d35c540c1e1f3587c081952c8adcdcdbddbcb3aca89bb1b54e4773a3da3bdd8888593f0a093f3e1eb07cd165a3b742b744c9944c0cd845a45ae909fb9c1cf8b6beebfcdbf5b18ed261eee117affbb4a0fd1b0029ef6245a33a763998180889f2bfb8fcd859492d7f9101e7d4b9d1509f8cdb71567dc4a34933ae1c8fedae83a7e6a0406c76974163de7701e7a13464e37b57030542b4092586d0881fbde3a296489d4303cafa2e986f322303c977461ad08cf7b5d"}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$IOC_PR_RELEASE(r6, 0x401070ca, &(0x7f0000000040)={0x7fff, 0x3, 0x1}) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 18:54:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x0) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:54:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) 18:54:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x7) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = gettid() tkill(r4, 0x3c) r5 = gettid() tkill(r5, 0x3c) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r6, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r7 = fcntl$getown(r6, 0x9) r8 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r9) r10 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r11 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r13 = socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r13, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r14, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r15 = socket$nl_generic(0x10, 0x3, 0x10) r16 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r15, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r11, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r16, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r10, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r12, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r13, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r10, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r17 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r18 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r17, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r20 = socket$nl_generic(0x10, 0x3, 0x10) r21 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r20, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r21, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r22 = socket$nl_generic(0x10, 0x3, 0x10) r23 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r22, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r23, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r18, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r23, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r17, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r19, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r20, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r17, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r24 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r25 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r24, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r27 = socket$nl_generic(0x10, 0x3, 0x10) r28 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r27, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r28, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r29 = socket$nl_generic(0x10, 0x3, 0x10) r30 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r29, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r30, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r25, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r30, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r24, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r26, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r27, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r24, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) getgroups(0x9, &(0x7f0000000180)=[0xffffffffffffffff, r12, 0x0, 0xffffffffffffffff, r19, 0xee01, 0xee01, r26, 0xee00]) r32 = gettid() tkill(r32, 0x3c) r33 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r33, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r34) r35 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r36 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r35, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r38 = socket$nl_generic(0x10, 0x3, 0x10) r39 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r38, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r39, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r40 = socket$nl_generic(0x10, 0x3, 0x10) r41 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r40, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r41, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r36, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r41, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r35, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r37, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r38, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r35, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r42 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r42, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) r43 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r43, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xa) setreuid(0x0, r44) r45 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r46 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r45, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r48 = socket$nl_generic(0x10, 0x3, 0x10) r49 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r48, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r49, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r50 = socket$nl_generic(0x10, 0x3, 0x10) r51 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r50, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r51, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r46, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r51, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r45, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r47, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r48, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r45, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r52 = gettid() tkill(r52, 0x3c) r53 = getpgrp(r52) r54 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r55 = geteuid() getresgid(&(0x7f0000001600), &(0x7f0000000200)=0x0, 0x0) getsockopt$sock_cred(r54, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc) r57 = socket$nl_generic(0x10, 0x3, 0x10) r58 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r57, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r58, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) r59 = socket$nl_generic(0x10, 0x3, 0x10) r60 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r59, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r60, @ANYBLOB="030b00000000000000001600000018000100140b0100657468fffeffffffff6291e5490f065b"], 0x2c}}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYBLOB="000000001cedffffff000000010000000200", @ANYRES32=0x0, @ANYRES32=r55, @ANYRES32, @ANYBLOB="000000001c0000000000000001029af26a79000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r60, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32=r54, @ANYBLOB="c9c9fec50290de2daf9abc5b2ef663306dff09a7ec1294fb304d9742ff8bda3fb168d6a7019eadac70b85e20c74b2a3c0100c6c9a716a2c6fdd1c7d923d460094fe938f3caa61954fb62a9c8031a53e197f0760ea3480706f44b21c49d453d824358bb9d768c233b1a8733687556815ef470fe0d216e99c9d842983f158078fadddec47e126762ff63d87d5a8ec06c5ea6895c069e871822593851e7c82b6520dfd24d7da2cdb2a2d4aa7f7a3d4319486fbe12501e79713f9158e4665b9122bae63476ef6484bea2b8270000ff00004ce04d5b09cb4ede672c35ac85b9fe24b051bdb8ac44b5267d16fad06d03366aaa"], 0x1a3, 0x4000}, {0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000001000)="1aafdb517ccb933795b89218e7709e05c751a5", 0x13}], 0x1, &(0x7f00000010c0)}, {&(0x7f0000001100)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001580), 0x0, &(0x7f0000000740)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES32=r56, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYBLOB="000000001c0000000000", @ANYRES64=r57, @ANYRES32, @ANYRES16, @ANYBLOB="66b822d8d1a22decab0e150a9ecba1026a07d1d56e2a74608ed0c96f0042a64197c032a6875f1c165db62fb65b4457224ef0f9177a20eb757e86d17cc4c01ff76b264fbe13ce24114a3474333cc6d3677f132f8bf50915c8883342183bfa7ee781366a2bbe25f14fa385778e53f29739a5a2f31b3e0bf0ec3bb92bf9708e32"], 0xd1, 0x44081}, {0x0, 0x0, &(0x7f0000001b00), 0x0, &(0x7f0000002840)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32=r54, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x32, 0x4048850}], 0x4, 0x20000000) r61 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r62 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r62, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) fcntl$getownex(r62, 0x10, &(0x7f00000001c0)={0x0, 0x0}) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) r65 = getgid() r66 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r66, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) sendmsg$netlink(r2, &(0x7f0000000480)={&(0x7f0000000100)=@proc={0x10, 0x0, 0x25dfdbfe, 0x8}, 0xc, &(0x7f0000000140)=[{&(0x7f00000020c0)={0x1348, 0x25, 0x2, 0x70bd2a, 0x25dfdbfc, "", [@typed={0x8, 0x51, @pid=r4}, @nested={0x1ac, 0x55, [@generic="ab3730dbfe9a7a6d90a4c89ae63cd37996636ab6f12079ffb55a6a05b10a97d46dcb5ad670b6db3366bedd149b4e02ca09325c812bb149e1293bdd5b2c11a4635a86519422b9785bc4bd97854fcdaf2796fee49435293de558287323b64ec5b41c910eef0822a0fdcc8b6cd402cc358889d0be29c3625cdb4d3ab7b2a70ba89fcb72f0e2875f3537d605f0a1a1c70e9e4c8f6b0d7c057a0e8bab0f557a85ef87bc902e74b493a56b8c6eefcec8d7fd0ed4", @typed={0x14, 0x84, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}, @generic="91491c6e01ede4e04bb90bf4cd1ff63dc8ecd515ff2ecdac84470b1624af04c79afac2d274927d13965c61037709b2e828826015ba2f7e76600a6e4e4c3261d389b66a3cdc1a23c6d7", @generic="b92a28e4852be3b1ada728fa22e2655718d4f7bd5fd628ec393ce17c6b2b09431e65f8368c094effb83d268b83f21114c0a5896ba45fae97c2e4477fd7431d065adf45da779350295b2ce00143e7210821ef5bf041119078d512c25c6b3c881648ec80386fa46565342b59cdfe9cb465b480f1ccc2fb81d994d16a3da6daf2b615cdeb2f0e89575ef68f14dd85b1eeda7075ff3d38b394"]}, @nested={0x1184, 0x23, [@generic="9102e18c5ee39cf6d1d95d0b61daed315b499992adc7680e9b8e3393633734fcd13a39a3bcb99960b7f12b3a1186461e9966dfa80511785da24bd4d730f065b402422fe9c900f9c0b1e47e28a05ae9f9ce1eb7891a3248f8d0cf6fc16b65da790087b086f18bb294f73b868c2f87efb4ef29ed", @generic="e0935aa5f6716e9b48c5aa784e44739e3454398e8575a7046b77fd9ebf4a31504c9c60ded57b1756118300b4e4eb73738f7eb0b341b780c770eaa211798cfcd5c3446cf9d9418120a5b55a46c29a0fa97f8db642ad3ff17b", @generic="8440b367ff348c2a80c765ae96aa2daa1e27927ef82c", @generic="fcab2f7091a8c693d8240e1e2512c119e6171756cd28b15c69e275df426259f2dd53ccbf60bddf6505aec2e76c6cb5fb9dbf683c2728e90ef0a53b", @typed={0x8, 