Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts.
2019/10/23 19:03:03 fuzzer started
2019/10/23 19:03:04 dialing manager at 10.128.0.105:40369
2019/10/23 19:03:04 syscalls: 2524
2019/10/23 19:03:04 code coverage: enabled
2019/10/23 19:03:04 comparison tracing: enabled
2019/10/23 19:03:04 extra coverage: extra coverage is not supported by the kernel
2019/10/23 19:03:04 setuid sandbox: enabled
2019/10/23 19:03:04 namespace sandbox: enabled
2019/10/23 19:03:04 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/23 19:03:04 fault injection: enabled
2019/10/23 19:03:04 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/23 19:03:04 net packet injection: enabled
2019/10/23 19:03:04 net device setup: enabled
2019/10/23 19:03:04 concurrency sanitizer: enabled
syzkaller login: [   59.370723][ T7260] KCSAN: could not find function: 'poll_schedule_timeout'
2019/10/23 19:03:20 adding functions to KCSAN blacklist: 'perf_event_update_userpage' 'pipe_poll' 'blk_mq_sched_dispatch_requests' 'vti_tunnel_xmit' '__splice_from_pipe' 'poll_schedule_timeout' 'icmp_global_allow' 'xas_find_marked' '__nf_conntrack_find_get' 'ext4_has_free_clusters' 'tick_nohz_idle_stop_tick' 'page_counter_try_charge' 'tick_sched_do_timer' '__ext4_new_inode' 'copy_process' 'run_timer_softirq' 'common_perm_cond' 'add_timer' 'commit_echoes' '__dentry_kill' 'task_dump_owner' 'hrtimer_wakeup' 'handle_userfault' 'sit_tunnel_xmit' 'list_lru_count_one' 'ext4_free_inodes_count' 'do_syslog' '__nf_ct_refresh_acct' 'atime_needs_update' 'tcp_poll' 'fanotify_handle_event' 'generic_fillattr' 'handle_mm_fault' 'dd_has_work' '__filemap_fdatawrite_range' 'pipe_wait' 'do_writev' 'tcp_add_backlog' 'ep_poll' 'ext4_writepages' 'kauditd_thread' 'do_wait' 'ns_capable_common' 'pcpu_alloc' 'tick_do_update_jiffies64' 'ktime_get_real_seconds' 'echo_char' 'find_next_bit' 'ext4_nonda_switch' 'kvm_arch_vcpu_load' '__alloc_file' 'tomoyo_supervisor' 'generic_permission' 'ksys_read' 'enqueue_timer' '__hrtimer_run_queues' 'mm_update_next_owner' 'update_defense_level' 'timer_clear_idle' 'balance_dirty_pages' 'blk_mq_run_hw_queue' 'n_tty_receive_buf_common' 'find_get_pages_range_tag' 'blk_mq_get_request' '__skb_wait_for_more_packets' '__snd_rawmidi_transmit_ack' 'generic_write_end' 'wbt_issue' 'do_nanosleep' 'futex_wait_queue_me' 'shmem_file_read_iter' 'wbc_detach_inode' '__mark_inode_dirty' 'taskstats_exit' 'ext4_free_inode' 'snapshot_refaults' 'mem_cgroup_select_victim_node' 'pid_update_inode' 'vm_area_dup' 'tomoyo_domain_quota_is_ok' 'mod_timer' 'ktime_get_seconds' 'rcu_gp_fqs_loop' '__writeback_single_inode' 'blk_mq_dispatch_rq_list' 'rcu_gp_fqs_check_wake' 'ext4_mb_good_group' 
19:07:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

19:07:41 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

[  334.679598][ T7263] IPVS: ftp: loaded support on port[0] = 21
[  334.803035][ T7265] IPVS: ftp: loaded support on port[0] = 21
[  334.867626][ T7263] chnl_net:caif_netlink_parms(): no params data found
19:07:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='schedstat\x00')
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
pread64(r2, 0x0, 0x0, 0x20)

[  334.941648][ T7263] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.949658][ T7263] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.958456][ T7263] device bridge_slave_0 entered promiscuous mode
[  334.994782][ T7263] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.002855][ T7263] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.027906][ T7263] device bridge_slave_1 entered promiscuous mode
[  335.078357][ T7265] chnl_net:caif_netlink_parms(): no params data found
[  335.100416][ T7263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.143554][ T7263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.211737][ T7265] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.227403][ T7265] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.247564][ T7265] device bridge_slave_0 entered promiscuous mode
[  335.256159][ T7263] team0: Port device team_slave_0 added
[  335.263339][ T7263] team0: Port device team_slave_1 added
[  335.269980][ T7265] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.278981][ T7265] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.287390][ T7265] device bridge_slave_1 entered promiscuous mode
19:07:42 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x2)
r1 = dup(r0)
write$FUSE_ATTR(r1, &(0x7f0000000040)={0x78}, 0x78)
ioctl$SG_IO(r1, 0x227c, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

[  335.335487][ T7265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.350427][ T7270] IPVS: ftp: loaded support on port[0] = 21
[  335.399187][ T7263] device hsr_slave_0 entered promiscuous mode
[  335.436308][ T7263] device hsr_slave_1 entered promiscuous mode
[  335.485725][ T7263] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.493273][ T7263] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.500728][ T7263] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.508031][ T7263] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.559229][ T7265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.614861][ T7273] IPVS: ftp: loaded support on port[0] = 21
[  335.631662][ T7265] team0: Port device team_slave_0 added
[  335.641830][ T7265] team0: Port device team_slave_1 added
19:07:42 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x18, 0x23, 0x829, 0x0, 0x0, {0x2804}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x6087ffffffff}, 0x0)

[  335.769055][ T7265] device hsr_slave_0 entered promiscuous mode
[  335.866269][ T7265] device hsr_slave_1 entered promiscuous mode
[  335.917669][ T7265] debugfs: Directory 'hsr0' with parent '/' already present!
[  335.935571][ T7263] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.953150][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
19:07:43 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/11, 0x2}], 0x10000000000000dc)

[  335.975582][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.988132][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  336.013279][ T7278] IPVS: ftp: loaded support on port[0] = 21
[  336.044586][ T7263] 8021q: adding VLAN 0 to HW filter on device team0
[  336.073434][ T7267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  336.090527][ T7267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  336.145565][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  336.154572][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  336.163811][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.170992][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.179225][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  336.188287][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  336.197003][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.204217][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.212357][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  336.222597][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  336.232111][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  336.241027][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  336.253096][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  336.289542][ T7273] chnl_net:caif_netlink_parms(): no params data found
[  336.299735][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  336.309016][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  336.331265][ T7270] chnl_net:caif_netlink_parms(): no params data found
[  336.365264][ T7263] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  336.370091][ T7281] IPVS: ftp: loaded support on port[0] = 21
[  336.376904][ T7263] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  336.406922][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  336.415394][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  336.424805][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  336.433631][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  336.442932][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  336.503441][ T7270] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.511434][ T7270] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.519722][ T7270] device bridge_slave_0 entered promiscuous mode
[  336.530491][ T7270] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.537722][ T7270] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.545653][ T7270] device bridge_slave_1 entered promiscuous mode
[  336.571561][ T7270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.593716][ T7273] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.601146][ T7273] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.609416][ T7273] device bridge_slave_0 entered promiscuous mode
[  336.619348][ T7273] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.626654][ T7273] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.634670][ T7273] device bridge_slave_1 entered promiscuous mode
[  336.643422][ T7270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.696194][ T7273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.706720][ T7270] team0: Port device team_slave_0 added
[  336.713686][ T7270] team0: Port device team_slave_1 added
[  336.730157][ T7265] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.740036][ T7273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.755769][ T7263] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.848585][ T7270] device hsr_slave_0 entered promiscuous mode
[  336.886377][ T7270] device hsr_slave_1 entered promiscuous mode
[  336.926268][ T7270] debugfs: Directory 'hsr0' with parent '/' already present!
[  336.942816][ T7273] team0: Port device team_slave_0 added
[  336.951848][ T7273] team0: Port device team_slave_1 added
[  336.985732][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  336.994553][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  337.012753][ T7265] 8021q: adding VLAN 0 to HW filter on device team0
[  337.099041][ T7273] device hsr_slave_0 entered promiscuous mode
[  337.146444][ T7273] device hsr_slave_1 entered promiscuous mode
[  337.196006][ T7273] debugfs: Directory 'hsr0' with parent '/' already present!
[  337.233033][ T7281] chnl_net:caif_netlink_parms(): no params data found
[  337.247102][ T7278] chnl_net:caif_netlink_parms(): no params data found
[  337.271644][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  337.284832][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  337.294411][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.301672][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  337.310674][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  337.366159][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  337.374968][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  337.411353][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.418504][ T7274] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.445515][ T7281] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.453083][ T7281] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.461610][ T7281] device bridge_slave_0 entered promiscuous mode
[  337.466383][    C0] hrtimer: interrupt took 44826 ns
[  337.485391][   T25] kauditd_printk_skb: 8 callbacks suppressed
[  337.485500][   T25] audit: type=1800 audit(1571857664.643:31): pid=7294 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16519 res=0
[  337.488582][ T7278] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.520341][ T7278] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.532239][ T7278] device bridge_slave_0 entered promiscuous mode
[  337.555470][   T25] audit: type=1804 audit(1571857664.703:32): pid=7293 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir863840297/syzkaller.qAKKtw/0/file0" dev="sda1" ino=16519 res=1
[  337.562980][ T7265] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  337.595436][ T7265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  337.611456][ T7281] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.619403][ T7281] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.627659][ T7281] device bridge_slave_1 entered promiscuous mode
[  337.636215][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  337.645577][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  337.660014][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  337.671031][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  337.683437][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  337.693839][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  337.703739][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  337.712860][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  337.722378][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  337.731615][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  337.740708][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  337.749546][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  337.759679][ T7278] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.767459][ T7278] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.776100][ T7278] device bridge_slave_1 entered promiscuous mode
[  337.806946][ T7270] 8021q: adding VLAN 0 to HW filter on device bond0
[  337.842229][ T7278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  337.864141][ T7273] 8021q: adding VLAN 0 to HW filter on device bond0
[  337.872220][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  337.880890][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  337.891137][ T7270] 8021q: adding VLAN 0 to HW filter on device team0
[  337.907722][ T7278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  337.919608][ T7281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  337.931768][ T7281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  337.950689][ T7273] 8021q: adding VLAN 0 to HW filter on device team0
[  337.983781][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  337.992852][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  338.001351][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  338.010487][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  338.019107][ T7274] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.026478][ T7274] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.034687][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  338.043924][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  338.052916][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.060199][ T7274] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.068880][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  338.082799][ T7265] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.113312][ T7278] team0: Port device team_slave_0 added
[  338.137323][ T7278] team0: Port device team_slave_1 added
[  338.158882][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  338.168028][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  338.178061][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  338.188113][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  338.198420][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  338.208366][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  338.218485][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  338.224549][   T25] audit: type=1804 audit(1571857665.383:33): pid=7294 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir863840297/syzkaller.qAKKtw/0/file0" dev="sda1" ino=16519 res=1
[  338.237227][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  338.264193][ T7270] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  338.282151][ T7270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  338.290213][   T25] audit: type=1804 audit(1571857665.453:34): pid=7302 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir863840297/syzkaller.qAKKtw/0/file0" dev="sda1" ino=16519 res=1
[  338.337368][ T7281] team0: Port device team_slave_0 added
[  338.343233][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  338.351491][ T7293] syz-executor.0 (7293) used greatest stack depth: 9776 bytes left
[  338.367007][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
19:07:45 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

[  338.381233][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  338.390469][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  338.405131][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  338.440423][ T7272] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.447863][ T7272] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.471450][   T25] audit: type=1800 audit(1571857665.633:35): pid=7309 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16519 res=0
[  338.495342][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  338.513793][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  338.522722][   T25] audit: type=1804 audit(1571857665.683:36): pid=7309 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir863840297/syzkaller.qAKKtw/1/file0" dev="sda1" ino=16519 res=1
[  338.523266][ T7272] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.554408][ T7272] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.563591][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  338.573369][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  338.601683][ T7273] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  338.615957][ T7273] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  338.629175][ T7281] team0: Port device team_slave_1 added
[  338.640887][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  338.649649][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  338.659358][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  338.669255][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  338.679038][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  338.688992][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  338.698240][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  338.707910][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  338.717015][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  338.759225][ T7278] device hsr_slave_0 entered promiscuous mode
[  338.796522][ T7278] device hsr_slave_1 entered promiscuous mode
[  338.835968][ T7278] debugfs: Directory 'hsr0' with parent '/' already present!
[  338.862657][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  338.872031][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  338.884043][ T7273] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.917829][ T7270] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.999396][ T7281] device hsr_slave_0 entered promiscuous mode
[  339.056545][ T7281] device hsr_slave_1 entered promiscuous mode
[  339.096009][ T7281] debugfs: Directory 'hsr0' with parent '/' already present!
[  339.286878][ T7278] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.346352][ T7281] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.363824][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  339.372661][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  339.393068][ T7278] 8021q: adding VLAN 0 to HW filter on device team0
[  339.421424][ T7281] 8021q: adding VLAN 0 to HW filter on device team0
[  339.436430][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
19:07:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

[  339.462470][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  339.549221][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  339.581664][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  339.609594][ T7277] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.616773][ T7277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.624594][   T25] audit: type=1804 audit(1571857666.783:37): pid=7336 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir128839366/syzkaller.IsxrFJ/0/bus" dev="sda1" ino=16524 res=1
[  339.686945][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  339.746884][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  339.765973][   T25] audit: type=1804 audit(1571857666.843:38): pid=7320 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir128839366/syzkaller.IsxrFJ/0/bus" dev="sda1" ino=16524 res=1
[  339.819961][ T7277] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.827522][ T7277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.845181][   T25] audit: type=1800 audit(1571857666.973:39): pid=7342 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16533 res=0
19:07:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x2)
r1 = dup(r0)
write$FUSE_ATTR(r1, &(0x7f0000000040)={0x78}, 0x78)
ioctl$SG_IO(r1, 0x227c, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

19:07:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='schedstat\x00')
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
pread64(r2, 0x0, 0x0, 0x20)

[  339.873242][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  339.888051][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  339.934032][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  339.951911][   T25] audit: type=1804 audit(1571857667.113:40): pid=7342 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir863840297/syzkaller.qAKKtw/2/file0" dev="sda1" ino=16533 res=1
[  339.977089][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  340.025737][ T7277] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.033171][ T7277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.087075][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  340.121453][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  340.130308][ T7277] bridge0: port 2(bridge_slave_1) entered blocking state
19:07:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x2)
r1 = dup(r0)
write$FUSE_ATTR(r1, &(0x7f0000000040)={0x78}, 0x78)
ioctl$SG_IO(r1, 0x227c, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

[  340.137443][ T7277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.181539][ T7278] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  340.209305][ T7278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
19:07:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='schedstat\x00')
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
pread64(r2, 0x0, 0x0, 0x20)

[  340.254157][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  340.255998][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  340.267618][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  340.291585][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  340.300054][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  340.334712][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  340.350872][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  340.360550][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  340.374807][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  340.384176][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  340.398535][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  340.412182][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  340.423399][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
19:07:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x2)
r1 = dup(r0)
write$FUSE_ATTR(r1, &(0x7f0000000040)={0x78}, 0x78)
ioctl$SG_IO(r1, 0x227c, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

[  340.446823][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  340.524379][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  340.535247][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  340.586984][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  340.597785][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  340.607435][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  340.627695][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  340.647340][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  340.661998][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  340.683864][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  340.695198][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  340.706024][ T7281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  340.718623][ T7278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.745967][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  340.772588][ T7281] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.815970][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  340.821861][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  340.836161][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  340.842123][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  340.935925][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  340.941893][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  340.965866][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  340.971794][    C1] protocol 88fb is buggy, dev hsr_slave_1
19:07:48 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

19:07:48 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

19:07:48 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='schedstat\x00')
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = memfd_create(&(0x7f00000002c0)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
pread64(r2, 0x0, 0x0, 0x20)

19:07:48 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/11, 0x2}], 0x10000000000000dc)

19:07:48 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x18, 0x23, 0x829, 0x0, 0x0, {0x2804}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x6087ffffffff}, 0x0)

