L|__GFP_COMP), order=1, oom_score_adj=1000
[ 1091.551219][T17982] CPU: 1 PID: 17982 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1091.559136][T17982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1091.569190][T17982] Call Trace:
[ 1091.572486][T17982]  dump_stack+0x172/0x1f0
[ 1091.576821][T17982]  dump_header+0x10b/0x82d
[ 1091.581248][T17982]  oom_kill_process.cold+0x10/0x15
07:50:32 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1200, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:32 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:32 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:32 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc"], 0xe1)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:32 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
r58 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r58, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r58, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r59 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r59, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1091.586362][T17982]  out_of_memory+0x334/0x1340
[ 1091.591042][T17982]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1091.596677][T17982]  ? retint_kernel+0x2b/0x2b
[ 1091.601273][T17982]  ? oom_killer_disable+0x280/0x280
[ 1091.606475][T17982]  ? mem_cgroup_out_of_memory+0x16a/0x240
[ 1091.612211][T17982]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1091.617747][T17982]  ? memcg_stat_show+0xc40/0xc40
[ 1091.617766][T17982]  ? do_raw_spin_unlock+0x57/0x270
[ 1091.617786][T17982]  ? _raw_spin_unlock+0x2d/0x50
[ 1091.617805][T17982]  try_charge+0xa2d/0x1440
[ 1091.637065][T17982]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1091.642623][T17982]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1091.648182][T17982]  ? cache_grow_begin+0x122/0xd20
[ 1091.653217][T17982]  ? find_held_lock+0x35/0x130
[ 1091.657992][T17982]  ? cache_grow_begin+0x122/0xd20
[ 1091.663020][T17982]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1091.663034][T17982]  ? lock_downgrade+0x920/0x920
[ 1091.663052][T17982]  ? memcg_kmem_put_cache+0x50/0x50
[ 1091.678602][T17982]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1091.684851][T17982]  ? __kasan_check_read+0x11/0x20
[ 1091.689886][T17982]  cache_grow_begin+0x629/0xd20
[ 1091.694736][T17982]  ? __sanitizer_cov_trace_cmp8+0x1/0x20
[ 1091.694753][T17982]  ? mempolicy_slab_node+0x139/0x390
[ 1091.694773][T17982]  fallback_alloc+0x1fd/0x2d0
[ 1091.694793][T17982]  ____cache_alloc_node+0x1bc/0x1d0
[ 1091.694806][T17982]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1091.694823][T17982]  kmem_cache_alloc_trace+0x21c/0x790
[ 1091.727108][T17982]  kvm_uevent_notify_change.part.0+0xa6/0x460
[ 1091.733162][T17982]  kvm_dev_ioctl+0x1047/0x1610
[ 1091.737913][T17982]  ? kvm_debugfs_release+0x90/0x90
[ 1091.743008][T17982]  ? kvm_debugfs_release+0x90/0x90
[ 1091.748108][T17982]  ? kvm_debugfs_release+0x90/0x90
[ 1091.753226][T17982]  do_vfs_ioctl+0xdb6/0x13e0
[ 1091.757803][T17982]  ? ioctl_preallocate+0x210/0x210
[ 1091.762903][T17982]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1091.768518][T17982]  ? retint_kernel+0x2b/0x2b
[ 1091.773110][T17982]  ? tomoyo_file_ioctl+0x23/0x30
[ 1091.778034][T17982]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1091.784288][T17982]  ? security_file_ioctl+0x8d/0xc0
[ 1091.789382][T17982]  ksys_ioctl+0xab/0xd0
[ 1091.793520][T17982]  __x64_sys_ioctl+0x73/0xb0
[ 1091.798094][T17982]  do_syscall_64+0xfa/0x760
[ 1091.802584][T17982]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1091.808457][T17982] RIP: 0033:0x45a219
[ 1091.812333][T17982] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1091.831915][T17982] RSP: 002b:00007f9910203c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1091.840309][T17982] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1091.848262][T17982] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000004
[ 1091.856215][T17982] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1091.864178][T17982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99102046d4
[ 1091.872140][T17982] R13: 00000000004c348b R14: 00000000004d7708 R15: 00000000ffffffff
[ 1092.002073][   T26] audit: type=1800 audit(1573026633.178:93): pid=18239 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=628 res=0
07:50:33 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:33 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:33 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd"], 0xe9)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:33 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1092.562555][T17982] memory: usage 300820kB, limit 307200kB, failcnt 177
[ 1092.569533][T17982] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1092.585283][T17982] Memory cgroup stats for /syz5:
[ 1092.585537][T17982] anon 277446656
[ 1092.585537][T17982] file 0
[ 1092.585537][T17982] kernel_stack 3473408
[ 1092.585537][T17982] slab 12025856
[ 1092.585537][T17982] sock 0
[ 1092.585537][T17982] shmem 0
[ 1092.585537][T17982] file_mapped 0
[ 1092.585537][T17982] file_dirty 0
[ 1092.585537][T17982] file_writeback 0
[ 1092.585537][T17982] anon_thp 264241152
[ 1092.585537][T17982] inactive_anon 0
[ 1092.585537][T17982] active_anon 277446656
[ 1092.585537][T17982] inactive_file 0
[ 1092.585537][T17982] active_file 28672
[ 1092.585537][T17982] unevictable 0
[ 1092.585537][T17982] slab_reclaimable 2433024
[ 1092.585537][T17982] slab_unreclaimable 9592832
[ 1092.585537][T17982] pgfault 90849
[ 1092.585537][T17982] pgmajfault 0
[ 1092.585537][T17982] workingset_refault 33
[ 1092.585537][T17982] workingset_activate 0
[ 1092.585537][T17982] workingset_nodereclaim 0
[ 1092.585537][T17982] pgrefill 314
[ 1092.585537][T17982] pgscan 309
[ 1092.585537][T17982] pgsteal 165
[ 1092.585537][T17982] pgactivate 132
[ 1092.693214][T17982] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=30376,uid=0
[ 1092.726470][T17982] Memory cgroup out of memory: Killed process 30376 (syz-executor.5) total-vm:72980kB, anon-rss:6328kB, file-rss:35804kB, shmem-rss:0kB, UID:0 pgtables:143360kB oom_score_adj:1000
[ 1092.752464][ T1071] oom_reaper: reaped process 30376 (syz-executor.5), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB
07:50:34 executing program 5:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000000))
getsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000080), 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x20000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r3 = syz_open_dev$sndpcmc(&(0x7f00000004c0)='/dev/snd/pcmC#D#c\x00', 0x7f, 0x80)
setsockopt$inet6_udp_int(r3, 0x11, 0xb, &(0x7f0000000500)=0x2, 0x4)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$BLKSECDISCARD(r4, 0x127d, &(0x7f0000000040))
accept$inet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
userfaultfd(0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000200)="b805000000b9510000000f01c10f46a78900000066ba2100b07bee66ba4100edb9800000830f32b9800000c00f3235000100000f300f304f215c66b808008ed0660f38806f000f011c268ee0", 0xfffffffffffffdfd}], 0x1, 0x2, 0x0, 0x0)
syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0x5, 0x2000)
ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f0000000680))
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket(0x0, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000740)=[{&(0x7f0000000440)="6fba4e7a27f33b43110b546f4d8a84314918ed93d759d433f78dc6a032e1f809336e7b4e5fe02a372723ca017c15e6410b39fbdd01295c9940084d6bb80d310321f2fee54b31b1959111e6f8", 0x4c}, {&(0x7f0000000300)="4b6c3ec064d172281844bb5ba3db2b05ad230b9d3f5b267a03a6d4935d8c15efa2158a0703cebd4f319c40291cd844890da10f9f043c5355ecbfa5218148a56035c91dd7e007f33abc26f6c1fe057061d721337368479b3aaa639970cb1444693cd3c3f421638be8a75482e95c", 0x6d}, {&(0x7f0000000900)}, {&(0x7f0000000500)}, {&(0x7f0000000540)="05e3baf5968b16583c6dc0fca5094208c7bfbdf58cf6db89c43507c5efaadcee54bb90af728e32e43e7434821cf99c736e2962913459a6a25b3c9bce8192e46ab8f8de74a6b2df1ccd18605fdc15d73a019bae1ad4c5148cf7f02810d2ca164db6a0866144e3fbcb29db0155ef342e7929b3", 0x72}, {&(0x7f00000005c0)="4a380f096058e3a9ff7abda37029f1b9fcfcef306b9da733294cf728cb426b413c5079d2e37c51781b4cd677e28a43ffd7d5d1442c5828ee00d7d03601f2e3b988c8719577a2d6b030e0e323bb63e4c8163fbf5370c6f415aa898590bf73aa25ceab173c330577b8eacb19c1d5509f488d445434ab96bd79ea2332be17ee05ec09c573cc559472d5358062d1ec", 0x8d}], 0x6)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000004cb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

07:50:34 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
r58 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r58, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r58, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r59 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r59, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:34 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:34 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd"], 0xe9)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:34 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1300, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:34 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1093.199170][T18511] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1093.209442][T18511] CPU: 0 PID: 18511 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1093.217328][T18511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1093.227371][T18511] Call Trace:
[ 1093.230662][T18511]  dump_stack+0x172/0x1f0
[ 1093.234982][T18511]  dump_header+0x10b/0x82d
[ 1093.239401][T18511]  oom_kill_process.cold+0x10/0x15
[ 1093.244499][T18511]  out_of_memory+0x334/0x1340
[ 1093.249163][T18511]  ? lock_downgrade+0x920/0x920
[ 1093.254000][T18511]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1093.259791][T18511]  ? oom_killer_disable+0x280/0x280
[ 1093.264982][T18511]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1093.270511][T18511]  ? memcg_stat_show+0xc40/0xc40
[ 1093.275448][T18511]  ? do_raw_spin_unlock+0x57/0x270
[ 1093.280572][T18511]  ? _raw_spin_unlock+0x2d/0x50
[ 1093.285426][T18511]  try_charge+0xf4b/0x1440
[ 1093.289833][T18511]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1093.295364][T18511]  ? percpu_ref_tryget_live+0x111/0x290
[ 1093.300898][T18511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1093.307140][T18511]  ? __kasan_check_read+0x11/0x20
[ 1093.312152][T18511]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1093.317685][T18511]  mem_cgroup_try_charge+0x136/0x590
[ 1093.322958][T18511]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1093.328575][T18511]  wp_page_copy+0x407/0x1860
[ 1093.333151][T18511]  ? find_held_lock+0x35/0x130
[ 1093.337901][T18511]  ? do_wp_page+0x53b/0x15c0
[ 1093.342483][T18511]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1093.348288][T18511]  ? lock_downgrade+0x920/0x920
[ 1093.353119][T18511]  ? vm_normal_page+0x15d/0x3c0
[ 1093.357952][T18511]  ? __pte_alloc_kernel+0x210/0x210
[ 1093.363134][T18511]  ? __kasan_check_read+0x11/0x20
[ 1093.368155][T18511]  ? do_raw_spin_unlock+0x57/0x270
[ 1093.373251][T18511]  do_wp_page+0x543/0x15c0
[ 1093.377648][T18511]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1093.382656][T18511]  ? lock_acquire+0x190/0x410
[ 1093.387315][T18511]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1093.392668][T18511]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1093.398376][T18511]  __handle_mm_fault+0x23ec/0x4040
[ 1093.403472][T18511]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1093.409002][T18511]  ? handle_mm_fault+0x292/0xaa0
[ 1093.413932][T18511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1093.420154][T18511]  ? __kasan_check_read+0x11/0x20
[ 1093.425162][T18511]  handle_mm_fault+0x3b7/0xaa0
[ 1093.429915][T18511]  __do_page_fault+0x536/0xdd0
[ 1093.434678][T18511]  do_page_fault+0x38/0x590
[ 1093.439165][T18511]  page_fault+0x39/0x40
[ 1093.443312][T18511] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1093.449882][T18511] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1093.469465][T18511] RSP: 0018:ffff888019eefab8 EFLAGS: 00010206
[ 1093.475510][T18511] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1093.483466][T18511] RDX: 0000000000001000 RSI: ffff888092154b00 RDI: 0000000020bc1000
[ 1093.491418][T18511] RBP: ffff888019eefaf0 R08: ffffed101242aa00 R09: 0000000000000000
[ 1093.499377][T18511] R10: ffffed101242a9ff R11: ffff888092154fff R12: 0000000020bc0500
[ 1093.507343][T18511] R13: ffff888092154000 R14: 0000000020bc1500 R15: 00007ffffffff000
[ 1093.515316][T18511]  ? copyout+0x12d/0x150
[ 1093.519546][T18511]  copy_page_to_iter+0x3de/0xda0
[ 1093.524475][T18511]  ? kill_fasync+0x323/0x4a0
[ 1093.529056][T18511]  pipe_to_user+0xb4/0x170
[ 1093.533458][T18511]  __splice_from_pipe+0x397/0x7d0
[ 1093.538467][T18511]  ? iter_to_pipe+0x560/0x560
[ 1093.543132][T18511]  do_vmsplice.part.0+0x249/0x2b0
[ 1093.548143][T18511]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1093.553326][T18511]  ? import_iovec+0x267/0x410
[ 1093.558004][T18511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1093.564230][T18511]  __do_sys_vmsplice+0x1bc/0x210
[ 1093.569151][T18511]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1093.574335][T18511]  ? __kasan_check_read+0x11/0x20
[ 1093.579349][T18511]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1093.585573][T18511]  ? put_timespec64+0xda/0x140
[ 1093.590334][T18511]  ? nsecs_to_jiffies+0x30/0x30
[ 1093.595174][T18511]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1093.600613][T18511]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1093.606053][T18511]  ? do_syscall_64+0x26/0x760
[ 1093.610713][T18511]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1093.616781][T18511]  ? do_syscall_64+0x26/0x760
[ 1093.621459][T18511]  __x64_sys_vmsplice+0x97/0xf0
[ 1093.626292][T18511]  do_syscall_64+0xfa/0x760
[ 1093.630779][T18511]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1093.636665][T18511] RIP: 0033:0x45a219
[ 1093.640546][T18511] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1093.660129][T18511] RSP: 002b:00007f612e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1093.668520][T18511] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1093.676473][T18511] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1093.684440][T18511] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1093.692412][T18511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4456d4
[ 1093.700364][T18511] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1093.708586][T18511] memory: usage 307116kB, limit 307200kB, failcnt 37397
[ 1093.716646][T18511] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1093.723499][T18511] Memory cgroup stats for /syz3:
[ 1093.723615][T18511] anon 294117376
[ 1093.723615][T18511] file 61440
[ 1093.723615][T18511] kernel_stack 2097152
[ 1093.723615][T18511] slab 7606272
[ 1093.723615][T18511] sock 0
[ 1093.723615][T18511] shmem 147456
[ 1093.723615][T18511] file_mapped 0
[ 1093.723615][T18511] file_dirty 0
[ 1093.723615][T18511] file_writeback 0
[ 1093.723615][T18511] anon_thp 281018368
[ 1093.723615][T18511] inactive_anon 135168
[ 1093.723615][T18511] active_anon 294117376
[ 1093.723615][T18511] inactive_file 0
[ 1093.723615][T18511] active_file 0
[ 1093.723615][T18511] unevictable 0
[ 1093.723615][T18511] slab_reclaimable 1892352
[ 1093.723615][T18511] slab_unreclaimable 5713920
[ 1093.723615][T18511] pgfault 101475
[ 1093.723615][T18511] pgmajfault 0
[ 1093.723615][T18511] workingset_refault 0
[ 1093.723615][T18511] workingset_activate 0
[ 1093.723615][T18511] workingset_nodereclaim 0
[ 1093.723615][T18511] pgrefill 19354
[ 1093.723615][T18511] pgscan 19370
[ 1093.723615][T18511] pgsteal 69
[ 1093.817123][T18511] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=16949,uid=0
[ 1093.817820][T18511] Memory cgroup out of memory: Killed process 16949 (syz-executor.3) total-vm:72848kB, anon-rss:16556kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
07:50:35 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1093.872011][   T26] audit: type=1800 audit(1573026635.008:94): pid=18616 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16604 res=0
07:50:35 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd"], 0xe9)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:35 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:35 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:35 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
r58 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r58, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r58, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r59 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r59, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:35 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e"], 0xed)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:36 executing program 5:
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x0)
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x308)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00^\x01\x03\x03\xf0\x00', @ifru_mtu=0x1})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f00000001c0))
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)

07:50:36 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:36 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:36 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e"], 0xed)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:36 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
r58 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r58, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r59 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r59, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:36 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1400, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1095.270507][T18874] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1095.282677][T18874] CPU: 0 PID: 18874 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1095.290553][T18874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1095.300608][T18874] Call Trace:
[ 1095.303888][T18874]  dump_stack+0x172/0x1f0
[ 1095.308232][T18874]  dump_header+0x10b/0x82d
[ 1095.312633][T18874]  ? oom_kill_process+0x94/0x3f0
[ 1095.317557][T18874]  oom_kill_process.cold+0x10/0x15
[ 1095.322657][T18874]  out_of_memory+0x334/0x1340
[ 1095.327323][T18874]  ? lock_downgrade+0x920/0x920
[ 1095.332162][T18874]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1095.337952][T18874]  ? oom_killer_disable+0x280/0x280
[ 1095.343144][T18874]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1095.348693][T18874]  ? memcg_stat_show+0xc40/0xc40
[ 1095.353619][T18874]  ? do_raw_spin_unlock+0x57/0x270
[ 1095.358723][T18874]  ? _raw_spin_unlock+0x2d/0x50
[ 1095.363563][T18874]  try_charge+0xf4b/0x1440
[ 1095.367963][T18874]  ? find_held_lock+0x35/0x130
[ 1095.372719][T18874]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1095.378260][T18874]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1095.383793][T18874]  ? find_held_lock+0x35/0x130
[ 1095.388541][T18874]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1095.394082][T18874]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1095.399613][T18874]  ? memcg_kmem_put_cache+0x50/0x50
[ 1095.404806][T18874]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1095.410338][T18874]  __memcg_kmem_charge+0x13a/0x3a0
[ 1095.415443][T18874]  __alloc_pages_nodemask+0x4f5/0x900
[ 1095.420798][T18874]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1095.426331][T18874]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1095.432055][T18874]  ? percpu_ref_put_many+0xb6/0x190
[ 1095.437244][T18874]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1095.442528][T18874]  ? trace_hardirqs_on+0x67/0x240
[ 1095.448077][T18874]  ? __kasan_check_read+0x11/0x20
[ 1095.453104][T18874]  copy_process+0x3f8/0x6860
[ 1095.457691][T18874]  ? debug_object_free+0x1f1/0x390
[ 1095.462808][T18874]  ? __cleanup_sighand+0x60/0x60
[ 1095.467740][T18874]  ? lock_downgrade+0x920/0x920
[ 1095.472582][T18874]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1095.477876][T18874]  ? trace_hardirqs_on+0x67/0x240
[ 1095.482883][T18874]  ? __kasan_check_read+0x11/0x20
[ 1095.487910][T18874]  _do_fork+0x146/0xfa0
[ 1095.492050][T18874]  ? debug_object_free+0x1f9/0x390
[ 1095.497149][T18874]  ? copy_init_mm+0x20/0x20
[ 1095.501640][T18874]  ? hrtimer_nanosleep+0x2c9/0x550
[ 1095.506743][T18874]  ? nanosleep_copyout+0x110/0x110
[ 1095.511841][T18874]  ? hrtimer_init_sleeper_on_stack+0xa0/0xa0
[ 1095.517809][T18874]  __x64_sys_clone+0x18d/0x250
[ 1095.522560][T18874]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1095.528789][T18874]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1095.533629][T18874]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1095.538899][T18874]  ? trace_hardirqs_on+0x67/0x240
[ 1095.543910][T18874]  do_syscall_64+0xfa/0x760
[ 1095.548403][T18874]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1095.554277][T18874] RIP: 0033:0x45cbe9
[ 1095.558159][T18874] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1095.577764][T18874] RSP: 002b:00007ffe5afc52c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1095.586171][T18874] RAX: ffffffffffffffda RBX: 00007f612e424700 RCX: 000000000045cbe9
[ 1095.594135][T18874] RDX: 00007f612e4249d0 RSI: 00007f612e423db0 RDI: 00000000003d0f00
[ 1095.602092][T18874] RBP: 00007ffe5afc54e0 R08: 00007f612e424700 R09: 00007f612e424700
[ 1095.610056][T18874] R10: 00007f612e4249d0 R11: 0000000000000202 R12: 0000000000000000
[ 1095.618015][T18874] R13: 00007ffe5afc537f R14: 0000000000020000 R15: 000000000248edb0
[ 1095.626181][T18874] memory: usage 307200kB, limit 307200kB, failcnt 37489
[ 1095.633110][T18874] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1095.639967][T18874] Memory cgroup stats for /syz3:
[ 1095.640061][T18874] anon 294178816
[ 1095.640061][T18874] file 61440
[ 1095.640061][T18874] kernel_stack 2162688
[ 1095.640061][T18874] slab 7606272
[ 1095.640061][T18874] sock 0
[ 1095.640061][T18874] shmem 147456
[ 1095.640061][T18874] file_mapped 0
[ 1095.640061][T18874] file_dirty 0
[ 1095.640061][T18874] file_writeback 0
[ 1095.640061][T18874] anon_thp 281018368
[ 1095.640061][T18874] inactive_anon 135168
[ 1095.640061][T18874] active_anon 294178816
[ 1095.640061][T18874] inactive_file 0
[ 1095.640061][T18874] active_file 0
[ 1095.640061][T18874] unevictable 0
[ 1095.640061][T18874] slab_reclaimable 1892352
[ 1095.640061][T18874] slab_unreclaimable 5713920
[ 1095.640061][T18874] pgfault 102201
[ 1095.640061][T18874] pgmajfault 0
[ 1095.640061][T18874] workingset_refault 0
[ 1095.640061][T18874] workingset_activate 0
[ 1095.640061][T18874] workingset_nodereclaim 0
[ 1095.640061][T18874] pgrefill 19387
[ 1095.640061][T18874] pgscan 19403
[ 1095.640061][T18874] pgsteal 69
[ 1095.733526][T18874] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=18874,uid=0
[ 1095.749551][T18874] Memory cgroup out of memory: Killed process 18874 (syz-executor.3) total-vm:72980kB, anon-rss:16008kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1095.825291][ T1071] oom_reaper: reaped process 18874 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:50:37 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:37 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:37 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e"], 0xed)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:37 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:37 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r58 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r58, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1096.307575][   T26] audit: type=1800 audit(1573026637.478:95): pid=19122 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16770 res=0
[ 1096.365517][T19108] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1096.377456][T19108] CPU: 0 PID: 19108 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1096.385345][T19108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1096.385351][T19108] Call Trace:
[ 1096.385371][T19108]  dump_stack+0x172/0x1f0
[ 1096.385391][T19108]  dump_header+0x10b/0x82d
[ 1096.385408][T19108]  oom_kill_process.cold+0x10/0x15
07:50:37 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1096.385427][T19108]  out_of_memory+0x334/0x1340
[ 1096.417277][T19108]  ? lock_downgrade+0x920/0x920
[ 1096.422120][T19108]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1096.427911][T19108]  ? oom_killer_disable+0x280/0x280
[ 1096.433100][T19108]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1096.438649][T19108]  ? memcg_stat_show+0xc40/0xc40
[ 1096.443577][T19108]  ? do_raw_spin_unlock+0x57/0x270
[ 1096.448697][T19108]  ? _raw_spin_unlock+0x2d/0x50
[ 1096.453562][T19108]  try_charge+0xf4b/0x1440
[ 1096.457974][T19108]  ? find_held_lock+0x35/0x130
[ 1096.462741][T19108]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1096.468288][T19108]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1096.473841][T19108]  ? find_held_lock+0x35/0x130
[ 1096.478619][T19108]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1096.484181][T19108]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1096.489733][T19108]  ? memcg_kmem_put_cache+0x50/0x50
[ 1096.494941][T19108]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1096.500495][T19108]  __memcg_kmem_charge+0x13a/0x3a0
[ 1096.505615][T19108]  __alloc_pages_nodemask+0x4f5/0x900
[ 1096.510988][T19108]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1096.516692][T19108]  ? ___might_sleep+0x163/0x2c0
[ 1096.521527][T19108]  ? copyin+0x100/0x150
[ 1096.525692][T19108]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1096.531919][T19108]  alloc_pages_current+0x107/0x210
[ 1096.537018][T19108]  pipe_write+0x66d/0xf40
[ 1096.541370][T19108]  new_sync_write+0x4d3/0x770
[ 1096.546030][T19108]  ? new_sync_read+0x800/0x800
[ 1096.550780][T19108]  ? common_file_perm+0x238/0x720
[ 1096.555785][T19108]  ? __fget+0x384/0x560
[ 1096.559926][T19108]  ? apparmor_file_permission+0x25/0x30
[ 1096.565456][T19108]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1096.571678][T19108]  ? security_file_permission+0x8f/0x380
[ 1096.577293][T19108]  __vfs_write+0xe1/0x110
[ 1096.581607][T19108]  vfs_write+0x268/0x5d0
[ 1096.585835][T19108]  ksys_write+0x14f/0x290
[ 1096.590164][T19108]  ? __ia32_sys_read+0xb0/0xb0
[ 1096.594911][T19108]  ? do_syscall_64+0x26/0x760
[ 1096.599589][T19108]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1096.605640][T19108]  ? do_syscall_64+0x26/0x760
[ 1096.610322][T19108]  __x64_sys_write+0x73/0xb0
[ 1096.614899][T19108]  do_syscall_64+0xfa/0x760
[ 1096.619386][T19108]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1096.625257][T19108] RIP: 0033:0x45a219
[ 1096.629152][T19108] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1096.648736][T19108] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1096.657163][T19108] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1096.665115][T19108] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1096.673083][T19108] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1096.681036][T19108] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1096.688987][T19108] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1096.697672][T19108] memory: usage 307084kB, limit 307200kB, failcnt 37600
[ 1096.704623][T19108] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1096.712349][T19108] Memory cgroup stats for /syz3:
[ 1096.712463][T19108] anon 294260736
[ 1096.712463][T19108] file 61440
[ 1096.712463][T19108] kernel_stack 2097152
[ 1096.712463][T19108] slab 7606272
[ 1096.712463][T19108] sock 0
[ 1096.712463][T19108] shmem 147456
[ 1096.712463][T19108] file_mapped 0
[ 1096.712463][T19108] file_dirty 0
[ 1096.712463][T19108] file_writeback 0
[ 1096.712463][T19108] anon_thp 281018368
[ 1096.712463][T19108] inactive_anon 135168
[ 1096.712463][T19108] active_anon 294260736
[ 1096.712463][T19108] inactive_file 0
[ 1096.712463][T19108] active_file 0
[ 1096.712463][T19108] unevictable 0
[ 1096.712463][T19108] slab_reclaimable 1892352
[ 1096.712463][T19108] slab_unreclaimable 5713920
[ 1096.712463][T19108] pgfault 102762
[ 1096.712463][T19108] pgmajfault 0
[ 1096.712463][T19108] workingset_refault 0
[ 1096.712463][T19108] workingset_activate 0
[ 1096.712463][T19108] workingset_nodereclaim 0
[ 1096.712463][T19108] pgrefill 19387
[ 1096.712463][T19108] pgscan 19403
[ 1096.712463][T19108] pgsteal 69
[ 1096.806349][T19108] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=19008,uid=0
[ 1096.821869][T19108] Memory cgroup out of memory: Killed process 19108 (syz-executor.3) total-vm:72980kB, anon-rss:16072kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1096.847331][ T1071] oom_reaper: reaped process 19108 (syz-executor.3), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB
07:50:38 executing program 5:
syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x0, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1)