0x96, @u32=0x8}, @generic="28cbc56d31b5", @typed={0xc, 0x32, @u64=0x8}, @generic="7cd4a3d10b07e6d7d5202eb89a61ef1d4e4f25f81df0029c2d72c1ef36aa453baf6bc21df5b274d66bfe4e022f53ab25c4b8a1c43fed397f0564db66bb1a207262e2c06c4bc3d7f1b2cab09b91fc7f5aec93fa5db47a7aafc6aca6cf2c21ae782a9b3a6bf1c105963967ba124bfbe2a9acf51586c2273425cfe527d151f21679de048c8333fbd7f126ebb9c085cba5e9b1de476483f9f18d8ab77e3b95870b37014e8c58b6ea77c5770334ac41568b754a093b17bd3450ee1f68fae322080772470e3941d53ff4373cad9fe20825404df8d06244ca39d91bb56b096a6052405909ea246ae88576a58b39b4f1342b5fb4cb1bc244d1d390c6388bd9b99fdda6b55d4aa4c29e0b8a69d9d1ddbc42c1fdaf0e0ed7855d69ea83cea6f98bc4fc3bdd4eaa99bf8acbb86baac801f4829ae17a3780a6fbc1b26c0d3623ef793d40daf1445d1e806d44feb1dda7b0af3dec0a86276424ef5615c3d1b264af2fc332566953bab2b1e7ceadc2a7977c1691978688f12a22eaf1e24db72a30a3409e7a82d15d9b1e0390758014b8298a1d42c08d5e3e897ddbc8a79a0b4560793f362dcf1061af7d07aeb4493d29eb9553b7acde1dbb02037143295e074327b77664c21dfb60ec1ab5a4ba0914338c62d425a429ac28a155fcdce5e974c5f3f04c22faa1928b0f54a2f832390da7dfebd0d00ee8ea87b3084cfd667ea2961b74b19d639bf15c91af9b69dff1b5d9f9a5c0d1b63474dd0fa70ea414eacccc32c4ba0f0f815e6cee73dc331f5157ef84a1974b2c38630537b88a64c6194b46a94617874b36efb324f383fc730c723502e85cabf260ece3734dfee505d2cdba69beb018ba87875aca3630f73dec99f1e11d4990b250a5b978b3d0a2e96bda356986b3c0d7d335f4b448189d66b8b8b67933d3944aa0478aff605df0caf48579939046376333ef41fef6c89ea0984dd6f6fb0b3cb687bca45b0d318129640fe9d0bac274652408b9f56df43348bf986efd3a0271466ccaf07672dddcd8dfd8f95a5db4c63b1d07b1b42589f8b4d60f5f7fb47518c7e45371d373d89beac0c3c4261b8058db46e939140bbe37742bf5a6cac7b60728d9e5fa98a96dcfbace111ed3dcc7c8d9297b8216507c4d994b277a6b15cde04f5c7a2ecf333e160d3b06c2f8ee01e98c86424d2aa1a110db6ca584fa9b7a42e600010b7669c4568c3a44fe0fbb873a51a7be368835ec0a6f6fab9e9825007215699695324f9399e2c0bb3feb6de146cc909e5052373e9c5a5515a3375d084ea2510bb69ab009ca0973efdba5f371136f3ce5a4a87fcea2ee7bd22c2943cd3242ea5a5466ee4cdd62714ab18525bf3e9320da77560df4ff2feb0ca766e64c59fbed1633dce05fd78000eac9113ed87cf418ca650f7903525ced97028377a074549a5c902e8fed3093bf1b70d9beeba3e8d74502efda228ce427e9af5a7ad22c36f901ec3c854fe7957b6e1d5e412c79252339d1154d4d27d9ce019d81a8016cf285521dd8132d61370d111a6ab837c781e2e88983712b704f1be2e5aec9be10d1770df556779e078e7e02c0f9ac38deded85d93bb11d2a34842133ea4d08d3e6fc584cddd96da00f53c3bde62523510f473d684090e83b3eb39b03fe182b80e7f3096d609dc9c04b6a59bbfe94ee4548492052fa91eac7dd77ca9f1c4029e63745b1f58f1a764d375bb353bebda5b87bac945248a96e589cafb632ccfcfb6728e38d9532a27afde6a0921752d19a7232d31e1cb7bf47dc58f39b663fce4d3231c3ba2c9c66d69cd47e2662b92caae04a744dc5b87f62d8dc8e096116be4faa22aa47ca010205c4bf0f411ba691cee38513fb2f75a30b898a72dea6c5760b272e5ef14af44f2292606b2c75cfb356e3d89fa360643610be137476d90cfe0d0ffabd454bbfd5b0c153013e009002e219a57bbb0210114ae13338424cd88b0b360b7c3d2f53d28e08c725960e61b6c996668ea489b1e5ae4734b1cb6a7f43033856d6ea2a5b7472491eef1fca92ee36c4595c17ec078aaed77705b2a965a6391cb55869d7b986e7439b71c7ab9ad4b3cef0b3392a78dddb2d443215acd61ec4c71f0505f77741e30c74a853a4e99b11583022d892b8b68c30a3380ac58d23667497538e77c7b85bf86397f155c566df8425f01e04b48941058481a0f906e60fcf1ef01984249d3d390ff13921b372a238dc2051bd2ad04208b37fd9b77a0b576ea2668728ed7ba07389891f6fbaa30dca78aaf552328484586139eb44bd39caac3d7e68a649630929ea153b7464eba83b8d7f1d7439620e8f13d1ac23a83d35b589358a8eca750fc438ea1a2820eb429d984f195e8428a4fba5a74f7e18f1dd88becba0821ae4cbb1b815c37215f2cf7b56756f72516e3b874acd1d7aa72ecf33ebca3b6d43717b27bf5721b244292416fa4b21a588c6a12bc7cca5b1f893b8aacb59001703e68dea7107e00bd2096fc40e5c6d56886f8d11b01fac51cd152bf94b398039208276c79b0ce4095a7b78becdb7a68919a28029702e271d95ff5d16d9d7f5ad2f3ad6885147e55fa6acae7b7bb342623d92f5d9e8b623f61eaed9cb1c69b5945fa5de38b955972c89047d9a31b0833ee83548097714ff5f3e07e53f9e22d781b9092158d697aca471582a05207b341115bc4be5a7f3765222b495cae5c5391e764f36bd9e54ed42b57710cad984650021d60e9a371780efae3c1260fc898a0dada6bb1566c21d0f317fd5a628522c04b83ba2df363efed07022f2ba389bc12f48023f9e9878cdad8d994874af96cc5b8e8e62ae5ff1a40a4d4f5f3f93377a757816df78416dcb1768b22a1f296fe2c20ca23dc29c4c726f4ed531b6aae876c8db0aa8ac00dfea3f4ff3d97555531597c3cf59fddd5da649af93883e07279f500ff0f62b9b37d9c1f249ce5dca12f27e8b0a581aba76e4cb6e6b73cd8071aac9b4109f7a723c5b1d81200719fdf4fc7e4aebd68160c42b245fff7914edc0385ae7342dbb91786ac4c60d9c0b3fbc379c1b0a1ea5ea7780a39a712738f53a0f68be52f54be6e12529c4d4fd71fb478253fec857fa3d681c575e1ce5c32150bd527bd259982356774b92ac068b1bf1dbcc92220f2c4f5206ca48fc1c132481087577c1559cf461a363bc185e802946100a8156815370349c75dac35ed1aa3a1596c09e529b987a29d4e58fece77eac95fe9e2d02751f80ebe409363ae8dac9f1fdb6c853f5e86fbe98521e50983c0a6ad8271681f3691e4a916e0f27b53f80c059094ee719450f1fea62d3aa827928dd2816b11ccde830e9d255aae489a6da29f66508e4d922aa72c6c4de3f7219fdd8332941325f9a2e9e1822bd2952437e3e2d00c1a3718e54cd859fc8ae36dc844941fd675dade9c88600b4131475e3355956c6e1826feddfc7275038ec92fc47ac3cfbb42cddf20ad743d8aea009dbb0dbd209ccf1114fd484956bdbb71773a48f9587c3dbc0bd12b5a55377eb94bdf37394d5b38ad5b3fbf6882272f13c9e68a22e21b3b70d806ab3d61841e3444552649649c8041fa85d8751fcfb8e28561f4a476ccf2899a32959c80107f0d97108aa3395593279372c801d53eeec533b06deaa2959a79a24d7302ebb54c89923fd29b2da66a51a6c36cbc82ab683d75c0bdc4ee77bed471af9095d39c2133db9e3ae453ef6295e3bb35852848fca0df9899c36a892cb