19:07:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:48 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/11, 0x2}], 0x10000000000000dc)

19:07:48 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:48 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x18, 0x23, 0x829, 0x0, 0x0, {0x2804}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x6087ffffffff}, 0x0)

19:07:49 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/11, 0x2}], 0x10000000000000dc)

19:07:49 executing program 0:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
r1 = socket$inet6(0xa, 0x80001, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write$FUSE_ENTRY(r0, &(0x7f00000025c0)={0x90, 0xe9ffffff}, 0x90)

19:07:49 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x18, 0x23, 0x829, 0x0, 0x0, {0x2804}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x6087ffffffff}, 0x0)

19:07:49 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x0, 0x0)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [<r4=>0x0]}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000880)={r4, 0x1c, "f8c36c79fe2a279a6b438a38333276d77dc9c5b5e9f99f4a93232b39"}, &(0x7f0000000900)=0x24)

19:07:49 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

19:07:49 executing program 0:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x100000000000000b, &(0x7f0000000000)='\x00', 0x1)

[  342.525946][   T25] kauditd_printk_skb: 11 callbacks suppressed
[  342.525981][   T25] audit: type=1804 audit(1571857669.683:52): pid=7423 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir868864039/syzkaller.wM4pr1/4/bus" dev="sda1" ino=16539 res=1
[  342.728528][   T25] audit: type=1800 audit(1571857669.753:53): pid=7447 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16545 res=0
[  342.811302][   T25] audit: type=1804 audit(1571857669.853:54): pid=7447 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir699614620/syzkaller.cx9Xgu/5/file0" dev="sda1" ino=16545 res=1
19:07:50 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:50 executing program 0:
r0 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'veth1_to_team\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00f1ff00000000000000000000000000000000000000a307"]})
setsockopt$inet_int(r0, 0x0, 0x40, &(0x7f0000000080), 0x1)

19:07:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="860f4c0e57c99ca0ad78349f5803fd3a1a6d5cb848ca6b3a3206a6bc000023b3483f5492d0616e6600df2b1e1a85f73de44b"], 0x1}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
process_vm_readv(0x0, &(0x7f0000000380)=[{&(0x7f0000000000)=""/61, 0x15}], 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x8e)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19:07:50 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x487d5d22, 0x8}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1433398e}, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
socket$inet6(0xa, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x1b)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(0xffffffffffffffff, 0x800442d4, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000040)={0x7b, 0x5, [0x572], [0xc1]})
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0), 0x0, 0x6, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[  343.223770][ T7470] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  343.641602][   T25] audit: type=1804 audit(1571857670.803:55): pid=7471 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir128839366/syzkaller.IsxrFJ/2/bus" dev="sda1" ino=16528 res=1
[  343.702966][   T25] audit: type=1804 audit(1571857670.863:56): pid=7468 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir128839366/syzkaller.IsxrFJ/2/bus" dev="sda1" ino=16528 res=1
19:07:50 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:50 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000700)={0x0, 0x40000007fff, 0xffff}, 0x14)
r0 = socket(0x10, 0x800000000080003, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:07:50 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r3 = socket(0x0, 0x80000, 0x9)
socket(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x24, 0x29, 0xdf71b8bfc55a1297, 0x0, 0x25dfdbfb, {0x0, r4, {0xa, 0xa}, {0xf, 0xfff8}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x2008001)
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00'}, 0x10)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r2, r5, 0x0, 0x10000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x81, 0x0, 0x1, 0x0], 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, {0xfff, 0x3, 0x40, 0x0, 0x4, 0x9, 0x81, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x3f, 0x9, "8cfd79d2cb0adbc36b56b8688cb162a68b4d34ccd9b01c645e238b76bc8e347c"}})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

19:07:50 executing program 4:
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x0)
pipe(&(0x7f0000000180))
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0xfffffff5)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

[  343.892859][   T25] audit: type=1800 audit(1571857671.053:57): pid=7487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16535 res=0
19:07:51 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000000))

[  344.042376][   T25] audit: type=1804 audit(1571857671.193:58): pid=7487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir699614620/syzkaller.cx9Xgu/6/file0" dev="sda1" ino=16535 res=1
19:07:51 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000700)={0x0, 0x40000007fff, 0xffff}, 0x14)
r0 = socket(0x10, 0x800000000080003, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:07:51 executing program 0:
r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000004c0)={0x9, @raw_data="f3f7fc89a82d63d3594d343217e07113f426f74913bc7d8ccb7c4e956456dd8b9f07dff25e0db894ed674f85946881bacf830638e448638beebfe2fd7a49e4341c842aeded5cbdb776e945717affb013f3813ef82516e893a71ef5ef93341365d2696272f43c9574f3c296cad841ea850a057ca14c352e0e1a6d91eb00ee613a5e5bbe7fb9ce90830ef2534bf30565aa69f89d0a9cd56072ad92310f1cad6c8e01778d5d4b14fe73f78570df62b91b45137f61b23e2a1453392919a830c89470c73753ee4c5ee93a"})

19:07:51 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000700)={0x0, 0x40000007fff, 0xffff}, 0x14)
r0 = socket(0x10, 0x800000000080003, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:07:51 executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r3, 0x800000c0045006, &(0x7f0000000000)=0x7b)

[  344.579569][   T25] audit: type=1804 audit(1571857671.733:59): pid=7521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir868864039/syzkaller.wM4pr1/5/bus" dev="sda1" ino=16552 res=1
[  344.680051][   T25] audit: type=1804 audit(1571857671.793:60): pid=7501 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir868864039/syzkaller.wM4pr1/5/bus" dev="sda1" ino=16552 res=1
19:07:52 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:52 executing program 4:
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x0)
pipe(&(0x7f0000000180))
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0xfffffff5)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

19:07:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000300)={0x7b, 0x5, [0x4000009f, 0x4c, 0x4000009f], [0xc1]})

[  345.285898][    C0] net_ratelimit: 19 callbacks suppressed
[  345.285912][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  345.297419][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  345.421867][   T25] audit: type=1804 audit(1571857672.583:61): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir128839366/syzkaller.IsxrFJ/3/bus" dev="sda1" ino=16548 res=1
19:07:52 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, &(0x7f00000002c0)=0x6, 0x4)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000240)={0xe26e, 0x8, 0x1})
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
socket(0x5, 0x8000a, 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0)
write$P9_RWALK(r3, &(0x7f0000000300)=ANY=[], 0x6)
r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r3, r4)
r5 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0x100000000, 0x301000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000003340)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f0000001a80)=0x1a2)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000300)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(r6)
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
write$cgroup_pid(r7, &(0x7f00000036c0), 0x12)
r8 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
r9 = open(&(0x7f0000001900)='./bus/file0\x00', 0x8000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, 0x0, &(0x7f00000017c0))
getresgid(&(0x7f0000001800), &(0x7f0000001840), &(0x7f0000001880))
getgid()
r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r10, 0x4028af11, &(0x7f0000000040))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r11 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r11, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r11, 0x4028af11, &(0x7f0000000040))
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r12, 0x4028af11, &(0x7f0000000040))
r13 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r13, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r13, 0x4028af11, &(0x7f0000000040))
r14 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r14, 0xaf01, 0x0)
r15 = getpid()
getpgid(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$P9_RWALK(r16, &(0x7f0000000300)=ANY=[], 0x6)
r17 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r16, r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0)
write$P9_RWALK(r18, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r18, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000003440)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuacct.usage_percpu\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001980)={{{@in6=@mcast2, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@local}}, 0x0)
getegid()
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
r19 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r19, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r19, 0x4028af11, &(0x7f0000000040))
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0)
r20 = getpid()
sched_setscheduler(r20, 0x0, &(0x7f0000000380))
setuid(0x0)
r21 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$TUNSETSTEERINGEBPF(r21, 0xaf01, 0x0)
ioctl$TUNSETIFINDEX(r21, 0x4028af11, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003140)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x20000000}, {&(0x7f0000000500)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000580)="662e72720f2a216d54aa17e89c0d449032e652373ac558b7367ab3499e1527e088ccfe6e9e9da1cb7ef6af600fcc160d65b8cb23fcb40c603f34c8deab3dcea55f929ea931bcd0b1261ea7e8dca5c8efc159cd143b744301ee123b95d1efdcfab1beb4d31d7eeedb9306d3fcb6fe", 0x6e}, {&(0x7f0000000680)="c46149b5297fb10dffd96c4eee0187494ca67ca162023b135bc00224e8d60ebcd759fc101a0ba94f8e402d80c13cf258cbea214f51f00ccba604c974aeea520ecfe31fd452d66d034094185fbb073e45edcb5d17b09c09227c2372975759d2941aec9a9206c2dc9a1863a19b2baaa607d6a985f3ba5f1819674008f07eaffcc4ed7ce6e828edb5b289344bb9081ed9516f5516aa8aaa1fa252f2a14e0a2ed71cb8abc7e16a74c3ff690679d9fd549b739e386dd7009aa94bdc91f36a1cb59c7c3af00312692c9a4c90e813e0c933ac4c57879a1558e9d9a0e024c504b6856358383c4f5a69e48834224b0cc85f873f73ea7cd81428c0a3331c5e5d4f2d8bf1fd71348856fae8edfcf5384d421dd3c9e358bd79aab9df40ff394ff2de80d74d21de630ee56667e018b7d742da141b9ded629a48d919af93013c48e46fee5ac01318bf29d7d61516865bb0ec682b19faea18954634d2bbe4839e443036b1a6746f4ba6a786236e6a950aa1fe49d7f7b4cc0272a55b282ec016bb53581a5b0956d5e8da6e49c2044c5bdcdb3b2ba6671f69837cb539175b5830d8a990ce286f4c4cc37e803817de55378beeffe6df3c142a53f3701f98a1ee7749081ba1ba85219ae13dd60fa37f9058abec5d0977826e679f37a41072a961622a3b26e18529c54af688446ac67e078089bcca8ef378de306d74b1925b58f7c4caf43ae9c31145f44707fbc6efbbc77630d35ddeb07b2312cd668c871bada1757dfab5ba023d48512295253e75dd96c9c3ab259076a6d4fe4d1b2d7d6e85b396dbaf7d88e002bf95c1a352c47d1db33c56831dc792993110ae145d0b06cb8614e8afa9713261aebf4c614b6fb384c9e35c0a931f3838efc015c7470a895f82c5560dc6e620e5b48c26fe83bf66d27d4e57e9d41a574d6121c00a2ac039cfcff25fa64fe916f875ee4ca2500810855e99c5f1084bd666b43918219630d42100d25afd85573fb1d12f16ee8577e2753b07daeba4474b608df7446730916fbb98f899b3dcdcb973465be48620cdfe285beb9675f42eff5e7b34a00d33ce15e62159722a0ad5bccb9497dc34551b061f5760cb43cd373d5f85e32db4defb619906a407233d7a944df75e03d179f6b4b5f9315e90da7eedae89a0d9bcab7d284e7d77ee88afdc15daff0c3a9c759761f7bad6e1e777dd0f2075aa1299b87a852050cf9ab4d24a528396a344376b58f3f3c87b4d35f2c744fb44077cc50c054ef48302334fe914f78659cd2424adae7169773a9d98e7db02bdd217266ed79c6ffad4ba973b59c37418617ae0eae100d550552aa34c0e7a0211e38e8492d723c3f408fddef627b9f14ad5ffe0bfa8b99f3eb70b7358475d4ef47dd4a2bc49aea5a38bf75b3306ff50a23676d2b3b0f395bb1775d3d4df8343d8dccad89abf37285758339427441c9d4caa3fb220454bad6a1dac487210e912d1f5e88b4d54eebcf597a169e7e588bd5ff9672003c4817bf1f2b190652db4fc02b59796a8e1eb9f1518236c84715fa8b3f880281e2772fb30ce0634b817a354f40a6d80eb2fd1ef59bb84ca1bd03aee5415bcb10d60a8364c9680a3f79383c57696630ad1be87059469457503eff4048d4d669da20481e2e5be46ae59df5fbbcc84a7e851a11b33250053e91a21c8ddc25394ba793355b922362b3db503eb5ca628108e3ef5e7cc5b653ed94cbd41dbb1d030efd0028aa78cd86508711560f1e00aebc728ca311822040d183a3f67420280a4d2257cb08123f1e3e12f4d5d4db2c3f780fc73eac364ae771b23bef57cb9c7286c29a2cfbd87f01e249c731a825286c3604851196cad3c78a9cdc9509be4010cd611c43663f8fd718c0d2e30e84a563ece5195333d14ea8c656c41e627435e991eb675df14fa01ae9961b371be23e7988d5bec3d581c8941313f8ed46ee88ce6a1d60736f147ba87c898530e99743842719008c1413df09ea4e07127d1bdd5993483c7733dfec6c7d54f82dda28e2d2723481f2dd05f5daccf5d35f539bad8be445ee90312eefbe13a61f730e9536c652d72f4b8760af2d1df10ff556ef24a6c47fa96e8db94d6b373cc14013d20b94df6fcd5517f2a8f0bb4f1850de64bae2f0f74d73b9b905da1a6001541251419a712aac1ebab55dd891f3af2c276ae2ca4e162fd483b188f51c32a9dc1065f474cbb434d66c4c584cf144c566465585167820802f15823b9b0d1f02b184419b8a3c820c069d9eff058a4920c7fd21fc028f17e452aee548abe6044f085bf040d3634ddee9d376d2e95d6dd7e51bd69629ab9d2a69aa775c8d1b34229a0a663d11733f5c5c42c88e8236ead20106d93db5845351184b334ef8103d1956e2a86556b41166f66895521324b47af2a909b0e55454bba1b5d9e669165e6008aea442759aa732fd85cce72c5fd0b9ce684fe101d728e1a2a050d8b95c97294c5cc0456553d06829b7d44da4bb663c0188f8a8656effb7eb7373e713d65935040d96af39681b18f0b609ce346bcc7c9f30378a8d42046007b0ee1801b3e22254e699ebebbe2d64ac9a4a056689e806b7972d690371dbecef5f39c2b8c402aac48456f43188f4d3a1a135d30d2ea10586d1bc5bd8ac844d1418dcbd2d187f2f05a31961641256469088f9dcba6e11e3a6c3e862c7a60d7adac25288b523149f700a3432cc2e30aec1347e4ee729f7d93c484a76fa829f82c28bd29fa74309ddd095bc4d1aaaada694f989ec054ed45b7bdb1881f7322b6f683608a04bb94feb86e4d78349bb132881337e7e098d0f3bb6f73762ac930b2aa201f16553a5e501a365bbc4081ae7b505c67f6ab2f763b9a6582a19d8bd90579bf9a430baf9b384163a6bcb2aa9e0e284e1795ea419b9b898afbb22937f46ab5a2f95c7d1ea7b4f7b24670ded64714fe768501b3602b3e789341b40b06b679bf255e7a53ca34b282a8992c248633f20f4e2082a7df7ec6379294f39f538d6788d6ab70fed6d200527d82356cd0358a307c976a55f10c7ab566085e3af8a422ada4211eee8fd07edf40cb86d3e8bdad3d7171a9f7a09f88ae5c59f4aaafcbe5fb45360194bf63ca95d7de3c4b38c9e9610618ad819e073d1cb0291cecc328f00557a4225c2198ddca76c1bfbf545110542df18e1fda98125076d7b013ed6e58cc308900b993dbf99461d2448e5ebff576d6a9083ac3e77e6188c9361586b7c0ff03915677af000ca9c4ebd70ddfa1486b0214bc7657f74a62d1ffb511f8f5592a86ed7e2650289c2573ce230bd3ab244211706b227a2a449b7cb0568d5064623f048310977cd3bf0344989809490c38153d6938c60a2ef5ca113320821381b1aa478c91bf0d73ce0711fd878a20041c72e9728eb7ba9e9bf355f62b098c1635053f5e1886941431c91e05c7191dcfeeec514478878c0f3bf852175bbdf0a68ca2300d9d3638ca4bd1f3cc9c0d3afc05000ea266d37fcfbb38b09c9bc7137d9a2beed1eb7f0991f8974e46405e122891f894f570c83d3fd24909fdee391f2bfebc79557ce151239013f3ba0473f7f75a6b1414777359116ebe190942ecb757eb1e33ffa37d6a60c588bc4c9be0c061200f98a251ab65f4b8c95b4c0b4a2f9598cccb8c18770b56afb8b04a3351c32a7d6c626dcd17f744e30b98e9f9ed3c8556456228c5a680cb447af639f0d83bccb5bea7fa2f3f0db76d2485e63623e24e85f7af8175e86242705971cde6ca2022aaffc1dc76d25ba8fd5903c326bf7f8ababf6b46f0ad5f6f964e3ac5d40250a015ac8b401178b1d28cc50bd211cdcf968f134bcc9843bc3f92e4917e3be2f0e3b6dac2b2b57db4fe02de65e76bf09aa185dcab7fa13da6802139bae5096cfc9dad17c25927dd8b84465fa0ac81380235d5361ab2e3ff99bc1f13158fd1d6f7cd69702e234d1c80d9d1ec6ce864b33edcf39fa115a936d624a6459c55547ab6a1b9f136e1814284a87d75b1d9395e09b16678b4bbfe724343bf2e8a1a0b5f9b40eac5bd5aacf3101da62690605e21bf1bf7adf5622661f2f1d844dedc7858ac31fc2cee6a62898dff2dcc432d4f768ffbcbb84ffd72de40196031105df315c52bb9880c6cf8ccdfada5425827dfdebf7a4c30ed4003c7faf7cd702826cff96ba3cdcc2fd7686bd7a30a12fe91532566b2e0192f9bd78d4c71d5d05da3dc5ad907accc7d8393a272b10aa418b1004f63a18dfe665472c2f1830613dbed728cf4b7146f4f3a365bdc42747730e6ef958232a3ed76dadfbbf1bd4d646468c59e07f022277a923a700fd5b4722b714cc17d836f997dcc5985e6ccabc5b909f59fb044dd0142", 0xbf4}], 0x2, 0x0, 0x0, 0x2008044}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}], 0x3, 0x4c010)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r9, 0x0)
write$P9_RWALK(r9, &(0x7f0000000300)=ANY=[], 0x6)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r9, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r9, 0xffffffffffffffff)
ioctl$LOOP_SET_CAPACITY(r9, 0x4c07)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x10d022, 0x8000000)
r22 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000000)={'batadv0\x00'})