07:50:38 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:38 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:38 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4"], 0xef)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:38 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r58 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r58, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:38 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1500, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:38 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4"], 0xef)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1097.410157][   T26] audit: type=1800 audit(1573026638.578:96): pid=19248 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=629 res=0
07:50:38 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:38 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1097.702600][   T26] audit: type=1800 audit(1573026638.878:97): pid=19381 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16835 res=0
07:50:39 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:39 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380)=<r55=>0x0)
r56 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r56, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r57=>0x0})
setsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f00000008c0)={r55, 0x0, r57}, 0xc)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r58 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r58, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:39 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1097.877570][T19377] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1097.889600][T19377] CPU: 1 PID: 19377 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1097.897498][T19377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1097.907585][T19377] Call Trace:
[ 1097.907609][T19377]  dump_stack+0x172/0x1f0
[ 1097.907629][T19377]  dump_header+0x10b/0x82d
[ 1097.907646][T19377]  oom_kill_process.cold+0x10/0x15
[ 1097.907663][T19377]  out_of_memory+0x334/0x1340
[ 1097.907683][T19377]  ? lock_downgrade+0x920/0x920
[ 1097.934299][T19377]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1097.940116][T19377]  ? oom_killer_disable+0x280/0x280
[ 1097.945339][T19377]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1097.950893][T19377]  ? memcg_stat_show+0xc40/0xc40
[ 1097.953785][   T26] audit: type=1800 audit(1573026639.078:98): pid=19491 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16694 res=0
[ 1097.955837][T19377]  ? do_raw_spin_unlock+0x57/0x270
[ 1097.955856][T19377]  ? _raw_spin_unlock+0x2d/0x50
[ 1097.955874][T19377]  try_charge+0xf4b/0x1440
[ 1097.955892][T19377]  ? find_held_lock+0x35/0x130
[ 1097.995275][T19377]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1098.000811][T19377]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1098.006342][T19377]  ? find_held_lock+0x35/0x130
[ 1098.011091][T19377]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1098.016632][T19377]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1098.022161][T19377]  ? memcg_kmem_put_cache+0x50/0x50
[ 1098.027346][T19377]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1098.032892][T19377]  __memcg_kmem_charge+0x13a/0x3a0
[ 1098.037988][T19377]  __alloc_pages_nodemask+0x4f5/0x900
[ 1098.043366][T19377]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1098.049091][T19377]  ? ___might_sleep+0x163/0x2c0
[ 1098.053928][T19377]  ? copyin+0x100/0x150
[ 1098.058083][T19377]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1098.064308][T19377]  alloc_pages_current+0x107/0x210
[ 1098.069423][T19377]  pipe_write+0x66d/0xf40
[ 1098.073747][T19377]  new_sync_write+0x4d3/0x770
[ 1098.078413][T19377]  ? new_sync_read+0x800/0x800
[ 1098.083174][T19377]  ? common_file_perm+0x238/0x720
[ 1098.088213][T19377]  ? __fget+0x384/0x560
[ 1098.092361][T19377]  ? apparmor_file_permission+0x25/0x30
[ 1098.097906][T19377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1098.104131][T19377]  ? security_file_permission+0x8f/0x380
[ 1098.109747][T19377]  __vfs_write+0xe1/0x110
[ 1098.114061][T19377]  vfs_write+0x268/0x5d0
[ 1098.118294][T19377]  ksys_write+0x14f/0x290
[ 1098.122608][T19377]  ? __ia32_sys_read+0xb0/0xb0
[ 1098.127355][T19377]  ? do_syscall_64+0x26/0x760
[ 1098.132015][T19377]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1098.138062][T19377]  ? do_syscall_64+0x26/0x760
[ 1098.142723][T19377]  __x64_sys_write+0x73/0xb0
[ 1098.147297][T19377]  do_syscall_64+0xfa/0x760
[ 1098.151784][T19377]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1098.157672][T19377] RIP: 0033:0x45a219
[ 1098.161552][T19377] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1098.181151][T19377] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1098.189545][T19377] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1098.197497][T19377] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1098.205450][T19377] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1098.213401][T19377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1098.221370][T19377] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1098.229536][T19377] memory: usage 307200kB, limit 307200kB, failcnt 37680
[ 1098.236525][T19377] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1098.243374][T19377] Memory cgroup stats for /syz3:
[ 1098.243491][T19377] anon 294240256
[ 1098.243491][T19377] file 61440
[ 1098.243491][T19377] kernel_stack 2162688
[ 1098.243491][T19377] slab 7467008
[ 1098.243491][T19377] sock 0
[ 1098.243491][T19377] shmem 147456
[ 1098.243491][T19377] file_mapped 0
[ 1098.243491][T19377] file_dirty 0
[ 1098.243491][T19377] file_writeback 0
[ 1098.243491][T19377] anon_thp 281018368
[ 1098.243491][T19377] inactive_anon 135168
[ 1098.243491][T19377] active_anon 294240256
[ 1098.243491][T19377] inactive_file 0
[ 1098.243491][T19377] active_file 0
[ 1098.243491][T19377] unevictable 0
[ 1098.243491][T19377] slab_reclaimable 1892352
[ 1098.243491][T19377] slab_unreclaimable 5574656
[ 1098.243491][T19377] pgfault 103356
[ 1098.243491][T19377] pgmajfault 0
[ 1098.243491][T19377] workingset_refault 0
[ 1098.243491][T19377] workingset_activate 0
[ 1098.243491][T19377] workingset_nodereclaim 0
[ 1098.243491][T19377] pgrefill 19387
[ 1098.243491][T19377] pgscan 19403
[ 1098.243491][T19377] pgsteal 69
[ 1098.337320][T19377] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=18861,uid=0
[ 1098.352862][T19377] Memory cgroup out of memory: Killed process 18861 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1098.375629][ T1071] oom_reaper: reaped process 18861 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:50:39 executing program 5:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000001c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f00000000c0)=0x1, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000005600)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)=""/199, 0xc7}, {&(0x7f0000000400)=""/105, 0x69}, {&(0x7f0000000480)=""/109, 0x6d}], 0x3}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000740)=""/223, 0xdf}], 0x1}}], 0x2, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002580)=[{{&(0x7f0000000140)=@hci, 0x26c, &(0x7f00000003c0), 0x338, &(0x7f0000000880), 0x1a5}}, {{&(0x7f0000000040)=@sco, 0x359, &(0x7f0000000a80), 0x2ef, &(0x7f0000000c40)}}], 0x4000000000002f0, 0x0)

07:50:39 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:39 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4"], 0xef)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:39 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:39 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1600, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1098.628783][   T26] audit: type=1800 audit(1573026639.808:99): pid=19612 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16694 res=0
07:50:39 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:39 executing program 5:
ioctl$PPPIOCSNPMODE(0xffffffffffffffff, 0x4008744b, &(0x7f0000000140)={0x21})
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2)
r0 = socket(0x1e, 0x80005, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, 0x0)
r1 = syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2)
ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000140))
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000003c0), 0x4)
write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r2, 0x1)
recvmsg(r2, &(0x7f0000001440)={0x0, 0x0, &(0x7f00000015c0), 0x0, 0x0, 0x0, 0x7115}, 0x0)

07:50:39 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:39 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:40 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380))
r55 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r55, &(0x7f0000000a40))
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r57 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r57, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1098.981331][   T26] audit: type=1800 audit(1573026640.158:100): pid=19746 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16618 res=0
07:50:40 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:40 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:40 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1099.363042][T19867] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1099.375087][T19867] CPU: 0 PID: 19867 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1099.382980][T19867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1099.393039][T19867] Call Trace:
[ 1099.396331][T19867]  dump_stack+0x172/0x1f0
[ 1099.400653][T19867]  dump_header+0x10b/0x82d
[ 1099.405060][T19867]  oom_kill_process.cold+0x10/0x15
[ 1099.410158][T19867]  out_of_memory+0x334/0x1340
[ 1099.414819][T19867]  ? lock_downgrade+0x920/0x920
[ 1099.419661][T19867]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1099.425449][T19867]  ? oom_killer_disable+0x280/0x280
[ 1099.430634][T19867]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1099.436162][T19867]  ? memcg_stat_show+0xc40/0xc40
[ 1099.441084][T19867]  ? do_raw_spin_unlock+0x57/0x270
[ 1099.446183][T19867]  ? _raw_spin_unlock+0x2d/0x50
[ 1099.451021][T19867]  try_charge+0xf4b/0x1440
[ 1099.455424][T19867]  ? find_held_lock+0x35/0x130
[ 1099.460178][T19867]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1099.465704][T19867]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1099.471238][T19867]  ? find_held_lock+0x35/0x130
[ 1099.475986][T19867]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1099.481524][T19867]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1099.487056][T19867]  ? memcg_kmem_put_cache+0x50/0x50
[ 1099.492239][T19867]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1099.497771][T19867]  __memcg_kmem_charge+0x13a/0x3a0
[ 1099.502866][T19867]  __alloc_pages_nodemask+0x4f5/0x900
[ 1099.508226][T19867]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1099.513935][T19867]  ? copyin+0x100/0x150
[ 1099.518089][T19867]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1099.524316][T19867]  alloc_pages_current+0x107/0x210
[ 1099.529419][T19867]  pipe_write+0x66d/0xf40
[ 1099.533740][T19867]  new_sync_write+0x4d3/0x770
[ 1099.538401][T19867]  ? new_sync_read+0x800/0x800
[ 1099.543155][T19867]  ? common_file_perm+0x238/0x720
[ 1099.548161][T19867]  ? __fget+0x384/0x560
[ 1099.552300][T19867]  ? apparmor_file_permission+0x25/0x30
[ 1099.557830][T19867]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1099.564058][T19867]  ? security_file_permission+0x8f/0x380
[ 1099.569674][T19867]  __vfs_write+0xe1/0x110
[ 1099.573986][T19867]  vfs_write+0x268/0x5d0
[ 1099.578211][T19867]  ksys_write+0x14f/0x290
[ 1099.582546][T19867]  ? __ia32_sys_read+0xb0/0xb0
[ 1099.587295][T19867]  ? do_syscall_64+0x26/0x760
[ 1099.591953][T19867]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1099.598000][T19867]  ? do_syscall_64+0x26/0x760
[ 1099.602663][T19867]  __x64_sys_write+0x73/0xb0
[ 1099.607235][T19867]  do_syscall_64+0xfa/0x760
[ 1099.611724][T19867]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1099.617598][T19867] RIP: 0033:0x45a219
[ 1099.621477][T19867] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1099.641064][T19867] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1099.649478][T19867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1099.657433][T19867] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1099.665388][T19867] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1099.673341][T19867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1099.681294][T19867] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1099.689484][T19867] memory: usage 307200kB, limit 307200kB, failcnt 37773
[ 1099.696465][T19867] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1099.703300][T19867] Memory cgroup stats for /syz3:
[ 1099.703396][T19867] anon 294039552
[ 1099.703396][T19867] file 61440
[ 1099.703396][T19867] kernel_stack 2162688
[ 1099.703396][T19867] slab 7467008
[ 1099.703396][T19867] sock 0
[ 1099.703396][T19867] shmem 147456
[ 1099.703396][T19867] file_mapped 0
[ 1099.703396][T19867] file_dirty 0
[ 1099.703396][T19867] file_writeback 0
[ 1099.703396][T19867] anon_thp 281018368
[ 1099.703396][T19867] inactive_anon 135168
[ 1099.703396][T19867] active_anon 294039552
[ 1099.703396][T19867] inactive_file 0
[ 1099.703396][T19867] active_file 0
[ 1099.703396][T19867] unevictable 0
[ 1099.703396][T19867] slab_reclaimable 1892352
[ 1099.703396][T19867] slab_unreclaimable 5574656
[ 1099.703396][T19867] pgfault 104115
[ 1099.703396][T19867] pgmajfault 0
[ 1099.703396][T19867] workingset_refault 0
[ 1099.703396][T19867] workingset_activate 0
[ 1099.703396][T19867] workingset_nodereclaim 0
[ 1099.703396][T19867] pgrefill 19387
[ 1099.703396][T19867] pgscan 19403
[ 1099.703396][T19867] pgsteal 102
[ 1099.799176][T19867] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=736,uid=0
[ 1099.814458][T19867] Memory cgroup out of memory: Killed process 736 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35788kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1101.569112][ T1071] oom_reaper: reaped process 736 (syz-executor.3), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB
[ 1101.607762][T19862] syz-executor.3 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000
[ 1101.620254][T19862] CPU: 1 PID: 19862 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1101.628156][T19862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1101.638197][T19862] Call Trace:
[ 1101.641477][T19862]  dump_stack+0x172/0x1f0
[ 1101.645793][T19862]  dump_header+0x10b/0x82d
[ 1101.650203][T19862]  oom_kill_process.cold+0x10/0x15
[ 1101.655296][T19862]  out_of_memory+0x334/0x1340
[ 1101.659974][T19862]  ? lock_downgrade+0x920/0x920
[ 1101.664808][T19862]  ? oom_killer_disable+0x280/0x280
[ 1101.669998][T19862]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1101.675541][T19862]  ? memcg_stat_show+0xc40/0xc40
[ 1101.680493][T19862]  ? do_raw_spin_unlock+0x57/0x270
[ 1101.685604][T19862]  ? _raw_spin_unlock+0x2d/0x50
[ 1101.690442][T19862]  try_charge+0xa2d/0x1440
[ 1101.694858][T19862]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1101.700390][T19862]  ? percpu_ref_tryget_live+0x111/0x290
[ 1101.705920][T19862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1101.712227][T19862]  ? __kasan_check_read+0x11/0x20
[ 1101.717248][T19862]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1101.722782][T19862]  mem_cgroup_try_charge+0x136/0x590
[ 1101.728064][T19862]  __add_to_page_cache_locked+0x43f/0xec0
[ 1101.733766][T19862]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1101.739730][T19862]  ? __kasan_check_read+0x11/0x20
[ 1101.744743][T19862]  ? __filemap_set_wb_err+0x2b0/0x2b0
[ 1101.750096][T19862]  ? __alloc_pages_nodemask+0x653/0x900
[ 1101.755624][T19862]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1101.761842][T19862]  ? xas_start+0x166/0x560
[ 1101.766260][T19862]  ? shadow_lru_isolate+0x430/0x430
[ 1101.771446][T19862]  add_to_page_cache_lru+0x1d8/0x790
[ 1101.776718][T19862]  ? add_to_page_cache_locked+0x40/0x40
[ 1101.782247][T19862]  ? __page_cache_alloc+0x116/0x490
[ 1101.787431][T19862]  pagecache_get_page+0x3c6/0xa00
[ 1101.792445][T19862]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1101.797977][T19862]  grab_cache_page_write_begin+0x75/0xb0
[ 1101.803591][T19862]  ext4_da_write_begin+0x33b/0xc00
[ 1101.808784][T19862]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1101.815006][T19862]  ? ext4_write_begin+0xd80/0xd80
[ 1101.820010][T19862]  ? copyin+0x150/0x150
[ 1101.824146][T19862]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1101.829933][T19862]  ? ktime_get_coarse_real_ts64+0x1ba/0x2b0
[ 1101.835819][T19862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1101.842043][T19862]  generic_perform_write+0x23b/0x540
[ 1101.847307][T19862]  ? timestamp_truncate+0x2f0/0x2f0
[ 1101.852498][T19862]  ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0
[ 1101.860542][T19862]  ? current_time+0x110/0x110
[ 1101.865204][T19862]  ? generic_write_check_limits.isra.0+0x270/0x270
[ 1101.871682][T19862]  ? aa_file_perm+0x40b/0xeb0
[ 1101.876353][T19862]  __generic_file_write_iter+0x25e/0x630
[ 1101.881973][T19862]  ext4_file_write_iter+0x317/0x13c0
[ 1101.887248][T19862]  ? __kasan_check_read+0x11/0x20
[ 1101.892266][T19862]  ? ext4_release_file+0x380/0x380
[ 1101.897357][T19862]  ? mark_lock+0xc2/0x1220
[ 1101.901757][T19862]  ? __kasan_check_read+0x11/0x20
[ 1101.906774][T19862]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1101.913004][T19862]  ? iov_iter_init+0xee/0x220
[ 1101.917663][T19862]  new_sync_write+0x4d3/0x770
[ 1101.922320][T19862]  ? new_sync_read+0x800/0x800
[ 1101.927073][T19862]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 1101.933209][T19862]  ? rcu_read_lock_bh_held+0xb0/0xb0
[ 1101.938477][T19862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1101.944697][T19862]  __vfs_write+0xe1/0x110
[ 1101.949009][T19862]  vfs_write+0x268/0x5d0
[ 1101.953234][T19862]  ksys_write+0x14f/0x290
[ 1101.957560][T19862]  ? __ia32_sys_read+0xb0/0xb0
[ 1101.962309][T19862]  ? do_syscall_64+0x26/0x760
[ 1101.966969][T19862]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1101.973014][T19862]  ? do_syscall_64+0x26/0x760
[ 1101.977675][T19862]  __x64_sys_write+0x73/0xb0
[ 1101.982247][T19862]  do_syscall_64+0xfa/0x760
[ 1101.986736][T19862]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1101.992606][T19862] RIP: 0033:0x45a219
[ 1101.996487][T19862] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1102.016169][T19862] RSP: 002b:00007f612e486c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1102.024562][T19862] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1102.032610][T19862] RDX: 00000000000000f0 RSI: 0000000020000a40 RDI: 0000000000000005
[ 1102.040595][T19862] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1102.048567][T19862] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4876d4
[ 1102.056526][T19862] R13: 00000000004cab18 R14: 00000000004e2fb8 R15: 00000000ffffffff
[ 1102.065272][T19862] memory: usage 295168kB, limit 307200kB, failcnt 45928
[ 1102.072449][T19862] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1102.079763][T19862] Memory cgroup stats for /syz3:
[ 1102.080368][T19862] anon 281550848
[ 1102.080368][T19862] file 61440
[ 1102.080368][T19862] kernel_stack 2293760
[ 1102.080368][T19862] slab 7467008
[ 1102.080368][T19862] sock 0
[ 1102.080368][T19862] shmem 147456
[ 1102.080368][T19862] file_mapped 0
[ 1102.080368][T19862] file_dirty 0
[ 1102.080368][T19862] file_writeback 0
[ 1102.080368][T19862] anon_thp 268435456
[ 1102.080368][T19862] inactive_anon 135168
[ 1102.080368][T19862] active_anon 281550848
[ 1102.080368][T19862] inactive_file 0
[ 1102.080368][T19862] active_file 0
[ 1102.080368][T19862] unevictable 0
[ 1102.080368][T19862] slab_reclaimable 1892352
[ 1102.080368][T19862] slab_unreclaimable 5574656
[ 1102.080368][T19862] pgfault 104214
[ 1102.080368][T19862] pgmajfault 0
[ 1102.080368][T19862] workingset_refault 0
[ 1102.080368][T19862] workingset_activate 0
[ 1102.080368][T19862] workingset_nodereclaim 0
[ 1102.080368][T19862] pgrefill 19387
[ 1102.080368][T19862] pgscan 19403
[ 1102.080368][T19862] pgsteal 102
[ 1102.175354][T19862] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=13749,uid=0
[ 1102.192558][T19862] Memory cgroup out of memory: Killed process 13749 (syz-executor.3) total-vm:72848kB, anon-rss:12460kB, file-rss:35788kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
07:50:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:43 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1102.222294][ T1071] oom_reaper: reaped process 13749 (syz-executor.3), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB
[ 1102.302884][   T26] audit: type=1800 audit(1573026643.448:101): pid=19978 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16591 res=0
07:50:43 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:43 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1700, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4068aea3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x20})

07:50:43 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:43 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380))
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1102.711924][   T26] audit: type=1800 audit(1573026643.888:102): pid=20114 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16851 res=0
07:50:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:44 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:44 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:44 executing program 5:
r0 = socket$kcm(0x29, 0x1000000000002, 0x0)
recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$rds(r0, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1}, 0x0)

[ 1102.996082][T20227] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1103.035002][T20227] CPU: 0 PID: 20227 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1103.042948][T20227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1103.053005][T20227] Call Trace:
[ 1103.056308][T20227]  dump_stack+0x172/0x1f0
[ 1103.060662][T20227]  dump_header+0x10b/0x82d
[ 1103.065088][T20227]  ? oom_kill_process+0x94/0x3f0
[ 1103.070128][T20227]  oom_kill_process.cold+0x10/0x15
[ 1103.075335][T20227]  out_of_memory+0x334/0x1340
[ 1103.080019][T20227]  ? lock_downgrade+0x920/0x920
[ 1103.084885][T20227]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1103.090698][T20227]  ? oom_killer_disable+0x280/0x280
[ 1103.095914][T20227]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1103.101467][T20227]  ? memcg_stat_show+0xc40/0xc40
[ 1103.106418][T20227]  ? do_raw_spin_unlock+0x57/0x270
[ 1103.111540][T20227]  ? _raw_spin_unlock+0x2d/0x50
[ 1103.116407][T20227]  try_charge+0xf4b/0x1440
[ 1103.120841][T20227]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1103.126396][T20227]  ? percpu_ref_tryget_live+0x111/0x290
[ 1103.131955][T20227]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1103.138203][T20227]  ? __kasan_check_read+0x11/0x20
[ 1103.143238][T20227]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1103.148797][T20227]  mem_cgroup_try_charge+0x136/0x590
[ 1103.154096][T20227]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1103.159741][T20227]  wp_page_copy+0x407/0x1860
[ 1103.164339][T20227]  ? find_held_lock+0x35/0x130
[ 1103.169118][T20227]  ? do_wp_page+0x53b/0x15c0
[ 1103.173803][T20227]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1103.179617][T20227]  ? lock_downgrade+0x920/0x920
[ 1103.184513][T20227]  ? swp_swapcount+0x540/0x540
[ 1103.189292][T20227]  ? __kasan_check_read+0x11/0x20
[ 1103.194320][T20227]  ? do_raw_spin_unlock+0x57/0x270
[ 1103.199434][T20227]  do_wp_page+0x543/0x15c0
[ 1103.203865][T20227]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1103.209251][T20227]  __handle_mm_fault+0x23ec/0x4040
[ 1103.214375][T20227]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1103.219931][T20227]  ? handle_mm_fault+0x292/0xaa0
[ 1103.224892][T20227]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1103.231137][T20227]  ? __kasan_check_read+0x11/0x20
[ 1103.236168][T20227]  handle_mm_fault+0x3b7/0xaa0
[ 1103.240941][T20227]  __do_page_fault+0x536/0xdd0
[ 1103.245717][T20227]  do_page_fault+0x38/0x590
[ 1103.250224][T20227]  page_fault+0x39/0x40
[ 1103.254380][T20227] RIP: 0033:0x410228
[ 1103.258271][T20227] Code: 48 8b 05 93 6c 30 00 48 89 08 48 8b 15 91 6c 30 00 48 89 42 08 48 8b 05 76 6c 30 00 48 89 05 7f 6c 30 00 49 8d 81 c0 02 00 00 <48> 89 05 01 20 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 1103.277868][T20227] RSP: 002b:00007ffe5afc5558 EFLAGS: 00010246
[ 1103.283929][T20227] RAX: 000000000248dc00 RBX: 00007ffe5afc5560 RCX: 0000000000716ea0
07:50:44 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1800, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1103.291894][T20227] RDX: 0000000000410060 RSI: 0000000000716e90 RDI: 000000000248dc20
[ 1103.299848][T20227] RBP: 00007ffe5afc55a0 R08: 0000000000000001 R09: 000000000248d940
[ 1103.307801][T20227] R10: 000000000248dc10 R11: 0000000000000202 R12: 0000000000000001
[ 1103.315764][T20227] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe5afc55f0
[ 1103.329286][T20227] memory: usage 307200kB, limit 307200kB, failcnt 45995
07:50:44 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1103.363896][T20227] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1103.412743][T20227] Memory cgroup stats for /syz3:
[ 1103.412855][T20227] anon 293896192
[ 1103.412855][T20227] file 61440
[ 1103.412855][T20227] kernel_stack 2097152
[ 1103.412855][T20227] slab 7467008
[ 1103.412855][T20227] sock 0
[ 1103.412855][T20227] shmem 147456
[ 1103.412855][T20227] file_mapped 0
[ 1103.412855][T20227] file_dirty 0
[ 1103.412855][T20227] file_writeback 0
[ 1103.412855][T20227] anon_thp 281018368
[ 1103.412855][T20227] inactive_anon 135168
[ 1103.412855][T20227] active_anon 293896192
[ 1103.412855][T20227] inactive_file 0
[ 1103.412855][T20227] active_file 0
[ 1103.412855][T20227] unevictable 0
[ 1103.412855][T20227] slab_reclaimable 1892352
[ 1103.412855][T20227] slab_unreclaimable 5574656
[ 1103.412855][T20227] pgfault 104841
[ 1103.412855][T20227] pgmajfault 0
[ 1103.412855][T20227] workingset_refault 0
[ 1103.412855][T20227] workingset_activate 0
[ 1103.412855][T20227] workingset_nodereclaim 0
[ 1103.412855][T20227] pgrefill 19387
[ 1103.412855][T20227] pgscan 19403
[ 1103.412855][T20227] pgsteal 102
[ 1103.567639][   T26] audit: type=1800 audit(1573026644.748:103): pid=20351 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16851 res=0
07:50:44 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1103.684478][T20227] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20098,uid=0
[ 1103.719761][T20227] Memory cgroup out of memory: Killed process 20098 (syz-executor.3) total-vm:72980kB, anon-rss:14516kB, file-rss:35812kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:50:45 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:45 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:45 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r54, 0x540f, &(0x7f0000000380))
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1103.811739][   T26] audit: type=1800 audit(1573026644.988:104): pid=20458 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=630 res=0
[ 1103.840970][ T1071] oom_reaper: reaped process 20098 (syz-executor.3), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB
07:50:45 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:45 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:45 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1104.116968][   T26] audit: type=1800 audit(1573026645.298:105): pid=20581 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=631 res=0
07:50:45 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@empty}, 0x20)

07:50:45 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1900, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1104.271443][   T26] audit: type=1800 audit(1573026645.448:106): pid=20592 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16615 res=0
07:50:45 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:45 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:45 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1104.475744][T20706] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1104.487640][T20706] CPU: 0 PID: 20706 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1104.487650][T20706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1104.487655][T20706] Call Trace:
[ 1104.487675][T20706]  dump_stack+0x172/0x1f0
[ 1104.487695][T20706]  dump_header+0x10b/0x82d
[ 1104.487713][T20706]  oom_kill_process.cold+0x10/0x15
07:50:45 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000001c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f00000000c0), 0x4)