8115a509b1ac0684da6a80b6a33dd1ed432f745dde1c0c227ea56905f1fc6abf80cf349e7d192806b56e6be45932f382f8e5c38a784a8270ee88d5a3d4612f0c3cd6d29b3592c3f67d149701605d9b2eaf0a5d186863efb89e0ed83f26cdd04e61d57af8d484d4e094d7bc0f76c9b57f6d3917e77bb2ff732b40f58f8e9ee459754d449f80f959bbf6769dc1507116ff9deea59488ab05c3ee8bd7b6536ea1b24177b4b4d57ed2beaf890361b619b6674be02a64ec7407931ccb5cc53c65a48581cb4df6d9097ff200d4337c467b7ee69bfbc83afc4719d4f1df43f7bb096bba255f08bc968b89883e1171929ced4a0785b134cdfeed16a981ea4fd23c72416b48df17975198bf68a4d7eb8742ff0c98b3f0c44d5bcffc9eb0e4d558ddb9cfc556617a05cbed43c161ff75c21f30d374048fdf2f0150c3aa7fde3b840b0a4fb16b39cf95e0233f0c27b8b2dc08ed45f83ee759996003c246006aecca3aa19ffab8cda8754b159d320c1c3cf53ff87151dcb6a2f088ad331bcd2920fe0cde27535935cf28ab9ed7755650aa4c567021443745146bffc9e5eca83e22dacd14ade4e198c5e96d375b1f9f9f67b9b0205fb302160c5a10a125fa325408a8f989e587146ea5dfc8546fac41004ee19aefe07a397db1c6294c0abc80798661adfa227c7706bfae534e3a6e2a5433ea41731d8b6272d65aa99219b1ee4d5bc90f6c05d3baaf0b0cdef6ddf01a9a84837795a4baa2656f34fb30750293aba695a09ca696bd8b20f308a09885c2be0e8833446eea318d2d423072611b1d6ddbc4b98b2e2a9efd893c58c3640164638c80c2f1339dfd1e82221a6fed4cf5a144e974abb8c70de3e10b357698acb0911180080c9ee32a3d2b768147481be775222ee1aab7f21101552019b0a3e87a390d7a20f06110391cc037632e0fb5fe3c048ead758c6e2b19e04a0ec3b052f13f4f833868435cff3eb12e5d5cfff91e77ce8e77907ec1987d0ed0eef591cac1ee538f72af0952c03c461182c7d78afd468fdd808f4955c77e1d42bf72f801232e3ae6e2c4e9b06b1c9b4859690218e9f20a9748e3256f032737bbd98c50c93af1af11d2c5c341c3e513f770d689eacb776fc0e91c1b2675e06c384e7b3285e6d727ed012f83428285c62d4a22858a6516a5c991af0e84493a49c3ddb9fa9f3c8f0078a1f392b3dbc3cb88197f6ce5ebb435b8f3046c7c7d14b5d3bac9c88214d12887e871446cb7d2213cdb3215498185f9ff49d7d1e5449432e763c508aa1b5d47416fc52ebc71f0205670ed6b23c6b5cd188460b1cc4a08a2a05aa22a277eb1180d6bf37dbb4574a3405dd109c0cdee097a34c852fc2a97a3fc43fa8f0c054b7d0e76e8e24b784b7d978e22116ef3e2dc605d9a0262988f54f1b05a3d3deb9782d65da1d380aadbea0d0ca56f903f45f907fb90b9cb592106087fa488a1a841abcab7a8a627750f81585d0f76831d439aa89bc85cd7a069b4ec4be072dafb0a590ab0d98654a437b685744927c2ff6d38d5e723abfa494234196b7480bfdea8f0f74cbf2a71071f94f355e77be8dc88580fe4a7d75d52d6c09a8ee76f87807047ad4ea7bf0ee1ec49b1143fdc6c2dcb76d9248f1801e7e8d539ed73c7e807901e2d43a8c2037261d66359c4e01607e72200dc9dffbdba0b3c8919d4eedf8743368009b80eaeeadc3acd1047ff2fd8c39a8cb914ca7baf268fe8c6e67dca61df6e1186c3ab7d29461e25438c066671377a6ea92edb035ccd6b9758220a9b98016d0d50beba4b8f58c6c81fc0102b79e016305bda0ffe9a8b25f8d0ccf860cf8ed921603eeda90a1a5f63556f9da71976d0136b366a4ea483e0705dfeda387170c30d47952b1d13f68b37a4237b60118ae7e989fa2f5dc2b17a66087c4a4ae13a442b9ac0e40716e48a8d826d8d6aa1e93039ea621e3d984edb6e7fa6a0b6da8b9a3ad5b7f99b3276ce417118d22b0ee03120c969de34ff5e24982c56c5b34355b87808a7d19a87be061f5c730e2d0ebd59bfdc423d0b3dbc35a42d54641ca5085fd3f46f41cb81858345f886cada93bd0c298", @generic="bc3a0bff586d8ca1401015b830dfd71825dd0636b1aec3fff405bdea7f958a8f0116c3d81fa4c3621c3c878ea33d7eb5d037d23dc74b345d1415519e16e128b045431f9216a49e"]}]}, 0x1348}, {&(0x7f0000000240)={0xf8, 0x16, 0x0, 0x70bd25, 0x25dfdbfc, "", [@typed={0x14, 0x7e, @ipv6=@mcast1}, @typed={0xc, 0x56, @u64=0x61b}, @generic="1515707a451358b5d8ada39bcce870b680c8990ea424fbc449c3d382ce", @nested={0x14, 0x30, [@typed={0x8, 0x92, @ipv4=@multicast2}, @typed={0x8, 0x4e, @pid=r5}]}, @generic="c61ddc84fab35ecb3abc4594c2515744605a2c08151ca84325540850249176d0d4b26a870e974529162aa69eebe5c2b82f683a3967bed094fda8b70d97d1945760662c2325bfe34df449bb8353f1ad0192017befca08b6d789f7c4429b4bb51fd7aa1a6510e2a312e66aacd70187ac4db17e3a5d61242d49ce738be1e1d237d550fcdeb69a55e7d748cf5dd89b9fe084f7512e643a6c"]}, 0xf8}], 0x2, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r7, r9, r31}}}, @cred={{0x1c, 0x1, 0x2, {r32, r34, r37}}}, @rights={{0x20, 0x1, 0x1, [r0, r2, r0, r42]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r44, r47}}}, @cred={{0x1c, 0x1, 0x2, {r53, 0xee00, r56}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r61, r1, r2]}}, @cred={{0x1c, 0x1, 0x2, {r63, r64, r65}}}, @rights={{0x14, 0x1, 0x1, [r66]}}], 0xf8, 0x8000}, 0x3fe18cf362d833) 18:54:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:54:04 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:54:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 612.256362][T14673] kvm [14668]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000004 data 0x4d00000000f 18:54:05 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 612.322517][T14673] kvm [14668]: vcpu0, guest rIP: 0x8a Hyper-V uhandled wrmsr: 0x40000004 data 0x4d00000000f [ 612.354955][T14680] IPVS: ftp: loaded support on port[0] = 21 18:54:05 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x2040, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x200, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)={@empty}, &(0x7f0000000180)=0x14) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800f0ff24000705000000", @ANYRES32=r3, @ANYBLOB="00000000fffffffff6ffffff0b000100"], 0x3}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x408004}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x90, 0x24, 0x1, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x5, 0x4}, {0xa}, {0xc, 0xa}}}, 0x90}, 0x1, 0x0, 0x0, 0x2bd2ca05aa1ca412}, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socket$inet6(0xa, 0xc0003, 