19:07:52 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000700)={0x0, 0x40000007fff, 0xffff}, 0x14)
r0 = socket(0x10, 0x800000000080003, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:07:52 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000100)={&(0x7f0000000040)={0xc7, 0x34, 0x829, 0x0, 0x0, {0x3, 0x40000}, [@nested={0x18, 0x0, [@typed={0x3b, 0x1, @ipv6=@loopback={0xffff000000000000}}]}]}, 0xfde8}, 0x1, 0xffffff7f0e000000}, 0x0)

19:07:52 executing program 4:
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x0)
pipe(&(0x7f0000000180))
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0xfffffff5)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

19:07:52 executing program 3:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={0x0, @in, 0x0, 0x0, 0x0, 0x0, 0xffffff80}, 0x9c)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x0, @initdev}]}, &(0x7f0000000440)=0x10)

[  345.531788][ T7550] netlink: 115 bytes leftover after parsing attributes in process `syz-executor.0'.
19:07:52 executing program 0:
getpid()
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = open(0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000074000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, @empty, @loopback})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000002c0))
pread64(r1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x1, 0x2)

19:07:53 executing program 5:
r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x30}, 0xc)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x60)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0'}, 0x1999c)

19:07:53 executing program 0:
getpid()
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = open(0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000074000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, @empty, @loopback})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000002c0))
pread64(r1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x1, 0x2)

19:07:53 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x5f, 0x10}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

19:07:53 executing program 0:
getpid()
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = open(0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000074000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, @empty, @loopback})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000002c0))
pread64(r1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x1, 0x2)

19:07:53 executing program 1:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

19:07:53 executing program 4:
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x0)
pipe(&(0x7f0000000180))
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0xfffffff5)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

[  346.485878][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  346.491783][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  346.758155][ T7594] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  346.780834][ T7594] CPU: 1 PID: 7594 Comm: syz-executor.1 Not tainted 5.4.0-rc3+ #0
[  346.788719][ T7594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  346.798787][ T7594] Call Trace:
[  346.802113][ T7594]  dump_stack+0xf5/0x159
[  346.806387][ T7594]  dump_header+0xaa/0x449
[  346.810724][ T7594]  oom_kill_process.cold+0x10/0x15
[  346.815869][ T7594]  out_of_memory+0x231/0xa00
[  346.820478][ T7594]  ? preempt_schedule_common+0x37/0x90
[  346.825966][ T7594]  mem_cgroup_out_of_memory+0x128/0x150
[  346.831562][ T7594]  memory_max_write+0x17b/0x250
[  346.836443][ T7594]  cgroup_file_write+0x119/0x320
[  346.841401][ T7594]  ? high_work_func+0x30/0x30
[  346.846105][ T7594]  kernfs_fop_write+0x1f4/0x2e0
[  346.850973][ T7594]  ? cgroup_css.part.0+0x90/0x90
[  346.855926][ T7594]  __vfs_write+0x67/0xc0
[  346.860185][ T7594]  ? kernfs_seq_show+0xe0/0xe0
[  346.864972][ T7594]  vfs_write+0x18a/0x390
[  346.869237][ T7594]  ksys_write+0xd5/0x1b0
[  346.873499][ T7594]  __x64_sys_write+0x4c/0x60
[  346.878120][ T7594]  do_syscall_64+0xcc/0x370
[  346.882639][ T7594]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  346.888541][ T7594] RIP: 0033:0x459ef9
[  346.892463][ T7594] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  346.912082][ T7594] RSP: 002b:00007f36fa85ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  346.920518][ T7594] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  346.928499][ T7594] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  346.936487][ T7594] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  346.944473][ T7594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36fa85f6d4
19:07:54 executing program 5:
r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x30}, 0xc)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x60)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0'}, 0x1999c)

19:07:54 executing program 3:
set_mempolicy(0x3, &(0x7f00000000c0)=0xfffffffffffffff7, 0x3)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000480), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a00)={0x5, 0x800, 0x0, {}, {0x0, 0x7530}, {}, 0x2, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "3652d1c2cf78c41230901c3083bff968c65bf616ae16d3515b0883559b127416bdd571c44d316bf65b4df645d2e6e13e0d90c3098b3db54c25ca641c155f19cd"}}, 0x20000a80}}, 0x0)

19:07:54 executing program 0:
getpid()
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = open(0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000074000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c]}, @empty, @loopback})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000002c0))
pread64(r1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x1, 0x2)

[  346.952452][ T7594] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
[  346.966110][ T7594] memory: usage 2608kB, limit 0kB, failcnt 0
[  346.972202][ T7594] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
19:07:54 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)

[  347.040482][ T7594] Memory cgroup stats for /syz1:
[  347.042263][ T7594] anon 2236416
[  347.042263][ T7594] file 0
[  347.042263][ T7594] kernel_stack 36864
[  347.042263][ T7594] slab 0
[  347.042263][ T7594] sock 0
[  347.042263][ T7594] shmem 0
[  347.042263][ T7594] file_mapped 0
[  347.042263][ T7594] file_dirty 0
[  347.042263][ T7594] file_writeback 0
[  347.042263][ T7594] anon_thp 2097152
[  347.042263][ T7594] inactive_anon 0
[  347.042263][ T7594] active_anon 2236416
[  347.042263][ T7594] inactive_file 0
[  347.042263][ T7594] active_file 0
[  347.042263][ T7594] unevictable 0
[  347.042263][ T7594] slab_reclaimable 0
[  347.042263][ T7594] slab_unreclaimable 0
[  347.042263][ T7594] pgfault 528
[  347.042263][ T7594] pgmajfault 0
[  347.042263][ T7594] workingset_refault 0
[  347.042263][ T7594] workingset_activate 0
[  347.042263][ T7594] workingset_nodereclaim 0
[  347.042263][ T7594] pgrefill 0
[  347.042263][ T7594] pgscan 0
[  347.042263][ T7594] pgsteal 0
[  347.042263][ T7594] pgactivate 0
[  347.042263][ T7594] pgdeactivate 0
[  347.143901][ T7594] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=7593,uid=0
[  347.167614][ T7594] Memory cgroup out of memory: Killed process 7593 (syz-executor.1) total-vm:72584kB, anon-rss:2152kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  347.194650][ T1003] oom_reaper: reaped process 7593 (syz-executor.1), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB
19:07:54 executing program 1:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  347.311052][ T7265] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  347.366078][ T7265] CPU: 0 PID: 7265 Comm: syz-executor.1 Not tainted 5.4.0-rc3+ #0
[  347.373942][ T7265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  347.384082][ T7265] Call Trace:
[  347.387399][ T7265]  dump_stack+0xf5/0x159
[  347.391668][ T7265]  dump_header+0xaa/0x449
[  347.396018][ T7265]  oom_kill_process.cold+0x10/0x15
[  347.401143][ T7265]  out_of_memory+0x231/0xa00
[  347.405769][ T7265]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  347.411489][ T7265]  mem_cgroup_out_of_memory+0x128/0x150
[  347.417055][ T7265]  try_charge+0xb3a/0xbc0
[  347.421438][ T7265]  ? __tsan_write4+0x32/0x40
[  347.426045][ T7265]  ? __rcu_read_unlock+0x66/0x3c0
[  347.431081][ T7265]  __memcg_kmem_charge_memcg+0x4a/0xe0
[  347.436555][ T7265]  __memcg_kmem_charge+0xde/0x240
[  347.441604][ T7265]  copy_process+0x11d2/0x3b50
[  347.446474][ T7265]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  347.452124][ T7265]  _do_fork+0xfe/0x6e0
[  347.456203][ T7265]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  347.461839][ T7265]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  347.467480][ T7265]  ? __tsan_read8+0x2c/0x30
[  347.472070][ T7265]  __x64_sys_clone+0x12b/0x160
[  347.476936][ T7265]  do_syscall_64+0xcc/0x370
[  347.481456][ T7265]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  347.487464][ T7265] RIP: 0033:0x4584ca
[  347.491385][ T7265] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
19:07:54 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)

[  347.510996][ T7265] RSP: 002b:00007ffe4b021800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  347.519421][ T7265] RAX: ffffffffffffffda RBX: 00007ffe4b021800 RCX: 00000000004584ca
[  347.527401][ T7265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  347.535382][ T7265] RBP: 00007ffe4b021840 R08: 0000000000000001 R09: 00000000010a1940
[  347.543397][ T7265] R10: 00000000010a1c10 R11: 0000000000000246 R12: 0000000000000001
[  347.551375][ T7265] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe4b021890
19:07:54 executing program 4:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  347.608078][ T7265] memory: usage 296kB, limit 0kB, failcnt 12
[  347.614125][ T7265] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  347.621597][ T7265] Memory cgroup stats for /syz1:
[  347.622302][ T7265] anon 65536
[  347.622302][ T7265] file 0
[  347.622302][ T7265] kernel_stack 0
[  347.622302][ T7265] slab 0
[  347.622302][ T7265] sock 0
[  347.622302][ T7265] shmem 0
[  347.622302][ T7265] file_mapped 0
[  347.622302][ T7265] file_dirty 0
[  347.622302][ T7265] file_writeback 0
[  347.622302][ T7265] anon_thp 0
[  347.622302][ T7265] inactive_anon 0
[  347.622302][ T7265] active_anon 65536
[  347.622302][ T7265] inactive_file 0
[  347.622302][ T7265] active_file 0
[  347.622302][ T7265] unevictable 0
[  347.622302][ T7265] slab_reclaimable 0
[  347.622302][ T7265] slab_unreclaimable 0
[  347.622302][ T7265] pgfault 561
[  347.622302][ T7265] pgmajfault 0
[  347.622302][ T7265] workingset_refault 0
[  347.622302][ T7265] workingset_activate 0
[  347.622302][ T7265] workingset_nodereclaim 0
[  347.622302][ T7265] pgrefill 0
[  347.622302][ T7265] pgscan 0
19:07:54 executing program 3:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

19:07:54 executing program 5:
r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x30}, 0xc)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x60)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0'}, 0x1999c)

[  347.622302][ T7265] pgsteal 0
[  347.622302][ T7265] pgactivate 0
[  347.622302][ T7265] pgdeactivate 0
19:07:55 executing program 0:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  347.930780][ T7265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=7265,uid=0
19:07:55 executing program 5:
r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x30}, 0xc)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x60)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0'}, 0x1999c)

19:07:55 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)

[  348.055957][ T7265] Memory cgroup out of memory: Killed process 7265 (syz-executor.1) total-vm:72452kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  348.092465][ T1003] oom_reaper: reaped process 7265 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  348.105899][ T7621] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  348.155924][ T7621] CPU: 0 PID: 7621 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  348.163792][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  348.174132][ T7621] Call Trace:
[  348.177642][ T7621]  dump_stack+0xf5/0x159
[  348.181926][ T7621]  dump_header+0xaa/0x449
[  348.186315][ T7621]  oom_kill_process.cold+0x10/0x15
[  348.191460][ T7621]  out_of_memory+0x231/0xa00
[  348.196093][ T7621]  mem_cgroup_out_of_memory+0x128/0x150
[  348.201682][ T7621]  memory_max_write+0x17b/0x250
[  348.206578][ T7621]  cgroup_file_write+0x119/0x320
[  348.211564][ T7621]  ? high_work_func+0x30/0x30
[  348.216279][ T7621]  kernfs_fop_write+0x1f4/0x2e0
[  348.221176][ T7621]  ? cgroup_css.part.0+0x90/0x90
[  348.226137][ T7621]  __vfs_write+0x67/0xc0
[  348.230405][ T7621]  ? kernfs_seq_show+0xe0/0xe0
[  348.235197][ T7621]  vfs_write+0x18a/0x390
[  348.239469][ T7621]  ksys_write+0xd5/0x1b0
[  348.243777][ T7621]  __x64_sys_write+0x4c/0x60
[  348.248495][ T7621]  do_syscall_64+0xcc/0x370
[  348.253033][ T7621]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  348.258942][ T7621] RIP: 0033:0x459ef9
[  348.262874][ T7621] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  348.282504][ T7621] RSP: 002b:00007f6a566b6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  348.290940][ T7621] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  348.299012][ T7621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  348.307005][ T7621] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  348.314992][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a566b76d4
[  348.322976][ T7621] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
[  348.348028][ T7621] memory: usage 3032kB, limit 0kB, failcnt 0
[  348.355061][ T7621] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  348.363542][ T7621] Memory cgroup stats for /syz4:
[  348.363747][ T7621] anon 2187264
[  348.363747][ T7621] file 0
[  348.363747][ T7621] kernel_stack 0
[  348.363747][ T7621] slab 491520
[  348.363747][ T7621] sock 0
[  348.363747][ T7621] shmem 0
[  348.363747][ T7621] file_mapped 0
[  348.363747][ T7621] file_dirty 0
[  348.363747][ T7621] file_writeback 0
[  348.363747][ T7621] anon_thp 2097152
[  348.363747][ T7621] inactive_anon 0
[  348.363747][ T7621] active_anon 2187264
[  348.363747][ T7621] inactive_file 0
[  348.363747][ T7621] active_file 0
[  348.363747][ T7621] unevictable 0
[  348.363747][ T7621] slab_reclaimable 135168
[  348.363747][ T7621] slab_unreclaimable 356352
[  348.363747][ T7621] pgfault 726
[  348.363747][ T7621] pgmajfault 0
[  348.363747][ T7621] workingset_refault 0
[  348.363747][ T7621] workingset_activate 0
[  348.363747][ T7621] workingset_nodereclaim 0
[  348.363747][ T7621] pgrefill 0
19:07:55 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)
getdents64(r1, &(0x7f0000000340)=""/57, 0x39)

19:07:55 executing program 5:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r3, 0x0, 0x30005, 0x0)