[ 1104.487731][T20706]  out_of_memory+0x334/0x1340
[ 1104.528209][T20706]  ? lock_downgrade+0x920/0x920
[ 1104.533074][T20706]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1104.538891][T20706]  ? oom_killer_disable+0x280/0x280
[ 1104.544100][T20706]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1104.549649][T20706]  ? memcg_stat_show+0xc40/0xc40
[ 1104.554599][T20706]  ? do_raw_spin_unlock+0x57/0x270
[ 1104.559719][T20706]  ? _raw_spin_unlock+0x2d/0x50
[ 1104.564562][T20706]  try_charge+0xf4b/0x1440
[ 1104.568977][T20706]  ? find_held_lock+0x35/0x130
[ 1104.573730][T20706]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1104.579255][T20706]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1104.584794][T20706]  ? find_held_lock+0x35/0x130
[ 1104.589552][T20706]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1104.595089][T20706]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1104.600616][T20706]  ? memcg_kmem_put_cache+0x50/0x50
[ 1104.605800][T20706]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1104.611329][T20706]  __memcg_kmem_charge+0x13a/0x3a0
[ 1104.616438][T20706]  __alloc_pages_nodemask+0x4f5/0x900
[ 1104.621795][T20706]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1104.627503][T20706]  ? copyin+0x100/0x150
[ 1104.631646][T20706]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1104.637870][T20706]  alloc_pages_current+0x107/0x210
[ 1104.642975][T20706]  pipe_write+0x66d/0xf40
[ 1104.647299][T20706]  new_sync_write+0x4d3/0x770
[ 1104.651964][T20706]  ? new_sync_read+0x800/0x800
[ 1104.657422][T20706]  ? common_file_perm+0x238/0x720
[ 1104.662434][T20706]  ? __fget+0x384/0x560
[ 1104.666579][T20706]  ? apparmor_file_permission+0x25/0x30
[ 1104.672110][T20706]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1104.678331][T20706]  ? security_file_permission+0x8f/0x380
[ 1104.683957][T20706]  __vfs_write+0xe1/0x110
[ 1104.688270][T20706]  vfs_write+0x268/0x5d0
[ 1104.692501][T20706]  ksys_write+0x14f/0x290
[ 1104.696813][T20706]  ? __ia32_sys_read+0xb0/0xb0
[ 1104.701559][T20706]  ? do_syscall_64+0x26/0x760
[ 1104.706221][T20706]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1104.712277][T20706]  ? do_syscall_64+0x26/0x760
[ 1104.716940][T20706]  __x64_sys_write+0x73/0xb0
[ 1104.721511][T20706]  do_syscall_64+0xfa/0x760
[ 1104.726004][T20706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1104.731876][T20706] RIP: 0033:0x45a219
[ 1104.735753][T20706] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1104.755379][T20706] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1104.763774][T20706] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1104.771725][T20706] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1104.779679][T20706] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1104.787632][T20706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1104.795583][T20706] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1104.805504][T20706] memory: usage 307200kB, limit 307200kB, failcnt 46052
[ 1104.812454][T20706] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1104.819303][T20706] Memory cgroup stats for /syz3:
[ 1104.820281][T20706] anon 293822464
[ 1104.820281][T20706] file 61440
[ 1104.820281][T20706] kernel_stack 2162688
[ 1104.820281][T20706] slab 7467008
[ 1104.820281][T20706] sock 0
[ 1104.820281][T20706] shmem 147456
[ 1104.820281][T20706] file_mapped 0
[ 1104.820281][T20706] file_dirty 0
[ 1104.820281][T20706] file_writeback 0
[ 1104.820281][T20706] anon_thp 278921216
[ 1104.820281][T20706] inactive_anon 135168
[ 1104.820281][T20706] active_anon 293822464
[ 1104.820281][T20706] inactive_file 0
[ 1104.820281][T20706] active_file 0
[ 1104.820281][T20706] unevictable 0
[ 1104.820281][T20706] slab_reclaimable 1892352
[ 1104.820281][T20706] slab_unreclaimable 5574656
[ 1104.820281][T20706] pgfault 105699
[ 1104.820281][T20706] pgmajfault 0
[ 1104.820281][T20706] workingset_refault 0
[ 1104.820281][T20706] workingset_activate 0
[ 1104.820281][T20706] workingset_nodereclaim 0
[ 1104.820281][T20706] pgrefill 19387
[ 1104.820281][T20706] pgscan 19403
[ 1104.820281][T20706] pgsteal 102
[ 1104.913760][T20706] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20577,uid=0
[ 1104.929247][T20706] Memory cgroup out of memory: Killed process 20577 (syz-executor.3) total-vm:72980kB, anon-rss:13112kB, file-rss:35816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1106.521000][ T1071] oom_reaper: reaped process 20577 (syz-executor.3), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB
[ 1106.682241][   T26] audit: type=1800 audit(1573026647.858:107): pid=20726 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=17185 res=0
[ 1106.711067][T20706] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1106.723002][T20706] CPU: 0 PID: 20706 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
07:50:47 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'bridge_slave_0\x00\x04'})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b")

[ 1106.730897][T20706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1106.740950][T20706] Call Trace:
[ 1106.744249][T20706]  dump_stack+0x172/0x1f0
[ 1106.748588][T20706]  dump_header+0x10b/0x82d
[ 1106.753015][T20706]  oom_kill_process.cold+0x10/0x15
[ 1106.758131][T20706]  out_of_memory+0x334/0x1340
[ 1106.762831][T20706]  ? lock_downgrade+0x920/0x920
[ 1106.767695][T20706]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1106.773619][T20706]  ? oom_killer_disable+0x280/0x280
[ 1106.778835][T20706]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1106.784416][T20706]  ? memcg_stat_show+0xc40/0xc40
[ 1106.789368][T20706]  ? do_raw_spin_unlock+0x57/0x270
[ 1106.794497][T20706]  ? _raw_spin_unlock+0x2d/0x50
[ 1106.799360][T20706]  try_charge+0xf4b/0x1440
[ 1106.803782][T20706]  ? find_held_lock+0x35/0x130
[ 1106.808558][T20706]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1106.814108][T20706]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1106.819660][T20706]  ? find_held_lock+0x35/0x130
[ 1106.824430][T20706]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1106.829993][T20706]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1106.835542][T20706]  ? memcg_kmem_put_cache+0x50/0x50
[ 1106.840751][T20706]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1106.846303][T20706]  __memcg_kmem_charge+0x13a/0x3a0
[ 1106.851425][T20706]  __alloc_pages_nodemask+0x4f5/0x900
[ 1106.856810][T20706]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1106.862534][T20706]  ? ___might_sleep+0x163/0x2c0
[ 1106.867398][T20706]  ? copyin+0x100/0x150
[ 1106.871570][T20706]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1106.877818][T20706]  alloc_pages_current+0x107/0x210
07:50:48 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1106.882945][T20706]  pipe_write+0x66d/0xf40
[ 1106.887295][T20706]  new_sync_write+0x4d3/0x770
[ 1106.891976][T20706]  ? new_sync_read+0x800/0x800
[ 1106.896788][T20706]  ? common_file_perm+0x238/0x720
[ 1106.901812][T20706]  ? __fget+0x384/0x560
[ 1106.905969][T20706]  ? apparmor_file_permission+0x25/0x30
[ 1106.911520][T20706]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1106.917760][T20706]  ? security_file_permission+0x8f/0x380
[ 1106.923392][T20706]  __vfs_write+0xe1/0x110
[ 1106.927721][T20706]  vfs_write+0x268/0x5d0
[ 1106.931951][T20706]  ksys_write+0x14f/0x290
[ 1106.936270][T20706]  ? __ia32_sys_read+0xb0/0xb0
[ 1106.941020][T20706]  ? do_syscall_64+0x26/0x760
[ 1106.945686][T20706]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1106.951745][T20706]  ? do_syscall_64+0x26/0x760
[ 1106.956410][T20706]  __x64_sys_write+0x73/0xb0
[ 1106.960984][T20706]  do_syscall_64+0xfa/0x760
[ 1106.965475][T20706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1106.971353][T20706] RIP: 0033:0x45a219
[ 1106.975232][T20706] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1106.994818][T20706] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1107.003212][T20706] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1107.011177][T20706] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1107.019132][T20706] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1107.027085][T20706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1107.035039][T20706] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1107.044873][T20706] memory: usage 307056kB, limit 307200kB, failcnt 52981
[ 1107.051838][T20706] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1107.058683][T20706] Memory cgroup stats for /syz3:
[ 1107.058772][T20706] anon 293695488
[ 1107.058772][T20706] file 61440
[ 1107.058772][T20706] kernel_stack 2228224
[ 1107.058772][T20706] slab 7467008
[ 1107.058772][T20706] sock 0
[ 1107.058772][T20706] shmem 147456
[ 1107.058772][T20706] file_mapped 0
[ 1107.058772][T20706] file_dirty 0
[ 1107.058772][T20706] file_writeback 0
[ 1107.058772][T20706] anon_thp 276824064
[ 1107.058772][T20706] inactive_anon 135168
[ 1107.058772][T20706] active_anon 293695488
[ 1107.058772][T20706] inactive_file 0
[ 1107.058772][T20706] active_file 0
[ 1107.058772][T20706] unevictable 0
[ 1107.058772][T20706] slab_reclaimable 1892352
[ 1107.058772][T20706] slab_unreclaimable 5574656
[ 1107.058772][T20706] pgfault 106656
[ 1107.058772][T20706] pgmajfault 0
[ 1107.058772][T20706] workingset_refault 0
[ 1107.058772][T20706] workingset_activate 0
[ 1107.058772][T20706] workingset_nodereclaim 0
[ 1107.058772][T20706] pgrefill 19387
[ 1107.058772][T20706] pgscan 19403
[ 1107.058772][T20706] pgsteal 102
[ 1107.152266][T20706] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20596,uid=0
[ 1107.167792][T20706] Memory cgroup out of memory: Killed process 20699 (syz-executor.3) total-vm:72980kB, anon-rss:14096kB, file-rss:35804kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1107.222916][ T1071] oom_reaper: reaped process 20699 (syz-executor.3), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB
07:50:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:48 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:48 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1107.624024][   T26] audit: type=1800 audit(1573026648.798:108): pid=20958 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16614 res=0
[ 1107.676186][T20828] bridge0: port 1(bridge_slave_0) entered disabled state
07:50:48 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:49 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1a00, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:49 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1107.933669][T21073] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1107.945617][T21073] CPU: 0 PID: 21073 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1107.953514][T21073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1107.963574][T21073] Call Trace:
[ 1107.966883][T21073]  dump_stack+0x172/0x1f0
[ 1107.971230][T21073]  dump_header+0x10b/0x82d
[ 1107.975665][T21073]  oom_kill_process.cold+0x10/0x15
[ 1107.980789][T21073]  out_of_memory+0x334/0x1340
[ 1107.985478][T21073]  ? lock_downgrade+0x920/0x920
[ 1107.990337][T21073]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1107.996152][T21073]  ? oom_killer_disable+0x280/0x280
[ 1108.001374][T21073]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1108.006929][T21073]  ? memcg_stat_show+0xc40/0xc40
[ 1108.011872][T21073]  ? do_raw_spin_unlock+0x57/0x270
[ 1108.016994][T21073]  ? _raw_spin_unlock+0x2d/0x50
[ 1108.021854][T21073]  try_charge+0xf4b/0x1440
[ 1108.026272][T21073]  ? find_held_lock+0x35/0x130
[ 1108.031050][T21073]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1108.036595][T21073]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1108.042143][T21073]  ? find_held_lock+0x35/0x130
[ 1108.046920][T21073]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1108.052483][T21073]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1108.058056][T21073]  ? memcg_kmem_put_cache+0x50/0x50
[ 1108.063268][T21073]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1108.068831][T21073]  __memcg_kmem_charge+0x13a/0x3a0
[ 1108.073950][T21073]  __alloc_pages_nodemask+0x4f5/0x900
[ 1108.079335][T21073]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1108.085064][T21073]  ? copyin+0x100/0x150
[ 1108.089231][T21073]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1108.095482][T21073]  alloc_pages_current+0x107/0x210
[ 1108.100595][T21073]  pipe_write+0x66d/0xf40
[ 1108.104940][T21073]  new_sync_write+0x4d3/0x770
[ 1108.109623][T21073]  ? new_sync_read+0x800/0x800
[ 1108.114396][T21073]  ? common_file_perm+0x238/0x720
[ 1108.119420][T21073]  ? __fget+0x384/0x560
[ 1108.123590][T21073]  ? apparmor_file_permission+0x25/0x30
[ 1108.129142][T21073]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1108.135390][T21073]  ? security_file_permission+0x8f/0x380
[ 1108.141029][T21073]  __vfs_write+0xe1/0x110
[ 1108.145365][T21073]  vfs_write+0x268/0x5d0
[ 1108.149613][T21073]  ksys_write+0x14f/0x290
[ 1108.153951][T21073]  ? __ia32_sys_read+0xb0/0xb0
[ 1108.158720][T21073]  ? do_syscall_64+0x26/0x760
[ 1108.163399][T21073]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1108.169474][T21073]  ? do_syscall_64+0x26/0x760
[ 1108.174162][T21073]  __x64_sys_write+0x73/0xb0
[ 1108.178759][T21073]  do_syscall_64+0xfa/0x760
[ 1108.183275][T21073]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1108.189169][T21073] RIP: 0033:0x45a219
[ 1108.193064][T21073] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1108.212680][T21073] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1108.221097][T21073] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1108.229073][T21073] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1108.237070][T21073] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1108.245045][T21073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1108.253021][T21073] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1108.261272][T21073] memory: usage 307200kB, limit 307200kB, failcnt 53042
[ 1108.268270][T21073] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1108.275143][T21073] Memory cgroup stats for /syz3:
[ 1108.275234][T21073] anon 293687296
[ 1108.275234][T21073] file 61440
[ 1108.275234][T21073] kernel_stack 2162688
[ 1108.275234][T21073] slab 7467008
[ 1108.275234][T21073] sock 0
[ 1108.275234][T21073] shmem 147456
[ 1108.275234][T21073] file_mapped 0
[ 1108.275234][T21073] file_dirty 0
[ 1108.275234][T21073] file_writeback 0
[ 1108.275234][T21073] anon_thp 278921216
[ 1108.275234][T21073] inactive_anon 135168
[ 1108.275234][T21073] active_anon 293687296
[ 1108.275234][T21073] inactive_file 0
[ 1108.275234][T21073] active_file 0
[ 1108.275234][T21073] unevictable 0
[ 1108.275234][T21073] slab_reclaimable 1892352
[ 1108.275234][T21073] slab_unreclaimable 5574656
[ 1108.275234][T21073] pgfault 107712
[ 1108.275234][T21073] pgmajfault 0
[ 1108.275234][T21073] workingset_refault 0
[ 1108.275234][T21073] workingset_activate 0
[ 1108.275234][T21073] workingset_nodereclaim 0
[ 1108.275234][T21073] pgrefill 19387
[ 1108.275234][T21073] pgscan 19403
[ 1108.275234][T21073] pgsteal 102
[ 1108.368935][T21073] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20955,uid=0
[ 1108.384398][T21073] Memory cgroup out of memory: Killed process 20955 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1108.564923][    C1] protocol 88fb is buggy, dev hsr_slave_0
[ 1108.564959][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1108.570713][    C1] protocol 88fb is buggy, dev hsr_slave_1
[ 1108.576512][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1108.582197][    C1] protocol 88fb is buggy, dev hsr_slave_0
[ 1108.587863][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1108.593595][    C1] protocol 88fb is buggy, dev hsr_slave_1
[ 1108.599375][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1108.610790][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1108.616658][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1109.579141][ T1071] oom_reaper: reaped process 20955 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[ 1109.605262][T21073] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1109.617198][T21073] CPU: 0 PID: 21073 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1109.625075][T21073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1109.635109][T21073] Call Trace:
[ 1109.638387][T21073]  dump_stack+0x172/0x1f0
[ 1109.642709][T21073]  dump_header+0x10b/0x82d
[ 1109.647111][T21073]  oom_kill_process.cold+0x10/0x15
[ 1109.652214][T21073]  out_of_memory+0x334/0x1340
[ 1109.656898][T21073]  ? lock_downgrade+0x920/0x920
[ 1109.661757][T21073]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1109.667568][T21073]  ? oom_killer_disable+0x280/0x280
[ 1109.672770][T21073]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1109.678300][T21073]  ? memcg_stat_show+0xc40/0xc40
[ 1109.683223][T21073]  ? do_raw_spin_unlock+0x57/0x270
[ 1109.688317][T21073]  ? _raw_spin_unlock+0x2d/0x50
[ 1109.693154][T21073]  try_charge+0xf4b/0x1440
[ 1109.697570][T21073]  ? find_held_lock+0x35/0x130
[ 1109.702324][T21073]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1109.707849][T21073]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1109.713387][T21073]  ? find_held_lock+0x35/0x130
[ 1109.718133][T21073]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1109.723667][T21073]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1109.729199][T21073]  ? memcg_kmem_put_cache+0x50/0x50
[ 1109.734382][T21073]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1109.739925][T21073]  __memcg_kmem_charge+0x13a/0x3a0
[ 1109.745020][T21073]  __alloc_pages_nodemask+0x4f5/0x900
[ 1109.750374][T21073]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1109.756078][T21073]  ? copyin+0x100/0x150
[ 1109.760219][T21073]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1109.766453][T21073]  alloc_pages_current+0x107/0x210
[ 1109.771547][T21073]  pipe_write+0x66d/0xf40
[ 1109.775868][T21073]  new_sync_write+0x4d3/0x770
[ 1109.780530][T21073]  ? new_sync_read+0x800/0x800
[ 1109.785282][T21073]  ? common_file_perm+0x238/0x720
[ 1109.790289][T21073]  ? __fget+0x384/0x560
[ 1109.794439][T21073]  ? apparmor_file_permission+0x25/0x30
[ 1109.799966][T21073]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1109.806190][T21073]  ? security_file_permission+0x8f/0x380
[ 1109.811808][T21073]  __vfs_write+0xe1/0x110
[ 1109.816120][T21073]  vfs_write+0x268/0x5d0
[ 1109.820344][T21073]  ksys_write+0x14f/0x290
[ 1109.824668][T21073]  ? __ia32_sys_read+0xb0/0xb0
[ 1109.829423][T21073]  ? do_syscall_64+0x26/0x760
[ 1109.834081][T21073]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1109.840128][T21073]  ? do_syscall_64+0x26/0x760
[ 1109.844794][T21073]  __x64_sys_write+0x73/0xb0
[ 1109.849369][T21073]  do_syscall_64+0xfa/0x760
[ 1109.853856][T21073]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1109.859730][T21073] RIP: 0033:0x45a219
[ 1109.863607][T21073] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1109.883191][T21073] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1109.891595][T21073] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1109.899547][T21073] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1109.907515][T21073] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1109.915478][T21073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1109.923436][T21073] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1109.931606][T21073] memory: usage 295620kB, limit 307200kB, failcnt 57954
[ 1109.938568][T21073] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1109.945429][T21073] Memory cgroup stats for /syz3:
[ 1109.945531][T21073] anon 281055232
[ 1109.945531][T21073] file 61440
[ 1109.945531][T21073] kernel_stack 2228224
[ 1109.945531][T21073] slab 8302592
[ 1109.945531][T21073] sock 0
[ 1109.945531][T21073] shmem 147456
[ 1109.945531][T21073] file_mapped 0
[ 1109.945531][T21073] file_dirty 0
[ 1109.945531][T21073] file_writeback 0
[ 1109.945531][T21073] anon_thp 266338304
[ 1109.945531][T21073] inactive_anon 135168
[ 1109.945531][T21073] active_anon 281055232
[ 1109.945531][T21073] inactive_file 0
[ 1109.945531][T21073] active_file 0
[ 1109.945531][T21073] unevictable 0
[ 1109.945531][T21073] slab_reclaimable 1892352
[ 1109.945531][T21073] slab_unreclaimable 6410240
[ 1109.945531][T21073] pgfault 107712
[ 1109.945531][T21073] pgmajfault 0
[ 1109.945531][T21073] workingset_refault 0
[ 1109.945531][T21073] workingset_activate 0
[ 1109.945531][T21073] workingset_nodereclaim 0
[ 1109.945531][T21073] pgrefill 19387
[ 1109.945531][T21073] pgscan 19403
[ 1109.945531][T21073] pgsteal 102
[ 1110.039228][T21073] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20120,uid=0
[ 1110.055021][T21073] Memory cgroup out of memory: Killed process 20120 (syz-executor.3) total-vm:72980kB, anon-rss:11000kB, file-rss:35808kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
07:50:51 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1110.078820][ T1071] oom_reaper: reaped process 20120 (syz-executor.3), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB
07:50:51 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:51 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:51 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f000001bfc8)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv6_getaddr={0x2c, 0x16, 0x8349bc1195a76455, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @loopback}]}, 0x2c}}, 0x0)