0x3) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') getsockopt$llc_int(r2, 0x10c, 0x0, &(0x7f0000000340), &(0x7f00000005c0)=0x4) readv(r5, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000280)=0xe8) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f00000002c0)={@empty, 0x3b, r6}) 18:54:05 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 612.996084][T14694] IPVS: ftp: loaded support on port[0] = 21 [ 613.106038][T14677] IPVS: ftp: loaded support on port[0] = 21 18:54:05 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 613.150222][T14696] IPVS: ftp: loaded support on port[0] = 21 18:54:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000001000)=ANY=[@ANYBLOB="383ff3b9d50d317495d66c15c4e2b2fc2c91ada0b86e3804e18d8915a6e856cb4428000000e9f823653796dc08a8941ca40b74239ce12a48aca09f9b14d51f8525f06405c4d3f418decf4d64a7b3e886fdb1ef7ac96970855ce3f044bf02954961b7d2fcbbf3a8b7e0e4fa0c087e2857cdb689d83978157c2e5c936a5b0500000000000000e5ff75cb8d57c81d04f8da8370fdd1aa101d27aa2065451ab15aa81be4a9e18c4ee7c70fc55ad605d52a13b81383d393c1ff7f0000000000009e0464ee4b25ac48580400ff7f000020430d613f9d95740f0e59f651b5b29e4a7aaa33edb0f9e567afeac8d1f272cdbb72b2a9751400dbcbe90fe38ee5d1f4eb256b7725a59d8dd0bd725903873691de239c94d40d8429405acb3612ca404a5239ec3e83ab0bfaa6395794c80b5e77f87d5e52b7f545cd0ab02f000000000000000046540537d9b15175df1c"], 0x0) mount$9p_xen(&(0x7f0000000340)='!\x00', &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='9p\x00', 0x10000, &(0x7f00000004c0)={'trans=xen,', {[{@privport='privport'}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x5) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0), 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r2, 0x10, 0x70bd2a, 0x25dfdbff, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x15, 0x4, @udp='udp:syz0\x00'}}}, ["", "", "", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) r3 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BLKPG(r3, 0x1269, &(0x7f00000002c0)={0x6, 0x0, 0x71, &(0x7f0000000640)="ea5f5b4d3ef92b2f3b6f73d2c202820002e49ea111ad6bfd54366662172de500f34f2ecaabce289633190f2ec2e52d989d54898b24eaa42b7b8fc9111e7d929e8e06ddce54d3af30f48c03b871cf8b3d2ca83607366dad5ecdf2500a5452e5ddf8ca43e27c12215dade2e184625db8a7b1"}) r4 = fcntl$getown(r3, 0x9) r5 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, &(0x7f0000000200)) ioctl$sock_inet_udp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000500)) sched_setaffinity(0x0, 0x2fb, &(0x7f00000008c0)=0xa010000000000005) ioctl$PIO_UNIMAPCLR(r3, 0x4b68, &(0x7f0000000480)={0x8, 0xffffffffffffffff, 0x3f}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = getpgrp(r4) setpriority(0x0, r6, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f00000006c0)=[&(0x7f0000000580)='wlan1\x00', &(0x7f0000000600)='security.capability\x00'], &(0x7f0000000780)=[&(0x7f00000007c0)='\xd7\x06\xac>(\x10\xe0\xc1\xd9\xb6\x01\x97\x97\xe31\xd1\xe5\xebw-\xb7\xc3=\xb8|B\x12\xcbk\x92]\xc34;W\a\xdd[\x96\xbe\xcb\x9b\x8cDS\xa1\xd4H\x114\xc1f*W\x01r?+\x05\x8b\xa6G\xb8\x7fS\x0e\xbf\x06\x1f^\xa3zv\xc60\xa5\xd8\xe3\xee\x19p\x9aW]\xb5T\r\xbam\xd2\x9eR\f^f\xa5\xdb\xc5\xe2\xa3\x16\x1bs\xa3)_?\xc9\f\xa35\x10\xe2\xd4\x86\f\x91\xeeY9\t \xaf\xeb\xf3\xed/\x9c\xa9\x86\x95E\x98)\xcb1!T\xbc\x84=\x1feQ\xf9S\xd9\xbd`]\x16\xbf\x03\xb5Co\xacb,\xd3\xe6\xbf\x9a\xecN%\x9c\xbb\xb0\x98\xf0\x93PG[\xeb\x92\xfd(\xd3\x96J\x14\xfc\x10\xff\tE\xcae\xe2\xce\x1cV|2Z\x19\x8d\xb7\x13\x9c\x9b\x04\xb9$\xfe\xd9', &(0x7f0000000740)='!\x00']) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x5) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r7, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) 18:54:06 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 613.817874][T14706] 9pnet: Could not find request transport: xen 18:54:06 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:54:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 617.619274][T14728] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 617.629720][T14728] CPU: 0 PID: 14728 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 617.637658][T14728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 617.647694][T14728] Call Trace: [ 617.650979][T14728] dump_stack+0xf5/0x159 [ 617.655241][T14728] dump_header+0xaa/0x449 [ 617.659568][T14728] oom_kill_process.cold+0x10/0x15 [ 617.664672][T14728] out_of_memory+0x231/0xa00 [ 617.669249][T14728] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 617.674942][T14728] mem_cgroup_out_of_memory+0x128/0x150 [ 617.680505][T14728] try_charge+0xb3a/0xbc0 [ 617.684865][T14728] ? rcu_note_context_switch+0x700/0x760 [ 617.690565][T14728] mem_cgroup_try_charge+0xd2/0x260 [ 617.695827][T14728] mem_cgroup_try_charge_delay+0x3a/0x80 [ 617.701527][T14728] wp_page_copy+0x322/0x1160 [ 617.706107][T14728] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 617.711774][T14728] ? apic_timer_interrupt+0xa/0x20 [ 617.716894][T14728] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 617.722619][T14728] do_wp_page+0x192/0x11f0 [ 617.727076][T14728] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 617.732716][T14728] __handle_mm_fault+0x1c07/0x2cb0 [ 617.737831][T14728] handle_mm_fault+0x21b/0x530 [ 617.742668][T14728] __get_user_pages+0x485/0x1160 [ 617.747610][T14728] populate_vma_page_range+0xe6/0x100 [ 617.752977][T14728] __mm_populate+0x168/0x2a0 [ 617.757602][T14728] __x64_sys_mlockall+0x2e3/0x320 [ 