[  348.363747][ T7621] pgscan 0
[  348.363747][ T7621] pgsteal 0
[  348.363747][ T7621] pgactivate 0
[  348.470726][ T7621] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=7619,uid=0
[  348.533071][ T7621] Memory cgroup out of memory: Killed process 7619 (syz-executor.4) total-vm:72716kB, anon-rss:2200kB, file-rss:35832kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  348.605325][ T7636] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  348.606662][ T1003] oom_reaper: reaped process 7619 (syz-executor.4), now anon-rss:0kB, file-rss:34884kB, shmem-rss:0kB
[  348.642035][ T7636] CPU: 1 PID: 7636 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  348.649901][ T7636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  348.659999][ T7636] Call Trace:
[  348.663341][ T7636]  dump_stack+0xf5/0x159
[  348.667624][ T7636]  dump_header+0xaa/0x449
[  348.671967][ T7636]  oom_kill_process.cold+0x10/0x15
[  348.677092][ T7636]  out_of_memory+0x231/0xa00
[  348.681721][ T7636]  mem_cgroup_out_of_memory+0x128/0x150
[  348.687288][ T7636]  memory_max_write+0x17b/0x250
[  348.692159][ T7636]  cgroup_file_write+0x119/0x320
[  348.697107][ T7636]  ? high_work_func+0x30/0x30
[  348.701803][ T7636]  kernfs_fop_write+0x1f4/0x2e0
[  348.706661][ T7636]  ? cgroup_css.part.0+0x90/0x90
[  348.711608][ T7636]  __vfs_write+0x67/0xc0
[  348.715871][ T7636]  ? kernfs_seq_show+0xe0/0xe0
[  348.720657][ T7636]  vfs_write+0x18a/0x390
[  348.724929][ T7636]  ksys_write+0xd5/0x1b0
[  348.729900][ T7636]  __x64_sys_write+0x4c/0x60
[  348.734529][ T7636]  do_syscall_64+0xcc/0x370
[  348.739147][ T7636]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  348.745038][ T7636] RIP: 0033:0x459ef9
[  348.748958][ T7636] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  348.770126][ T7636] RSP: 002b:00007f1f31561c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  348.778561][ T7636] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  348.786533][ T7636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  348.794504][ T7636] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
19:07:56 executing program 3:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  348.802481][ T7636] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f315626d4
[  348.810455][ T7636] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
19:07:56 executing program 4:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

19:07:56 executing program 1:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  348.968228][ T7636] memory: usage 2720kB, limit 0kB, failcnt 0
[  348.990564][ T7636] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  349.004367][ T7636] Memory cgroup stats for /syz0:
[  349.004556][ T7636] anon 2347008
[  349.004556][ T7636] file 0
[  349.004556][ T7636] kernel_stack 0
[  349.004556][ T7636] slab 135168
[  349.004556][ T7636] sock 0
[  349.004556][ T7636] shmem 0
[  349.004556][ T7636] file_mapped 0
[  349.004556][ T7636] file_dirty 0
[  349.004556][ T7636] file_writeback 0
[  349.004556][ T7636] anon_thp 2097152
[  349.004556][ T7636] inactive_anon 0
[  349.004556][ T7636] active_anon 2260992
[  349.004556][ T7636] inactive_file 0
[  349.004556][ T7636] active_file 0
[  349.004556][ T7636] unevictable 0
[  349.004556][ T7636] slab_reclaimable 0
[  349.004556][ T7636] slab_unreclaimable 135168
19:07:56 executing program 2:
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @dev, 'bridge0\x00'}}, 0x1e)
ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000000))

[  349.004556][ T7636] pgfault 1254
[  349.004556][ T7636] pgmajfault 0
[  349.004556][ T7636] workingset_refault 0
[  349.004556][ T7636] workingset_activate 0
[  349.004556][ T7636] workingset_nodereclaim 0
[  349.004556][ T7636] pgrefill 0
[  349.004556][ T7636] pgscan 0
[  349.004556][ T7636] pgsteal 0
[  349.004556][ T7636] pgactivate 0
[  349.004556][ T7636] pgdeactivate 0
[  349.108391][ T7636] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7635,uid=0
[  349.125895][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  349.125994][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  349.131654][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  349.137397][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:07:56 executing program 1:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  349.154146][ T7636] Memory cgroup out of memory: Killed process 7636 (syz-executor.0) total-vm:72584kB, anon-rss:2196kB, file-rss:35868kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  349.186284][ T7273] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  349.187829][ T1003] oom_reaper: reaped process 7636 (syz-executor.0), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB
[  349.213460][ T7273] CPU: 0 PID: 7273 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  349.221430][ T7273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  349.231687][ T7273] Call Trace:
[  349.235033][ T7273]  dump_stack+0xf5/0x159
[  349.239373][ T7273]  dump_header+0xaa/0x449
[  349.243753][ T7273]  oom_kill_process.cold+0x10/0x15
[  349.248912][ T7273]  out_of_memory+0x231/0xa00
[  349.253536][ T7273]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.259249][ T7273]  mem_cgroup_out_of_memory+0x128/0x150
[  349.264908][ T7273]  try_charge+0xb3a/0xbc0
[  349.269271][ T7273]  ? __tsan_write4+0x32/0x40
[  349.273893][ T7273]  ? __rcu_read_unlock+0x66/0x3c0
[  349.278950][ T7273]  __memcg_kmem_charge_memcg+0x4a/0xe0
[  349.284439][ T7273]  __memcg_kmem_charge+0xde/0x240
[  349.289562][ T7273]  copy_process+0x11d2/0x3b50
[  349.294320][ T7273]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.300068][ T7273]  _do_fork+0xfe/0x6e0
[  349.304181][ T7273]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.309830][ T7273]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.315476][ T7273]  ? __tsan_read8+0x2c/0x30
[  349.320009][ T7273]  __x64_sys_clone+0x12b/0x160
[  349.324841][ T7273]  do_syscall_64+0xcc/0x370
[  349.329433][ T7273]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  349.335335][ T7273] RIP: 0033:0x4584ca
[  349.339263][ T7273] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[  349.358890][ T7273] RSP: 002b:00007ffc96100b70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  349.367378][ T7273] RAX: ffffffffffffffda RBX: 00007ffc96100b70 RCX: 00000000004584ca
[  349.375372][ T7273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  349.383361][ T7273] RBP: 00007ffc96100bb0 R08: 0000000000000001 R09: 00000000020aa940
[  349.391355][ T7273] R10: 00000000020aac10 R11: 0000000000000246 R12: 0000000000000001
[  349.399351][ T7273] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc96100c00
[  349.415939][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  349.421744][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  349.439816][ T7273] memory: usage 524kB, limit 0kB, failcnt 8
[  349.445755][ T7273] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
19:07:56 executing program 0:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

19:07:56 executing program 2:
mkdir(&(0x7f0000639000)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_read_part_table(0x0, 0x0, 0x0)

[  349.526492][ T7273] Memory cgroup stats for /syz3:
[  349.527016][ T7273] anon 143360
[  349.527016][ T7273] file 0
[  349.527016][ T7273] kernel_stack 0
[  349.527016][ T7273] slab 286720
[  349.527016][ T7273] sock 0
[  349.527016][ T7273] shmem 0
[  349.527016][ T7273] file_mapped 0
[  349.527016][ T7273] file_dirty 0
[  349.527016][ T7273] file_writeback 0
[  349.527016][ T7273] anon_thp 0
[  349.527016][ T7273] inactive_anon 0
[  349.527016][ T7273] active_anon 61440
[  349.527016][ T7273] inactive_file 0
[  349.527016][ T7273] active_file 0
[  349.527016][ T7273] unevictable 0
[  349.527016][ T7273] slab_reclaimable 0
[  349.527016][ T7273] slab_unreclaimable 286720
[  349.527016][ T7273] pgfault 858
[  349.527016][ T7273] pgmajfault 0
[  349.527016][ T7273] workingset_refault 0
[  349.527016][ T7273] workingset_activate 0
[  349.527016][ T7273] workingset_nodereclaim 0
[  349.527016][ T7273] pgrefill 0
[  349.527016][ T7273] pgscan 0
[  349.527016][ T7273] pgsteal 0
[  349.527016][ T7273] pgactivate 0
[  349.527016][ T7273] pgdeactivate 0
19:07:56 executing program 5:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r3, 0x0, 0x30005, 0x0)

[  349.741015][ T7273] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=7273,uid=0
[  349.792284][ T7273] Memory cgroup out of memory: Killed process 7273 (syz-executor.3) total-vm:72452kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  349.852276][ T7278] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0
[  349.864592][ T1003] oom_reaper: reaped process 7273 (syz-executor.3), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  349.875754][ T7278] CPU: 1 PID: 7278 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  349.883583][ T7278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  349.893639][ T7278] Call Trace:
[  349.896970][ T7278]  dump_stack+0xf5/0x159
[  349.901227][ T7278]  dump_header+0xaa/0x449
[  349.905587][ T7278]  oom_kill_process.cold+0x10/0x15
[  349.910774][ T7278]  out_of_memory+0x231/0xa00
[  349.915374][ T7278]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.921105][ T7278]  mem_cgroup_out_of_memory+0x128/0x150
[  349.926720][ T7278]  try_charge+0xb3a/0xbc0
[  349.931065][ T7278]  ? __tsan_read4+0x2c/0x30
[  349.935633][ T7278]  __memcg_kmem_charge_memcg+0x4a/0xe0
[  349.941116][ T7278]  cache_grow_begin+0x3ed/0x670
[  349.945990][ T7278]  fallback_alloc+0x161/0x1f0
[  349.950740][ T7278]  ____cache_alloc_node+0x1b1/0x1c0
[  349.955968][ T7278]  ? debug_smp_processor_id+0x4c/0x172
[  349.961483][ T7278]  kmem_cache_alloc_node_trace+0xbb/0x670
[  349.967231][ T7278]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  349.972876][ T7278]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  349.979195][ T7278]  __kmalloc_node+0x38/0x50
[  349.983710][ T7278]  kvmalloc_node+0x71/0x100
[  349.988282][ T7278]  xt_alloc_table_info+0x4a/0x90
[  349.993271][ T7278]  do_ip6t_set_ctl+0x192/0x311
[  349.998237][ T7278]  nf_setsockopt+0x6e/0xb0
[  350.002738][ T7278]  ipv6_setsockopt+0x119/0x130
[  350.007555][ T7278]  tcp_setsockopt+0x7c/0xc0
[  350.012079][ T7278]  sock_common_setsockopt+0x67/0x90
[  350.017307][ T7278]  __sys_setsockopt+0x1ce/0x370
[  350.022189][ T7278]  __x64_sys_setsockopt+0x70/0x90
[  350.027233][ T7278]  do_syscall_64+0xcc/0x370
[  350.031772][ T7278]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  350.037664][ T7278] RIP: 0033:0x45ca2a
[  350.041592][ T7278] Code: 49 89 ca b8 37 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 6a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 4a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00
[  350.061212][ T7278] RSP: 002b:00007ffc8c9ffb18 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  350.069650][ T7278] RAX: ffffffffffffffda RBX: 00007ffc8c9ffb40 RCX: 000000000045ca2a
[  350.077645][ T7278] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  350.085644][ T7278] RBP: 0000000000713cc0 R08: 0000000000000558 R09: 0000000000004000
[  350.093700][ T7278] R10: 00000000007128e0 R11: 0000000000000206 R12: 0000000000000003
[  350.101788][ T7278] R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000712880
[  350.175894][ T7278] memory: usage 680kB, limit 0kB, failcnt 12
[  350.187380][ T7278] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  350.213291][ T7278] Memory cgroup stats for /syz4:
[  350.213580][ T7278] anon 57344
[  350.213580][ T7278] file 0
[  350.213580][ T7278] kernel_stack 0
[  350.213580][ T7278] slab 491520
[  350.213580][ T7278] sock 0
[  350.213580][ T7278] shmem 0
[  350.213580][ T7278] file_mapped 0
[  350.213580][ T7278] file_dirty 0
[  350.213580][ T7278] file_writeback 0
[  350.213580][ T7278] anon_thp 0
[  350.213580][ T7278] inactive_anon 0
[  350.213580][ T7278] active_anon 57344
[  350.213580][ T7278] inactive_file 0
[  350.213580][ T7278] active_file 0
[  350.213580][ T7278] unevictable 0
[  350.213580][ T7278] slab_reclaimable 135168
[  350.213580][ T7278] slab_unreclaimable 356352
19:07:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

[  350.213580][ T7278] pgfault 726
[  350.213580][ T7278] pgmajfault 0
[  350.213580][ T7278] workingset_refault 0
[  350.213580][ T7278] workingset_activate 0
[  350.213580][ T7278] workingset_nodereclaim 0
[  350.213580][ T7278] pgrefill 0
[  350.213580][ T7278] pgscan 0
[  350.213580][ T7278] pgsteal 0
[  350.213580][ T7278] pgactivate 0
[  350.213580][ T7278] pgdeactivate 0
[  350.615178][ T7278] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=7278,uid=0
[  350.645922][    C1] net_ratelimit: 4 callbacks suppressed
[  350.645938][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  350.657372][    C1] protocol 88fb is buggy, dev hsr_slave_1
19:07:57 executing program 5:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r3, 0x0, 0x30005, 0x0)

[  350.664933][ T7278] Memory cgroup out of memory: Killed process 7278 (syz-executor.4) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:0
[  350.724992][ T7263] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  350.726247][ T1003] oom_reaper: reaped process 7278 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  350.749514][ T7263] CPU: 0 PID: 7263 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  350.757367][ T7263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  350.767417][ T7263] Call Trace:
[  350.770727][ T7263]  dump_stack+0xf5/0x159
[  350.775153][ T7263]  dump_header+0xaa/0x449
[  350.779502][ T7263]  oom_kill_process.cold+0x10/0x15
[  350.784790][ T7263]  out_of_memory+0x231/0xa00
[  350.789506][ T7263]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  350.795280][ T7263]  mem_cgroup_out_of_memory+0x128/0x150
[  350.800905][ T7263]  try_charge+0xb3a/0xbc0
[  350.805248][ T7263]  ? __tsan_write4+0x32/0x40
[  350.809982][ T7263]  ? __rcu_read_unlock+0x66/0x3c0
[  350.815019][ T7263]  __memcg_kmem_charge_memcg+0x4a/0xe0
[  350.820502][ T7263]  __memcg_kmem_charge+0xde/0x240
[  350.825598][ T7263]  copy_process+0x11d2/0x3b50
[  350.830337][ T7263]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  350.836075][ T7263]  _do_fork+0xfe/0x6e0
[  350.840163][ T7263]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  350.845826][ T7263]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  350.851476][ T7263]  ? __tsan_read8+0x2c/0x30
[  350.856084][ T7263]  __x64_sys_clone+0x12b/0x160
[  350.860928][ T7263]  do_syscall_64+0xcc/0x370
[  350.865458][ T7263]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  350.871347][ T7263] RIP: 0033:0x4584ca
[  350.875338][ T7263] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[  350.894968][ T7263] RSP: 002b:00007ffcbd3d5c20 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  350.903440][ T7263] RAX: ffffffffffffffda RBX: 00007ffcbd3d5c20 RCX: 00000000004584ca
[  350.911413][ T7263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  350.919393][ T7263] RBP: 00007ffcbd3d5c60 R08: 0000000000000001 R09: 0000000000a85940
[  350.927364][ T7263] R10: 0000000000a85c10 R11: 0000000000000246 R12: 0000000000000001
[  350.935339][ T7263] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffcbd3d5cb0
19:07:58 executing program 3:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  351.045924][ T7263] memory: usage 404kB, limit 0kB, failcnt 8
[  351.055928][ T7263] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  351.084840][ T7673] snd_dummy snd_dummy.0: control 0:0:0:
[  351.084840][ T7673] :0 is already present
[  351.087498][ T7263] Memory cgroup stats for /syz0:
[  351.087776][ T7263] anon 172032
[  351.087776][ T7263] file 0
[  351.087776][ T7263] kernel_stack 0
[  351.087776][ T7263] slab 135168
[  351.087776][ T7263] sock 0
[  351.087776][ T7263] shmem 0
[  351.087776][ T7263] file_mapped 0
[  351.087776][ T7263] file_dirty 0
[  351.087776][ T7263] file_writeback 0
[  351.087776][ T7263] anon_thp 0
[  351.087776][ T7263] inactive_anon 0
[  351.087776][ T7263] active_anon 86016
[  351.087776][ T7263] inactive_file 0
[  351.087776][ T7263] active_file 0
[  351.087776][ T7263] unevictable 0
[  351.087776][ T7263] slab_reclaimable 0
[  351.087776][ T7263] slab_unreclaimable 135168
[  351.087776][ T7263] pgfault 1254
[  351.087776][ T7263] pgmajfault 0
[  351.087776][ T7263] workingset_refault 0
[  351.087776][ T7263] workingset_activate 0
[  351.087776][ T7263] workingset_nodereclaim 0
[  351.087776][ T7263] pgrefill 0
[  351.087776][ T7263] pgscan 0
[  351.087776][ T7263] pgsteal 0
[  351.087776][ T7263] pgactivate 0
[  351.087776][ T7263] pgdeactivate 0
19:07:58 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x11, 0x4, 0x4, 0x3, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x3c)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000c88000)={r3, 0x0, &(0x7f000089b000)}, 0x20)