07:50:51 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1110.336115][   T26] audit: type=1800 audit(1573026651.518:109): pid=21198 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=632 res=0
07:50:51 executing program 5:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:51 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:51 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:51 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:51 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1b00, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:51 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
dup2(r53, r53)
r54 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r54, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:52 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:52 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:52 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:52 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:52 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1111.290913][   T26] audit: type=1800 audit(1573026652.458:110): pid=21575 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16707 res=0
07:50:52 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r54 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r54, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:52 executing program 5:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:50:52 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:52 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:52 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1111.803219][   T26] audit: type=1800 audit(1573026652.978:111): pid=21717 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=17250 res=0
07:50:53 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1c00, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:53 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:53 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:53 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:53 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r54 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r54, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1112.207005][T21845] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1112.220820][T21845] CPU: 1 PID: 21845 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1112.228748][T21845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1112.238809][T21845] Call Trace:
[ 1112.242128][T21845]  dump_stack+0x172/0x1f0
[ 1112.246482][T21845]  dump_header+0x10b/0x82d
[ 1112.250923][T21845]  oom_kill_process.cold+0x10/0x15
[ 1112.256055][T21845]  out_of_memory+0x334/0x1340
[ 1112.260748][T21845]  ? lock_downgrade+0x920/0x920
[ 1112.265654][T21845]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1112.271485][T21845]  ? oom_killer_disable+0x280/0x280
[ 1112.276711][T21845]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1112.282276][T21845]  ? memcg_stat_show+0xc40/0xc40
[ 1112.287233][T21845]  ? do_raw_spin_unlock+0x57/0x270
[ 1112.292362][T21845]  ? _raw_spin_unlock+0x2d/0x50
[ 1112.297232][T21845]  try_charge+0xf4b/0x1440
[ 1112.301653][T21845]  ? find_held_lock+0x35/0x130
[ 1112.306435][T21845]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1112.311995][T21845]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1112.317549][T21845]  ? find_held_lock+0x35/0x130
[ 1112.322325][T21845]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1112.327982][T21845]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1112.333554][T21845]  ? memcg_kmem_put_cache+0x50/0x50
[ 1112.338765][T21845]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1112.344322][T21845]  __memcg_kmem_charge+0x13a/0x3a0
[ 1112.349443][T21845]  __alloc_pages_nodemask+0x4f5/0x900
[ 1112.354825][T21845]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1112.360674][T21845]  ? copyin+0x100/0x150
[ 1112.367634][T21845]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1112.373891][T21845]  alloc_pages_current+0x107/0x210
[ 1112.379015][T21845]  pipe_write+0x66d/0xf40
[ 1112.383379][T21845]  new_sync_write+0x4d3/0x770
[ 1112.388069][T21845]  ? new_sync_read+0x800/0x800
[ 1112.392850][T21845]  ? common_file_perm+0x238/0x720
[ 1112.397880][T21845]  ? __fget+0x384/0x560
[ 1112.402043][T21845]  ? apparmor_file_permission+0x25/0x30
[ 1112.407599][T21845]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1112.413851][T21845]  ? security_file_permission+0x8f/0x380
[ 1112.419497][T21845]  __vfs_write+0xe1/0x110
[ 1112.423845][T21845]  vfs_write+0x268/0x5d0
[ 1112.428105][T21845]  ksys_write+0x14f/0x290
[ 1112.432449][T21845]  ? __ia32_sys_read+0xb0/0xb0
[ 1112.437423][T21845]  ? do_syscall_64+0x26/0x760
[ 1112.442113][T21845]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1112.448186][T21845]  ? do_syscall_64+0x26/0x760
[ 1112.452874][T21845]  __x64_sys_write+0x73/0xb0
[ 1112.457475][T21845]  do_syscall_64+0xfa/0x760
[ 1112.462001][T21845]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1112.467895][T21845] RIP: 0033:0x45a219
[ 1112.471799][T21845] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1112.491410][T21845] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1112.499834][T21845] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1112.507814][T21845] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1112.515796][T21845] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1112.523790][T21845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1112.531776][T21845] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1112.540668][T21845] memory: usage 307200kB, limit 307200kB, failcnt 58014
[ 1112.547662][T21845] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1112.554509][T21845] Memory cgroup stats for /syz3:
[ 1112.554610][T21845] anon 292601856
[ 1112.554610][T21845] file 61440
[ 1112.554610][T21845] kernel_stack 2162688
[ 1112.554610][T21845] slab 8302592
[ 1112.554610][T21845] sock 0
[ 1112.554610][T21845] shmem 147456
[ 1112.554610][T21845] file_mapped 0
[ 1112.554610][T21845] file_dirty 0
[ 1112.554610][T21845] file_writeback 0
[ 1112.554610][T21845] anon_thp 278921216
[ 1112.554610][T21845] inactive_anon 135168
[ 1112.554610][T21845] active_anon 292601856
[ 1112.554610][T21845] inactive_file 0
[ 1112.554610][T21845] active_file 0
[ 1112.554610][T21845] unevictable 0
[ 1112.554610][T21845] slab_reclaimable 1892352
[ 1112.554610][T21845] slab_unreclaimable 6410240
[ 1112.554610][T21845] pgfault 108768
[ 1112.554610][T21845] pgmajfault 0
[ 1112.554610][T21845] workingset_refault 0
[ 1112.554610][T21845] workingset_activate 0
[ 1112.554610][T21845] workingset_nodereclaim 0
[ 1112.554610][T21845] pgrefill 19387
[ 1112.554610][T21845] pgscan 19403
[ 1112.554610][T21845] pgsteal 102
[ 1112.648196][T21845] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21693,uid=0
[ 1112.663659][T21845] Memory cgroup out of memory: Killed process 21693 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
07:50:54 executing program 5:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r52, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r53 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r54 = dup2(r53, r53)
setsockopt$inet6_tcp_int(r54, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r54, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
r55 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r55, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r56 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r56, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1113.548090][   T26] audit: type=1800 audit(1573026654.728:112): pid=21948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16589 res=0
07:50:54 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1113.720632][T21845] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1113.732572][T21845] CPU: 1 PID: 21845 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1113.740474][T21845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1113.750531][T21845] Call Trace:
[ 1113.753832][T21845]  dump_stack+0x172/0x1f0
[ 1113.758179][T21845]  dump_header+0x10b/0x82d
[ 1113.762610][T21845]  oom_kill_process.cold+0x10/0x15
[ 1113.767728][T21845]  out_of_memory+0x334/0x1340
[ 1113.772405][T21845]  ? lock_downgrade+0x920/0x920
[ 1113.777259][T21845]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1113.783051][T21845]  ? oom_killer_disable+0x280/0x280
[ 1113.788242][T21845]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1113.793798][T21845]  ? memcg_stat_show+0xc40/0xc40
[ 1113.798722][T21845]  ? do_raw_spin_unlock+0x57/0x270
[ 1113.803819][T21845]  ? _raw_spin_unlock+0x2d/0x50
[ 1113.808652][T21845]  try_charge+0xf4b/0x1440
[ 1113.813048][T21845]  ? find_held_lock+0x35/0x130
[ 1113.817798][T21845]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1113.823325][T21845]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1113.828853][T21845]  ? find_held_lock+0x35/0x130
[ 1113.833615][T21845]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1113.839157][T21845]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1113.844686][T21845]  ? memcg_kmem_put_cache+0x50/0x50
[ 1113.849879][T21845]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1113.855418][T21845]  __memcg_kmem_charge+0x13a/0x3a0
[ 1113.860519][T21845]  __alloc_pages_nodemask+0x4f5/0x900
[ 1113.865875][T21845]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1113.871575][T21845]  ? ___might_sleep+0x163/0x2c0
[ 1113.876408][T21845]  ? copyin+0x100/0x150
[ 1113.880551][T21845]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1113.886776][T21845]  alloc_pages_current+0x107/0x210
[ 1113.891869][T21845]  pipe_write+0x66d/0xf40
[ 1113.896187][T21845]  new_sync_write+0x4d3/0x770
[ 1113.900863][T21845]  ? new_sync_read+0x800/0x800
[ 1113.905624][T21845]  ? common_file_perm+0x238/0x720
[ 1113.910641][T21845]  ? __fget+0x384/0x560
[ 1113.914794][T21845]  ? apparmor_file_permission+0x25/0x30
[ 1113.920333][T21845]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1113.926565][T21845]  ? security_file_permission+0x8f/0x380
[ 1113.932181][T21845]  __vfs_write+0xe1/0x110
[ 1113.936496][T21845]  vfs_write+0x268/0x5d0
[ 1113.940724][T21845]  ksys_write+0x14f/0x290
[ 1113.945034][T21845]  ? __ia32_sys_read+0xb0/0xb0
[ 1113.949779][T21845]  ? do_syscall_64+0x26/0x760
[ 1113.954444][T21845]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1113.960490][T21845]  ? do_syscall_64+0x26/0x760
[ 1113.965151][T21845]  __x64_sys_write+0x73/0xb0
[ 1113.969721][T21845]  do_syscall_64+0xfa/0x760
[ 1113.974210][T21845]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1113.980102][T21845] RIP: 0033:0x45a219
[ 1113.983983][T21845] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1114.003566][T21845] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1114.011957][T21845] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1114.019908][T21845] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1114.027871][T21845] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1114.035822][T21845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1114.043782][T21845] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1114.051954][T21845] memory: usage 307200kB, limit 307200kB, failcnt 61851
[ 1114.058961][T21845] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1114.065855][T21845] Memory cgroup stats for /syz3:
[ 1114.065952][T21845] anon 292683776
[ 1114.065952][T21845] file 61440
[ 1114.065952][T21845] kernel_stack 2228224
[ 1114.065952][T21845] slab 8302592
[ 1114.065952][T21845] sock 0
[ 1114.065952][T21845] shmem 147456
[ 1114.065952][T21845] file_mapped 0
[ 1114.065952][T21845] file_dirty 0
[ 1114.065952][T21845] file_writeback 0
[ 1114.065952][T21845] anon_thp 276824064
[ 1114.065952][T21845] inactive_anon 135168
[ 1114.065952][T21845] active_anon 292683776
[ 1114.065952][T21845] inactive_file 0
[ 1114.065952][T21845] active_file 0
[ 1114.065952][T21845] unevictable 0
[ 1114.065952][T21845] slab_reclaimable 1892352
[ 1114.065952][T21845] slab_unreclaimable 6410240
[ 1114.065952][T21845] pgfault 109626
[ 1114.065952][T21845] pgmajfault 0
[ 1114.065952][T21845] workingset_refault 0
[ 1114.065952][T21845] workingset_activate 0
[ 1114.065952][T21845] workingset_nodereclaim 0
[ 1114.065952][T21845] pgrefill 19387
[ 1114.065952][T21845] pgscan 19403
[ 1114.065952][T21845] pgsteal 102
07:50:55 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1114.159511][T21845] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21839,uid=0
[ 1114.174976][T21845] Memory cgroup out of memory: Killed process 21840 (syz-executor.3) total-vm:72980kB, anon-rss:13832kB, file-rss:35868kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1114.203319][ T1071] oom_reaper: reaped process 21840 (syz-executor.3), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB
07:50:55 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:55 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:55 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
socket$inet_udplite(0x2, 0x2, 0x88)
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1114.607266][T22083] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1114.619207][T22083] CPU: 1 PID: 22083 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1114.627100][T22083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1114.637153][T22083] Call Trace:
[ 1114.640431][T22083]  dump_stack+0x172/0x1f0
[ 1114.644745][T22083]  dump_header+0x10b/0x82d
[ 1114.649149][T22083]  oom_kill_process.cold+0x10/0x15
[ 1114.654245][T22083]  out_of_memory+0x334/0x1340
[ 1114.658901][T22083]  ? lock_downgrade+0x920/0x920
[ 1114.663734][T22083]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1114.669522][T22083]  ? oom_killer_disable+0x280/0x280
[ 1114.674710][T22083]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1114.680256][T22083]  ? memcg_stat_show+0xc40/0xc40
[ 1114.685177][T22083]  ? do_raw_spin_unlock+0x57/0x270
[ 1114.690286][T22083]  ? _raw_spin_unlock+0x2d/0x50
[ 1114.695130][T22083]  try_charge+0xf4b/0x1440
[ 1114.699534][T22083]  ? find_held_lock+0x35/0x130
[ 1114.704283][T22083]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1114.709806][T22083]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1114.715335][T22083]  ? find_held_lock+0x35/0x130
[ 1114.720100][T22083]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1114.725645][T22083]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1114.731175][T22083]  ? memcg_kmem_put_cache+0x50/0x50
[ 1114.736374][T22083]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1114.741927][T22083]  __memcg_kmem_charge+0x13a/0x3a0
[ 1114.747025][T22083]  __alloc_pages_nodemask+0x4f5/0x900
[ 1114.752382][T22083]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1114.758081][T22083]  ? ___might_sleep+0x163/0x2c0
[ 1114.762913][T22083]  ? copyin+0x100/0x150
[ 1114.767053][T22083]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1114.773275][T22083]  alloc_pages_current+0x107/0x210
[ 1114.778368][T22083]  pipe_write+0x66d/0xf40
[ 1114.782685][T22083]  new_sync_write+0x4d3/0x770
[ 1114.787346][T22083]  ? new_sync_read+0x800/0x800
[ 1114.792096][T22083]  ? common_file_perm+0x238/0x720
[ 1114.797098][T22083]  ? __fget+0x384/0x560
[ 1114.801237][T22083]  ? apparmor_file_permission+0x25/0x30
[ 1114.806763][T22083]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1114.812982][T22083]  ? security_file_permission+0x8f/0x380
[ 1114.818597][T22083]  __vfs_write+0xe1/0x110
[ 1114.822907][T22083]  vfs_write+0x268/0x5d0
[ 1114.827131][T22083]  ksys_write+0x14f/0x290
[ 1114.831440][T22083]  ? __ia32_sys_read+0xb0/0xb0
[ 1114.836188][T22083]  ? do_syscall_64+0x26/0x760
[ 1114.840846][T22083]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1114.846901][T22083]  ? do_syscall_64+0x26/0x760
[ 1114.851563][T22083]  __x64_sys_write+0x73/0xb0
[ 1114.856135][T22083]  do_syscall_64+0xfa/0x760
[ 1114.860631][T22083]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1114.866503][T22083] RIP: 0033:0x45a219
[ 1114.870381][T22083] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1114.889964][T22083] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1114.898355][T22083] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1114.906321][T22083] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1114.914281][T22083] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1114.922239][T22083] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1114.930206][T22083] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1114.938741][T22083] memory: usage 307184kB, limit 307200kB, failcnt 61981
[ 1114.945743][T22083] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1114.952714][T22083] Memory cgroup stats for /syz3:
[ 1114.952827][T22083] anon 292818944
[ 1114.952827][T22083] file 61440
[ 1114.952827][T22083] kernel_stack 2228224
[ 1114.952827][T22083] slab 8437760
[ 1114.952827][T22083] sock 0
[ 1114.952827][T22083] shmem 147456
[ 1114.952827][T22083] file_mapped 0
[ 1114.952827][T22083] file_dirty 0
[ 1114.952827][T22083] file_writeback 0
[ 1114.952827][T22083] anon_thp 278921216
[ 1114.952827][T22083] inactive_anon 135168
[ 1114.952827][T22083] active_anon 292818944
[ 1114.952827][T22083] inactive_file 0
[ 1114.952827][T22083] active_file 0
[ 1114.952827][T22083] unevictable 0
[ 1114.952827][T22083] slab_reclaimable 1892352
[ 1114.952827][T22083] slab_unreclaimable 6545408
[ 1114.952827][T22083] pgfault 110055
[ 1114.952827][T22083] pgmajfault 0
[ 1114.952827][T22083] workingset_refault 0
[ 1114.952827][T22083] workingset_activate 0
[ 1114.952827][T22083] workingset_nodereclaim 0
[ 1114.952827][T22083] pgrefill 19387
[ 1114.952827][T22083] pgscan 19403
[ 1114.952827][T22083] pgsteal 102
[ 1115.046625][T22083] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22092,uid=0
[ 1115.066988][T22083] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1115.078903][T22083] CPU: 0 PID: 22083 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1115.086795][T22083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1115.096923][T22083] Call Trace:
[ 1115.100212][T22083]  dump_stack+0x172/0x1f0
[ 1115.104531][T22083]  dump_header+0x10b/0x82d
[ 1115.108948][T22083]  oom_kill_process.cold+0x10/0x15
[ 1115.114048][T22083]  out_of_memory+0x334/0x1340
[ 1115.118708][T22083]  ? lock_downgrade+0x920/0x920
[ 1115.123553][T22083]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1115.129340][T22083]  ? oom_killer_disable+0x280/0x280
[ 1115.134525][T22083]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1115.140150][T22083]  ? memcg_stat_show+0xc40/0xc40
[ 1115.145072][T22083]  ? do_raw_spin_unlock+0x57/0x270
[ 1115.150171][T22083]  ? _raw_spin_unlock+0x2d/0x50
[ 1115.155016][T22083]  try_charge+0xf4b/0x1440
[ 1115.159412][T22083]  ? find_held_lock+0x35/0x130
[ 1115.164174][T22083]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1115.169700][T22083]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1115.175227][T22083]  ? find_held_lock+0x35/0x130
[ 1115.179974][T22083]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1115.185522][T22083]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1115.191058][T22083]  ? memcg_kmem_put_cache+0x50/0x50
[ 1115.196240][T22083]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1115.201770][T22083]  __memcg_kmem_charge+0x13a/0x3a0
[ 1115.206873][T22083]  __alloc_pages_nodemask+0x4f5/0x900
[ 1115.212231][T22083]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1115.217943][T22083]  ? ___might_sleep+0x163/0x2c0
[ 1115.222786][T22083]  ? copyin+0x100/0x150
[ 1115.226929][T22083]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1115.233152][T22083]  alloc_pages_current+0x107/0x210
[ 1115.238246][T22083]  pipe_write+0x66d/0xf40
[ 1115.242566][T22083]  new_sync_write+0x4d3/0x770
[ 1115.247228][T22083]  ? new_sync_read+0x800/0x800
[ 1115.251977][T22083]  ? common_file_perm+0x238/0x720
[ 1115.256990][T22083]  ? __fget+0x384/0x560
[ 1115.261131][T22083]  ? apparmor_file_permission+0x25/0x30
[ 1115.266661][T22083]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1115.272882][T22083]  ? security_file_permission+0x8f/0x380
[ 1115.278505][T22083]  __vfs_write+0xe1/0x110
[ 1115.282816][T22083]  vfs_write+0x268/0x5d0
[ 1115.287050][T22083]  ksys_write+0x14f/0x290
[ 1115.291359][T22083]  ? __ia32_sys_read+0xb0/0xb0
[ 1115.296104][T22083]  ? do_syscall_64+0x26/0x760
[ 1115.300762][T22083]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.306819][T22083]  ? do_syscall_64+0x26/0x760
[ 1115.311481][T22083]  __x64_sys_write+0x73/0xb0
[ 1115.316057][T22083]  do_syscall_64+0xfa/0x760
[ 1115.320544][T22083]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1115.326419][T22083] RIP: 0033:0x45a219
[ 1115.330315][T22083] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1115.349899][T22083] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1115.358296][T22083] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1115.366246][T22083] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1115.374210][T22083] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1115.382164][T22083] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1115.390116][T22083] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1115.398251][T22083] memory: usage 307200kB, limit 307200kB, failcnt 62017
[ 1115.405230][T22083] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1115.412074][T22083] Memory cgroup stats for /syz3:
[ 1115.412173][T22083] anon 292818944
[ 1115.412173][T22083] file 61440
[ 1115.412173][T22083] kernel_stack 2228224
[ 1115.412173][T22083] slab 8437760
[ 1115.412173][T22083] sock 0
[ 1115.412173][T22083] shmem 147456
[ 1115.412173][T22083] file_mapped 0
[ 1115.412173][T22083] file_dirty 0
[ 1115.412173][T22083] file_writeback 0
[ 1115.412173][T22083] anon_thp 278921216
[ 1115.412173][T22083] inactive_anon 135168
[ 1115.412173][T22083] active_anon 292818944
[ 1115.412173][T22083] inactive_file 0
[ 1115.412173][T22083] active_file 0
[ 1115.412173][T22083] unevictable 0
[ 1115.412173][T22083] slab_reclaimable 1892352
[ 1115.412173][T22083] slab_unreclaimable 6545408
[ 1115.412173][T22083] pgfault 110088
[ 1115.412173][T22083] pgmajfault 0
[ 1115.412173][T22083] workingset_refault 0
[ 1115.412173][T22083] workingset_activate 0
[ 1115.412173][T22083] workingset_nodereclaim 0
[ 1115.412173][T22083] pgrefill 19387
[ 1115.412173][T22083] pgscan 19403
[ 1115.412173][T22083] pgsteal 102
[ 1115.505878][T22083] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22006,uid=0
[ 1115.521320][T22083] Memory cgroup out of memory: Killed process 22078 (syz-executor.3) total-vm:72980kB, anon-rss:13764kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:50:56 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:56 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1d00, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:50:56 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))

07:50:56 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:50:57 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1115.971351][T22215] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1115.983256][T22215] CPU: 0 PID: 22215 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1115.991148][T22215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1116.001209][T22215] Call Trace:
[ 1116.004509][T22215]  dump_stack+0x172/0x1f0
[ 1116.008852][T22215]  dump_header+0x10b/0x82d
[ 1116.013288][T22215]  oom_kill_process.cold+0x10/0x15
[ 1116.015899][   T26] audit: type=1800 audit(1573026657.198:113): pid=22321 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16770 res=0
[ 1116.018405][T22215]  out_of_memory+0x334/0x1340
[ 1116.018421][T22215]  ? lock_downgrade+0x920/0x920
[ 1116.018441][T22215]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1116.054665][T22215]  ? oom_killer_disable+0x280/0x280
[ 1116.059893][T22215]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1116.065447][T22215]  ? memcg_stat_show+0xc40/0xc40
[ 1116.070401][T22215]  ? do_raw_spin_unlock+0x57/0x270
[ 1116.075523][T22215]  ? _raw_spin_unlock+0x2d/0x50
[ 1116.080385][T22215]  try_charge+0xf4b/0x1440
[ 1116.084804][T22215]  ? find_held_lock+0x35/0x130
[ 1116.089587][T22215]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1116.095137][T22215]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1116.100680][T22215]  ? find_held_lock+0x35/0x130
[ 1116.105437][T22215]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1116.111005][T22215]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1116.116539][T22215]  ? memcg_kmem_put_cache+0x50/0x50
[ 1116.121745][T22215]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1116.127280][T22215]  __memcg_kmem_charge+0x13a/0x3a0
[ 1116.132384][T22215]  __alloc_pages_nodemask+0x4f5/0x900
[ 1116.137755][T22215]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1116.143458][T22215]  ? ___might_sleep+0x163/0x2c0
[ 1116.148301][T22215]  ? copyin+0x100/0x150
[ 1116.152463][T22215]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1116.158704][T22215]  alloc_pages_current+0x107/0x210
[ 1116.163809][T22215]  pipe_write+0x66d/0xf40
[ 1116.168139][T22215]  new_sync_write+0x4d3/0x770
[ 1116.172811][T22215]  ? new_sync_read+0x800/0x800
[ 1116.177584][T22215]  ? common_file_perm+0x238/0x720
[ 1116.182596][T22215]  ? __fget+0x384/0x560
[ 1116.186759][T22215]  ? apparmor_file_permission+0x25/0x30
[ 1116.192292][T22215]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1116.198520][T22215]  ? security_file_permission+0x8f/0x380
[ 1116.204150][T22215]  __vfs_write+0xe1/0x110
[ 1116.208483][T22215]  vfs_write+0x268/0x5d0
[ 1116.212712][T22215]  ksys_write+0x14f/0x290
[ 1116.217027][T22215]  ? __ia32_sys_read+0xb0/0xb0
[ 1116.221791][T22215]  ? do_syscall_64+0x26/0x760
[ 1116.226454][T22215]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1116.232505][T22215]  ? do_syscall_64+0x26/0x760
[ 1116.237176][T22215]  __x64_sys_write+0x73/0xb0
[ 1116.241753][T22215]  do_syscall_64+0xfa/0x760
[ 1116.246242][T22215]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1116.252117][T22215] RIP: 0033:0x45a219
[ 1116.256000][T22215] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1116.275585][T22215] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1116.283993][T22215] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1116.291948][T22215] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1116.299901][T22215] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1116.307856][T22215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1116.315812][T22215] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1116.323969][T22215] memory: usage 307184kB, limit 307200kB, failcnt 62162
[ 1116.331006][T22215] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1116.338006][T22215] Memory cgroup stats for /syz3:
[ 1116.338120][T22215] anon 292675584
[ 1116.338120][T22215] file 61440
[ 1116.338120][T22215] kernel_stack 2228224
[ 1116.338120][T22215] slab 8437760
[ 1116.338120][T22215] sock 0
[ 1116.338120][T22215] shmem 147456
[ 1116.338120][T22215] file_mapped 0
[ 1116.338120][T22215] file_dirty 0
[ 1116.338120][T22215] file_writeback 0
07:50:57 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))

07:50:57 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
fstat(r48, &(0x7f0000003d00))
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1116.338120][T22215] anon_thp 278921216
[ 1116.338120][T22215] inactive_anon 135168
[ 1116.338120][T22215] active_anon 292675584
[ 1116.338120][T22215] inactive_file 0
[ 1116.338120][T22215] active_file 0
[ 1116.338120][T22215] unevictable 0
[ 1116.338120][T22215] slab_reclaimable 1892352
[ 1116.338120][T22215] slab_unreclaimable 6545408
[ 1116.338120][T22215] pgfault 110550
[ 1116.338120][T22215] pgmajfault 0
[ 1116.338120][T22215] workingset_refault 0
[ 1116.338120][T22215] workingset_activate 0
[ 1116.338120][T22215] workingset_nodereclaim 0
[ 1116.338120][T22215] pgrefill 19387
[ 1116.338120][T22215] pgscan 19403
[ 1116.338120][T22215] pgsteal 102
[ 1116.432317][T22215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22324,uid=0
[ 1116.452126][T22219] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1116.463433][T22219] CPU: 1 PID: 22219 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1116.471435][T22219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1116.481492][T22219] Call Trace:
[ 1116.484796][T22219]  dump_stack+0x172/0x1f0
[ 1116.489145][T22219]  dump_header+0x10b/0x82d
[ 1116.493571][T22219]  oom_kill_process.cold+0x10/0x15
[ 1116.498691][T22219]  out_of_memory+0x334/0x1340
[ 1116.503377][T22219]  ? lock_downgrade+0x920/0x920
[ 1116.508239][T22219]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1116.514061][T22219]  ? oom_killer_disable+0x280/0x280
[ 1116.519279][T22219]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1116.524832][T22219]  ? memcg_stat_show+0xc40/0xc40
[ 1116.529780][T22219]  ? do_raw_spin_unlock+0x57/0x270
[ 1116.534901][T22219]  ? _raw_spin_unlock+0x2d/0x50
[ 1116.539766][T22219]  try_charge+0xf4b/0x1440
[ 1116.544201][T22219]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1116.549754][T22219]  ? percpu_ref_tryget_live+0x111/0x290
[ 1116.555307][T22219]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1116.561550][T22219]  ? __kasan_check_read+0x11/0x20
[ 1116.566585][T22219]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1116.572133][T22219]  mem_cgroup_try_charge+0x136/0x590
[ 1116.577408][T22219]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1116.583026][T22219]  wp_page_copy+0x407/0x1860
[ 1116.587602][T22219]  ? find_held_lock+0x35/0x130
[ 1116.592349][T22219]  ? do_wp_page+0x53b/0x15c0
[ 1116.596928][T22219]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1116.602742][T22219]  ? lock_downgrade+0x920/0x920
[ 1116.607574][T22219]  ? vm_normal_page+0x15d/0x3c0
[ 1116.612407][T22219]  ? __pte_alloc_kernel+0x210/0x210
[ 1116.617604][T22219]  ? __kasan_check_read+0x11/0x20
[ 1116.622608][T22219]  ? do_raw_spin_unlock+0x57/0x270
[ 1116.627706][T22219]  do_wp_page+0x543/0x15c0
[ 1116.632108][T22219]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1116.637117][T22219]  ? lock_acquire+0x190/0x410
[ 1116.641800][T22219]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1116.647171][T22219]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1116.652878][T22219]  __handle_mm_fault+0x23ec/0x4040
[ 1116.657978][T22219]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1116.663506][T22219]  ? handle_mm_fault+0x292/0xaa0
[ 1116.668437][T22219]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1116.674660][T22219]  ? __kasan_check_read+0x11/0x20
[ 1116.679671][T22219]  handle_mm_fault+0x3b7/0xaa0
[ 1116.684421][T22219]  __do_page_fault+0x536/0xdd0
[ 1116.689173][T22219]  do_page_fault+0x38/0x590
[ 1116.693659][T22219]  page_fault+0x39/0x40
[ 1116.697801][T22219] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1116.704371][T22219] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1116.723961][T22219] RSP: 0018:ffff88802e0efab8 EFLAGS: 00010206
[ 1116.730007][T22219] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1116.737963][T22219] RDX: 0000000000001000 RSI: ffff888098b2ab00 RDI: 0000000020d52000
[ 1116.745929][T22219] RBP: ffff88802e0efaf0 R08: ffffed1013165600 R09: 0000000000000000
[ 1116.753885][T22219] R10: ffffed10131655ff R11: ffff888098b2afff R12: 0000000020d51500
[ 1116.761840][T22219] R13: ffff888098b2a000 R14: 0000000020d52500 R15: 00007ffffffff000
[ 1116.769814][T22219]  ? copyout+0x12d/0x150
[ 1116.774040][T22219]  copy_page_to_iter+0x3de/0xda0
[ 1116.778960][T22219]  ? kill_fasync+0x323/0x4a0
[ 1116.783536][T22219]  pipe_to_user+0xb4/0x170
[ 1116.787932][T22219]  ? anon_pipe_buf_release+0x1c6/0x270
[ 1116.793390][T22219]  __splice_from_pipe+0x397/0x7d0
[ 1116.798397][T22219]  ? iter_to_pipe+0x560/0x560
[ 1116.803064][T22219]  do_vmsplice.part.0+0x249/0x2b0
[ 1116.808072][T22219]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1116.813251][T22219]  ? import_iovec+0x267/0x410
[ 1116.817918][T22219]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1116.824156][T22219]  __do_sys_vmsplice+0x1bc/0x210
[ 1116.829077][T22219]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1116.834260][T22219]  ? __kasan_check_read+0x11/0x20
[ 1116.839285][T22219]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1116.845523][T22219]  ? put_timespec64+0xda/0x140
[ 1116.850271][T22219]  ? nsecs_to_jiffies+0x30/0x30
[ 1116.855112][T22219]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1116.860553][T22219]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1116.865992][T22219]  ? do_syscall_64+0x26/0x760
[ 1116.870650][T22219]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1116.876700][T22219]  ? do_syscall_64+0x26/0x760
[ 1116.881382][T22219]  __x64_sys_vmsplice+0x97/0xf0
[ 1116.886220][T22219]  do_syscall_64+0xfa/0x760
[ 1116.890724][T22219]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1116.896611][T22219] RIP: 0033:0x45a219
[ 1116.900498][T22219] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1116.920103][T22219] RSP: 002b:00007f612e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1116.928506][T22219] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1116.936474][T22219] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1116.944442][T22219] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1116.952396][T22219] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4456d4
[ 1116.960352][T22219] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1116.969151][T22219] memory: usage 307200kB, limit 307200kB, failcnt 62183
[ 1116.976144][T22219] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1116.982971][T22219] Memory cgroup stats for /syz3:
[ 1116.983139][T22219] anon 292675584
[ 1116.983139][T22219] file 61440
[ 1116.983139][T22219] kernel_stack 2228224
[ 1116.983139][T22219] slab 8437760
[ 1116.983139][T22219] sock 0
[ 1116.983139][T22219] shmem 147456
[ 1116.983139][T22219] file_mapped 0
[ 1116.983139][T22219] file_dirty 0
[ 1116.983139][T22219] file_writeback 0
[ 1116.983139][T22219] anon_thp 278921216
[ 1116.983139][T22219] inactive_anon 135168
[ 1116.983139][T22219] active_anon 292675584
[ 1116.983139][T22219] inactive_file 0
[ 1116.983139][T22219] active_file 0
[ 1116.983139][T22219] unevictable 0
[ 1116.983139][T22219] slab_reclaimable 1892352
[ 1116.983139][T22219] slab_unreclaimable 6545408
[ 1116.983139][T22219] pgfault 110550
[ 1116.983139][T22219] pgmajfault 0
[ 1116.983139][T22219] workingset_refault 0
[ 1116.983139][T22219] workingset_activate 0
[ 1116.983139][T22219] workingset_nodereclaim 0
[ 1116.983139][T22219] pgrefill 19387
[ 1116.983139][T22219] pgscan 19403
[ 1116.983139][T22219] pgsteal 102
[ 1117.077546][T22219] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22205,uid=0
[ 1117.093100][T22219] Memory cgroup out of memory: Killed process 22215 (syz-executor.3) total-vm:72980kB, anon-rss:13764kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:50:58 executing program 2:
mq_open(&(0x7f00000002c0)='\\\xf7\xa0\xcc\x16H-o\x007\xe6\xb3\x1a\x8eiz\xdd06P\xd4\x88\x00s\xefu\xdfa\x01y\xde\xc26\xaa\x04\xe9F\x87y\xba\a\x00\x00\x00\x00\x00\x00\x005\x98U\xb4\x9b\x88\x9b\xb5\xe4\x9b5\x8ey:oz\xf5\'f\xd6\xfe\x93\xca\x06r\xac\x1b\x8a\x87\xcafw\xd5\"\x0f\xb7|\xb6\x13\xb3\xdb\x91\x04\xd1j\xa1\xcal\xc7jt\xe7\xbdK\xdcR&u{\x03\xf8[\x01\x03$Wl@\xc1\xc8e\\s\x9f\xc1\xa6\x8d\xf5\xe2\xbc\xb6\xe5\xedF\xc8(\x9eH\xeau\xe7\x85\xeb]d\x97\xcd#;\x10\xb9\x182\xcf^1v|\x1cA\x9dFF\xcd\x88?%', 0x0, 0x0, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1117.116355][ T1071] oom_reaper: reaped process 22215 (syz-executor.3), now anon-rss:0kB, file-rss:34868kB, shmem-rss:0kB
[ 1117.209686][T22392] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1117.221585][T22392] CPU: 0 PID: 22392 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1117.229488][T22392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1117.239539][T22392] Call Trace:
[ 1117.242823][T22392]  dump_stack+0x172/0x1f0
[ 1117.247141][T22392]  dump_header+0x10b/0x82d
[ 1117.251544][T22392]  oom_kill_process.cold+0x10/0x15
[ 1117.256645][T22392]  out_of_memory+0x334/0x1340
[ 1117.261309][T22392]  ? lock_downgrade+0x920/0x920
[ 1117.266155][T22392]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1117.271945][T22392]  ? oom_killer_disable+0x280/0x280
[ 1117.277137][T22392]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1117.282680][T22392]  ? memcg_stat_show+0xc40/0xc40
[ 1117.287611][T22392]  ? do_raw_spin_unlock+0x57/0x270
[ 1117.292710][T22392]  ? _raw_spin_unlock+0x2d/0x50
[ 1117.297545][T22392]  try_charge+0xf4b/0x1440
[ 1117.301944][T22392]  ? find_held_lock+0x35/0x130
[ 1117.306698][T22392]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1117.312225][T22392]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1117.317753][T22392]  ? find_held_lock+0x35/0x130
[ 1117.322504][T22392]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1117.328057][T22392]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1117.333587][T22392]  ? memcg_kmem_put_cache+0x50/0x50
[ 1117.338775][T22392]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1117.344307][T22392]  __memcg_kmem_charge+0x13a/0x3a0
[ 1117.349405][T22392]  __alloc_pages_nodemask+0x4f5/0x900
[ 1117.354767][T22392]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1117.360489][T22392]  ? ___might_sleep+0x163/0x2c0
[ 1117.365327][T22392]  ? copyin+0x100/0x150
[ 1117.369469][T22392]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1117.375697][T22392]  alloc_pages_current+0x107/0x210
[ 1117.380793][T22392]  pipe_write+0x66d/0xf40
[ 1117.385117][T22392]  new_sync_write+0x4d3/0x770
[ 1117.389785][T22392]  ? new_sync_read+0x800/0x800
[ 1117.394540][T22392]  ? common_file_perm+0x238/0x720
[ 1117.399548][T22392]  ? __fget+0x384/0x560
[ 1117.403690][T22392]  ? apparmor_file_permission+0x25/0x30
[ 1117.409237][T22392]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1117.415462][T22392]  ? security_file_permission+0x8f/0x380
[ 1117.421079][T22392]  __vfs_write+0xe1/0x110
[ 1117.425394][T22392]  vfs_write+0x268/0x5d0
[ 1117.429626][T22392]  ksys_write+0x14f/0x290
[ 1117.433941][T22392]  ? __ia32_sys_read+0xb0/0xb0
[ 1117.438691][T22392]  ? do_syscall_64+0x26/0x760
[ 1117.443359][T22392]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1117.449407][T22392]  ? do_syscall_64+0x26/0x760
[ 1117.454072][T22392]  __x64_sys_write+0x73/0xb0
[ 1117.458647][T22392]  do_syscall_64+0xfa/0x760
[ 1117.463140][T22392]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1117.469013][T22392] RIP: 0033:0x45a219
[ 1117.472893][T22392] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1117.492842][T22392] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1117.501238][T22392] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1117.509193][T22392] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1117.517146][T22392] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1117.525100][T22392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1117.533315][T22392] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1117.541339][T22392] memory: usage 307148kB, limit 307200kB, failcnt 256
[ 1117.548103][T22392] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1117.554950][T22392] Memory cgroup stats for /syz5:
[ 1117.555055][T22392] anon 284946432
[ 1117.555055][T22392] file 0
[ 1117.555055][T22392] kernel_stack 3473408
[ 1117.555055][T22392] slab 11358208
[ 1117.555055][T22392] sock 0
[ 1117.555055][T22392] shmem 0
[ 1117.555055][T22392] file_mapped 0
[ 1117.555055][T22392] file_dirty 0
[ 1117.555055][T22392] file_writeback 0
[ 1117.555055][T22392] anon_thp 270532608
[ 1117.555055][T22392] inactive_anon 0
[ 1117.555055][T22392] active_anon 284946432
[ 1117.555055][T22392] inactive_file 0
[ 1117.555055][T22392] active_file 28672
[ 1117.555055][T22392] unevictable 0
[ 1117.555055][T22392] slab_reclaimable 2297856
[ 1117.555055][T22392] slab_unreclaimable 9060352
[ 1117.555055][T22392] pgfault 92400
[ 1117.555055][T22392] pgmajfault 0
[ 1117.555055][T22392] workingset_refault 33
[ 1117.555055][T22392] workingset_activate 0
[ 1117.555055][T22392] workingset_nodereclaim 0
[ 1117.555055][T22392] pgrefill 314
[ 1117.555055][T22392] pgscan 342
[ 1117.555055][T22392] pgsteal 165
[ 1117.555055][T22392] pgactivate 132
07:50:58 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:50:58 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))