617.762653][T14728] do_syscall_64+0xcc/0x370 [ 617.767153][T14728] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 617.773041][T14728] RIP: 0033:0x459f39 [ 617.776957][T14728] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 617.796605][T14728] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 617.805022][T14728] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 617.812989][T14728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 617.821157][T14728] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 617.829129][T14728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 617.837098][T14728] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 617.847500][T14728] memory: usage 307168kB, limit 307200kB, failcnt 2141 [ 617.868360][T14728] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 617.875215][T14728] Memory cgroup stats for /syz5: [ 617.875469][T14728] anon 307961856 [ 617.875469][T14728] file 102400 [ 617.875469][T14728] kernel_stack 368640 [ 617.875469][T14728] slab 2428928 [ 617.875469][T14728] sock 4096 [ 617.875469][T14728] shmem 81920 [ 617.875469][T14728] file_mapped 135168 [ 617.875469][T14728] file_dirty 0 [ 617.875469][T14728] file_writeback 0 [ 617.875469][T14728] anon_thp 270532608 [ 617.875469][T14728] inactive_anon 71761920 [ 617.875469][T14728] active_anon 22003712 [ 617.875469][T14728] inactive_file 135168 [ 617.875469][T14728] active_file 135168 [ 617.875469][T14728] unevictable 214122496 [ 617.875469][T14728] slab_reclaimable 811008 [ 617.875469][T14728] slab_unreclaimable 1617920 [ 617.875469][T14728] pgfault 108669 [ 617.875469][T14728] pgmajfault 0 [ 617.875469][T14728] workingset_refault 33 [ 617.875469][T14728] workingset_activate 0 [ 617.875469][T14728] workingset_nodereclaim 0 [ 617.875469][T14728] pgrefill 233 [ 617.875469][T14728] pgscan 303 [ 617.875469][T14728] pgsteal 66 [ 617.971767][T14728] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14726,uid=0 [ 617.996721][T14728] Memory cgroup out of memory: Killed process 14728 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:54340kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 618.020272][ T1062] oom_reaper: reaped process 14728 (syz-executor.5), now anon-rss:18360kB, file-rss:54336kB, shmem-rss:0kB 18:54:10 executing program 1: r0 = socket$kcm(0x2b, 0x8000000000001, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x7a02, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e0000002f008151e00f80ecdb4cb9040f4865160b00030014000000120000140e0009001500cd5edc2976d153b4", 0x2e}], 0x1}, 0x0) 18:54:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) syz_open_dev$admmidi(&(0x7f0000000240)='/dev/admmidi#\x00', 0x0, 0x100) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r3, &(0x7f0000000040)=[{&(0x7f0000001080)=""/4100, 0x1004}], 0x1) setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r6 = creat(&(0x7f0000000280)='./file0\x00', 0x93) mmap$IORING_OFF_SQ_RING(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x200000c, 0x8f5d6e9ab862071d, r6, 0x0) readv(r5, &(0x7f0000000040)=[{&(0x7f00000020c0)=""/4100, 0x1004}], 0x1) fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, &(0x7f0000000180)='/dev/radio#\x00', &(0x7f00000001c0)='./file0\x00', r5) setxattr$security_smack_transmute(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:54:10 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) 18:54:10 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountstats\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendfile(r1, r0, 0x0, 0x7ffff000) 18:54:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x40002400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:54:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20025, 0x0, 0x6b8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mlockall(0x3) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00B#g9\xc1m\x17\xf9\r\xc2#\"\xc9O\x135 x^\x91\xea\x85\xae\x10|\xc3\x81\x98\x19\xc2cT\v\x1d\xe1\xba \x1em\xe4\xb7ZP\x11P\x91\xee\xd50\xaaH.6YF\x01\xce\xb5\xd1i\xc5\xba\xf4\x1b5\xd8\xa5\xa0\x9a\x82If\x13\xd8`#\x86[W\xef&\x9f\x90\xd3\x04\x96\x9fh}\xf5;a\x1b@\xa4B\x91\xb5\xa8\x82 \x8f\xbb\x83^T\xa4\x13\x10\xa3\xb4\x81\xd5\xbd\xbb\t\x81t)\t\xa6;|\xd1\xa1\x8d@^[\x01\x1b\xfb\xe5\xa4\xd5\xbf)\x94G\xe4\xc0\xddKc\xa3g!\x1c\x00x#\x8bP\x9daA\x00\xd3KU\x84\xaa;<\xb9\xb9\x9en_\x84q\x92\x94\xd4\x1b\'\x11|G\xfbO++\xe4u\xeb%\xd5\x01\x00\x00\x00\xcf\x84\"\xca\xdeW\f\b{\x03\xf6\xb1\x81\x8b\xc9pw\xdb#,I\xee\x06\xd1\xad\xd2_\xa7\xf7U\xe1\x00O\xbc\x01\x93K\xc7\x99[\xf2\x87\x97\x86;\xbb\xca\xc0\x1c\xe05\xf6n\xc3\xa9\x83{xe\xdd\xc1\xe3!\xccS^\x9b\xc5\xe7\b\xad\xce') ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000240)={0x0, {0x10000, 0x9c}}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 618.418437][T14748] netlink: 'syz-executor.1': attribute type 3 has an invalid length. 