[  351.233415][ T7263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7263,uid=0
[  351.282608][ T7263] Memory cgroup out of memory: Killed process 7263 (syz-executor.0) total-vm:72452kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  351.349241][ T1003] oom_reaper: reaped process 7263 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  351.446590][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  351.452401][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  351.525891][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  351.531739][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  351.695878][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  351.701745][    C1] protocol 88fb is buggy, dev hsr_slave_1
19:07:59 executing program 0:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

[  352.111159][    T7] device bridge_slave_1 left promiscuous mode
[  352.130348][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.209758][    T7] device bridge_slave_0 left promiscuous mode
[  352.219004][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
19:07:59 executing program 4:
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000", 0x30}], 0x1}, 0x0)
r4 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r4, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000000ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e914b976c5b7e34", 0x53}], 0x1}, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0}, 0x20)
r7 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
keyctl$reject(0x13, 0x0, 0x4f1, 0xffffffff, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x8000)
write$cgroup_int(r6, 0x0, 0x0)

19:07:59 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

19:07:59 executing program 5:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r3, 0x0, 0x30005, 0x0)

[  352.433172][ T7686] snd_dummy snd_dummy.0: control 0:0:0:
[  352.433172][ T7686] :0 is already present
[  354.076161][    T7] device hsr_slave_0 left promiscuous mode
[  354.126040][    T7] device hsr_slave_1 left promiscuous mode
[  354.185276][    T7] team0 (unregistering): Port device team_slave_1 removed
[  354.197248][    T7] team0 (unregistering): Port device team_slave_0 removed
[  354.208768][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  354.260037][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  354.344982][    T7] bond0 (unregistering): Released all slaves
[  354.477889][ T7694] IPVS: ftp: loaded support on port[0] = 21
[  354.481288][ T7692] IPVS: ftp: loaded support on port[0] = 21
[  354.679807][ T7692] chnl_net:caif_netlink_parms(): no params data found
[  354.695439][ T7694] chnl_net:caif_netlink_parms(): no params data found
[  354.771315][ T7694] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.785892][ T7694] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.794117][ T7694] device bridge_slave_0 entered promiscuous mode
[  354.814488][ T7694] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.831083][ T7694] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.839890][ T7694] device bridge_slave_1 entered promiscuous mode
[  354.853057][ T7692] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.860729][ T7692] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.874687][ T7692] device bridge_slave_0 entered promiscuous mode
[  354.902429][ T7692] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.914912][ T7692] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.923616][ T7692] device bridge_slave_1 entered promiscuous mode
[  354.939706][ T7694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.985799][ T7694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.004401][ T7692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  355.056438][ T7692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.099320][ T7694] team0: Port device team_slave_0 added
[  355.107236][ T7694] team0: Port device team_slave_1 added
[  355.142451][ T7692] team0: Port device team_slave_0 added
[  355.172183][ T7692] team0: Port device team_slave_1 added
[  355.259070][ T7694] device hsr_slave_0 entered promiscuous mode
[  355.303932][ T7694] device hsr_slave_1 entered promiscuous mode
[  355.386099][ T7694] debugfs: Directory 'hsr0' with parent '/' already present!
[  355.404426][ T7699] IPVS: ftp: loaded support on port[0] = 21
[  355.404488][ T7700] IPVS: ftp: loaded support on port[0] = 21
[  355.478253][ T7692] device hsr_slave_0 entered promiscuous mode
[  355.516255][ T7692] device hsr_slave_1 entered promiscuous mode
[  355.576010][ T7692] debugfs: Directory 'hsr0' with parent '/' already present!
[  355.701474][ T7692] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.724147][ T7694] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.737403][ T7694] 8021q: adding VLAN 0 to HW filter on device team0
[  355.752751][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  355.761961][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  355.770654][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  355.780293][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  355.789275][ T3500] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.796358][ T3500] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.804591][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  355.813669][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  355.822174][ T3500] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.829257][ T3500] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.838254][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  355.856332][ T7692] 8021q: adding VLAN 0 to HW filter on device team0
[  355.867441][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  355.875427][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  355.883766][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  355.893242][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  355.902722][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  355.911529][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.918768][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.927442][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  355.992569][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  356.005032][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  356.013836][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  356.022467][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.029585][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.044499][ T7694] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  356.055267][ T7694] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  356.079711][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  356.088820][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  356.098988][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  356.107977][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  356.117145][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  356.126089][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  356.134851][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  356.143896][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  356.153003][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  356.162427][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  356.171162][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  356.194480][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  356.210988][ T7699] chnl_net:caif_netlink_parms(): no params data found
[  356.237184][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  356.246990][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  356.255747][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  356.264486][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  356.273698][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  356.312923][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  356.324581][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  356.336231][ T7692] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  356.347641][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  356.355252][ T7700] chnl_net:caif_netlink_parms(): no params data found
[  356.550373][ T7699] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.557625][ T7699] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.565409][ T7699] device bridge_slave_0 entered promiscuous mode
[  356.573381][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  356.582826][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  356.597140][ T7692] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.615382][ T7694] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.734145][ T7699] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.741633][ T7699] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.750269][ T7699] device bridge_slave_1 entered promiscuous mode
[  356.905636][ T7699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  356.917559][ T7699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.109592][ T7700] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.117510][ T7700] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.125640][ T7700] device bridge_slave_0 entered promiscuous mode
[  357.161245][ T7712] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  357.162392][ T7699] team0: Port device team_slave_0 added
[  357.172013][ T7712] CPU: 0 PID: 7712 Comm: syz-executor.1 Not tainted 5.4.0-rc3+ #0
[  357.181403][ T7699] team0: Port device team_slave_1 added
[  357.185059][ T7712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  357.200642][ T7712] Call Trace:
[  357.203990][ T7712]  dump_stack+0xf5/0x159
[  357.208248][ T7712]  dump_header+0xaa/0x449
[  357.212730][ T7712]  oom_kill_process.cold+0x10/0x15
[  357.217869][ T7712]  out_of_memory+0x231/0xa00
[  357.222450][ T7712]  ? preempt_schedule_common+0x37/0x90
[  357.227904][ T7712]  mem_cgroup_out_of_memory+0x128/0x150
[  357.233471][ T7712]  memory_max_write+0x17b/0x250
[  357.238323][ T7712]  cgroup_file_write+0x119/0x320
[  357.243321][ T7712]  ? high_work_func+0x30/0x30
[  357.248062][ T7712]  kernfs_fop_write+0x1f4/0x2e0
[  357.252907][ T7712]  ? cgroup_css.part.0+0x90/0x90
[  357.257864][ T7712]  __vfs_write+0x67/0xc0
[  357.262184][ T7712]  ? kernfs_seq_show+0xe0/0xe0
[  357.266934][ T7712]  vfs_write+0x18a/0x390
[  357.271166][ T7712]  ksys_write+0xd5/0x1b0
[  357.275400][ T7712]  __x64_sys_write+0x4c/0x60
[  357.280000][ T7712]  do_syscall_64+0xcc/0x370
[  357.284495][ T7712]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  357.290373][ T7712] RIP: 0033:0x459ef9
[  357.294263][ T7712] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  357.313857][ T7712] RSP: 002b:00007f678a251c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  357.322259][ T7712] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  357.330221][ T7712] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  357.338180][ T7712] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  357.346157][ T7712] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f678a2526d4
[  357.354245][ T7712] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
[  357.366343][ T7712] memory: usage 2536kB, limit 0kB, failcnt 21
[  357.372606][ T7712] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  357.379648][ T7712] Memory cgroup stats for /syz1:
[  357.381193][ T7712] anon 2187264
[  357.381193][ T7712] file 0
[  357.381193][ T7712] kernel_stack 0
[  357.381193][ T7712] slab 0
[  357.381193][ T7712] sock 0
[  357.381193][ T7712] shmem 0
[  357.381193][ T7712] file_mapped 0
[  357.381193][ T7712] file_dirty 0
[  357.381193][ T7712] file_writeback 0
[  357.381193][ T7712] anon_thp 2097152
[  357.381193][ T7712] inactive_anon 0
[  357.381193][ T7712] active_anon 2187264
[  357.381193][ T7712] inactive_file 0
[  357.381193][ T7712] active_file 0
[  357.381193][ T7712] unevictable 0
[  357.381193][ T7712] slab_reclaimable 0
[  357.381193][ T7712] slab_unreclaimable 0
[  357.381193][ T7712] pgfault 627
[  357.381193][ T7712] pgmajfault 0
[  357.381193][ T7712] workingset_refault 0
[  357.381193][ T7712] workingset_activate 0
[  357.381193][ T7712] workingset_nodereclaim 0
[  357.381193][ T7712] pgrefill 0
[  357.381193][ T7712] pgscan 0
[  357.381193][ T7712] pgsteal 0
[  357.381193][ T7712] pgactivate 0
[  357.381193][ T7712] pgdeactivate 0
[  357.389622][ T7699] device hsr_slave_0 entered promiscuous mode
[  357.488322][ T7712] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=7711,uid=0
[  357.514091][ T7712] Memory cgroup out of memory: Killed process 7711 (syz-executor.1) total-vm:72588kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  357.544720][ T1003] oom_reaper: reaped process 7711 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  357.556278][ T7699] device hsr_slave_1 entered promiscuous mode
[  357.615898][ T7699] debugfs: Directory 'hsr0' with parent '/' already present!
19:08:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

19:08:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

19:08:04 executing program 1:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$kcm(0x2, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x4, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000040)='&@[\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00')

[  357.796597][ T7692] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  357.808451][ T7692] CPU: 0 PID: 7692 Comm: syz-executor.1 Not tainted 5.4.0-rc3+ #0
[  357.816279][ T7692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  357.826431][ T7692] Call Trace:
[  357.829847][ T7692]  dump_stack+0xf5/0x159
[  357.834135][ T7692]  dump_header+0xaa/0x449
[  357.838622][ T7692]  oom_kill_process.cold+0x10/0x15
[  357.849939][ T7692]  out_of_memory+0x231/0xa00
[  357.854599][ T7692]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  357.860256][ T7692]  mem_cgroup_out_of_memory+0x128/0x150
[  357.865835][ T7692]  try_charge+0xb3a/0xbc0
[  357.870295][ T7692]  ? rcu_note_context_switch+0x700/0x760
[  357.875950][ T7692]  mem_cgroup_try_charge+0xd2/0x260
[  357.881234][ T7692]  mem_cgroup_try_charge_delay+0x3a/0x80
[  357.886881][ T7692]  wp_page_copy+0x322/0x1160
[  357.891515][ T7692]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  357.897165][ T7692]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  357.902880][ T7692]  do_wp_page+0x192/0x11f0
[  357.907313][ T7692]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  357.912959][ T7692]  __handle_mm_fault+0x1c07/0x2cb0
[  357.918096][ T7692]  handle_mm_fault+0x21b/0x530
[  357.922900][ T7692]  __do_page_fault+0x3fb/0x9e0
[  357.927760][ T7692]  do_page_fault+0x54/0x233
[  357.932289][ T7692]  ? prepare_exit_to_usermode+0x154/0x1a0
[  357.938113][ T7692]  page_fault+0x34/0x40
[  357.942281][ T7692] RIP: 0033:0x430fd6
[  357.946211][ T7692] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 0c 5d 64 00 85 c0 0f 84
[  357.965935][ T7692] RSP: 002b:00007ffcc478a290 EFLAGS: 00010206
[  357.972006][ T7692] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  357.979984][ T7692] RDX: 0000000000e40930 RSI: 0000000000e48970 RDI: 0000000000000003
[  357.987959][ T7692] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000e3f940
[  357.996024][ T7692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  358.004347][ T7692] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  358.043638][ T7720] snd_dummy snd_dummy.0: control 0:0:0:
[  358.043638][ T7720] :0 is already present
[  358.066402][ T7700] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.083762][ T7700] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.112486][ T7722] snd_dummy snd_dummy.0: control 0:0:0:
[  358.112486][ T7722] :0 is already present
[  358.126640][ T7700] device bridge_slave_1 entered promiscuous mode
[  358.158593][ T7692] memory: usage 220kB, limit 0kB, failcnt 29
[  358.175868][ T7692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
19:08:05 executing program 3:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2287, 0xfffffffffffffffe)

[  358.206139][ T7692] Memory cgroup stats for /syz1:
[  358.206425][ T7692] anon 40960
[  358.206425][ T7692] file 0
[  358.206425][ T7692] kernel_stack 0
[  358.206425][ T7692] slab 0
[  358.206425][ T7692] sock 0
[  358.206425][ T7692] shmem 0
[  358.206425][ T7692] file_mapped 0
[  358.206425][ T7692] file_dirty 0
[  358.206425][ T7692] file_writeback 0
[  358.206425][ T7692] anon_thp 0
[  358.206425][ T7692] inactive_anon 0
[  358.206425][ T7692] active_anon 40960
[  358.206425][ T7692] inactive_file 0
[  358.206425][ T7692] active_file 0
[  358.206425][ T7692] unevictable 0
[  358.206425][ T7692] slab_reclaimable 0
[  358.206425][ T7692] slab_unreclaimable 0
[  358.206425][ T7692] pgfault 627
[  358.206425][ T7692] pgmajfault 0
[  358.206425][ T7692] workingset_refault 0
[  358.206425][ T7692] workingset_activate 0
[  358.206425][ T7692] workingset_nodereclaim 0
[  358.206425][ T7692] pgrefill 0
[  358.206425][ T7692] pgscan 0
[  358.206425][ T7692] pgsteal 0
[  358.206425][ T7692] pgactivate 0
[  358.206425][ T7692] pgdeactivate 0
[  358.306092][ T7692] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=7692,uid=0
19:08:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

19:08:05 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
socket$inet(0xa, 0x0, 0x0)
pipe(0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)=@broute={'\n\x00oute\x00', 0x20, 0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20d9f000], 0x0, 0x0, 0x0}, 0xa8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x13c)
ioctl$KVM_GET_NR_MMU_PAGES(r0, 0xae45, 0x5)
openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x0, 0x0)
syz_open_dev$vbi(0x0, 0x3, 0x2)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dlm_plock\x00', 0x0, 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x7)
ioctl$KDADDIO(r1, 0x8925, 0x70e000)
perf_event_open(0x0, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x1)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00')
socket$kcm(0xa, 0x0, 0x73)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x73)
getsockname(r2, 0x0, &(0x7f000000ad00))
syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$inet6(0xa, 0x800, 0x3)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000980))
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000940)={0x0, @dev={0xac, 0x14, 0x14, 0xc}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)

19:08:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

[  358.574620][ T7730] snd_dummy snd_dummy.0: control 0:0:0:
[  358.574620][ T7730] :0 is already present
[  358.614149][ T7692] Memory cgroup out of memory: Killed process 7692 (syz-executor.1) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  358.655249][ T7738] snd_dummy snd_dummy.0: control 0:0:0:
[  358.655249][ T7738] :0 is already present
[  358.849479][ T7700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  358.859003][ T7740] sp0: Synchronizing with TNC
19:08:06 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/urandom\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rt_sigqueueinfo(0x0, 0x0, 0x0)
getrandom(&(0x7f0000000180)=""/40, 0x9db3ff6336c4215d, 0x2)
openat(0xffffffffffffffff, 0x0, 0x0, 0x26)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x0, 0x0)
fchown(0xffffffffffffffff, 0xee01, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)