[ 1117.650812][T22392] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=22325,uid=0
[ 1117.666261][T22392] Memory cgroup out of memory: Killed process 22327 (syz-executor.5) total-vm:72980kB, anon-rss:13768kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1117.693620][ T1071] oom_reaper: reaped process 22327 (syz-executor.5), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB
07:50:58 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1117.961013][   T26] audit: type=1800 audit(1573026659.138:114): pid=22466 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16868 res=0
[ 1118.028184][T22465] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1118.038436][T22465] CPU: 0 PID: 22465 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1118.046346][T22465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1118.056404][T22465] Call Trace:
[ 1118.059706][T22465]  dump_stack+0x172/0x1f0
[ 1118.064033][T22465]  dump_header+0x10b/0x82d
[ 1118.068445][T22465]  oom_kill_process.cold+0x10/0x15
[ 1118.073541][T22465]  out_of_memory+0x334/0x1340
[ 1118.078204][T22465]  ? lock_downgrade+0x920/0x920
[ 1118.084106][T22465]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1118.089912][T22465]  ? oom_killer_disable+0x280/0x280
[ 1118.095112][T22465]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1118.100654][T22465]  ? memcg_stat_show+0xc40/0xc40
[ 1118.105587][T22465]  ? do_raw_spin_unlock+0x57/0x270
[ 1118.110689][T22465]  ? _raw_spin_unlock+0x2d/0x50
[ 1118.115528][T22465]  try_charge+0xf4b/0x1440
[ 1118.119944][T22465]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1118.125482][T22465]  ? percpu_ref_tryget_live+0x111/0x290
[ 1118.131024][T22465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1118.137267][T22465]  ? __kasan_check_read+0x11/0x20
[ 1118.142304][T22465]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1118.147842][T22465]  mem_cgroup_try_charge+0x136/0x590
[ 1118.153117][T22465]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1118.158736][T22465]  wp_page_copy+0x407/0x1860
[ 1118.163312][T22465]  ? find_held_lock+0x35/0x130
[ 1118.168060][T22465]  ? do_wp_page+0x53b/0x15c0
[ 1118.172639][T22465]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1118.178431][T22465]  ? lock_downgrade+0x920/0x920
[ 1118.183267][T22465]  ? vm_normal_page+0x15d/0x3c0
[ 1118.188104][T22465]  ? __pte_alloc_kernel+0x210/0x210
[ 1118.193287][T22465]  ? __kasan_check_read+0x11/0x20
[ 1118.198295][T22465]  ? do_raw_spin_unlock+0x57/0x270
[ 1118.203391][T22465]  do_wp_page+0x543/0x15c0
[ 1118.207789][T22465]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1118.212799][T22465]  ? lock_acquire+0x190/0x410
[ 1118.217459][T22465]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1118.222813][T22465]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1118.228541][T22465]  __handle_mm_fault+0x23ec/0x4040
[ 1118.233660][T22465]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1118.239215][T22465]  ? handle_mm_fault+0x292/0xaa0
[ 1118.244183][T22465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1118.250436][T22465]  ? __kasan_check_read+0x11/0x20
[ 1118.255483][T22465]  handle_mm_fault+0x3b7/0xaa0
[ 1118.260263][T22465]  __do_page_fault+0x536/0xdd0
[ 1118.265051][T22465]  do_page_fault+0x38/0x590
[ 1118.269563][T22465]  page_fault+0x39/0x40
[ 1118.273714][T22465] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1118.280291][T22465] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1118.299879][T22465] RSP: 0018:ffff88802e0f7ab8 EFLAGS: 00010206
[ 1118.305930][T22465] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1118.313888][T22465] RDX: 0000000000001000 RSI: ffff888017344b00 RDI: 0000000020d52000
[ 1118.321842][T22465] RBP: ffff88802e0f7af0 R08: ffffed1002e68a00 R09: 0000000000000000
[ 1118.329799][T22465] R10: ffffed1002e689ff R11: ffff888017344fff R12: 0000000020d51500
[ 1118.337752][T22465] R13: ffff888017344000 R14: 0000000020d52500 R15: 00007ffffffff000
[ 1118.345729][T22465]  ? copyout+0x12d/0x150
[ 1118.349959][T22465]  copy_page_to_iter+0x3de/0xda0
[ 1118.354880][T22465]  ? kill_fasync+0x323/0x4a0
[ 1118.359459][T22465]  pipe_to_user+0xb4/0x170
[ 1118.363855][T22465]  ? anon_pipe_buf_release+0x1c6/0x270
[ 1118.369299][T22465]  __splice_from_pipe+0x397/0x7d0
[ 1118.374321][T22465]  ? iter_to_pipe+0x560/0x560
[ 1118.378995][T22465]  do_vmsplice.part.0+0x249/0x2b0
[ 1118.384003][T22465]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1118.389184][T22465]  ? import_iovec+0x267/0x410
[ 1118.393851][T22465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1118.400085][T22465]  __do_sys_vmsplice+0x1bc/0x210
[ 1118.405022][T22465]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1118.410224][T22465]  ? __kasan_check_read+0x11/0x20
[ 1118.415237][T22465]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1118.421457][T22465]  ? put_timespec64+0xda/0x140
[ 1118.426205][T22465]  ? nsecs_to_jiffies+0x30/0x30
[ 1118.431044][T22465]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1118.436507][T22465]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1118.441946][T22465]  ? do_syscall_64+0x26/0x760
[ 1118.446611][T22465]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1118.452659][T22465]  ? do_syscall_64+0x26/0x760
[ 1118.457322][T22465]  __x64_sys_vmsplice+0x97/0xf0
[ 1118.462160][T22465]  do_syscall_64+0xfa/0x760
[ 1118.466650][T22465]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1118.472526][T22465] RIP: 0033:0x45a219
[ 1118.476409][T22465] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1118.495997][T22465] RSP: 002b:00007f612e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1118.504400][T22465] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1118.512351][T22465] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1118.520304][T22465] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1118.528258][T22465] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4456d4
[ 1118.536214][T22465] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1118.544302][T22465] memory: usage 307200kB, limit 307200kB, failcnt 62229
[ 1118.551322][T22465] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1118.558213][T22465] Memory cgroup stats for /syz3:
[ 1118.558333][T22465] anon 292818944
[ 1118.558333][T22465] file 61440
[ 1118.558333][T22465] kernel_stack 2228224
[ 1118.558333][T22465] slab 8437760
[ 1118.558333][T22465] sock 0
[ 1118.558333][T22465] shmem 147456
[ 1118.558333][T22465] file_mapped 0
[ 1118.558333][T22465] file_dirty 0
[ 1118.558333][T22465] file_writeback 0
[ 1118.558333][T22465] anon_thp 278921216
[ 1118.558333][T22465] inactive_anon 135168
[ 1118.558333][T22465] active_anon 292818944
[ 1118.558333][T22465] inactive_file 0
[ 1118.558333][T22465] active_file 0
[ 1118.558333][T22465] unevictable 0
[ 1118.558333][T22465] slab_reclaimable 1892352
[ 1118.558333][T22465] slab_unreclaimable 6545408
[ 1118.558333][T22465] pgfault 110979
[ 1118.558333][T22465] pgmajfault 0
[ 1118.558333][T22465] workingset_refault 0
[ 1118.558333][T22465] workingset_activate 0
[ 1118.558333][T22465] workingset_nodereclaim 0
[ 1118.558333][T22465] pgrefill 19387
[ 1118.558333][T22465] pgscan 19403
[ 1118.558333][T22465] pgsteal 102
[ 1118.651884][T22465] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22444,uid=0
[ 1118.667425][T22465] Memory cgroup out of memory: Killed process 22444 (syz-executor.3) total-vm:72980kB, anon-rss:13696kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1118.686906][T22464] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1118.698811][T22464] CPU: 1 PID: 22464 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1118.706712][T22464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1118.716768][T22464] Call Trace:
[ 1118.720060][T22464]  dump_stack+0x172/0x1f0
[ 1118.724379][T22464]  dump_header+0x10b/0x82d
[ 1118.728781][T22464]  oom_kill_process.cold+0x10/0x15
[ 1118.733877][T22464]  out_of_memory+0x334/0x1340
[ 1118.738539][T22464]  ? lock_downgrade+0x920/0x920
[ 1118.743375][T22464]  ? oom_killer_disable+0x280/0x280
[ 1118.748563][T22464]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1118.754096][T22464]  ? memcg_stat_show+0xc40/0xc40
[ 1118.759018][T22464]  ? do_raw_spin_unlock+0x57/0x270
[ 1118.764113][T22464]  ? _raw_spin_unlock+0x2d/0x50
[ 1118.768954][T22464]  try_charge+0xf4b/0x1440
[ 1118.773353][T22464]  ? find_held_lock+0x35/0x130
[ 1118.778106][T22464]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1118.783633][T22464]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1118.789174][T22464]  ? find_held_lock+0x35/0x130
[ 1118.793920][T22464]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1118.799457][T22464]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1118.804986][T22464]  ? memcg_kmem_put_cache+0x50/0x50
[ 1118.810183][T22464]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1118.815729][T22464]  __memcg_kmem_charge+0x13a/0x3a0
[ 1118.820825][T22464]  __alloc_pages_nodemask+0x4f5/0x900
[ 1118.826179][T22464]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1118.831882][T22464]  ? ___might_sleep+0x163/0x2c0
[ 1118.836735][T22464]  ? copyin+0x100/0x150
[ 1118.840877][T22464]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1118.847104][T22464]  alloc_pages_current+0x107/0x210
[ 1118.852203][T22464]  pipe_write+0x66d/0xf40
[ 1118.856522][T22464]  new_sync_write+0x4d3/0x770
[ 1118.861181][T22464]  ? new_sync_read+0x800/0x800
[ 1118.865932][T22464]  ? common_file_perm+0x238/0x720
[ 1118.870942][T22464]  ? __fget+0x384/0x560
[ 1118.875084][T22464]  ? apparmor_file_permission+0x25/0x30
[ 1118.880617][T22464]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1118.886856][T22464]  ? security_file_permission+0x8f/0x380
[ 1118.892504][T22464]  __vfs_write+0xe1/0x110
[ 1118.896826][T22464]  vfs_write+0x268/0x5d0
[ 1118.901061][T22464]  ksys_write+0x14f/0x290
[ 1118.905379][T22464]  ? __ia32_sys_read+0xb0/0xb0
[ 1118.910131][T22464]  ? do_syscall_64+0x26/0x760
[ 1118.914798][T22464]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1118.920850][T22464]  ? do_syscall_64+0x26/0x760
[ 1118.925512][T22464]  __x64_sys_write+0x73/0xb0
[ 1118.930086][T22464]  do_syscall_64+0xfa/0x760
[ 1118.934577][T22464]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1118.940466][T22464] RIP: 0033:0x45a219
[ 1118.944432][T22464] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1118.964022][T22464] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1118.972415][T22464] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1118.980367][T22464] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1118.988319][T22464] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1118.996274][T22464] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1119.004231][T22464] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1119.012531][T22464] memory: usage 307200kB, limit 307200kB, failcnt 322
[ 1119.019352][T22464] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1119.026277][T22464] Memory cgroup stats for /syz5:
[ 1119.026400][T22464] anon 284942336
[ 1119.026400][T22464] file 0
[ 1119.026400][T22464] kernel_stack 3473408
[ 1119.026400][T22464] slab 11358208
[ 1119.026400][T22464] sock 0
[ 1119.026400][T22464] shmem 0
[ 1119.026400][T22464] file_mapped 0
[ 1119.026400][T22464] file_dirty 0
[ 1119.026400][T22464] file_writeback 0
[ 1119.026400][T22464] anon_thp 270532608
[ 1119.026400][T22464] inactive_anon 0
[ 1119.026400][T22464] active_anon 284942336
[ 1119.026400][T22464] inactive_file 0
[ 1119.026400][T22464] active_file 28672
[ 1119.026400][T22464] unevictable 0
[ 1119.026400][T22464] slab_reclaimable 2297856
[ 1119.026400][T22464] slab_unreclaimable 9060352
[ 1119.026400][T22464] pgfault 92862
[ 1119.026400][T22464] pgmajfault 0
[ 1119.026400][T22464] workingset_refault 33
[ 1119.026400][T22464] workingset_activate 0
[ 1119.026400][T22464] workingset_nodereclaim 0
[ 1119.026400][T22464] pgrefill 314
[ 1119.026400][T22464] pgscan 342
[ 1119.026400][T22464] pgsteal 165
[ 1119.026400][T22464] pgactivate 132
07:51:00 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

07:51:00 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1119.122556][T22464] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=22454,uid=0
[ 1119.123269][T22464] Memory cgroup out of memory: Killed process 22454 (syz-executor.5) total-vm:73112kB, anon-rss:13700kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:51:00 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x3f00, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:00 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:00 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:00 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

07:51:00 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:00 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r48, 0x5429, &(0x7f0000000a40))
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1119.671707][   T26] audit: type=1800 audit(1573026660.848:115): pid=22694 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=633 res=0
[ 1119.757373][T22707] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1119.769356][T22707] CPU: 0 PID: 22707 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1119.777230][T22707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1119.787265][T22707] Call Trace:
[ 1119.790548][T22707]  dump_stack+0x172/0x1f0
[ 1119.794866][T22707]  dump_header+0x10b/0x82d
[ 1119.799271][T22707]  oom_kill_process.cold+0x10/0x15
[ 1119.804380][T22707]  out_of_memory+0x334/0x1340
[ 1119.809041][T22707]  ? lock_downgrade+0x920/0x920
[ 1119.813879][T22707]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1119.819670][T22707]  ? oom_killer_disable+0x280/0x280
[ 1119.824864][T22707]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1119.830402][T22707]  ? memcg_stat_show+0xc40/0xc40
[ 1119.835330][T22707]  ? do_raw_spin_unlock+0x57/0x270
[ 1119.840425][T22707]  ? _raw_spin_unlock+0x2d/0x50
[ 1119.845262][T22707]  try_charge+0xf4b/0x1440
[ 1119.849682][T22707]  ? find_held_lock+0x35/0x130
[ 1119.854472][T22707]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1119.860024][T22707]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1119.865573][T22707]  ? find_held_lock+0x35/0x130
[ 1119.870325][T22707]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1119.875870][T22707]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1119.881404][T22707]  ? memcg_kmem_put_cache+0x50/0x50
[ 1119.886589][T22707]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1119.892122][T22707]  __memcg_kmem_charge+0x13a/0x3a0
[ 1119.897219][T22707]  __alloc_pages_nodemask+0x4f5/0x900
[ 1119.902577][T22707]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1119.908279][T22707]  ? ___might_sleep+0x163/0x2c0
[ 1119.913119][T22707]  ? copyin+0x100/0x150
[ 1119.917409][T22707]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1119.923645][T22707]  alloc_pages_current+0x107/0x210
[ 1119.928759][T22707]  pipe_write+0x66d/0xf40
[ 1119.933107][T22707]  new_sync_write+0x4d3/0x770
[ 1119.937800][T22707]  ? new_sync_read+0x800/0x800
[ 1119.942586][T22707]  ? common_file_perm+0x238/0x720
[ 1119.947617][T22707]  ? __fget+0x384/0x560
[ 1119.951869][T22707]  ? apparmor_file_permission+0x25/0x30
[ 1119.957425][T22707]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1119.963672][T22707]  ? security_file_permission+0x8f/0x380
[ 1119.969317][T22707]  __vfs_write+0xe1/0x110
[ 1119.973655][T22707]  vfs_write+0x268/0x5d0
[ 1119.977907][T22707]  ksys_write+0x14f/0x290
[ 1119.982237][T22707]  ? __ia32_sys_read+0xb0/0xb0
[ 1119.986990][T22707]  ? do_syscall_64+0x26/0x760
[ 1119.991669][T22707]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1119.997725][T22707]  ? do_syscall_64+0x26/0x760
[ 1120.002390][T22707]  __x64_sys_write+0x73/0xb0
[ 1120.006965][T22707]  do_syscall_64+0xfa/0x760
[ 1120.011457][T22707]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1120.017333][T22707] RIP: 0033:0x45a219
[ 1120.021217][T22707] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1120.040807][T22707] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1120.049215][T22707] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1120.057178][T22707] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1120.065146][T22707] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1120.073107][T22707] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1120.081063][T22707] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1120.089555][T22707] memory: usage 307200kB, limit 307200kB, failcnt 62325
[ 1120.096556][T22707] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1120.103401][T22707] Memory cgroup stats for /syz3:
[ 1120.103512][T22707] anon 292454400
[ 1120.103512][T22707] file 61440
[ 1120.103512][T22707] kernel_stack 2228224
[ 1120.103512][T22707] slab 8437760
[ 1120.103512][T22707] sock 0
[ 1120.103512][T22707] shmem 147456
[ 1120.103512][T22707] file_mapped 0
[ 1120.103512][T22707] file_dirty 0
[ 1120.103512][T22707] file_writeback 0
[ 1120.103512][T22707] anon_thp 278921216
[ 1120.103512][T22707] inactive_anon 135168
[ 1120.103512][T22707] active_anon 292454400
[ 1120.103512][T22707] inactive_file 0
[ 1120.103512][T22707] active_file 0
[ 1120.103512][T22707] unevictable 0
[ 1120.103512][T22707] slab_reclaimable 1892352
[ 1120.103512][T22707] slab_unreclaimable 6545408
[ 1120.103512][T22707] pgfault 111375
[ 1120.103512][T22707] pgmajfault 0
[ 1120.103512][T22707] workingset_refault 0
[ 1120.103512][T22707] workingset_activate 0
[ 1120.103512][T22707] workingset_nodereclaim 0
[ 1120.103512][T22707] pgrefill 19387
[ 1120.103512][T22707] pgscan 19403
[ 1120.103512][T22707] pgsteal 102
07:51:01 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:01 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