18:54:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 618.491063][T14749] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 618.512851][T14741] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 618.556194][T14741] CPU: 0 PID: 14741 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 618.564124][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 618.574235][T14741] Call Trace: [ 618.577557][T14741] dump_stack+0xf5/0x159 [ 618.581831][T14741] dump_header+0xaa/0x449 [ 618.586198][T14741] oom_kill_process.cold+0x10/0x15 [ 618.591344][T14741] out_of_memory+0x231/0xa00 [ 618.595957][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 618.601684][T14741] mem_cgroup_out_of_memory+0x128/0x150 [ 618.607334][T14741] try_charge+0xb3a/0xbc0 [ 618.611696][T14741] ? rcu_note_context_switch+0x700/0x760 [ 618.617362][T14741] mem_cgroup_try_charge+0xd2/0x260 [ 618.622578][T14741] mem_cgroup_try_charge_delay+0x3a/0x80 [ 618.628239][T14741] __handle_mm_fault+0x179a/0x2cb0 [ 618.633466][T14741] handle_mm_fault+0x21b/0x530 [ 618.638279][T14741] __get_user_pages+0x485/0x1160 [ 618.643267][T14741] populate_vma_page_range+0xe6/0x100 [ 618.648741][T14741] __mm_populate+0x168/0x2a0 [ 618.653381][T14741] __x64_sys_mlockall+0x2e3/0x320 [ 618.658469][T14741] do_syscall_64+0xcc/0x370 [ 618.662992][T14741] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 618.668892][T14741] RIP: 0033:0x459f39 [ 618.672856][T14741] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 618.692508][T14741] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 18:54:11 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) shmat(0xffffffffffffffff, &(0x7f0000ff8000/0x2000)=nil, 0x0) [ 618.700938][T14741] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459f39 [ 618.708928][T14741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 618.716915][T14741] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 618.724914][T14741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 618.732920][T14741] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 618.753287][T14741] memory: usage 307200kB, limit 307200kB, failcnt 2173 18:54:11 executing program 2: mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000)='security.capability\x00', &(0x7f0000000340)=@v3={0x3000000, [{0x407, 0x9}, {0x8000, 0x900e}]}, 0xfffffffffffffdd2, 0x2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, 0x0, 0x0) unlink(&(0x7f0000000040)='./file0\x00') 18:54:11 executing program 1: prctl$PR_SET_TIMERSLACK(0x1d, 0xfffffffffffff67a) execve(0x0, 0x0, 0x0) creat(0x0, 0x0) prctl$PR_GET_TIMERSLACK(0x1e) [ 618.784528][T14741] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 618.823936][T14741] Memory cgroup stats for /syz5: [ 618.824173][T14741] anon 307904512 [ 618.824173][T14741] file 102400 [ 618.824173][T14741] kernel_stack 405504 [ 618.824173][T14741] slab 2428928 [ 618.824173][T14741] sock 4096 [ 618.824173][T14741] shmem 81920 [ 618.824173][T14741] file_mapped 135168 [ 618.824173][T14741] file_dirty 0 [ 618.824173][T14741] file_writeback 0 [ 618.824173][T14741] anon_thp 270532608 [ 618.824173][T14741] inactive_anon 82845696 [ 618.824173][T14741] active_anon 22011904 [ 618.824173][T14741] inactive_file 135168 [ 618.824173][T14741] active_file 135168 [ 618.824173][T14741] unevictable 203214848 18:54:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 618.824173][T14741] slab_reclaimable 811008 [ 618.824173][T14741] slab_unreclaimable 1617920 [ 618.824173][T14741] pgfault 109230 [ 618.824173][T14741] pgmajfault 0 [ 618.824173][T14741] workingset_refault 33 [ 618.824173][T14741] workingset_activate 0 [ 618.824173][T14741] workingset_nodereclaim 0 [ 618.824173][T14741] pgrefill 233 [ 618.824173][T14741] pgscan 303 [ 618.824173][T14741] pgsteal 66 18:54:11 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="24000000150007031dfffd946fa2830002200a0009000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 619.066428][T14762] IPVS: ftp: loaded support on port[0] = 21 18:54:11 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 619.183427][T14741] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=14733,uid=0 [ 619.199664][T14741] Memory cgroup out of memory: Killed process 14733 (syz-executor.5) total-vm:72716kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 619.278940][T14771] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 18:54:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x6000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000380)={0x7b}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4c8], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:54:12 executing program 2: mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000)='security.capability\x00', &(0x7f0000000340)=@v3={0x3000000, [{0x407, 0x9}, {0x8000, 0x900e}]}, 0xfffffffffffffdd2, 0x2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, 0x0, 0x0) unlink(&(0x7f0000000040)='./file0\x00') [ 619.599258][T14771] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 619.670171][T14785] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 619.728530][T14785] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 18:54:12 executing program 4: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000033c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x18}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x8}, 0x48) [ 620.662427][T14741] ================================================================== [ 620.670574][T14741] BUG: KCSAN: data-race in kvm_mmu_notifier_invalidate_range_end / kvm_mmu_notifier_invalidate_range_start [ 620.681916][T14741] [ 620.684246][T14741] write to 0xffffc90001196138 of 8 bytes by task 14746 on cpu 0: [ 620.691960][T14741] kvm_mmu_notifier_invalidate_range_start+0x6b/0x170 [ 620.698711][T14741] __mmu_notifier_invalidate_range_start+0xc8/0x170 [ 620.705298][T14741] wp_page_copy+0xe59/0x1160 [ 620.709879][T14741] do_wp_page+0x192/0x11f0 [ 620.714292][T14741] __handle_mm_fault+0x1c07/0x2cb0 [ 620.719394][T14741] handle_mm_fault+0x21b/0x530 [ 620.724153][T14741] __get_user_pages+0x485/0x1160 [ 620.729086][T14741] populate_vma_page_range+0xe6/0x100 [ 620.734456][T14741] __mm_populate+0x168/0x2a0 [ 620.739046][T14741] __x64_sys_mlockall+0x2e3/0x320 [ 620.744075][T14741] do_syscall_64+0xcc/0x370 [ 620.748565][T14741] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 620.754436][T14741] [ 620.756761][T14741] read to 0xffffc90001196138 of 8 bytes by task 14741 on cpu 1: [ 620.764388][T14741] kvm_mmu_notifier_invalidate_range_end+0x7b/0xb0 [ 620.770883][T14741] __mmu_notifier_invalidate_range_end+0x144/0x1e0 [ 620.777378][T14741] try_to_unmap_one+0x1291/0x1680 [ 620.782395][T14741] rmap_walk_file+0x23c/0x590 [ 620.787068][T14741] rmap_walk+0x118/0x190 [ 620.791305][T14741] try_to_munlock+0x8b/0xb0 [ 620.795825][T14741] __munlock_isolated_page+0x89/0x1a0 [ 620.801212][T14741] __munlock_pagevec+0x392/0x7a0 [ 620.806150][T14741] munlock_vma_pages_range+0x5cc/0x790 [ 620.811596][T14741] exit_mmap+0x24f/0x300 [ 620.815828][T14741] mmput+0xea/0x280 [ 620.819636][T14741] do_exit+0x4c9/0x18f0 [ 620.823784][T14741] do_group_exit+0xb4/0x1c0 [ 620.828272][T14741] [ 620.830590][T14741] Reported by Kernel Concurrency Sanitizer on: [ 620.836730][T14741] CPU: 1 PID: 14741 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 620.844597][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.854654][T14741] ================================================================== [ 620.862701][T14741] Kernel panic - not syncing: panic_on_warn set ... [ 620.869277][T14741] CPU: 1 PID: 14741 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0 [ 620.877162][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 620.887201][T14741] Call Trace: [ 620.890487][T14741] dump_stack+0xf5/0x159 [ 620.894726][T14741] panic+0x210/0x640 [ 620.898619][T14741] ? munlock_vma_pages_range+0x5cc/0x790 [ 620.904258][T14741] ? vprintk_func+0x8d/0x140 [ 620.908851][T14741] kcsan_report.cold+0xc/0x10 [ 620.913520][T14741] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 620.919057][T14741] __tsan_read8+0x2c/0x30 [ 620.923380][T14741] kvm_mmu_notifier_invalidate_range_end+0x7b/0xb0 [ 620.929869][T14741] ? vcpu_stat_clear+0x120/0x120 [ 620.934799][T14741] __mmu_notifier_invalidate_range_end+0x144/0x1e0 [ 620.941300][T14741] try_to_unmap_one+0x1291/0x1680 [ 620.946323][T14741] ? __const_udelay+0x36/0x40 [ 620.951007][T14741] ? page_remove_rmap+0x770/0x770 [ 620.956025][T14741] rmap_walk_file+0x23c/0x590 [ 620.960692][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 620.966310][T14741] ? __tsan_write1+0x32/0x40 [ 620.970910][T14741] rmap_walk+0x118/0x190 [ 620.975175][T14741] try_to_munlock+0x8b/0xb0 [ 620.979697][T14741] ? page_remove_rmap+0x770/0x770 [ 620.984715][T14741] ? anon_vma_ctor+0xb0/0xb0 [ 620.989297][T14741] ? page_get_anon_vma+0x1a0/0x1a0 [ 620.994399][T14741] __munlock_isolated_page+0x89/0x1a0 [ 620.999762][T14741] __munlock_pagevec+0x392/0x7a0 [ 621.004698][T14741] ? __bpf_offload_dev_match.isra.0+0x5d0/0x640 [ 621.010944][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.016564][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.022186][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.027806][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.033432][T14741] munlock_vma_pages_range+0x5cc/0x790 [ 621.038887][T14741] ? irq_matrix_free+0x31f/0x390 [ 621.043827][T14741] exit_mmap+0x24f/0x300 [ 621.048070][T14741] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 621.054303][T14741] ? __khugepaged_exit+0xb7/0x2d0 [ 621.059359][T14741] mmput+0xea/0x280 [ 621.063225][T14741] do_exit+0x4c9/0x18f0 [ 621.067400][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.073024][T14741] ? apic_timer_interrupt+0xa/0x20 [ 621.078130][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.083757][T14741] ? __kcsan_setup_watchpoint+0x21/0x4a0 [ 621.089393][T14741] ? __tsan_write8+0x32/0x40 [ 621.093972][T14741] do_group_exit+0xb4/0x1c0 [ 621.098469][T14741] get_signal+0x2a2/0x1320 [ 621.102875][T14741] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 621.109106][T14741] ? __get_user_pages+0x72e/0x1160 [ 621.114222][T14741] do_signal+0x3b/0xc00 [ 621.118371][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.123995][T14741] ? populate_vma_page_range+0xee/0x100 [ 621.129529][T14741] ? up_read+0x45/0xa0 [ 621.133596][T14741] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 621.139226][T14741] ? __mm_populate+0x269/0x2a0 [ 621.143989][T14741] exit_to_usermode_loop+0x250/0x2c0 [ 621.149271][T14741] do_syscall_64+0x353/0x370 [ 621.153868][T14741] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 621.159748][T14741] RIP: 0033:0x459f39 [ 621.163641][T14741] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 621.183242][T14741] RSP: 002b:00007f2866223c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 621.191641][T14741] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000459f39 [ 621.199603][T14741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 621.207564][T14741] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 621.215522][T14741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28662246d4 [ 621.223481][T14741] R13: 00000000004c67d2 R14: 00000000004dba88 R15: 00000000ffffffff [ 621.232795][T14741] Kernel Offset: disabled [ 621.237109][T14741] Rebooting in 86400 seconds..