[  359.358815][ T7700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.882556][ T7700] team0: Port device team_slave_0 added
[  359.900932][ T7700] team0: Port device team_slave_1 added
[  360.279775][ T7700] device hsr_slave_0 entered promiscuous mode
[  360.336399][ T7700] device hsr_slave_1 entered promiscuous mode
[  360.385899][ T7700] debugfs: Directory 'hsr0' with parent '/' already present!
[  360.542879][ T7699] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.569016][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  360.577637][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  360.587772][ T7699] 8021q: adding VLAN 0 to HW filter on device team0
[  360.666044][ T7724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  360.675065][ T7724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  360.684714][ T7724] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.691798][ T7724] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.717502][ T7699] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  360.733407][ T7699] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  360.751647][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  360.760061][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  360.769314][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  360.778947][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.786033][ T7274] bridge0: port 2(bridge_slave_1) entered forwarding state
[  360.794313][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  360.803765][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  360.813187][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  360.821875][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  360.831466][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  360.840461][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  360.850011][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  360.858853][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  360.868112][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  360.877019][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  360.885792][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  360.895019][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  360.935240][ T7699] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.013367][ T7700] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.027429][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  361.035678][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  361.046572][ T7700] 8021q: adding VLAN 0 to HW filter on device team0
[  361.086234][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  361.095321][ T7277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  361.126836][ T7277] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.133929][ T7277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.202468][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  361.210919][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  361.215049][ T7780] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  361.220672][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  361.221445][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.238393][ T7780] CPU: 1 PID: 7780 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  361.238964][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.245939][ T7780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  361.245946][ T7780] Call Trace:
[  361.245982][ T7780]  dump_stack+0xf5/0x159
[  361.246017][ T7780]  dump_header+0xaa/0x449
[  361.246062][ T7780]  oom_kill_process.cold+0x10/0x15
[  361.257134][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  361.261037][ T7780]  out_of_memory+0x231/0xa00
[  361.261096][ T7780]  ? preempt_schedule_common+0x37/0x90
[  361.272888][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  361.274449][ T7780]  mem_cgroup_out_of_memory+0x128/0x150
[  361.274528][ T7780]  memory_max_write+0x17b/0x250
[  361.280952][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  361.283083][ T7780]  cgroup_file_write+0x119/0x320
[  361.283127][ T7780]  ? high_work_func+0x30/0x30
[  361.289880][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  361.296105][ T7780]  kernfs_fop_write+0x1f4/0x2e0
[  361.296132][ T7780]  ? cgroup_css.part.0+0x90/0x90
[  361.296162][ T7780]  __vfs_write+0x67/0xc0
[  361.296188][ T7780]  ? kernfs_seq_show+0xe0/0xe0
[  361.296215][ T7780]  vfs_write+0x18a/0x390
[  361.296252][ T7780]  ksys_write+0xd5/0x1b0
[  361.302870][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  361.306281][ T7780]  __x64_sys_write+0x4c/0x60
[  361.306316][ T7780]  do_syscall_64+0xcc/0x370
[  361.306351][ T7780]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  361.306370][ T7780] RIP: 0033:0x459ef9
[  361.306407][ T7780] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  361.306420][ T7780] RSP: 002b:00007feb5afe9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  361.316182][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  361.319859][ T7780] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  361.332771][ T7700] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  361.337489][ T7780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  361.337503][ T7780] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  361.337519][ T7780] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb5afea6d4
[  361.337534][ T7780] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
[  361.491416][ T7780] memory: usage 2544kB, limit 0kB, failcnt 19
[  361.491969][ T7700] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  361.504899][ T7780] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  361.517785][ T7780] Memory cgroup stats for /syz0:
[  361.519465][ T7780] anon 2232320
[  361.519465][ T7780] file 0
[  361.519465][ T7780] kernel_stack 0
[  361.519465][ T7780] slab 135168
[  361.519465][ T7780] sock 0
[  361.519465][ T7780] shmem 0
[  361.519465][ T7780] file_mapped 0
[  361.519465][ T7780] file_dirty 0
[  361.519465][ T7780] file_writeback 0
[  361.519465][ T7780] anon_thp 2097152
[  361.519465][ T7780] inactive_anon 0
[  361.519465][ T7780] active_anon 2232320
[  361.519465][ T7780] inactive_file 0
[  361.519465][ T7780] active_file 0
[  361.519465][ T7780] unevictable 0
[  361.519465][ T7780] slab_reclaimable 0
[  361.519465][ T7780] slab_unreclaimable 135168
[  361.519465][ T7780] pgfault 1320
[  361.519465][ T7780] pgmajfault 0
[  361.519465][ T7780] workingset_refault 0
[  361.519465][ T7780] workingset_activate 0
[  361.519465][ T7780] workingset_nodereclaim 0
[  361.519465][ T7780] pgrefill 0
[  361.519465][ T7780] pgscan 0
[  361.519465][ T7780] pgsteal 0
[  361.519465][ T7780] pgactivate 0
[  361.519465][ T7780] pgdeactivate 0
[  361.620255][ T7780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7779,uid=0
[  361.636346][ T7780] Memory cgroup out of memory: Killed process 7779 (syz-executor.0) total-vm:72588kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  361.657878][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  361.658695][ T1003] oom_reaper: reaped process 7779 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  361.675345][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  361.684801][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  361.696544][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
19:08:08 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

[  361.705273][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  361.724263][ T7700] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.736583][ T7699] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0
[  361.761468][ T7699] CPU: 0 PID: 7699 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  361.769439][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  361.779513][ T7699] Call Trace:
[  361.782834][ T7699]  dump_stack+0xf5/0x159
[  361.787190][ T7699]  dump_header+0xaa/0x449
[  361.791517][ T7699]  oom_kill_process.cold+0x10/0x15
[  361.796618][ T7699]  out_of_memory+0x231/0xa00
[  361.801250][ T7699]  mem_cgroup_out_of_memory+0x128/0x150
[  361.806797][ T7699]  try_charge+0xb3a/0xbc0
[  361.811159][ T7699]  ? __tsan_read4+0x2c/0x30
[  361.815666][ T7699]  __memcg_kmem_charge_memcg+0x4a/0xe0
[  361.821151][ T7699]  cache_grow_begin+0x3ed/0x670
[  361.821190][ T7699]  fallback_alloc+0x161/0x1f0
[  361.830707][ T7699]  ____cache_alloc_node+0x1b1/0x1c0
[  361.830756][ T7699]  ? debug_smp_processor_id+0x4c/0x172
[  361.841368][ T7699]  kmem_cache_alloc+0x179/0x5d0
[  361.841406][ T7699]  __alloc_file+0x4d/0x210
[  361.841447][ T7699]  alloc_empty_file+0x8f/0x180
[  361.855441][ T7699]  path_openat+0x74/0x36e0
[  361.859874][ T7699]  ? ___cache_free+0x2e/0x320
[  361.864568][ T7699]  ? path_mountpoint+0x2eb/0xd70
[  361.869518][ T7699]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  361.875154][ T7699]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  361.880810][ T7699]  ? __sanitizer_cov_trace_switch+0x49/0x80
[  361.886722][ T7699]  do_filp_open+0x11e/0x1b0
[  361.891246][ T7699]  ? __tsan_read8+0x2c/0x30
[  361.895762][ T7699]  ? __alloc_fd+0x316/0x4c0
[  361.900302][ T7699]  do_sys_open+0x3b3/0x4f0
[  361.904727][ T7699]  __x64_sys_open+0x55/0x70
[  361.909338][ T7699]  do_syscall_64+0xcc/0x370
[  361.913855][ T7699]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  361.919757][ T7699] RIP: 0033:0x457e70
[  361.923687][ T7699] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00
[  361.943299][ T7699] RSP: 002b:00007ffc1e9f87a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000002
[  361.943325][ T7699] RAX: ffffffffffffffda RBX: 00000000000582bc RCX: 0000000000457e70
[  361.943354][ T7699] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffc1e9f9980
[  361.967705][ T7699] RBP: 0000000000000002 R08: 0000000000000001 R09: 000000000245e940
[  361.975682][ T7699] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffc1e9f9980
[  361.983654][ T7699] R13: 00007ffc1e9f9970 R14: 0000000000000000 R15: 00007ffc1e9f9980
[  361.993230][ T7699] memory: usage 248kB, limit 0kB, failcnt 35
[  362.000719][ T7699] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  362.010076][ T7699] Memory cgroup stats for /syz0:
[  362.010250][ T7699] anon 65536
[  362.010250][ T7699] file 0
[  362.010250][ T7699] kernel_stack 0
[  362.010250][ T7699] slab 135168
[  362.010250][ T7699] sock 0
[  362.010250][ T7699] shmem 0
[  362.010250][ T7699] file_mapped 0
[  362.010250][ T7699] file_dirty 0
[  362.010250][ T7699] file_writeback 0
[  362.010250][ T7699] anon_thp 0
[  362.010250][ T7699] inactive_anon 0
[  362.010250][ T7699] active_anon 65536
[  362.010250][ T7699] inactive_file 0
[  362.010250][ T7699] active_file 0
[  362.010250][ T7699] unevictable 0
[  362.010250][ T7699] slab_reclaimable 0
[  362.010250][ T7699] slab_unreclaimable 135168
[  362.010250][ T7699] pgfault 1320
[  362.010250][ T7699] pgmajfault 0
[  362.010250][ T7699] workingset_refault 0
[  362.010250][ T7699] workingset_activate 0
[  362.010250][ T7699] workingset_nodereclaim 0
[  362.010250][ T7699] pgrefill 34
[  362.010250][ T7699] pgscan 33
[  362.010250][ T7699] pgsteal 0
[  362.010250][ T7699] pgactivate 33
[  362.010250][ T7699] pgdeactivate 34
[  362.011296][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  362.018746][ T7699] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7699,uid=0
[  362.134869][ T7699] Memory cgroup out of memory: Killed process 7699 (syz-executor.0) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  362.153642][ T1003] oom_reaper: reaped process 7699 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  362.207330][    T7] device bridge_slave_1 left promiscuous mode
[  362.213646][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.305969][    T7] device bridge_slave_0 left promiscuous mode
[  362.312280][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.356616][ T7795] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  362.367067][ T7795] CPU: 0 PID: 7795 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  362.374859][ T7795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.384924][ T7795] Call Trace:
[  362.388221][ T7795]  dump_stack+0xf5/0x159
[  362.392461][ T7795]  dump_header+0xaa/0x449
[  362.396786][ T7795]  oom_kill_process.cold+0x10/0x15
[  362.401889][ T7795]  out_of_memory+0x231/0xa00
[  362.406475][ T7795]  ? preempt_schedule_common+0x37/0x90
[  362.411955][ T7795]  mem_cgroup_out_of_memory+0x128/0x150
[  362.417531][ T7795]  memory_max_write+0x17b/0x250
[  362.422388][ T7795]  cgroup_file_write+0x119/0x320
[  362.427328][ T7795]  ? high_work_func+0x30/0x30
[  362.432014][ T7795]  kernfs_fop_write+0x1f4/0x2e0
[  362.436878][ T7795]  ? cgroup_css.part.0+0x90/0x90
[  362.441803][ T7795]  __vfs_write+0x67/0xc0
[  362.446038][ T7795]  ? kernfs_seq_show+0xe0/0xe0
[  362.450805][ T7795]  vfs_write+0x18a/0x390
[  362.455051][ T7795]  ksys_write+0xd5/0x1b0
[  362.459284][ T7795]  __x64_sys_write+0x4c/0x60
[  362.463870][ T7795]  do_syscall_64+0xcc/0x370
[  362.468386][ T7795]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  362.474298][ T7795] RIP: 0033:0x459ef9
[  362.478204][ T7795] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  362.497797][ T7795] RSP: 002b:00007fc4e5e1dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  362.506202][ T7795] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459ef9
[  362.514158][ T7795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  362.522114][ T7795] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  362.530092][ T7795] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc4e5e1e6d4
[  362.538063][ T7795] R13: 00000000004ca4f4 R14: 00000000004e23a8 R15: 00000000ffffffff
[  362.549082][    T7] device bridge_slave_1 left promiscuous mode
[  362.551458][ T7795] memory: usage 2692kB, limit 0kB, failcnt 13
[  362.555362][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.561509][ T7795] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  362.578966][ T7795] Memory cgroup stats for /syz4:
[  362.580742][ T7795] anon 2220032
[  362.580742][ T7795] file 0
[  362.580742][ T7795] kernel_stack 36864
[  362.580742][ T7795] slab 303104
[  362.580742][ T7795] sock 0
[  362.580742][ T7795] shmem 0
[  362.580742][ T7795] file_mapped 0
[  362.580742][ T7795] file_dirty 0
[  362.580742][ T7795] file_writeback 0
[  362.580742][ T7795] anon_thp 2097152
[  362.580742][ T7795] inactive_anon 0
[  362.580742][ T7795] active_anon 2220032
[  362.580742][ T7795] inactive_file 0
[  362.580742][ T7795] active_file 0
[  362.580742][ T7795] unevictable 0
[  362.580742][ T7795] slab_reclaimable 135168
[  362.580742][ T7795] slab_unreclaimable 167936
[  362.580742][ T7795] pgfault 792
[  362.580742][ T7795] pgmajfault 0
[  362.580742][ T7795] workingset_refault 0
[  362.580742][ T7795] workingset_activate 0
[  362.580742][ T7795] workingset_nodereclaim 0
[  362.580742][ T7795] pgrefill 0
[  362.580742][ T7795] pgscan 0
[  362.580742][ T7795] pgsteal 0
[  362.580742][ T7795] pgactivate 0
[  362.679365][ T7795] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=7794,uid=0
19:08:09 executing program 1:
r0 = socket$unix(0x1, 0x2000000000001, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x80000001)
recvmmsg(r0, &(0x7f0000005c40)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0)
shutdown(r2, 0x1)

[  362.696088][ T7795] Memory cgroup out of memory: Killed process 7794 (syz-executor.4) total-vm:72588kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  362.717430][ T1003] oom_reaper: reaped process 7794 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  362.717794][    T7] device bridge_slave_0 left promiscuous mode
[  362.734768][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
19:08:09 executing program 0:
mmap(&(0x7f0000ee5000/0x1000)=nil, 0x1000, 0x5, 0x2aeb4800bb21a972, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000ee5000)={{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @initdev}}, 0x5c)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x10002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuset.effective_cpus\x00', 0x26e1, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$alg(0x26, 0x5, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, 0x0, 0x0)
socket$inet6(0xa, 0x9, 0x7fc)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000d80)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b6a10c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd3781dd4d4e609c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a18de80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d5683ee4ad5ded9a34c00ac1b03f34627ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9fafefaf546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14", 0x34f, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
r1 = socket(0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

19:08:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b5000000000800000000080008000100000008020500ac14341b080003000800050f01"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
lgetxattr(0x0, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000000)={0xffffffffffffc14e, 0x0, 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19:08:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xce08}, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$setstatus(r2, 0x4, 0x2000)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x440000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x0, '\n\x00\x00\xff\xff\xff\xff\xfa\xff\x00\x00\x00\x00\x7f\x00\xee\x00'}, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
connect(0xffffffffffffffff, &(0x7f0000000180)=@generic={0x0, "25d202cab80bda45beca727edb327ee02150680c5cfe1e5b797d841729b26c09fc6327f2a5e53375cb50fe71ce24d42dae71167cea76a84ef393043ddd574812bd68e3e14c2be2b4fe212a48d6d285995119e132784c78500f9e3915bfcaad4c225d3cf6a63af7f50d769e3a4c3a6404ef7af7195e3f15d921c8a1de3b0f"}, 0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

[  362.768247][ T7700] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  362.789857][ T7700] CPU: 1 PID: 7700 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  362.792542][    T7] device bridge_slave_1 left promiscuous mode
[  362.797702][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.797744][ T7700] Call Trace:
[  362.797781][ T7700]  dump_stack+0xf5/0x159
[  362.797812][ T7700]  dump_header+0xaa/0x449
[  362.797864][ T7700]  oom_kill_process.cold+0x10/0x15
[  362.825325][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.826057][ T7700]  out_of_memory+0x231/0xa00
[  362.826083][ T7700]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  362.826194][ T7700]  mem_cgroup_out_of_memory+0x128/0x150
[  362.854056][ T7700]  try_charge+0xb3a/0xbc0
[  362.858485][ T7700]  ? rcu_note_context_switch+0x700/0x760
[  362.864205][ T7700]  mem_cgroup_try_charge+0xd2/0x260
[  362.869514][ T7700]  mem_cgroup_try_charge_delay+0x3a/0x80
[  362.875238][ T7700]  wp_page_copy+0x322/0x1160
[  362.879858][ T7700]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  362.885527][ T7700]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  362.891198][ T7700]  do_wp_page+0x192/0x11f0
[  362.895638][ T7700]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[  362.901351][ T7700]  __handle_mm_fault+0x1c07/0x2cb0
[  362.906571][ T7700]  handle_mm_fault+0x21b/0x530
[  362.911368][ T7700]  __do_page_fault+0x3fb/0x9e0
[  362.916206][ T7700]  do_page_fault+0x54/0x233
[  362.920734][ T7700]  ? prepare_exit_to_usermode+0x154/0x1a0
[  362.926468][ T7700]  page_fault+0x34/0x40
[  362.930628][ T7700] RIP: 0033:0x430fd6
[  362.934660][ T7700] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 0c 5d 64 00 85 c0 0f 84
[  362.955224][ T7700] RSP: 002b:00007ffdb1b8a090 EFLAGS: 00010206
[  362.961309][ T7700] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  362.969375][ T7700] RDX: 00000000019a5930 RSI: 00000000019ad970 RDI: 0000000000000003
[  362.977385][ T7700] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000019a4940
[  362.985419][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  362.993461][ T7700] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
19:08:10 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={[], [], @multicast2}, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x4d5, 0x3c}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