[ 1120.197497][T22707] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=32750,uid=0
[ 1120.213028][T22707] Memory cgroup out of memory: Killed process 32750 (syz-executor.3) total-vm:72980kB, anon-rss:10420kB, file-rss:35816kB, shmem-rss:0kB, UID:0 pgtables:151552kB oom_score_adj:1000
[ 1120.231655][T22717] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1120.239927][ T1071] oom_reaper: reaped process 32750 (syz-executor.3), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB
[ 1120.241932][T22717] CPU: 1 PID: 22717 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1120.260687][T22717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1120.270737][T22717] Call Trace:
[ 1120.274033][T22717]  dump_stack+0x172/0x1f0
[ 1120.278350][T22717]  dump_header+0x10b/0x82d
[ 1120.282765][T22717]  oom_kill_process.cold+0x10/0x15
[ 1120.287884][T22717]  out_of_memory+0x334/0x1340
[ 1120.292547][T22717]  ? lock_downgrade+0x920/0x920
[ 1120.297384][T22717]  ? oom_killer_disable+0x280/0x280
[ 1120.302571][T22717]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1120.308099][T22717]  ? memcg_stat_show+0xc40/0xc40
[ 1120.313019][T22717]  ? do_raw_spin_unlock+0x57/0x270
[ 1120.318114][T22717]  ? _raw_spin_unlock+0x2d/0x50
[ 1120.322949][T22717]  try_charge+0xf4b/0x1440
[ 1120.327356][T22717]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1120.332897][T22717]  ? percpu_ref_tryget_live+0x111/0x290
[ 1120.338431][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1120.344656][T22717]  ? __kasan_check_read+0x11/0x20
[ 1120.349667][T22717]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1120.355196][T22717]  mem_cgroup_try_charge+0x136/0x590
[ 1120.360467][T22717]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1120.366082][T22717]  wp_page_copy+0x407/0x1860
[ 1120.370653][T22717]  ? find_held_lock+0x35/0x130
[ 1120.375400][T22717]  ? do_wp_page+0x53b/0x15c0
[ 1120.379977][T22717]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1120.385764][T22717]  ? lock_downgrade+0x920/0x920
[ 1120.390591][T22717]  ? vm_normal_page+0x15d/0x3c0
[ 1120.395424][T22717]  ? __pte_alloc_kernel+0x210/0x210
[ 1120.400603][T22717]  ? __kasan_check_read+0x11/0x20
[ 1120.405619][T22717]  ? do_raw_spin_unlock+0x57/0x270
[ 1120.410715][T22717]  do_wp_page+0x543/0x15c0
[ 1120.415109][T22717]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1120.420118][T22717]  ? lock_acquire+0x190/0x410
[ 1120.424781][T22717]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1120.430135][T22717]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1120.435839][T22717]  __handle_mm_fault+0x23ec/0x4040
[ 1120.440934][T22717]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1120.446459][T22717]  ? handle_mm_fault+0x292/0xaa0
[ 1120.451387][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1120.457620][T22717]  ? __kasan_check_read+0x11/0x20
[ 1120.462627][T22717]  handle_mm_fault+0x3b7/0xaa0
[ 1120.467375][T22717]  __do_page_fault+0x536/0xdd0
[ 1120.472144][T22717]  do_page_fault+0x38/0x590
[ 1120.476633][T22717]  page_fault+0x39/0x40
[ 1120.480774][T22717] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1120.487343][T22717] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1120.506927][T22717] RSP: 0018:ffff888025807ab8 EFLAGS: 00010206
[ 1120.512992][T22717] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1120.520948][T22717] RDX: 0000000000001000 RSI: ffff888064067b00 RDI: 0000000020d51000
[ 1120.528918][T22717] RBP: ffff888025807af0 R08: ffffed100c80d000 R09: 0000000000000000
[ 1120.536873][T22717] R10: ffffed100c80cfff R11: ffff888064067fff R12: 0000000020d50500
[ 1120.544826][T22717] R13: ffff888064067000 R14: 0000000020d51500 R15: 00007ffffffff000
[ 1120.552794][T22717]  ? copyout+0x12d/0x150
[ 1120.557022][T22717]  copy_page_to_iter+0x3de/0xda0
[ 1120.561945][T22717]  ? kill_fasync+0x323/0x4a0
[ 1120.566533][T22717]  pipe_to_user+0xb4/0x170
[ 1120.570937][T22717]  __splice_from_pipe+0x397/0x7d0
[ 1120.575944][T22717]  ? iter_to_pipe+0x560/0x560
[ 1120.580613][T22717]  do_vmsplice.part.0+0x249/0x2b0
[ 1120.585619][T22717]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1120.590797][T22717]  ? import_iovec+0x267/0x410
[ 1120.595464][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1120.601705][T22717]  __do_sys_vmsplice+0x1bc/0x210
[ 1120.606629][T22717]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1120.611814][T22717]  ? __kasan_check_read+0x11/0x20
[ 1120.616823][T22717]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1120.623045][T22717]  ? put_timespec64+0xda/0x140
[ 1120.627805][T22717]  ? nsecs_to_jiffies+0x30/0x30
[ 1120.632645][T22717]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1120.638098][T22717]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1120.643536][T22717]  ? do_syscall_64+0x26/0x760
[ 1120.648206][T22717]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1120.654254][T22717]  ? do_syscall_64+0x26/0x760
[ 1120.658933][T22717]  __x64_sys_vmsplice+0x97/0xf0
[ 1120.663780][T22717]  do_syscall_64+0xfa/0x760
[ 1120.668271][T22717]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1120.674144][T22717] RIP: 0033:0x45a219
[ 1120.678022][T22717] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1120.697606][T22717] RSP: 002b:00007f99101c1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1120.706014][T22717] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1120.713964][T22717] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1120.721915][T22717] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1120.729884][T22717] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101c26d4
[ 1120.737847][T22717] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1120.747602][T22717] memory: usage 307200kB, limit 307200kB, failcnt 444
[ 1120.754367][T22717] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1120.762190][T22717] Memory cgroup stats for /syz5:
[ 1120.762311][T22717] anon 284872704
[ 1120.762311][T22717] file 0
[ 1120.762311][T22717] kernel_stack 3473408
[ 1120.762311][T22717] slab 11358208
[ 1120.762311][T22717] sock 0
[ 1120.762311][T22717] shmem 0
[ 1120.762311][T22717] file_mapped 0
[ 1120.762311][T22717] file_dirty 0
[ 1120.762311][T22717] file_writeback 0
[ 1120.762311][T22717] anon_thp 270532608
[ 1120.762311][T22717] inactive_anon 0
[ 1120.762311][T22717] active_anon 284872704
[ 1120.762311][T22717] inactive_file 0
[ 1120.762311][T22717] active_file 28672
[ 1120.762311][T22717] unevictable 0
[ 1120.762311][T22717] slab_reclaimable 2297856
[ 1120.762311][T22717] slab_unreclaimable 9060352
[ 1120.762311][T22717] pgfault 93291
[ 1120.762311][T22717] pgmajfault 0
[ 1120.762311][T22717] workingset_refault 33
[ 1120.762311][T22717] workingset_activate 0
[ 1120.762311][T22717] workingset_nodereclaim 0
[ 1120.762311][T22717] pgrefill 314
[ 1120.762311][T22717] pgscan 342
[ 1120.762311][T22717] pgsteal 165
[ 1120.762311][T22717] pgactivate 132
[ 1120.858268][T22717] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=22698,uid=0
[ 1120.873859][T22717] Memory cgroup out of memory: Killed process 22698 (syz-executor.5) total-vm:72980kB, anon-rss:13700kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1120.893082][T22695] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1120.899091][ T1071] oom_reaper: reaped process 22698 (syz-executor.5), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB
[ 1120.903308][T22695] CPU: 1 PID: 22695 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1120.922135][T22695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1120.932192][T22695] Call Trace:
[ 1120.935495][T22695]  dump_stack+0x172/0x1f0
[ 1120.939842][T22695]  dump_header+0x10b/0x82d
[ 1120.944270][T22695]  ? oom_kill_process+0x94/0x3f0
[ 1120.949218][T22695]  oom_kill_process.cold+0x10/0x15
[ 1120.954336][T22695]  out_of_memory+0x334/0x1340
07:51:02 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1120.959019][T22695]  ? lock_downgrade+0x920/0x920
[ 1120.963891][T22695]  ? oom_killer_disable+0x280/0x280
[ 1120.969103][T22695]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1120.974653][T22695]  ? memcg_stat_show+0xc40/0xc40
[ 1120.979600][T22695]  ? do_raw_spin_unlock+0x57/0x270
[ 1120.984721][T22695]  ? _raw_spin_unlock+0x2d/0x50
[ 1120.989581][T22695]  try_charge+0xa2d/0x1440
[ 1120.994018][T22695]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1120.999564][T22695]  ? percpu_ref_tryget_live+0x111/0x290
[ 1121.005118][T22695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1121.011353][T22695]  ? __kasan_check_read+0x11/0x20
[ 1121.016373][T22695]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1121.021915][T22695]  mem_cgroup_try_charge+0x136/0x590
[ 1121.027186][T22695]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1121.032798][T22695]  __handle_mm_fault+0x1f0d/0x4040
[ 1121.037904][T22695]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1121.043453][T22695]  ? handle_mm_fault+0x292/0xaa0
[ 1121.048390][T22695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1121.054617][T22695]  ? __kasan_check_read+0x11/0x20
[ 1121.059632][T22695]  handle_mm_fault+0x3b7/0xaa0
[ 1121.064376][T22695]  __do_page_fault+0x536/0xdd0
[ 1121.069138][T22695]  do_page_fault+0x38/0x590
[ 1121.073642][T22695]  page_fault+0x39/0x40
[ 1121.077787][T22695] RIP: 0033:0x411a0f
[ 1121.081679][T22695] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41
[ 1121.101290][T22695] RSP: 002b:00007ffe5afc5310 EFLAGS: 00010206
[ 1121.107357][T22695] RAX: 00007f612e3e3000 RBX: 0000000000020000 RCX: 000000000045a26a
[ 1121.115316][T22695] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000
[ 1121.123269][T22695] RBP: 00007ffe5afc53f0 R08: ffffffffffffffff R09: 0000000000000000
[ 1121.131218][T22695] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe5afc54e0
[ 1121.139174][T22695] R13: 00007f612e403700 R14: 0000000000000004 R15: 000000000075c1cc
[ 1121.147670][T22695] memory: usage 296640kB, limit 307200kB, failcnt 62331
[ 1121.154638][T22695] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1121.161563][T22695] Memory cgroup stats for /syz3:
[ 1121.161667][T22695] anon 281980928
[ 1121.161667][T22695] file 61440
[ 1121.161667][T22695] kernel_stack 2228224
[ 1121.161667][T22695] slab 8437760
[ 1121.161667][T22695] sock 0
[ 1121.161667][T22695] shmem 147456
[ 1121.161667][T22695] file_mapped 0
[ 1121.161667][T22695] file_dirty 0
[ 1121.161667][T22695] file_writeback 0
[ 1121.161667][T22695] anon_thp 268435456
[ 1121.161667][T22695] inactive_anon 135168
[ 1121.161667][T22695] active_anon 281980928
[ 1121.161667][T22695] inactive_file 0
[ 1121.161667][T22695] active_file 0
[ 1121.161667][T22695] unevictable 0
[ 1121.161667][T22695] slab_reclaimable 1892352
[ 1121.161667][T22695] slab_unreclaimable 6545408
[ 1121.161667][T22695] pgfault 111375
[ 1121.161667][T22695] pgmajfault 0
[ 1121.161667][T22695] workingset_refault 0
[ 1121.161667][T22695] workingset_activate 0
[ 1121.161667][T22695] workingset_nodereclaim 0
[ 1121.161667][T22695] pgrefill 19387
[ 1121.161667][T22695] pgscan 19403
[ 1121.161667][T22695] pgsteal 102
[ 1121.255257][T22695] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=19367,uid=0
[ 1121.270798][T22695] Memory cgroup out of memory: Killed process 19367 (syz-executor.3) total-vm:72980kB, anon-rss:10420kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:151552kB oom_score_adj:1000
[ 1121.290666][T22707] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1121.302552][T22707] CPU: 0 PID: 22707 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1121.310450][T22707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1121.320507][T22707] Call Trace:
[ 1121.323815][T22707]  dump_stack+0x172/0x1f0
[ 1121.328162][T22707]  dump_header+0x10b/0x82d
[ 1121.332590][T22707]  oom_kill_process.cold+0x10/0x15
[ 1121.337709][T22707]  out_of_memory+0x334/0x1340
[ 1121.342397][T22707]  ? lock_downgrade+0x920/0x920
[ 1121.347255][T22707]  ? oom_killer_disable+0x280/0x280
[ 1121.352450][T22707]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1121.357984][T22707]  ? memcg_stat_show+0xc40/0xc40
[ 1121.362924][T22707]  ? do_raw_spin_unlock+0x57/0x270
[ 1121.368022][T22707]  ? _raw_spin_unlock+0x2d/0x50
[ 1121.372863][T22707]  try_charge+0xf4b/0x1440
[ 1121.377263][T22707]  ? find_held_lock+0x35/0x130
[ 1121.382021][T22707]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1121.387549][T22707]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1121.393077][T22707]  ? find_held_lock+0x35/0x130
[ 1121.397828][T22707]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1121.403368][T22707]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1121.408900][T22707]  ? memcg_kmem_put_cache+0x50/0x50
[ 1121.414089][T22707]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1121.419644][T22707]  __memcg_kmem_charge+0x13a/0x3a0
[ 1121.424763][T22707]  __alloc_pages_nodemask+0x4f5/0x900
[ 1121.430133][T22707]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1121.435856][T22707]  ? ___might_sleep+0x163/0x2c0
[ 1121.440713][T22707]  ? copyin+0x100/0x150
[ 1121.444887][T22707]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1121.451131][T22707]  alloc_pages_current+0x107/0x210
[ 1121.456252][T22707]  pipe_write+0x66d/0xf40
[ 1121.460599][T22707]  new_sync_write+0x4d3/0x770
[ 1121.465278][T22707]  ? new_sync_read+0x800/0x800
[ 1121.470055][T22707]  ? common_file_perm+0x238/0x720
[ 1121.475080][T22707]  ? __fget+0x384/0x560
[ 1121.479244][T22707]  ? apparmor_file_permission+0x25/0x30
[ 1121.484792][T22707]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1121.491033][T22707]  ? security_file_permission+0x8f/0x380
[ 1121.496676][T22707]  __vfs_write+0xe1/0x110
[ 1121.501013][T22707]  vfs_write+0x268/0x5d0
[ 1121.505255][T22707]  ksys_write+0x14f/0x290
[ 1121.505270][T22707]  ? __ia32_sys_read+0xb0/0xb0
[ 1121.505287][T22707]  ? do_syscall_64+0x26/0x760
[ 1121.505303][T22707]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1121.505319][T22707]  ? do_syscall_64+0x26/0x760
[ 1121.525103][T22707]  __x64_sys_write+0x73/0xb0
[ 1121.525123][T22707]  do_syscall_64+0xfa/0x760
[ 1121.525147][T22707]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1121.525157][T22707] RIP: 0033:0x45a219
[ 1121.525172][T22707] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1121.525180][T22707] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1121.525192][T22707] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1121.525199][T22707] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1121.525207][T22707] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1121.525214][T22707] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
07:51:02 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x4000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1121.525221][T22707] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1121.525294][T22707] memory: usage 286036kB, limit 307200kB, failcnt 62331
[ 1121.568568][T22707] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1121.568574][T22707] Memory cgroup stats for /syz3:
[ 1121.568678][T22707] anon 271499264
[ 1121.568678][T22707] file 61440
[ 1121.568678][T22707] kernel_stack 2162688
[ 1121.568678][T22707] slab 8437760
[ 1121.568678][T22707] sock 0
[ 1121.568678][T22707] shmem 147456
[ 1121.568678][T22707] file_mapped 0
[ 1121.568678][T22707] file_dirty 0
[ 1121.568678][T22707] file_writeback 0
[ 1121.568678][T22707] anon_thp 257949696
[ 1121.568678][T22707] inactive_anon 135168
[ 1121.568678][T22707] active_anon 271499264
[ 1121.568678][T22707] inactive_file 0
[ 1121.568678][T22707] active_file 0
[ 1121.568678][T22707] unevictable 0
[ 1121.568678][T22707] slab_reclaimable 1892352
[ 1121.568678][T22707] slab_unreclaimable 6545408
[ 1121.568678][T22707] pgfault 111408
[ 1121.568678][T22707] pgmajfault 0
[ 1121.568678][T22707] workingset_refault 0
[ 1121.568678][T22707] workingset_activate 0
[ 1121.568678][T22707] workingset_nodereclaim 0
07:51:02 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r49, r48, 0x0, 0x2}, 0x10)
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:02 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1121.568678][T22707] pgrefill 19387
[ 1121.568678][T22707] pgscan 19403
[ 1121.568678][T22707] pgsteal 102
[ 1121.568694][T22707] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=19852,uid=0
[ 1121.617884][T22707] Memory cgroup out of memory: Killed process 19852 (syz-executor.3) total-vm:72980kB, anon-rss:9144kB, file-rss:35816kB, shmem-rss:0kB, UID:0 pgtables:151552kB oom_score_adj:1000
[ 1122.004960][T22936] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1122.016918][T22936] CPU: 1 PID: 22936 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1122.024820][T22936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1122.034880][T22936] Call Trace:
[ 1122.038167][T22936]  dump_stack+0x172/0x1f0
[ 1122.042487][T22936]  dump_header+0x10b/0x82d
[ 1122.046889][T22936]  oom_kill_process.cold+0x10/0x15
[ 1122.051984][T22936]  out_of_memory+0x334/0x1340
[ 1122.056645][T22936]  ? lock_downgrade+0x920/0x920
[ 1122.061484][T22936]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1122.067276][T22936]  ? oom_killer_disable+0x280/0x280
[ 1122.072489][T22936]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1122.078037][T22936]  ? memcg_stat_show+0xc40/0xc40
[ 1122.082977][T22936]  ? do_raw_spin_unlock+0x57/0x270
[ 1122.088086][T22936]  ? _raw_spin_unlock+0x2d/0x50
[ 1122.092939][T22936]  try_charge+0xf4b/0x1440
[ 1122.097343][T22936]  ? find_held_lock+0x35/0x130
[ 1122.102100][T22936]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1122.107626][T22936]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1122.113157][T22936]  ? find_held_lock+0x35/0x130
[ 1122.117905][T22936]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1122.123443][T22936]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1122.128974][T22936]  ? memcg_kmem_put_cache+0x50/0x50
[ 1122.134157][T22936]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1122.139690][T22936]  __memcg_kmem_charge+0x13a/0x3a0
[ 1122.144790][T22936]  __alloc_pages_nodemask+0x4f5/0x900
[ 1122.150151][T22936]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1122.155879][T22936]  ? ___might_sleep+0x163/0x2c0
[ 1122.160719][T22936]  ? copyin+0x100/0x150
[ 1122.164863][T22936]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1122.171091][T22936]  alloc_pages_current+0x107/0x210
[ 1122.176189][T22936]  pipe_write+0x66d/0xf40
[ 1122.180507][T22936]  new_sync_write+0x4d3/0x770
[ 1122.185167][T22936]  ? new_sync_read+0x800/0x800
[ 1122.189921][T22936]  ? common_file_perm+0x238/0x720
[ 1122.194930][T22936]  ? __fget+0x384/0x560
[ 1122.199073][T22936]  ? apparmor_file_permission+0x25/0x30
[ 1122.204603][T22936]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1122.210831][T22936]  ? security_file_permission+0x8f/0x380
[ 1122.216474][T22936]  __vfs_write+0xe1/0x110
[ 1122.220789][T22936]  vfs_write+0x268/0x5d0
[ 1122.225021][T22936]  ksys_write+0x14f/0x290
[ 1122.229356][T22936]  ? __ia32_sys_read+0xb0/0xb0
[ 1122.234104][T22936]  ? do_syscall_64+0x26/0x760
[ 1122.238765][T22936]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1122.244820][T22936]  ? do_syscall_64+0x26/0x760
[ 1122.249509][T22936]  __x64_sys_write+0x73/0xb0
[ 1122.254085][T22936]  do_syscall_64+0xfa/0x760
[ 1122.258672][T22936]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1122.264546][T22936] RIP: 0033:0x45a219
[ 1122.268426][T22936] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1122.288012][T22936] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1122.296403][T22936] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1122.304354][T22936] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1122.312310][T22936] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1122.320263][T22936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1122.328220][T22936] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1122.336402][T22936] memory: usage 307148kB, limit 307200kB, failcnt 533
[ 1122.343163][T22936] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1122.350016][T22936] Memory cgroup stats for /syz5:
[ 1122.350117][T22936] anon 285417472
[ 1122.350117][T22936] file 0
[ 1122.350117][T22936] kernel_stack 3538944
[ 1122.350117][T22936] slab 10838016
[ 1122.350117][T22936] sock 0
[ 1122.350117][T22936] shmem 0
[ 1122.350117][T22936] file_mapped 0
[ 1122.350117][T22936] file_dirty 0
[ 1122.350117][T22936] file_writeback 0
[ 1122.350117][T22936] anon_thp 270532608
[ 1122.350117][T22936] inactive_anon 0
[ 1122.350117][T22936] active_anon 285417472
[ 1122.350117][T22936] inactive_file 0
[ 1122.350117][T22936] active_file 28672
[ 1122.350117][T22936] unevictable 0
[ 1122.350117][T22936] slab_reclaimable 2297856
[ 1122.350117][T22936] slab_unreclaimable 8540160
[ 1122.350117][T22936] pgfault 93885
[ 1122.350117][T22936] pgmajfault 0
[ 1122.350117][T22936] workingset_refault 33
[ 1122.350117][T22936] workingset_activate 0
[ 1122.350117][T22936] workingset_nodereclaim 0
[ 1122.350117][T22936] pgrefill 314
[ 1122.350117][T22936] pgscan 342
[ 1122.350117][T22936] pgsteal 165
[ 1122.350117][T22936] pgactivate 132
[ 1122.445972][T22936] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=22842,uid=0
[ 1122.461414][T22936] Memory cgroup out of memory: Killed process 22843 (syz-executor.5) total-vm:72980kB, anon-rss:14296kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:51:03 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1122.506619][ T1071] oom_reaper: reaped process 22843 (syz-executor.5), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB
07:51:03 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:03 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:03 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:04 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1122.895055][   T26] audit: type=1800 audit(1573026664.068:116): pid=23084 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16601 res=0
[ 1123.010169][T23085] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1123.022115][T23085] CPU: 1 PID: 23085 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1123.030012][T23085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1123.040071][T23085] Call Trace:
[ 1123.043369][T23085]  dump_stack+0x172/0x1f0
[ 1123.047706][T23085]  dump_header+0x10b/0x82d
[ 1123.052135][T23085]  oom_kill_process.cold+0x10/0x15
[ 1123.057362][T23085]  out_of_memory+0x334/0x1340
[ 1123.062051][T23085]  ? lock_downgrade+0x920/0x920
[ 1123.066916][T23085]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1123.072730][T23085]  ? oom_killer_disable+0x280/0x280
[ 1123.077948][T23085]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1123.083501][T23085]  ? memcg_stat_show+0xc40/0xc40
[ 1123.088452][T23085]  ? do_raw_spin_unlock+0x57/0x270
[ 1123.093565][T23085]  ? _raw_spin_unlock+0x2d/0x50
[ 1123.098406][T23085]  try_charge+0xf4b/0x1440
[ 1123.102808][T23085]  ? find_held_lock+0x35/0x130
[ 1123.112952][T23085]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1123.118483][T23085]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1123.124040][T23085]  ? find_held_lock+0x35/0x130
[ 1123.128790][T23085]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1123.134326][T23085]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1123.139857][T23085]  ? memcg_kmem_put_cache+0x50/0x50
[ 1123.145044][T23085]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1123.150578][T23085]  __memcg_kmem_charge+0x13a/0x3a0
[ 1123.155676][T23085]  __alloc_pages_nodemask+0x4f5/0x900
[ 1123.161037][T23085]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1123.166742][T23085]  ? ___might_sleep+0x163/0x2c0
[ 1123.171600][T23085]  ? copyin+0x100/0x150
[ 1123.175742][T23085]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1123.181965][T23085]  alloc_pages_current+0x107/0x210
[ 1123.187061][T23085]  pipe_write+0x66d/0xf40
[ 1123.191381][T23085]  new_sync_write+0x4d3/0x770
[ 1123.196053][T23085]  ? new_sync_read+0x800/0x800
[ 1123.200805][T23085]  ? common_file_perm+0x238/0x720
[ 1123.205812][T23085]  ? __fget+0x384/0x560
[ 1123.209967][T23085]  ? apparmor_file_permission+0x25/0x30
[ 1123.215495][T23085]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1123.221718][T23085]  ? security_file_permission+0x8f/0x380
[ 1123.227334][T23085]  __vfs_write+0xe1/0x110
[ 1123.231649][T23085]  vfs_write+0x268/0x5d0
[ 1123.235877][T23085]  ksys_write+0x14f/0x290
[ 1123.240189][T23085]  ? __ia32_sys_read+0xb0/0xb0
[ 1123.244937][T23085]  ? do_syscall_64+0x26/0x760
[ 1123.249596][T23085]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1123.255657][T23085]  ? do_syscall_64+0x26/0x760
[ 1123.260319][T23085]  __x64_sys_write+0x73/0xb0
[ 1123.264898][T23085]  do_syscall_64+0xfa/0x760
[ 1123.269386][T23085]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1123.275267][T23085] RIP: 0033:0x45a219
[ 1123.279161][T23085] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1123.298747][T23085] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1123.307155][T23085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1123.315109][T23085] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1123.323060][T23085] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1123.331014][T23085] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1123.339062][T23085] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1123.347613][T23085] memory: usage 307180kB, limit 307200kB, failcnt 611
[ 1123.354390][T23085] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
07:51:04 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r49, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1123.361464][T23085] Memory cgroup stats for /syz5:
[ 1123.361561][T23085] anon 285487104
[ 1123.361561][T23085] file 0
[ 1123.361561][T23085] kernel_stack 3473408
[ 1123.361561][T23085] slab 10838016
[ 1123.361561][T23085] sock 0
[ 1123.361561][T23085] shmem 0
[ 1123.361561][T23085] file_mapped 0
[ 1123.361561][T23085] file_dirty 0
[ 1123.361561][T23085] file_writeback 0
[ 1123.361561][T23085] anon_thp 270532608
[ 1123.361561][T23085] inactive_anon 0
[ 1123.361561][T23085] active_anon 285487104
[ 1123.361561][T23085] inactive_file 0
[ 1123.361561][T23085] active_file 28672
[ 1123.361561][T23085] unevictable 0
[ 1123.361561][T23085] slab_reclaimable 2297856
[ 1123.361561][T23085] slab_unreclaimable 8540160
[ 1123.361561][T23085] pgfault 94446
[ 1123.361561][T23085] pgmajfault 0
[ 1123.361561][T23085] workingset_refault 33
[ 1123.361561][T23085] workingset_activate 0
[ 1123.361561][T23085] workingset_nodereclaim 0
[ 1123.361561][T23085] pgrefill 314
[ 1123.361561][T23085] pgscan 375
[ 1123.361561][T23085] pgsteal 165
[ 1123.361561][T23085] pgactivate 132
[ 1123.457937][T23085] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23074,uid=0
[ 1123.473532][T23085] Memory cgroup out of memory: Killed process 23074 (syz-executor.5) total-vm:72848kB, anon-rss:14288kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
07:51:04 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1123.579813][ T1071] oom_reaper: reaped process 23074 (syz-executor.5), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB
07:51:04 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:04 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:05 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0xf000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:05 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:05 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:05 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:05 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:05 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
sendmsg$TIPC_NL_PUBL_GET(r48, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1124.383796][T23344] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1124.395728][T23344] CPU: 0 PID: 23344 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1124.403619][T23344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1124.413673][T23344] Call Trace:
[ 1124.416975][T23344]  dump_stack+0x172/0x1f0
[ 1124.421320][T23344]  dump_header+0x10b/0x82d
[ 1124.425749][T23344]  oom_kill_process.cold+0x10/0x15
[ 1124.430864][T23344]  out_of_memory+0x334/0x1340
[ 1124.435547][T23344]  ? lock_downgrade+0x920/0x920
[ 1124.440403][T23344]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1124.446209][T23344]  ? oom_killer_disable+0x280/0x280
[ 1124.451400][T23344]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1124.456932][T23344]  ? memcg_stat_show+0xc40/0xc40
[ 1124.461853][T23344]  ? do_raw_spin_unlock+0x57/0x270
[ 1124.466967][T23344]  ? _raw_spin_unlock+0x2d/0x50
[ 1124.471804][T23344]  try_charge+0xf4b/0x1440
[ 1124.476207][T23344]  ? find_held_lock+0x35/0x130
[ 1124.480962][T23344]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1124.486488][T23344]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1124.492018][T23344]  ? find_held_lock+0x35/0x130