[  363.016910][    T7] device bridge_slave_0 left promiscuous mode
[  363.026012][ T7700] memory: usage 388kB, limit 0kB, failcnt 21
[  363.033242][ T7700] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  363.042058][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.059705][ T7798] snd_dummy snd_dummy.0: control 0:0:0:
[  363.059705][ T7798] :0 is already present
[  363.080325][ T7700] Memory cgroup stats for /syz4:
[  363.080593][ T7700] anon 102400
[  363.080593][ T7700] file 0
[  363.080593][ T7700] kernel_stack 36864
[  363.080593][ T7700] slab 303104
[  363.080593][ T7700] sock 0
[  363.080593][ T7700] shmem 0
[  363.080593][ T7700] file_mapped 0
[  363.080593][ T7700] file_dirty 0
[  363.080593][ T7700] file_writeback 0
[  363.080593][ T7700] anon_thp 0
[  363.080593][ T7700] inactive_anon 0
[  363.080593][ T7700] active_anon 102400
[  363.080593][ T7700] inactive_file 0
[  363.080593][ T7700] active_file 0
[  363.080593][ T7700] unevictable 0
[  363.080593][ T7700] slab_reclaimable 135168
[  363.080593][ T7700] slab_unreclaimable 167936
[  363.080593][ T7700] pgfault 792
[  363.080593][ T7700] pgmajfault 0
[  363.080593][ T7700] workingset_refault 0
[  363.080593][ T7700] workingset_activate 0
[  363.080593][ T7700] workingset_nodereclaim 0
[  363.080593][ T7700] pgrefill 0
[  363.080593][ T7700] pgscan 0
[  363.080593][ T7700] pgsteal 0
[  363.080593][ T7700] pgactivate 0
[  363.080593][ T7700] pgdeactivate 0
19:08:10 executing program 5:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000007c0)={'vcan0\x00', <r1=>0x0})
connect(r0, &(0x7f0000000740)=@ll={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x80)
sendmsg$can_bcm(r0, &(0x7f00000000c0)={0x0, 0x1f0, &(0x7f00000001c0)={&(0x7f0000000400)={0x1, 0x0, 0x0, {0x0, 0x2710}, {}, {}, 0x1, @can={{}, 0xfe, 0x0, 0x0, 0x0, "1c140800"}}, 0x48}}, 0x0)

[  363.475912][ T7700] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=7700,uid=0
[  363.537872][ T7700] Memory cgroup out of memory: Killed process 7700 (syz-executor.4) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  363.576565][ T1003] oom_reaper: reaped process 7700 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  366.686164][    T7] device hsr_slave_0 left promiscuous mode
[  366.756004][    T7] device hsr_slave_1 left promiscuous mode
[  366.815425][    T7] team0 (unregistering): Port device team_slave_1 removed
[  366.827869][    T7] team0 (unregistering): Port device team_slave_0 removed
[  366.840751][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  366.881118][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  366.945117][    T7] bond0 (unregistering): Released all slaves
[  367.176311][    T7] device hsr_slave_0 left promiscuous mode
[  367.225885][    T7] device hsr_slave_1 left promiscuous mode
[  367.305308][    T7] team0 (unregistering): Port device team_slave_1 removed
[  367.316625][    T7] team0 (unregistering): Port device team_slave_0 removed
[  367.327690][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.381556][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.466380][    T7] bond0 (unregistering): Released all slaves
[  367.616362][    T7] device hsr_slave_0 left promiscuous mode
[  367.656021][    T7] device hsr_slave_1 left promiscuous mode
[  367.705616][    T7] team0 (unregistering): Port device team_slave_1 removed
[  367.717586][    T7] team0 (unregistering): Port device team_slave_0 removed
[  367.729156][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.791309][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.875581][    T7] bond0 (unregistering): Released all slaves
19:08:15 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:08:15 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:08:15 executing program 4:
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, "20d1d316f4296853a5a47f86320e507368da6fe038fb58c08c51a2eae7ed1b30"}})
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffaa, &(0x7f00000000c0))

19:08:15 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:08:15 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1)

19:08:15 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

[  370.887082][ T7807] IPVS: ftp: loaded support on port[0] = 21
[  370.891956][ T7809] IPVS: ftp: loaded support on port[0] = 21
[  370.905124][ T7823] IPVS: ftp: loaded support on port[0] = 21
[  371.067670][ T7807] chnl_net:caif_netlink_parms(): no params data found
[  371.352040][ T7809] chnl_net:caif_netlink_parms(): no params data found
[  371.422403][ T7823] chnl_net:caif_netlink_parms(): no params data found
[  371.443275][ T7807] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.451190][ T7807] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.465659][ T7807] device bridge_slave_0 entered promiscuous mode
[  371.631257][ T7807] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.638890][ T7807] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.647458][ T7807] device bridge_slave_1 entered promiscuous mode
[  371.672524][ T7809] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.679711][ T7809] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.688450][ T7809] device bridge_slave_0 entered promiscuous mode
[  371.696303][ T7809] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.703349][ T7809] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.711485][ T7809] device bridge_slave_1 entered promiscuous mode
[  371.842770][ T7807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  371.875487][ T7807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  371.912556][ T7809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  371.921738][ T7823] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.930239][ T7823] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.938272][ T7823] device bridge_slave_0 entered promiscuous mode
[  371.946755][ T7807] team0: Port device team_slave_0 added
[  371.952948][ T7823] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.960599][ T7823] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.968626][ T7823] device bridge_slave_1 entered promiscuous mode
[  371.978221][ T7809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  371.989019][ T7807] team0: Port device team_slave_1 added
[  372.142442][ T7823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.155422][ T7823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  372.184712][ T7809] team0: Port device team_slave_0 added
[  372.210018][ T7823] team0: Port device team_slave_0 added
[  372.336722][ T7809] team0: Port device team_slave_1 added
[  372.399306][ T7807] device hsr_slave_0 entered promiscuous mode
[  372.436451][ T7807] device hsr_slave_1 entered promiscuous mode
[  372.478942][ T7823] team0: Port device team_slave_1 added
[  372.658498][ T7809] device hsr_slave_0 entered promiscuous mode
[  372.696297][ T7809] device hsr_slave_1 entered promiscuous mode
[  372.765971][ T7809] debugfs: Directory 'hsr0' with parent '/' already present!
[  372.968914][ T7823] device hsr_slave_0 entered promiscuous mode
[  373.006529][ T7823] device hsr_slave_1 entered promiscuous mode
[  373.045935][ T7823] debugfs: Directory 'hsr0' with parent '/' already present!
[  373.342375][ T7809] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.367910][    T7] device bridge_slave_1 left promiscuous mode
[  373.374209][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.406917][    T7] device bridge_slave_0 left promiscuous mode
[  373.413130][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.467726][    T7] device bridge_slave_1 left promiscuous mode
[  373.474048][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.526763][    T7] device bridge_slave_0 left promiscuous mode
[  373.533060][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.577870][    T7] device bridge_slave_1 left promiscuous mode
[  373.584085][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.636752][    T7] device bridge_slave_0 left promiscuous mode
[  373.643015][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.687487][    T7] device bridge_slave_1 left promiscuous mode
[  373.693679][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.746715][    T7] device bridge_slave_0 left promiscuous mode
[  373.752933][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.866889][    T7] device hsr_slave_0 left promiscuous mode
[  376.906087][    T7] device hsr_slave_1 left promiscuous mode
[  376.984066][    T7] team0 (unregistering): Port device team_slave_1 removed
[  376.995436][    T7] team0 (unregistering): Port device team_slave_0 removed
[  377.006519][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.070029][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.152303][    T7] bond0 (unregistering): Released all slaves
[  377.276363][    T7] device hsr_slave_0 left promiscuous mode
[  377.316012][    T7] device hsr_slave_1 left promiscuous mode
[  377.373598][    T7] team0 (unregistering): Port device team_slave_1 removed
[  377.384258][    T7] team0 (unregistering): Port device team_slave_0 removed
[  377.395260][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.431401][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.516755][    T7] bond0 (unregistering): Released all slaves
[  377.666436][    T7] device hsr_slave_0 left promiscuous mode
[  377.715991][    T7] device hsr_slave_1 left promiscuous mode
[  377.783146][    T7] team0 (unregistering): Port device team_slave_1 removed
[  377.794053][    T7] team0 (unregistering): Port device team_slave_0 removed
[  377.805161][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.843084][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.927187][    T7] bond0 (unregistering): Released all slaves
[  378.056453][    T7] device hsr_slave_0 left promiscuous mode
[  378.126014][    T7] device hsr_slave_1 left promiscuous mode
[  378.185377][    T7] team0 (unregistering): Port device team_slave_1 removed
[  378.201608][    T7] team0 (unregistering): Port device team_slave_0 removed
[  378.212918][    T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.250252][    T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.332481][    T7] bond0 (unregistering): Released all slaves
[  378.440552][ T7807] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.450774][ T7809] 8021q: adding VLAN 0 to HW filter on device team0
[  378.458389][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  378.466683][ T3500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  378.478912][ T7823] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.494200][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  378.504963][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  378.513828][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.521018][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.536833][ T7823] 8021q: adding VLAN 0 to HW filter on device team0
[  378.547301][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  378.555305][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  378.564139][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  378.572871][ T7330] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.579989][ T7330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.588887][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  378.598164][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  378.606027][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  378.613662][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  378.622822][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  378.630691][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  378.638861][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  378.647717][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  378.659788][ T7807] 8021q: adding VLAN 0 to HW filter on device team0
[  378.672713][ T7809] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  378.683903][ T7809] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  378.695991][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  378.704271][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  378.713102][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  378.721614][ T7330] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.728742][ T7330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.737287][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  378.746062][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  378.754786][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  378.763792][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  378.772404][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  378.780911][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  378.789506][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  378.797838][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  378.816054][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  378.824874][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  378.833885][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.841007][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.850019][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  378.859324][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  378.868762][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  378.877578][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  378.886577][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  378.895242][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  378.903871][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.910948][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.919505][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  378.928184][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  378.949048][ T7823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  378.959696][ T7823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  378.971356][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  378.980821][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  378.990473][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  378.999227][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  379.008047][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  379.016755][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  379.025266][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  379.038618][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  379.047826][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  379.056737][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.063780][ T7274] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.072642][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  379.085602][ T7809] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.111181][ T7823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.123881][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  379.137858][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  379.149368][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  379.159048][ T7274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  379.207208][ T7724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  379.216590][ T7724] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  379.330520][ T7807] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  379.355863][ T7807] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  379.404130][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  379.438751][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  379.465592][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  379.484331][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  379.510856][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  379.631998][ T7807] 8021q: adding VLAN 0 to HW filter on device batadv0
19:08:27 executing program 1:
syz_mount_image$xfs(&(0x7f00000000c0)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x8000000000, 0x1, &(0x7f0000001540)=[{&(0x7f0000001400)='XFSB', 0x4}], 0x0, 0xfffffffffffffffe)

19:08:27 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:08:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b5000000000800000000080008000100000008020500ac14341b080003000800050f01"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
lgetxattr(0x0, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000000)={0xffffffffffffc14e, 0x0, 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19:08:27 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x17}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
creat(0x0, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040400)
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000040))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'})
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x8}, 0x8)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

[  380.575261][ T7881] bond0: (slave bond_slave_1): Releasing backup interface
[  380.646485][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  380.652825][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  380.727193][ T7889] XFS (loop1): device supports 512 byte sectors (not 0)
19:08:28 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee00, r2, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xb, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)

[  381.724556][ T7901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
19:08:30 executing program 5:
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
ioctl$SIOCAX25CTLCON(r0, 0x890c, &(0x7f0000000000)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, 0x0, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @bcast, @bcast]})

19:08:30 executing program 1:
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x4003fd)
fallocate(r1, 0x3, 0x0, 0x7fff)
fallocate(r0, 0x11, 0x0, 0x9000000)

19:08:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b5000000000800000000080008000100000008020500ac14341b080003000800050f01"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
lgetxattr(0x0, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000000)={0xffffffffffffc14e, 0x0, 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19:08:30 executing program 2:
r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0xb, r0, &(0x7f0000000000), 0x0)

[  383.465684][ T7828] IPVS: ftp: loaded support on port[0] = 21
[  383.586825][   T25] kauditd_printk_skb: 3 callbacks suppressed
[  383.586849][   T25] audit: type=1800 audit(1571857710.753:65): pid=7919 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16628 res=0
[  383.657445][ T7828] chnl_net:caif_netlink_parms(): no params data found
[  383.774533][ T7828] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.850040][ T7828] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.858914][ T7828] device bridge_slave_0 entered promiscuous mode
[  383.877238][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.891803][ T7828] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.932234][ T7828] device bridge_slave_1 entered promiscuous mode
[  383.952527][ T7828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.963550][ T7828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.984848][ T7828] team0: Port device team_slave_0 added
[  383.991914][ T7828] team0: Port device team_slave_1 added
[  384.049417][ T7828] device hsr_slave_0 entered promiscuous mode
[  384.087054][ T7828] device hsr_slave_1 entered promiscuous mode
[  384.125988][ T7828] debugfs: Directory 'hsr0' with parent '/' already present!
[  384.138202][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.145277][ T7828] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.152678][ T7828] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.159777][ T7828] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.184601][ T7828] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.194511][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  384.203308][ T7330] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.211687][ T7330] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.221603][ T7330] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  384.234262][ T7828] 8021q: adding VLAN 0 to HW filter on device team0
[  384.245705][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  384.254387][ T7297] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.261441][ T7297] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.280270][ T7828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  384.290831][ T7828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  384.304082][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  384.312692][ T7297] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.319751][ T7297] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.329572][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  384.338548][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  384.348670][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  384.357367][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  384.366011][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  384.373910][ T7297] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  384.391474][ T7828] 8021q: adding VLAN 0 to HW filter on device batadv0
19:08:32 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x101041, 0x0)
r4 = socket(0x11, 0x800000003, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc)
setsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000940)={r5, @dev={0xac, 0x14, 0x14, 0x1e}, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000580)={'vcan0\x00', r5})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r6, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a800000008eee3df45282e5c18aec01e58ab27e0b267a29624448dd533318db247504797218f340a53b70c60227ee14136b8f15814d8ccf5f4f14982f869617153c83bc2285e08fac51694ed3334c8cbfd063d86cda44184ae69df51e645dcc2493d02566b10872344c1c64503b56c91725b554627bdc88366", @ANYRES16=r7, @ANYBLOB="01002bbd7000fedbdf2502000000940004000c00010073797a31000000005400070008000400ff0700000800040000000100080003000400000008000200002040000800020001000100080003008100000008000300de00000008000300060004000500000008000400800000000c00010073797a30000000000c00010073797a31000000000c00010073797a31000000000c00010073797a3100000000000000000b18fa29d9f23ff12b27ffbf37888d972f2ac0a1455aaea0c000d278dcc0a9c3e52d68f4643125f9f7325a7c491ac69f835a61b8571f33d690972eda9a4285599e1bf2cb2a6b33a61337df4aface30b0c61d96155813b18c2782cc580368e703049a04de82b018d1952df67156c652e15b451a6f51ac5f976646e5c00768d8bfe93d96b608313434171e7782de74aed40b089ab9ce550b56c031bab0cf66584427dcdb24c26e748f069015dfa82680a20f6e1e84180993b9fc16192a78c3f9ca3b739600"/367], 0xa8}, 0x1, 0x0, 0x0, 0x2d6769bf5d4e1cc3}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@empty, @in6}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x0, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x13012, 0xffffffffffffffff, 0x0)
r8 = socket(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c)
r9 = socket(0xa, 0x4000000001, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001580)={<r10=>0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={r10, @loopback, @remote}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc)
ioctl$sock_inet_SIOCGIFPFLAGS(r9, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9})
fcntl$getown(r8, 0x9)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff000d000000020000000b000000ec0079c913000180f0ffffebffff6e263f", 0x29}], 0x1}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xff, &(0x7f0000000080)=[{&(0x7f0000000040)="2f0000001c0005c5ffffff080d0000000200001f01000000190102", 0x1cb}], 0x1}, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r11, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

19:08:32 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x17}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
creat(0x0, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040400)
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000040))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'})
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x8}, 0x8)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

19:08:32 executing program 5:
r0 = epoll_create1(0x0)
r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
r2 = fanotify_init(0x0, 0x0)
fanotify_mark(r2, 0x9, 0x48000011, r1, 0x0)

19:08:32 executing program 2:
kexec_load(0x0, 0x0, 0x0, 0x0)

19:08:32 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000140)=""/12, 0xfdad}], 0x1, 0xbfffd000)

19:08:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b5000000000800000000080008000100000008020500ac14341b080003000800050f01"], 0x1}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000010000/0x1000)=nil})
lgetxattr(0x0, &(0x7f00000000c0)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000000)={0xffffffffffffc14e, 0x0, 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  385.559969][ T7947] bond0: (slave bond_slave_1): Releasing backup interface
19:08:32 executing program 5:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000005e000308000000ff00000000000000000000000008a560c77e5aff9fefebf9ae20ba855acbbe72f36b6744dcd8d2476d0479b7d4380144abbbb4bc94819c02dd68561939066d757a3cc10eb32cfff351241344ccaa7e9c384feb9ad9abb13edfc987bdd068d91ea0d158b807e25f50a9f6d1cb0358f3c48e04aefbb1a343c66951eb0e7fc31476cf350ff8e129b3a1c6ad92f7a330784b2cd5bccf4e784af566a7a08023555d19f6c04047d2a966d6db6b74282842d8641adcc1d091c498e47f31c1d069ad3ee9c5a07656b173bb218ca052304eadbf4be819f33bbb720e7f36e2087c094c7875011b4130c7318ad30861b5", @ANYRES32=0x0], 0x20}}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x218fe53f1794f59, 0x0)

19:08:32 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

19:08:32 executing program 3:
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe)
keyctl$update(0x2, r2, &(0x7f0000000240)="db40951195b65329509626699071a860088261af3fd5f91a922ac7", 0xb2)
r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r3, r2}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
ioctl$SCSI_IOCTL_SYNC(r5, 0x4)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r5, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r5, r6, 0x0, 0x7fffffa7)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r7, r5, 0x0, 0xffffffff)
r8 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000140)=[{&(0x7f0000000100)='P', 0x1}, {&(0x7f0000000340)}], 0x2, r8)
pipe(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$setpipe(r10, 0x407, 0x0)
write(r10, &(0x7f0000000340), 0x41395527)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x25d)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10)

[  385.687308][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  385.693127][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  386.005608][   T25] audit: type=1800 audit(1571857713.163:66): pid=7967 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16662 res=0
19:08:33 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  386.087658][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  386.093584][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  386.106729][   T25] audit: type=1804 audit(1571857713.193:67): pid=7967 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir798646525/syzkaller.3gmxoG/4/file0" dev="sda1" ino=16662 res=1
[  386.152077][   T25] audit: type=1804 audit(1571857713.263:68): pid=7968 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir798646525/syzkaller.3gmxoG/4/file0" dev="sda1" ino=16662 res=1
[  386.565926][    C1] protocol 88fb is buggy, dev hsr_slave_0
19:08:33 executing program 1:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000d04000/0x2000)=nil, 0x2000, 0xe000, 0x3, &(0x7f0000fc3000/0xe000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mprotect(&(0x7f00008e1000/0x2000)=nil, 0x2000, 0x2)

19:08:33 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  386.735504][   T25] audit: type=1804 audit(1571857713.893:69): pid=7973 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir798646525/syzkaller.3gmxoG/4/file0" dev="sda1" ino=16662 res=1
[  386.919612][   T25] audit: type=1804 audit(1571857713.893:70): pid=7969 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir798646525/syzkaller.3gmxoG/4/file0" dev="sda1" ino=16662 res=1
19:08:34 executing program 0:
r0 = socket$inet(0x2, 0x200000002, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x1, 0x4)
syz_emit_ethernet(0x3b, &(0x7f0000000100)={@link_local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, @udp={0x0, 0x4e21, 0x19, 0x0, [], "ba6227b6c01a6c2535a446a808f6dbb35c"}}}}}, 0x0)

19:08:34 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x17}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
creat(0x0, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040400)
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000040))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'})
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x8}, 0x8)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

19:08:34 executing program 3:
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe)
keyctl$update(0x2, r2, &(0x7f0000000240)="db40951195b65329509626699071a860088261af3fd5f91a922ac7", 0xb2)
r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r3, r2}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
ioctl$SCSI_IOCTL_SYNC(r5, 0x4)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r5, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r5, r6, 0x0, 0x7fffffa7)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r7, r5, 0x0, 0xffffffff)
r8 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000140)=[{&(0x7f0000000100)='P', 0x1}, {&(0x7f0000000340)}], 0x2, r8)
pipe(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$setpipe(r10, 0x407, 0x0)
write(r10, &(0x7f0000000340), 0x41395527)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x25d)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10)

19:08:34 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

19:08:34 executing program 1:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000d04000/0x2000)=nil, 0x2000, 0xe000, 0x3, &(0x7f0000fc3000/0xe000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mprotect(&(0x7f00008e1000/0x2000)=nil, 0x2000, 0x2)

19:08:34 executing program 5:
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe)
keyctl$update(0x2, r2, &(0x7f0000000240)="db40951195b65329509626699071a860088261af3fd5f91a922ac7", 0xb2)
r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r3, r2}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
ioctl$SCSI_IOCTL_SYNC(r5, 0x4)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r5, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r5, r6, 0x0, 0x7fffffa7)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r7, r5, 0x0, 0xffffffff)
r8 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000140)=[{&(0x7f0000000100)='P', 0x1}, {&(0x7f0000000340)}], 0x2, r8)
pipe(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$setpipe(r10, 0x407, 0x0)
write(r10, &(0x7f0000000340), 0x41395527)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x25d)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10)

19:08:34 executing program 0:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000d04000/0x2000)=nil, 0x2000, 0xe000, 0x3, &(0x7f0000fc3000/0xe000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mprotect(&(0x7f00008e1000/0x2000)=nil, 0x2000, 0x2)

[  387.496598][   T25] audit: type=1800 audit(1571857714.663:71): pid=8008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16667 res=0
[  387.596052][   T25] audit: type=1800 audit(1571857714.683:72): pid=8009 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16668 res=0
[  387.862176][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  387.868162][    C1] protocol 88fb is buggy, dev hsr_slave_1
19:08:35 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000280)={0x40000000000002, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000400)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev}}}, 0x108)

[  387.899501][   T25] audit: type=1804 audit(1571857714.683:73): pid=8008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir539060911/syzkaller.9njEe2/24/file0" dev="sda1" ino=16667 res=1
[  387.925109][   T25] audit: type=1804 audit(1571857714.693:74): pid=8009 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir798646525/syzkaller.3gmxoG/5/file0" dev="sda1" ino=16668 res=1
[  388.153106][ T8007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  388.165907][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  388.171803][    C1] protocol 88fb is buggy, dev hsr_slave_1
19:08:35 executing program 0:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000d04000/0x2000)=nil, 0x2000, 0xe000, 0x3, &(0x7f0000fc3000/0xe000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mprotect(&(0x7f00008e1000/0x2000)=nil, 0x2000, 0x2)

19:08:35 executing program 2:
r0 = socket(0x30002000000010, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write(r0, &(0x7f00000004c0)="fc00000049000702ab092500090017000aab07ff03000000000a769321000100ff01000a0005d0000000800009039815fa2c1ec28656aaa79bb94b59fe100000bc000200000d6c6c256f1a272f2e11a4a6f9607668bf043eaa2a911e98cc3f8a2fcb5d7bd5afaa8934d0730700000020d7d5bbc91a3e2e80772c05defd5a32e280fc83ab1afad60ce9c0bfb8fe082038f4f8b29d3ef3d90dada46e5633a8f02c83170e5bba4a463ae4f5566f44660da80b76b6825bbd5b95dbcc037816460e63941591cf190201ded815b2ccd243f295ed94e0ad91743f2e87abd43cd16b17e583df150c3b880f411f46a6b567b4d50000000000000000000000b6a12b00000000008d4b01892d96cdbd54d8c59fad1c0258f7316303b02fd7e10630bd95198accfc0d19d46b7b", 0x127)

19:08:35 executing program 1:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f0000d04000/0x2000)=nil, 0x2000, 0xe000, 0x3, &(0x7f0000fc3000/0xe000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mprotect(&(0x7f00008e1000/0x2000)=nil, 0x2000, 0x2)

19:08:35 executing program 3:
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe)
keyctl$update(0x2, r2, &(0x7f0000000240)="db40951195b65329509626699071a860088261af3fd5f91a922ac7", 0xb2)
r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r3, r2}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
ioctl$SCSI_IOCTL_SYNC(r5, 0x4)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r5, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r5, r6, 0x0, 0x7fffffa7)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r7, r5, 0x0, 0xffffffff)
r8 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000140)=[{&(0x7f0000000100)='P', 0x1}, {&(0x7f0000000340)}], 0x2, r8)
pipe(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$setpipe(r10, 0x407, 0x0)
write(r10, &(0x7f0000000340), 0x41395527)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x25d)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10)

19:08:35 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x17}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
creat(0x0, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040400)
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000040))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'})
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'})
ioctl$TCGETS(0xffffffffffffffff, 0x5401, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x8}, 0x8)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

19:08:35 executing program 5:
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f00000002c0)="f5", 0x1, 0xfffffffffffffffe)
keyctl$update(0x2, r2, &(0x7f0000000240)="db40951195b65329509626699071a860088261af3fd5f91a922ac7", 0xb2)
r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r3, r2}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
ioctl$SCSI_IOCTL_SYNC(r5, 0x4)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r5, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r5, r6, 0x0, 0x7fffffa7)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r7, r5, 0x0, 0xffffffff)
r8 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000140)=[{&(0x7f0000000100)='P', 0x1}, {&(0x7f0000000340)}], 0x2, r8)
pipe(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
fcntl$setpipe(r10, 0x407, 0x0)
write(r10, &(0x7f0000000340), 0x41395527)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x25d)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10)

[  388.602441][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  388.602527][   T25] audit: type=1800 audit(1571857715.763:77): pid=8041 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16659 res=0
[  388.713169][ T8049] bond0: (slave bond_slave_1): Releasing backup interface
[  388.764406][   T25] audit: type=1804 audit(1571857715.793:78): pid=8041 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir539060911/syzkaller.9njEe2/25/file0" dev="sda1" ino=16659 res=1
19:08:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000004000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@cr4={0x1, 0x790029}], 0x1)

[  389.236783][ T8048] ==================================================================
[  389.244934][ T8048] BUG: KCSAN: data-race in generic_update_time / generic_update_time
[  389.252992][ T8048] 
[  389.255325][ T8048] write to 0xffff8881259f3770 of 16 bytes by task 8052 on cpu 0:
[  389.263058][ T8048]  generic_update_time+0x5c/0x270
[  389.268106][ T8048]  touch_atime+0x172/0x190
[  389.272523][ T8048]  generic_file_splice_read+0x4e7/0x500
[  389.278066][ T8048]  do_splice_to+0xf2/0x130
[  389.282480][ T8048]  splice_direct_to_actor+0x1a1/0x510
[  389.287846][ T8048]  do_splice_direct+0x161/0x1e0
[  389.292699][ T8048]  do_sendfile+0x384/0x7f0
[  389.297112][ T8048]  __x64_sys_sendfile64+0x12a/0x140
[  389.302319][ T8048]  do_syscall_64+0xcc/0x370
[  389.306823][ T8048]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  389.312695][ T8048] 
[  389.315018][ T8048] write to 0xffff8881259f3770 of 16 bytes by task 8048 on cpu 1:
[  389.323863][ T8048]  generic_update_time+0x5c/0x270
[  389.328888][ T8048]  touch_atime+0x172/0x190
[  389.333321][ T8048]  generic_file_read_iter+0x116e/0x1440
[  389.338878][ T8048]  ext4_file_read_iter+0xfa/0x240
[  389.343917][ T8048]  generic_file_splice_read+0x35c/0x500
[  389.350518][ T8048]  do_splice_to+0xf2/0x130
[  389.354954][ T8048]  splice_direct_to_actor+0x1a1/0x510
[  389.360335][ T8048]  do_splice_direct+0x161/0x1e0
[  389.365190][ T8048]  do_sendfile+0x384/0x7f0
[  389.369638][ T8048]  __x64_sys_sendfile64+0x12a/0x140
[  389.374835][ T8048]  do_syscall_64+0xcc/0x370
[  389.379789][ T8048]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  389.385666][ T8048] 
[  389.387979][ T8048] Reported by Kernel Concurrency Sanitizer on:
[  389.394238][ T8048] CPU: 1 PID: 8048 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  389.402024][ T8048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.412082][ T8048] ==================================================================
[  389.420503][ T8048] Kernel panic - not syncing: panic_on_warn set ...
[  389.427091][ T8048] CPU: 1 PID: 8048 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  389.434887][ T8048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.446006][ T8048] Call Trace:
[  389.449302][ T8048]  dump_stack+0xf5/0x159
[  389.453536][ T8048]  panic+0x210/0x640
[  389.457423][ T8048]  ? do_sendfile+0x384/0x7f0
[  389.462012][ T8048]  ? vprintk_func+0x8d/0x140
[  389.466598][ T8048]  kcsan_report.cold+0xc/0x10
[  389.471268][ T8048]  __kcsan_setup_watchpoint+0x32e/0x4a0
[  389.476825][ T8048]  __tsan_write16+0x32/0x40
[  389.481340][ T8048]  generic_update_time+0x5c/0x270
[  389.486367][ T8048]  ? file_modified+0x80/0x80
[  389.490948][ T8048]  touch_atime+0x172/0x190
[  389.495361][ T8048]  generic_file_read_iter+0x116e/0x1440
[  389.500911][ T8048]  ext4_file_read_iter+0xfa/0x240
[  389.505927][ T8048]  generic_file_splice_read+0x35c/0x500
[  389.511465][ T8048]  do_splice_to+0xf2/0x130
[  389.515877][ T8048]  ? add_to_pipe+0x1a0/0x1a0
[  389.520451][ T8048]  ? add_to_pipe+0x1a0/0x1a0
[  389.525033][ T8048]  splice_direct_to_actor+0x1a1/0x510
[  389.530410][ T8048]  ? generic_pipe_buf_nosteal+0x20/0x20
[  389.535951][ T8048]  do_splice_direct+0x161/0x1e0
[  389.540794][ T8048]  do_sendfile+0x384/0x7f0
[  389.545228][ T8048]  __x64_sys_sendfile64+0x12a/0x140
[  389.550419][ T8048]  do_syscall_64+0xcc/0x370
[  389.554931][ T8048]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  389.560826][ T8048] RIP: 0033:0x459ef9
[  389.564725][ T8048] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  389.584318][ T8048] RSP: 002b:00007f0dddf01c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  389.592719][ T8048] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459ef9
[  389.600677][ T8048] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  389.605884][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  389.608917][ T8048] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  389.622596][ T8048] R10: 000000007fffffa7 R11: 0000000000000246 R12: 00007f0dddf026d4
[  389.630572][ T8048] R13: 00000000004c7ab0 R14: 00000000004dd8f0 R15: 00000000ffffffff
[  389.640078][ T8048] Kernel Offset: disabled
[  389.644405][ T8048] Rebooting in 86400 seconds..