[ 1124.496764][T23344]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1124.502302][T23344]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1124.507834][T23344]  ? memcg_kmem_put_cache+0x50/0x50
[ 1124.513017][T23344]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1124.518550][T23344]  __memcg_kmem_charge+0x13a/0x3a0
[ 1124.523645][T23344]  __alloc_pages_nodemask+0x4f5/0x900
[ 1124.529000][T23344]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1124.534705][T23344]  ? ___might_sleep+0x163/0x2c0
[ 1124.539541][T23344]  ? copyin+0x100/0x150
[ 1124.543688][T23344]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1124.549910][T23344]  alloc_pages_current+0x107/0x210
[ 1124.555007][T23344]  pipe_write+0x66d/0xf40
[ 1124.559328][T23344]  new_sync_write+0x4d3/0x770
[ 1124.563988][T23344]  ? new_sync_read+0x800/0x800
[ 1124.568739][T23344]  ? common_file_perm+0x238/0x720
[ 1124.573744][T23344]  ? __fget+0x384/0x560
[ 1124.577884][T23344]  ? apparmor_file_permission+0x25/0x30
[ 1124.583415][T23344]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1124.589640][T23344]  ? security_file_permission+0x8f/0x380
[ 1124.595255][T23344]  __vfs_write+0xe1/0x110
[ 1124.599567][T23344]  vfs_write+0x268/0x5d0
[ 1124.603792][T23344]  ksys_write+0x14f/0x290
[ 1124.608104][T23344]  ? __ia32_sys_read+0xb0/0xb0
[ 1124.612866][T23344]  ? do_syscall_64+0x26/0x760
[ 1124.617527][T23344]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1124.623576][T23344]  ? do_syscall_64+0x26/0x760
[ 1124.628238][T23344]  __x64_sys_write+0x73/0xb0
[ 1124.632814][T23344]  do_syscall_64+0xfa/0x760
[ 1124.637302][T23344]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1124.643173][T23344] RIP: 0033:0x45a219
[ 1124.647055][T23344] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1124.666650][T23344] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1124.675047][T23344] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1124.683001][T23344] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1124.690953][T23344] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1124.698920][T23344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1124.706875][T23344] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1124.715084][T23344] memory: usage 307064kB, limit 307200kB, failcnt 701
[ 1124.721830][T23344] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1124.728718][T23344] Memory cgroup stats for /syz5:
[ 1124.728821][T23344] anon 285339648
[ 1124.728821][T23344] file 0
[ 1124.728821][T23344] kernel_stack 3407872
[ 1124.728821][T23344] slab 10838016
[ 1124.728821][T23344] sock 0
[ 1124.728821][T23344] shmem 0
[ 1124.728821][T23344] file_mapped 0
[ 1124.728821][T23344] file_dirty 0
[ 1124.728821][T23344] file_writeback 0
[ 1124.728821][T23344] anon_thp 270532608
[ 1124.728821][T23344] inactive_anon 0
[ 1124.728821][T23344] active_anon 285184000
[ 1124.728821][T23344] inactive_file 0
[ 1124.728821][T23344] active_file 28672
[ 1124.728821][T23344] unevictable 0
[ 1124.728821][T23344] slab_reclaimable 2297856
[ 1124.728821][T23344] slab_unreclaimable 8540160
[ 1124.728821][T23344] pgfault 95007
[ 1124.728821][T23344] pgmajfault 0
[ 1124.728821][T23344] workingset_refault 33
[ 1124.728821][T23344] workingset_activate 0
[ 1124.728821][T23344] workingset_nodereclaim 0
[ 1124.728821][T23344] pgrefill 314
[ 1124.728821][T23344] pgscan 375
[ 1124.728821][T23344] pgsteal 165
[ 1124.728821][T23344] pgactivate 132
07:51:06 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:06 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1124.824559][T23344] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23337,uid=0
[ 1124.839991][T23344] Memory cgroup out of memory: Killed process 23344 (syz-executor.5) total-vm:72980kB, anon-rss:14032kB, file-rss:35872kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1124.886522][ T1071] oom_reaper: reaped process 23344 (syz-executor.5), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB
07:51:06 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1124.977711][   T26] audit: type=1800 audit(1573026666.158:117): pid=23359 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=634 res=0
07:51:06 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:06 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1125.451548][T23486] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1125.463731][T23486] CPU: 1 PID: 23486 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1125.471617][T23486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1125.481652][T23486] Call Trace:
[ 1125.484930][T23486]  dump_stack+0x172/0x1f0
[ 1125.489252][T23486]  dump_header+0x10b/0x82d
[ 1125.493652][T23486]  ? oom_kill_process+0x94/0x3f0
[ 1125.498591][T23486]  oom_kill_process.cold+0x10/0x15
[ 1125.503687][T23486]  out_of_memory+0x334/0x1340
[ 1125.508351][T23486]  ? lock_downgrade+0x920/0x920
[ 1125.513188][T23486]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1125.518981][T23486]  ? oom_killer_disable+0x280/0x280
[ 1125.524170][T23486]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1125.529702][T23486]  ? memcg_stat_show+0xc40/0xc40
[ 1125.534627][T23486]  ? do_raw_spin_unlock+0x57/0x270
[ 1125.539724][T23486]  ? _raw_spin_unlock+0x2d/0x50
[ 1125.544560][T23486]  try_charge+0xf4b/0x1440
[ 1125.548959][T23486]  ? find_held_lock+0x35/0x130
[ 1125.553712][T23486]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1125.559238][T23486]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1125.564771][T23486]  ? find_held_lock+0x35/0x130
[ 1125.569521][T23486]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1125.575060][T23486]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1125.580594][T23486]  ? memcg_kmem_put_cache+0x50/0x50
[ 1125.585796][T23486]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1125.591326][T23486]  __memcg_kmem_charge+0x13a/0x3a0
[ 1125.596435][T23486]  __alloc_pages_nodemask+0x4f5/0x900
[ 1125.601790][T23486]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1125.607430][T23486]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1125.613129][T23486]  ? percpu_ref_put_many+0xb6/0x190
[ 1125.618312][T23486]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1125.623597][T23486]  ? trace_hardirqs_on+0x67/0x240
[ 1125.628609][T23486]  copy_process+0x3f8/0x6860
[ 1125.633186][T23486]  ? debug_object_free+0x1f1/0x390
[ 1125.638287][T23486]  ? __cleanup_sighand+0x60/0x60
[ 1125.643210][T23486]  ? lock_downgrade+0x920/0x920
[ 1125.648046][T23486]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1125.653315][T23486]  ? trace_hardirqs_on+0x67/0x240
[ 1125.658321][T23486]  ? __kasan_check_read+0x11/0x20
[ 1125.663331][T23486]  _do_fork+0x146/0xfa0
[ 1125.667467][T23486]  ? debug_object_free+0x1f9/0x390
[ 1125.672580][T23486]  ? copy_init_mm+0x20/0x20
[ 1125.677068][T23486]  ? hrtimer_nanosleep+0x2c9/0x550
[ 1125.682164][T23486]  ? nanosleep_copyout+0x110/0x110
[ 1125.687263][T23486]  ? hrtimer_init_sleeper_on_stack+0xa0/0xa0
[ 1125.693246][T23486]  __x64_sys_clone+0x18d/0x250
[ 1125.697995][T23486]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1125.704220][T23486]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1125.709060][T23486]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1125.714343][T23486]  ? trace_hardirqs_on+0x67/0x240
[ 1125.719357][T23486]  do_syscall_64+0xfa/0x760
[ 1125.723846][T23486]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1125.729720][T23486] RIP: 0033:0x45cbe9
[ 1125.733600][T23486] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1125.753185][T23486] RSP: 002b:00007fffa4f7eab8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1125.761578][T23486] RAX: ffffffffffffffda RBX: 00007f9910180700 RCX: 000000000045cbe9
[ 1125.769533][T23486] RDX: 00007f99101809d0 RSI: 00007f991017fdb0 RDI: 00000000003d0f00
[ 1125.777488][T23486] RBP: 00007fffa4f7ecd0 R08: 00007f9910180700 R09: 00007f9910180700
[ 1125.785444][T23486] R10: 00007f99101809d0 R11: 0000000000000202 R12: 0000000000000000
[ 1125.793399][T23486] R13: 00007fffa4f7eb6f R14: 0000000000020000 R15: 0000000001ea5ed0
[ 1125.801637][T23486] memory: usage 307200kB, limit 307200kB, failcnt 755
[ 1125.808419][T23486] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1125.815279][T23486] Memory cgroup stats for /syz5:
[ 1125.815361][T23486] anon 285229056
[ 1125.815361][T23486] file 0
[ 1125.815361][T23486] kernel_stack 3538944
[ 1125.815361][T23486] slab 10838016
[ 1125.815361][T23486] sock 0
[ 1125.815361][T23486] shmem 0
[ 1125.815361][T23486] file_mapped 0
[ 1125.815361][T23486] file_dirty 0
[ 1125.815361][T23486] file_writeback 0
[ 1125.815361][T23486] anon_thp 270532608
[ 1125.815361][T23486] inactive_anon 0
[ 1125.815361][T23486] active_anon 285229056
[ 1125.815361][T23486] inactive_file 0
[ 1125.815361][T23486] active_file 28672
[ 1125.815361][T23486] unevictable 0
[ 1125.815361][T23486] slab_reclaimable 2297856
[ 1125.815361][T23486] slab_unreclaimable 8540160
[ 1125.815361][T23486] pgfault 95535
[ 1125.815361][T23486] pgmajfault 0
[ 1125.815361][T23486] workingset_refault 33
[ 1125.815361][T23486] workingset_activate 0
[ 1125.815361][T23486] workingset_nodereclaim 0
[ 1125.815361][T23486] pgrefill 314
[ 1125.815361][T23486] pgscan 375
[ 1125.815361][T23486] pgsteal 165
[ 1125.815361][T23486] pgactivate 132
[ 1125.911190][T23486] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23596,uid=0
[ 1125.926698][T23486] Memory cgroup out of memory: Killed process 23596 (syz-executor.5) total-vm:73112kB, anon-rss:14036kB, file-rss:35816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1125.956298][ T1071] oom_reaper: reaped process 23596 (syz-executor.5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:0kB
[ 1125.981155][T23485] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1125.993439][T23485] CPU: 1 PID: 23485 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
07:51:07 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r48=>0xffffffffffffffff})
r49 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r49, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r50 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r50, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r51 = fcntl$dupfd(r50, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r51, 0x40042408, r48)
r52 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r52, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r53 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r53, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1126.001351][T23485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1126.011407][T23485] Call Trace:
[ 1126.014723][T23485]  dump_stack+0x172/0x1f0
[ 1126.019063][T23485]  dump_header+0x10b/0x82d
[ 1126.023495][T23485]  oom_kill_process.cold+0x10/0x15
[ 1126.028622][T23485]  out_of_memory+0x334/0x1340
[ 1126.033306][T23485]  ? lock_downgrade+0x920/0x920
[ 1126.038166][T23485]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1126.043978][T23485]  ? oom_killer_disable+0x280/0x280
[ 1126.049202][T23485]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1126.054758][T23485]  ? memcg_stat_show+0xc40/0xc40
[ 1126.059704][T23485]  ? do_raw_spin_unlock+0x57/0x270
[ 1126.064828][T23485]  ? _raw_spin_unlock+0x2d/0x50
[ 1126.069687][T23485]  try_charge+0xf4b/0x1440
[ 1126.074112][T23485]  ? find_held_lock+0x35/0x130
[ 1126.078890][T23485]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1126.084444][T23485]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1126.090001][T23485]  ? find_held_lock+0x35/0x130
[ 1126.094769][T23485]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1126.100331][T23485]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1126.105885][T23485]  ? memcg_kmem_put_cache+0x50/0x50
[ 1126.111093][T23485]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1126.116646][T23485]  __memcg_kmem_charge+0x13a/0x3a0
[ 1126.121771][T23485]  __alloc_pages_nodemask+0x4f5/0x900
[ 1126.127157][T23485]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1126.132878][T23485]  ? ___might_sleep+0x163/0x2c0
[ 1126.137740][T23485]  ? copyin+0x100/0x150
[ 1126.141906][T23485]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1126.148151][T23485]  alloc_pages_current+0x107/0x210
07:51:07 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0xff05, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:07 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:07 executing program 5:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1126.153272][T23485]  pipe_write+0x66d/0xf40
[ 1126.157615][T23485]  new_sync_write+0x4d3/0x770
[ 1126.162294][T23485]  ? new_sync_read+0x800/0x800
[ 1126.167070][T23485]  ? common_file_perm+0x238/0x720
[ 1126.172095][T23485]  ? __fget+0x384/0x560
[ 1126.176256][T23485]  ? apparmor_file_permission+0x25/0x30
[ 1126.181806][T23485]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1126.188044][T23485]  ? security_file_permission+0x8f/0x380
[ 1126.188063][T23485]  __vfs_write+0xe1/0x110
[ 1126.188081][T23485]  vfs_write+0x268/0x5d0
[ 1126.188099][T23485]  ksys_write+0x14f/0x290
[ 1126.188114][T23485]  ? __ia32_sys_read+0xb0/0xb0
[ 1126.188130][T23485]  ? do_syscall_64+0x26/0x760
[ 1126.188152][T23485]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1126.206665][T23485]  ? do_syscall_64+0x26/0x760
[ 1126.206687][T23485]  __x64_sys_write+0x73/0xb0
[ 1126.206704][T23485]  do_syscall_64+0xfa/0x760
[ 1126.206724][T23485]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1126.206742][T23485] RIP: 0033:0x45a219
[ 1126.226857][T23485] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1126.226865][T23485] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1126.226885][T23485] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1126.265327][T23485] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1126.265337][T23485] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1126.265346][T23485] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1126.265355][T23485] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1126.267606][T23485] memory: usage 307200kB, limit 307200kB, failcnt 62391
[ 1126.320778][T23485] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1126.327660][T23485] Memory cgroup stats for /syz3:
[ 1126.327770][T23485] anon 292044800
[ 1126.327770][T23485] file 61440
[ 1126.327770][T23485] kernel_stack 2228224
[ 1126.327770][T23485] slab 8712192
[ 1126.327770][T23485] sock 0
[ 1126.327770][T23485] shmem 147456
[ 1126.327770][T23485] file_mapped 0
[ 1126.327770][T23485] file_dirty 0
[ 1126.327770][T23485] file_writeback 0
[ 1126.327770][T23485] anon_thp 278921216
[ 1126.327770][T23485] inactive_anon 135168
[ 1126.327770][T23485] active_anon 292044800
[ 1126.327770][T23485] inactive_file 0
[ 1126.327770][T23485] active_file 0
[ 1126.327770][T23485] unevictable 0
[ 1126.327770][T23485] slab_reclaimable 1892352
[ 1126.327770][T23485] slab_unreclaimable 6819840
[ 1126.327770][T23485] pgfault 112035
[ 1126.327770][T23485] pgmajfault 0
[ 1126.327770][T23485] workingset_refault 0
[ 1126.327770][T23485] workingset_activate 0
[ 1126.327770][T23485] workingset_nodereclaim 0
[ 1126.327770][T23485] pgrefill 19387
[ 1126.327770][T23485] pgscan 19469
[ 1126.327770][T23485] pgsteal 102
[ 1126.421347][T23485] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23476,uid=0
[ 1126.436830][T23485] Memory cgroup out of memory: Killed process 23476 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1127.566501][ T1071] oom_reaper: reaped process 23476 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[ 1127.587025][   T26] audit: type=1800 audit(1573026668.768:118): pid=23610 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16675 res=0
07:51:08 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:08 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:09 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1127.768779][   T26] audit: type=1800 audit(1573026668.948:119): pid=23733 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16882 res=0
07:51:09 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:09 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:09 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
r48 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r48, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r49 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r49, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
fcntl$dupfd(r49, 0x605, 0xffffffffffffffff)
r50 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r50, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r51 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r51, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1128.080455][   T26] audit: type=1800 audit(1573026669.258:120): pid=23748 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=635 res=0
[ 1128.190425][T23851] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1128.202352][T23851] CPU: 0 PID: 23851 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1128.210227][T23851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1128.220267][T23851] Call Trace:
[ 1128.223564][T23851]  dump_stack+0x172/0x1f0
[ 1128.227885][T23851]  dump_header+0x10b/0x82d
[ 1128.232289][T23851]  oom_kill_process.cold+0x10/0x15
[ 1128.237388][T23851]  out_of_memory+0x334/0x1340
[ 1128.242051][T23851]  ? lock_downgrade+0x920/0x920
[ 1128.246889][T23851]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1128.252678][T23851]  ? oom_killer_disable+0x280/0x280
[ 1128.257869][T23851]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1128.263399][T23851]  ? memcg_stat_show+0xc40/0xc40
[ 1128.268326][T23851]  ? do_raw_spin_unlock+0x57/0x270
[ 1128.273436][T23851]  ? _raw_spin_unlock+0x2d/0x50
[ 1128.278276][T23851]  try_charge+0xf4b/0x1440
[ 1128.282675][T23851]  ? find_held_lock+0x35/0x130
[ 1128.287432][T23851]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1128.292965][T23851]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1128.298512][T23851]  ? find_held_lock+0x35/0x130
[ 1128.303261][T23851]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1128.308800][T23851]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1128.314340][T23851]  ? memcg_kmem_put_cache+0x50/0x50
[ 1128.319527][T23851]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1128.325079][T23851]  __memcg_kmem_charge+0x13a/0x3a0
[ 1128.330178][T23851]  __alloc_pages_nodemask+0x4f5/0x900
[ 1128.335554][T23851]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1128.341259][T23851]  ? ___might_sleep+0x163/0x2c0
[ 1128.346112][T23851]  ? copyin+0x100/0x150
[ 1128.350258][T23851]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1128.356486][T23851]  alloc_pages_current+0x107/0x210
[ 1128.361588][T23851]  pipe_write+0x66d/0xf40
[ 1128.365915][T23851]  new_sync_write+0x4d3/0x770
[ 1128.370578][T23851]  ? new_sync_read+0x800/0x800
[ 1128.375335][T23851]  ? common_file_perm+0x238/0x720
[ 1128.380346][T23851]  ? __fget+0x384/0x560
[ 1128.384491][T23851]  ? apparmor_file_permission+0x25/0x30
[ 1128.390022][T23851]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1128.396248][T23851]  ? security_file_permission+0x8f/0x380
[ 1128.401867][T23851]  __vfs_write+0xe1/0x110
[ 1128.406211][T23851]  vfs_write+0x268/0x5d0
[ 1128.410448][T23851]  ksys_write+0x14f/0x290
[ 1128.414785][T23851]  ? __ia32_sys_read+0xb0/0xb0
[ 1128.419544][T23851]  ? do_syscall_64+0x26/0x760
[ 1128.424208][T23851]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1128.430258][T23851]  ? do_syscall_64+0x26/0x760
[ 1128.434926][T23851]  __x64_sys_write+0x73/0xb0
[ 1128.439503][T23851]  do_syscall_64+0xfa/0x760
[ 1128.443998][T23851]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1128.449877][T23851] RIP: 0033:0x45a219
[ 1128.453773][T23851] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1128.473394][T23851] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1128.481799][T23851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1128.489777][T23851] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1128.497736][T23851] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1128.505691][T23851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1128.513906][T23851] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1128.522043][T23851] memory: usage 307200kB, limit 307200kB, failcnt 67290
[ 1128.528984][T23851] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1128.535833][T23851] Memory cgroup stats for /syz3:
[ 1128.535942][T23851] anon 292118528
[ 1128.535942][T23851] file 61440
[ 1128.535942][T23851] kernel_stack 2293760
[ 1128.535942][T23851] slab 8712192
[ 1128.535942][T23851] sock 0
[ 1128.535942][T23851] shmem 147456
[ 1128.535942][T23851] file_mapped 0
[ 1128.535942][T23851] file_dirty 0
[ 1128.535942][T23851] file_writeback 0
[ 1128.535942][T23851] anon_thp 278921216
[ 1128.535942][T23851] inactive_anon 135168
[ 1128.535942][T23851] active_anon 292118528
[ 1128.535942][T23851] inactive_file 0
[ 1128.535942][T23851] active_file 0
[ 1128.535942][T23851] unevictable 0
[ 1128.535942][T23851] slab_reclaimable 1892352
[ 1128.535942][T23851] slab_unreclaimable 6819840
[ 1128.535942][T23851] pgfault 112233
[ 1128.535942][T23851] pgmajfault 0
[ 1128.535942][T23851] workingset_refault 0
[ 1128.535942][T23851] workingset_activate 0
[ 1128.535942][T23851] workingset_nodereclaim 0
[ 1128.535942][T23851] pgrefill 19453
[ 1128.535942][T23851] pgscan 19469
[ 1128.535942][T23851] pgsteal 102
[ 1128.629467][T23851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23229,uid=0
[ 1128.644987][T23851] Memory cgroup out of memory: Killed process 23229 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1129.548917][ T1071] oom_reaper: reaped process 23229 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:51:10 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:11 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1129.952288][T23921] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1129.962589][T23921] CPU: 1 PID: 23921 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1129.970469][T23921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1129.980504][T23921] Call Trace:
[ 1129.983792][T23921]  dump_stack+0x172/0x1f0
[ 1129.988115][T23921]  dump_header+0x10b/0x82d
[ 1129.992523][T23921]  oom_kill_process.cold+0x10/0x15
[ 1129.997623][T23921]  out_of_memory+0x334/0x1340
[ 1130.002288][T23921]  ? lock_downgrade+0x920/0x920
[ 1130.007148][T23921]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1130.012967][T23921]  ? oom_killer_disable+0x280/0x280
[ 1130.018190][T23921]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1130.023745][T23921]  ? memcg_stat_show+0xc40/0xc40
[ 1130.028699][T23921]  ? do_raw_spin_unlock+0x57/0x270
[ 1130.033823][T23921]  ? _raw_spin_unlock+0x2d/0x50
[ 1130.038678][T23921]  try_charge+0xf4b/0x1440
[ 1130.043099][T23921]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1130.048652][T23921]  ? percpu_ref_tryget_live+0x111/0x290
[ 1130.054206][T23921]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1130.060459][T23921]  ? __kasan_check_read+0x11/0x20
[ 1130.065605][T23921]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1130.071179][T23921]  mem_cgroup_try_charge+0x136/0x590
[ 1130.076477][T23921]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1130.082118][T23921]  wp_page_copy+0x407/0x1860
[ 1130.086721][T23921]  ? find_held_lock+0x35/0x130
[ 1130.091493][T23921]  ? do_wp_page+0x53b/0x15c0
[ 1130.096088][T23921]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1130.101900][T23921]  ? lock_downgrade+0x920/0x920
[ 1130.106754][T23921]  ? vm_normal_page+0x15d/0x3c0
[ 1130.111607][T23921]  ? __pte_alloc_kernel+0x210/0x210
[ 1130.116808][T23921]  ? __kasan_check_read+0x11/0x20
[ 1130.121844][T23921]  ? do_raw_spin_unlock+0x57/0x270
[ 1130.126960][T23921]  do_wp_page+0x543/0x15c0
[ 1130.131534][T23921]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1130.136563][T23921]  ? lock_acquire+0x190/0x410
[ 1130.136579][T23921]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1130.136593][T23921]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1130.136615][T23921]  __handle_mm_fault+0x23ec/0x4040
[ 1130.146638][T23921]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1130.146655][T23921]  ? handle_mm_fault+0x292/0xaa0
[ 1130.146690][T23921]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1130.146708][T23921]  ? __kasan_check_read+0x11/0x20
[ 1130.146728][T23921]  handle_mm_fault+0x3b7/0xaa0
[ 1130.146754][T23921]  __do_page_fault+0x536/0xdd0
[ 1130.188834][T23921]  do_page_fault+0x38/0x590
[ 1130.193326][T23921]  page_fault+0x39/0x40
[ 1130.197472][T23921] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1130.204046][T23921] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1130.223643][T23921] RSP: 0018:ffff8880170cfab8 EFLAGS: 00010206
[ 1130.229776][T23921] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1130.237730][T23921] RDX: 0000000000001000 RSI: ffff8880a8ba6b00 RDI: 0000000020e21000
[ 1130.245685][T23921] RBP: ffff8880170cfaf0 R08: ffffed1015174e00 R09: 0000000000000000
[ 1130.253638][T23921] R10: ffffed1015174dff R11: ffff8880a8ba6fff R12: 0000000020e20500
[ 1130.261677][T23921] R13: ffff8880a8ba6000 R14: 0000000020e21500 R15: 00007ffffffff000
[ 1130.269663][T23921]  ? copyout+0x12d/0x150
[ 1130.273916][T23921]  copy_page_to_iter+0x3de/0xda0
[ 1130.278840][T23921]  ? kill_fasync+0x323/0x4a0
[ 1130.283416][T23921]  pipe_to_user+0xb4/0x170
[ 1130.287817][T23921]  __splice_from_pipe+0x397/0x7d0
[ 1130.292825][T23921]  ? iter_to_pipe+0x560/0x560
[ 1130.297510][T23921]  do_vmsplice.part.0+0x249/0x2b0
[ 1130.302517][T23921]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1130.307699][T23921]  ? import_iovec+0x267/0x410
[ 1130.312462][T23921]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1130.318688][T23921]  __do_sys_vmsplice+0x1bc/0x210
[ 1130.323621][T23921]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1130.328803][T23921]  ? __kasan_check_read+0x11/0x20
[ 1130.333813][T23921]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1130.340035][T23921]  ? put_timespec64+0xda/0x140
[ 1130.344785][T23921]  ? nsecs_to_jiffies+0x30/0x30
[ 1130.349624][T23921]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1130.355063][T23921]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1130.360519][T23921]  ? do_syscall_64+0x26/0x760
[ 1130.365355][T23921]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1130.371403][T23921]  ? do_syscall_64+0x26/0x760
[ 1130.376065][T23921]  __x64_sys_vmsplice+0x97/0xf0
[ 1130.380901][T23921]  do_syscall_64+0xfa/0x760
[ 1130.385403][T23921]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1130.391277][T23921] RIP: 0033:0x45a219
[ 1130.395154][T23921] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1130.414741][T23921] RSP: 002b:00007f99101c1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1130.423135][T23921] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1130.431109][T23921] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1130.439074][T23921] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
07:51:11 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1130.447026][T23921] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101c26d4
[ 1130.454978][T23921] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1130.465473][T23921] memory: usage 307200kB, limit 307200kB, failcnt 924
[ 1130.472260][T23921] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1130.479149][T23921] Memory cgroup stats for /syz5:
[ 1130.479273][T23921] anon 285835264
[ 1130.479273][T23921] file 0
[ 1130.479273][T23921] kernel_stack 3473408
[ 1130.479273][T23921] slab 10514432
[ 1130.479273][T23921] sock 0
[ 1130.479273][T23921] shmem 0
[ 1130.479273][T23921] file_mapped 0
[ 1130.479273][T23921] file_dirty 0
[ 1130.479273][T23921] file_writeback 135168
[ 1130.479273][T23921] anon_thp 272629760
[ 1130.479273][T23921] inactive_anon 0
[ 1130.479273][T23921] active_anon 285700096
[ 1130.479273][T23921] inactive_file 0
[ 1130.479273][T23921] active_file 28672
[ 1130.479273][T23921] unevictable 0
[ 1130.479273][T23921] slab_reclaimable 2297856
[ 1130.479273][T23921] slab_unreclaimable 8216576
[ 1130.479273][T23921] pgfault 95733
[ 1130.479273][T23921] pgmajfault 0
[ 1130.479273][T23921] workingset_refault 33
[ 1130.479273][T23921] workingset_activate 0
[ 1130.479273][T23921] workingset_nodereclaim 0
[ 1130.479273][T23921] pgrefill 314
[ 1130.479273][T23921] pgscan 375
[ 1130.479273][T23921] pgsteal 165
[ 1130.479273][T23921] pgactivate 132
[ 1130.486491][   T26] audit: type=1800 audit(1573026671.648:121): pid=23983 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16650 res=0
07:51:11 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0xf0ffff, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

[ 1130.575511][T23921] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23862,uid=0
[ 1130.575647][T23921] Memory cgroup out of memory: Killed process 23862 (syz-executor.5) total-vm:72980kB, anon-rss:14452kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1130.647111][ T1071] oom_reaper: reaped process 23862 (syz-executor.5), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:51:12 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:12 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
r48 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r48, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r49 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r49, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r50 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r50, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r51 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r51, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:12 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)

07:51:12 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:12 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1131.274450][T24114] syz-executor.5 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1131.286433][T24114] CPU: 1 PID: 24114 Comm: syz-executor.5 Not tainted 5.4.0-rc6+ #0
[ 1131.294423][T24114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1131.304482][T24114] Call Trace:
[ 1131.307766][T24114]  dump_stack+0x172/0x1f0
[ 1131.312084][T24114]  dump_header+0x10b/0x82d
[ 1131.316487][T24114]  oom_kill_process.cold+0x10/0x15
[ 1131.321586][T24114]  out_of_memory+0x334/0x1340
[ 1131.326257][T24114]  ? lock_downgrade+0x920/0x920
[ 1131.331106][T24114]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1131.336900][T24114]  ? oom_killer_disable+0x280/0x280
[ 1131.342091][T24114]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1131.347623][T24114]  ? memcg_stat_show+0xc40/0xc40
[ 1131.352566][T24114]  ? do_raw_spin_unlock+0x57/0x270
[ 1131.357664][T24114]  ? _raw_spin_unlock+0x2d/0x50
[ 1131.362504][T24114]  try_charge+0xf4b/0x1440
[ 1131.366901][T24114]  ? find_held_lock+0x35/0x130
[ 1131.371654][T24114]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1131.377180][T24114]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1131.382708][T24114]  ? find_held_lock+0x35/0x130
[ 1131.387457][T24114]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1131.393004][T24114]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1131.398534][T24114]  ? memcg_kmem_put_cache+0x50/0x50
[ 1131.403719][T24114]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1131.409267][T24114]  __memcg_kmem_charge+0x13a/0x3a0
[ 1131.414368][T24114]  __alloc_pages_nodemask+0x4f5/0x900
[ 1131.419737][T24114]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1131.425441][T24114]  ? ___might_sleep+0x163/0x2c0
[ 1131.430276][T24114]  ? copyin+0x100/0x150
[ 1131.434417][T24114]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1131.440665][T24114]  alloc_pages_current+0x107/0x210
[ 1131.445768][T24114]  pipe_write+0x66d/0xf40
[ 1131.450105][T24114]  new_sync_write+0x4d3/0x770
[ 1131.454775][T24114]  ? new_sync_read+0x800/0x800
[ 1131.459544][T24114]  ? common_file_perm+0x238/0x720
[ 1131.464570][T24114]  ? __fget+0x384/0x560
[ 1131.468727][T24114]  ? apparmor_file_permission+0x25/0x30
[ 1131.474262][T24114]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1131.480486][T24114]  ? security_file_permission+0x8f/0x380
[ 1131.486105][T24114]  __vfs_write+0xe1/0x110
[ 1131.490433][T24114]  vfs_write+0x268/0x5d0
[ 1131.494670][T24114]  ksys_write+0x14f/0x290
[ 1131.498986][T24114]  ? __ia32_sys_read+0xb0/0xb0
[ 1131.503733][T24114]  ? do_syscall_64+0x26/0x760
[ 1131.508394][T24114]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1131.514440][T24114]  ? do_syscall_64+0x26/0x760
[ 1131.519114][T24114]  __x64_sys_write+0x73/0xb0
[ 1131.523690][T24114]  do_syscall_64+0xfa/0x760
[ 1131.528178][T24114]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1131.534051][T24114] RIP: 0033:0x45a219
[ 1131.537931][T24114] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1131.557614][T24114] RSP: 002b:00007f99101e2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1131.566011][T24114] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1131.573973][T24114] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1131.581926][T24114] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1131.589880][T24114] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99101e36d4
[ 1131.597834][T24114] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1131.606370][T24114] memory: usage 307148kB, limit 307200kB, failcnt 1053
[ 1131.613213][T24114] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1131.620077][T24114] Memory cgroup stats for /syz5:
[ 1131.620178][T24114] anon 285683712
[ 1131.620178][T24114] file 0
[ 1131.620178][T24114] kernel_stack 3473408
[ 1131.620178][T24114] slab 10514432
[ 1131.620178][T24114] sock 0
[ 1131.620178][T24114] shmem 0
[ 1131.620178][T24114] file_mapped 0
[ 1131.620178][T24114] file_dirty 0
[ 1131.620178][T24114] file_writeback 135168
[ 1131.620178][T24114] anon_thp 270532608
[ 1131.620178][T24114] inactive_anon 0
[ 1131.620178][T24114] active_anon 285683712
[ 1131.620178][T24114] inactive_file 0
[ 1131.620178][T24114] active_file 28672
[ 1131.620178][T24114] unevictable 0
[ 1131.620178][T24114] slab_reclaimable 2297856
[ 1131.620178][T24114] slab_unreclaimable 8216576
[ 1131.620178][T24114] pgfault 96426
[ 1131.620178][T24114] pgmajfault 0
[ 1131.620178][T24114] workingset_refault 33
[ 1131.620178][T24114] workingset_activate 0
[ 1131.620178][T24114] workingset_nodereclaim 0
[ 1131.620178][T24114] pgrefill 314
[ 1131.620178][T24114] pgscan 375
[ 1131.620178][T24114] pgsteal 165
[ 1131.620178][T24114] pgactivate 132
[ 1131.716548][T24114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=24105,uid=0
[ 1131.732007][T24114] Memory cgroup out of memory: Killed process 24108 (syz-executor.5) total-vm:72980kB, anon-rss:14560kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1131.762676][ T1071] oom_reaper: reaped process 24108 (syz-executor.5), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB
07:51:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000cd8000)=""/1, 0x2e171c03}], 0x1)
ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x6)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000))
fcntl$setsig(r2, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r3}], 0x1, 0xffffffffffbffff8)
dup2(r2, r3)
fcntl$setown(r2, 0x8, r1)
tkill(r1, 0x16)

[ 1131.833711][   T26] audit: type=1800 audit(1573026673.008:122): pid=24116 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16571 res=0
07:51:13 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in6=@mcast1={0xff, 0x1, [0x0, 0x0, 0x48, 0x0, 0x0, 0x3]}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

07:51:13 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r1)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:13 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1132.072798][T24137] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'.
07:51:13 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x15, 0x10, 0x3, 0x0, 0x4}, 0x3c)

07:51:13 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
r48 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r48, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
socket$inet(0x2, 0x2000000080002, 0x0)
r49 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r49, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r50 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r50, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1132.202806][   T26] audit: type=1800 audit(1573026673.378:123): pid=24169 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16679 res=0
07:51:13 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x1000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:13 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:13 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:13 executing program 0:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r0, &(0x7f0000000a40)=ANY=[@ANYBLOB='#'], 0x1)
close(r0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

07:51:13 executing program 5:
r0 = getpid()
sched_setscheduler(r0, 0x5, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="0300000000000800000000000000e9ca"], 0x1}}, 0x40040)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x5], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1132.605763][   T26] audit: type=1800 audit(1573026673.778:124): pid=24266 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=636 res=0
07:51:13 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000140), &(0x7f0000000180)=0x4)

07:51:14 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
r48 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r48, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r49 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r49, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r50 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r50, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:14 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1133.035637][   T26] audit: type=1800 audit(1573026674.218:125): pid=24302 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16755 res=0
07:51:14 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:14 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:14 executing program 5:

[ 1133.371127][T24421] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1133.383094][T24421] CPU: 1 PID: 24421 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1133.390988][T24421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1133.401049][T24421] Call Trace:
[ 1133.404353][T24421]  dump_stack+0x172/0x1f0
[ 1133.408695][T24421]  dump_header+0x10b/0x82d
[ 1133.413122][T24421]  oom_kill_process.cold+0x10/0x15
[ 1133.418246][T24421]  out_of_memory+0x334/0x1340
[ 1133.422928][T24421]  ? lock_downgrade+0x920/0x920
[ 1133.427791][T24421]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1133.433596][T24421]  ? oom_killer_disable+0x280/0x280
[ 1133.438794][T24421]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1133.438809][T24421]  ? memcg_stat_show+0xc40/0xc40
[ 1133.438827][T24421]  ? do_raw_spin_unlock+0x57/0x270
[ 1133.438847][T24421]  ? _raw_spin_unlock+0x2d/0x50
[ 1133.459237][T24421]  try_charge+0xf4b/0x1440
[ 1133.463772][T24421]  ? find_held_lock+0x35/0x130
[ 1133.468556][T24421]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1133.474127][T24421]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1133.479676][T24421]  ? find_held_lock+0x35/0x130
[ 1133.484449][T24421]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1133.490012][T24421]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1133.495564][T24421]  ? memcg_kmem_put_cache+0x50/0x50
[ 1133.500776][T24421]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1133.506327][T24421]  __memcg_kmem_charge+0x13a/0x3a0
[ 1133.511442][T24421]  __alloc_pages_nodemask+0x4f5/0x900
[ 1133.516819][T24421]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1133.522537][T24421]  ? ___might_sleep+0x163/0x2c0
[ 1133.527392][T24421]  ? copyin+0x100/0x150
[ 1133.531557][T24421]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1133.537810][T24421]  alloc_pages_current+0x107/0x210
[ 1133.542932][T24421]  pipe_write+0x66d/0xf40
[ 1133.547269][T24421]  new_sync_write+0x4d3/0x770
[ 1133.551940][T24421]  ? new_sync_read+0x800/0x800
[ 1133.556715][T24421]  ? common_file_perm+0x238/0x720
[ 1133.561743][T24421]  ? __fget+0x384/0x560
[ 1133.565908][T24421]  ? apparmor_file_permission+0x25/0x30
[ 1133.571458][T24421]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1133.577706][T24421]  ? security_file_permission+0x8f/0x380
[ 1133.583340][T24421]  __vfs_write+0xe1/0x110
[ 1133.587671][T24421]  vfs_write+0x268/0x5d0
[ 1133.591910][T24421]  ksys_write+0x14f/0x290
[ 1133.596240][T24421]  ? __ia32_sys_read+0xb0/0xb0
[ 1133.601010][T24421]  ? do_syscall_64+0x26/0x760
[ 1133.605693][T24421]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1133.611762][T24421]  ? do_syscall_64+0x26/0x760
[ 1133.616450][T24421]  __x64_sys_write+0x73/0xb0
[ 1133.621045][T24421]  do_syscall_64+0xfa/0x760
[ 1133.625558][T24421]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1133.631549][T24421] RIP: 0033:0x45a219
[ 1133.635449][T24421] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1133.655053][T24421] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1133.663466][T24421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1133.671435][T24421] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1133.679408][T24421] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1133.687465][T24421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1133.695436][T24421] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1133.704127][T24421] memory: usage 307200kB, limit 307200kB, failcnt 70856
[ 1133.711111][T24421] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1133.717976][T24421] Memory cgroup stats for /syz3:
[ 1133.718070][T24421] anon 292089856
[ 1133.718070][T24421] file 61440
[ 1133.718070][T24421] kernel_stack 2228224
[ 1133.718070][T24421] slab 8847360
[ 1133.718070][T24421] sock 0
[ 1133.718070][T24421] shmem 147456
[ 1133.718070][T24421] file_mapped 0
[ 1133.718070][T24421] file_dirty 0
[ 1133.718070][T24421] file_writeback 0
[ 1133.718070][T24421] anon_thp 278921216
[ 1133.718070][T24421] inactive_anon 135168
[ 1133.718070][T24421] active_anon 292089856
[ 1133.718070][T24421] inactive_file 0
[ 1133.718070][T24421] active_file 0
[ 1133.718070][T24421] unevictable 0
[ 1133.718070][T24421] slab_reclaimable 1892352
[ 1133.718070][T24421] slab_unreclaimable 6955008
[ 1133.718070][T24421] pgfault 113487
[ 1133.718070][T24421] pgmajfault 0
[ 1133.718070][T24421] workingset_refault 0
[ 1133.718070][T24421] workingset_activate 0
[ 1133.718070][T24421] workingset_nodereclaim 0
[ 1133.718070][T24421] pgrefill 26260
[ 1133.718070][T24421] pgscan 26283
[ 1133.718070][T24421] pgsteal 102
[ 1133.811623][T24421] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24351,uid=0
[ 1133.827099][T24421] Memory cgroup out of memory: Killed process 24351 (syz-executor.3) total-vm:72848kB, anon-rss:12460kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
07:51:14 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x2000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:14 executing program 5:

07:51:14 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r49 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r49, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:14 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:14 executing program 0:

[ 1135.520916][ T1071] oom_reaper: reaped process 24351 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[ 1135.533294][   T26] audit: type=1800 audit(1573026674.568:126): pid=24428 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16770 res=0
07:51:16 executing program 5:

07:51:16 executing program 0:

07:51:16 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:17 executing program 0:

[ 1135.793559][   T26] audit: type=1800 audit(1573026676.968:127): pid=24454 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16679 res=0
07:51:17 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$urandom(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980914})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000001c0)={0x3, 0x980915})
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000000))
io_setup(0x0, &(0x7f00000004c0))

07:51:17 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:17 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000002740)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB="ff0000000017b60300e97f000000000003007b0093135becf3da16d79259e59e54b2cbf26fa9da13d82ecb53c1f71829d500001000b89e74e13bdb334099ee1fd60c8bc2fbca3cbf9f520e43ff066dcd0df7f615d03da033773bbd1a1f6ac6c4e00733151a5380f7c8f55173eca37596be15332dc2532ca7a530e6fac1735a9831ee49c36e6ead7996e0503a9846183602cf32b073301844360c4f46d307ae1501a67b3d517c41c6c852199c67f45d1dede4bfb9099a457ace9290f4f5a9f14fdf83b65caec26af88b3869ec0db076ee94792e29718264f1297af41e6dccd73e7bb200a2f5e6fded97366112dddf4b292bdd06c65161f77dc0169ee657d4114376adb9bf58505a20a324b63193148f15cb608037d212456036c9462cbf5dd912610bc44403885e72ce91f94cc17d87d64cde04ca2ba7263658116e4abe3e3edd3e8d3508bc5ff427629d2ee99782513c8ef8c987d8fd37586c041d403ac458a93c74f6431e05005269939854894c0c126d14d173730ae3417073e8c5df9ba69a3d7a440c5bc96dbc11fda23a679d679527c46774c06b47df159ca1d59b872da1c9eac4b6e993f7eb979434dc2266b5fd3182e3088b20f208179beb18f7a5941c782c21"], 0x18)
sendmmsg(r0, &(0x7f0000007e00), 0x136a88c8311572c, 0x0)

[ 1136.086414][   T26] audit: type=1800 audit(1573026677.268:128): pid=24472 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16582 res=0
07:51:17 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x3000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:17 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
pipe(&(0x7f0000000ac0))
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r49 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r49, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:17 executing program 5:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x15, 0x10, 0x3}, 0x3c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)

07:51:17 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:17 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:17 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f00000000c0)=0x100000001, 0x4)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)

07:51:17 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x100000001)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)

[ 1136.545687][   T26] audit: type=1800 audit(1573026677.728:129): pid=24599 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16850 res=0
07:51:17 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:18 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:18 executing program 0:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x40000000000001, 0x0)
bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote}, @tcp={{0x0, 0x4e20, 0x41424344, 0x42424242, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3a8, 0x0)

07:51:18 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40)=<r47=>0x0)
syz_open_procfs(r47, &(0x7f0000000600)='W\xee\xaa')
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r49 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r49, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:18 executing program 5:
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
keyctl$revoke(0x3, 0x0)
keyctl$get_security(0x11, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000029000)=""/102400, 0x19000}}], 0x1, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r2, r0)
sendmsg$netlink(r3, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000019000)=[{&(0x7f00000008c0)=ANY=[@ANYPTR], 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x14}, 0x0)
recvmmsg(r1, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0x0)

[ 1137.004031][   T26] audit: type=1800 audit(1573026678.178:130): pid=24619 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16867 res=0
07:51:18 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x4000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:18 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:18 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:18 executing program 0:
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x40000000000001, 0x0)
bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote}, @tcp={{0x0, 0x4e20, 0x41424344, 0x42424242, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3a8, 0x0)

07:51:18 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r43, 0x5429, &(0x7f0000000a40))
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:18 executing program 5:
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
keyctl$revoke(0x3, 0x0)
keyctl$get_security(0x11, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000029000)=""/102400, 0x19000}}], 0x1, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r2, r0)
sendmsg$netlink(r3, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000019000)=[{&(0x7f00000008c0)=ANY=[@ANYPTR], 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x14}, 0x0)
recvmmsg(r1, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0x0)

[ 1137.636601][   T26] audit: type=1800 audit(1573026678.818:131): pid=24769 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16931 res=0
[ 1137.667453][T24751] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1137.679640][T24751] CPU: 0 PID: 24751 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1137.687533][T24751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1137.697590][T24751] Call Trace:
[ 1137.700893][T24751]  dump_stack+0x172/0x1f0
[ 1137.705233][T24751]  dump_header+0x10b/0x82d
[ 1137.709646][T24751]  ? oom_kill_process+0x94/0x3f0
[ 1137.714593][T24751]  oom_kill_process.cold+0x10/0x15
[ 1137.719719][T24751]  out_of_memory+0x334/0x1340
[ 1137.724405][T24751]  ? lock_downgrade+0x920/0x920
[ 1137.729271][T24751]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1137.735083][T24751]  ? oom_killer_disable+0x280/0x280
[ 1137.740301][T24751]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1137.745856][T24751]  ? memcg_stat_show+0xc40/0xc40
[ 1137.750801][T24751]  ? do_raw_spin_unlock+0x57/0x270
[ 1137.755913][T24751]  ? _raw_spin_unlock+0x2d/0x50
[ 1137.760772][T24751]  try_charge+0xf4b/0x1440
[ 1137.766155][T24751]  ? find_held_lock+0x35/0x130
[ 1137.770927][T24751]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1137.776473][T24751]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1137.782020][T24751]  ? find_held_lock+0x35/0x130
[ 1137.786796][T24751]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1137.792793][T24751]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1137.798344][T24751]  ? memcg_kmem_put_cache+0x50/0x50
[ 1137.803551][T24751]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1137.809106][T24751]  __memcg_kmem_charge+0x13a/0x3a0
[ 1137.814225][T24751]  __alloc_pages_nodemask+0x4f5/0x900
[ 1137.819603][T24751]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1137.825154][T24751]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1137.830869][T24751]  ? percpu_ref_put_many+0xb6/0x190
[ 1137.836067][T24751]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1137.841340][T24751]  ? trace_hardirqs_on+0x67/0x240
[ 1137.846359][T24751]  ? __kasan_check_read+0x11/0x20
[ 1137.851391][T24751]  copy_process+0x3f8/0x6860
[ 1137.855982][T24751]  ? psi_memstall_leave+0x12e/0x180
[ 1137.861177][T24751]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1137.867428][T24751]  ? __cleanup_sighand+0x60/0x60
[ 1137.872376][T24751]  ? __kasan_check_read+0x11/0x20
[ 1137.877419][T24751]  ? _raw_spin_unlock_irq+0x5e/0x90
[ 1137.882601][T24751]  ? set_task_reclaim_state+0x56/0xb0
[ 1137.887988][T24751]  _do_fork+0x146/0xfa0
[ 1137.892144][T24751]  ? copy_init_mm+0x20/0x20
[ 1137.896644][T24751]  ? lock_downgrade+0x920/0x920
[ 1137.901487][T24751]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1137.907735][T24751]  ? blkcg_maybe_throttle_current+0x5fe/0x1030
[ 1137.913882][T24751]  __x64_sys_clone+0x18d/0x250
[ 1137.918631][T24751]  ? __blkcg_punt_bio_submit+0x1e0/0x1e0
[ 1137.924249][T24751]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1137.929086][T24751]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1137.934349][T24751]  ? trace_hardirqs_on+0x67/0x240
[ 1137.939361][T24751]  do_syscall_64+0xfa/0x760
[ 1137.943849][T24751]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1137.949723][T24751] RIP: 0033:0x45cbe9
[ 1137.953609][T24751] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1137.973201][T24751] RSP: 002b:00007ffe5afc52c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1137.981597][T24751] RAX: ffffffffffffffda RBX: 00007f612e445700 RCX: 000000000045cbe9
[ 1137.989551][T24751] RDX: 00007f612e4459d0 RSI: 00007f612e444db0 RDI: 00000000003d0f00
[ 1137.997502][T24751] RBP: 00007ffe5afc54e0 R08: 00007f612e445700 R09: 00007f612e445700
[ 1138.005452][T24751] R10: 00007f612e4459d0 R11: 0000000000000202 R12: 0000000000000000
[ 1138.013406][T24751] R13: 00007ffe5afc537f R14: 00007f612e4459c0 R15: 000000000075c07c
[ 1138.022229][T24751] memory: usage 307176kB, limit 307200kB, failcnt 78156
[ 1138.029242][T24751] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1138.036241][T24751] Memory cgroup stats for /syz3:
[ 1138.036355][T24751] anon 291987456
[ 1138.036355][T24751] file 61440
[ 1138.036355][T24751] kernel_stack 2228224
[ 1138.036355][T24751] slab 8847360
[ 1138.036355][T24751] sock 0
[ 1138.036355][T24751] shmem 147456
[ 1138.036355][T24751] file_mapped 0
[ 1138.036355][T24751] file_dirty 0
[ 1138.036355][T24751] file_writeback 0
[ 1138.036355][T24751] anon_thp 278921216
[ 1138.036355][T24751] inactive_anon 135168
[ 1138.036355][T24751] active_anon 291987456
[ 1138.036355][T24751] inactive_file 0
07:51:19 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1138.036355][T24751] active_file 0
[ 1138.036355][T24751] unevictable 0
[ 1138.036355][T24751] slab_reclaimable 1892352
[ 1138.036355][T24751] slab_unreclaimable 6955008
[ 1138.036355][T24751] pgfault 114312
[ 1138.036355][T24751] pgmajfault 0
[ 1138.036355][T24751] workingset_refault 0
[ 1138.036355][T24751] workingset_activate 0
[ 1138.036355][T24751] workingset_nodereclaim 0
[ 1138.036355][T24751] pgrefill 26260
[ 1138.036355][T24751] pgscan 26283
[ 1138.036355][T24751] pgsteal 102
[ 1138.130236][T24751] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24665,uid=0
[ 1138.145765][T24751] Memory cgroup out of memory: Killed process 24665 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1138.167699][ T1071] oom_reaper: reaped process 24665 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:51:19 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x5)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)="53000000c659ca807737f400000001000000000000400000000040000000000000000000bfbbb18016410f67f8ed2fbda6599591076756fcb9ff7daf0bdd7cfa3d4ade61ccb14424af8c63ab6fd1845b0c90c78bf8059655", 0x58}], 0x2)

[ 1138.201261][   T26] audit: type=1800 audit(1573026679.378:132): pid=24884 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16931 res=0
07:51:19 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:19 executing program 0:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f000002eff0)={0x0, 0x0}, 0x10)

07:51:19 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:19 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r44, r43, 0x0, 0x2}, 0x10)
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1138.535633][T24898] FAT-fs (loop2): bogus number of reserved sectors
[ 1138.584970][T24898] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 1138.607889][T24965] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1138.619791][T24965] CPU: 1 PID: 24965 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1138.627684][T24965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1138.637742][T24965] Call Trace:
[ 1138.641058][T24965]  dump_stack+0x172/0x1f0
[ 1138.645395][T24965]  dump_header+0x10b/0x82d
[ 1138.649826][T24965]  oom_kill_process.cold+0x10/0x15
[ 1138.654947][T24965]  out_of_memory+0x334/0x1340
[ 1138.659659][T24965]  ? lock_downgrade+0x920/0x920
[ 1138.664539][T24965]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1138.670367][T24965]  ? oom_killer_disable+0x280/0x280
[ 1138.675584][T24965]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1138.681138][T24965]  ? memcg_stat_show+0xc40/0xc40
[ 1138.686078][T24965]  ? do_raw_spin_unlock+0x57/0x270
[ 1138.691192][T24965]  ? _raw_spin_unlock+0x2d/0x50
[ 1138.696052][T24965]  try_charge+0xf4b/0x1440
[ 1138.700468][T24965]  ? find_held_lock+0x35/0x130
[ 1138.705247][T24965]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1138.710798][T24965]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1138.716355][T24965]  ? find_held_lock+0x35/0x130
[ 1138.721214][T24965]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1138.726786][T24965]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1138.732335][T24965]  ? memcg_kmem_put_cache+0x50/0x50
[ 1138.737542][T24965]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1138.743100][T24965]  __memcg_kmem_charge+0x13a/0x3a0
[ 1138.748228][T24965]  __alloc_pages_nodemask+0x4f5/0x900
[ 1138.753610][T24965]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1138.759335][T24965]  ? ___might_sleep+0x163/0x2c0
[ 1138.764193][T24965]  ? copyin+0x100/0x150
[ 1138.768365][T24965]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1138.774620][T24965]  alloc_pages_current+0x107/0x210
[ 1138.779739][T24965]  pipe_write+0x66d/0xf40
[ 1138.784084][T24965]  new_sync_write+0x4d3/0x770
[ 1138.788769][T24965]  ? new_sync_read+0x800/0x800
[ 1138.793544][T24965]  ? common_file_perm+0x238/0x720
[ 1138.798573][T24965]  ? __fget+0x384/0x560
[ 1138.802739][T24965]  ? apparmor_file_permission+0x25/0x30
[ 1138.808294][T24965]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1138.814539][T24965]  ? security_file_permission+0x8f/0x380
[ 1138.820175][T24965]  __vfs_write+0xe1/0x110
[ 1138.824516][T24965]  vfs_write+0x268/0x5d0
[ 1138.828766][T24965]  ksys_write+0x14f/0x290
[ 1138.833100][T24965]  ? __ia32_sys_read+0xb0/0xb0
[ 1138.837875][T24965]  ? do_syscall_64+0x26/0x760
[ 1138.842557][T24965]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1138.848623][T24965]  ? do_syscall_64+0x26/0x760
[ 1138.853304][T24965]  __x64_sys_write+0x73/0xb0
[ 1138.857903][T24965]  do_syscall_64+0xfa/0x760
[ 1138.862414][T24965]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1138.868317][T24965] RIP: 0033:0x45a219
07:51:20 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x5000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:51:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$revoke(0x3, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r2, r0)
sendmsg$netlink(r3, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000019000)=[{&(0x7f00000008c0)=ANY=[@ANYPTR], 0x1}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x14}, 0x0)
recvmmsg(r1, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

[ 1138.872210][T24965] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1138.891813][T24965] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1138.900343][T24965] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1138.908324][T24965] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1138.916298][T24965] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1138.924272][T24965] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1138.932253][T24965] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1138.940390][T24965] memory: usage 307200kB, limit 307200kB, failcnt 78682
[ 1138.947369][T24965] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1138.954196][T24965] Memory cgroup stats for /syz3:
[ 1138.954292][T24965] anon 291958784
[ 1138.954292][T24965] file 61440
[ 1138.954292][T24965] kernel_stack 2228224
[ 1138.954292][T24965] slab 8847360
[ 1138.954292][T24965] sock 0
[ 1138.954292][T24965] shmem 147456
[ 1138.954292][T24965] file_mapped 0
[ 1138.954292][T24965] file_dirty 0
[ 1138.954292][T24965] file_writeback 0
[ 1138.954292][T24965] anon_thp 278921216
[ 1138.954292][T24965] inactive_anon 135168
[ 1138.954292][T24965] active_anon 291958784
[ 1138.954292][T24965] inactive_file 0
[ 1138.954292][T24965] active_file 0
[ 1138.954292][T24965] unevictable 0
[ 1138.954292][T24965] slab_reclaimable 1892352
[ 1138.954292][T24965] slab_unreclaimable 6955008
[ 1138.954292][T24965] pgfault 114411
[ 1138.954292][T24965] pgmajfault 0
[ 1138.954292][T24965] workingset_refault 0
[ 1138.954292][T24965] workingset_activate 0
[ 1138.954292][T24965] workingset_nodereclaim 0
[ 1138.954292][T24965] pgrefill 26260
[ 1138.954292][T24965] pgscan 26283
[ 1138.954292][T24965] pgsteal 102
[ 1139.047825][T24965] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24885,uid=0
[ 1139.063784][T24965] Memory cgroup out of memory: Killed process 24885 (syz-executor.3) total-vm:72848kB, anon-rss:12460kB, file-rss:35808kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1140.596139][ T1071] oom_reaper: reaped process 24885 (syz-executor.3), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB
[ 1140.619363][T24896] syz-executor.3 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000
[ 1140.631823][T24896] CPU: 0 PID: 24896 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1140.639699][T24896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1140.649829][T24896] Call Trace:
[ 1140.653113][T24896]  dump_stack+0x172/0x1f0
[ 1140.657431][T24896]  dump_header+0x10b/0x82d
[ 1140.661833][T24896]  oom_kill_process.cold+0x10/0x15
[ 1140.666976][T24896]  out_of_memory+0x334/0x1340
[ 1140.671651][T24896]  ? lock_downgrade+0x920/0x920
[ 1140.677097][T24896]  ? oom_killer_disable+0x280/0x280
[ 1140.682292][T24896]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1140.687845][T24896]  ? memcg_stat_show+0xc40/0xc40
[ 1140.692782][T24896]  ? do_raw_spin_unlock+0x57/0x270
[ 1140.697888][T24896]  ? _raw_spin_unlock+0x2d/0x50
[ 1140.702742][T24896]  try_charge+0xa2d/0x1440
[ 1140.707155][T24896]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1140.712698][T24896]  ? percpu_ref_tryget_live+0x111/0x290
[ 1140.718228][T24896]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1140.724453][T24896]  ? __kasan_check_read+0x11/0x20
[ 1140.729463][T24896]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1140.734995][T24896]  mem_cgroup_try_charge+0x136/0x590
[ 1140.740537][T24896]  __add_to_page_cache_locked+0x43f/0xec0
[ 1140.746239][T24896]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1140.752202][T24896]  ? __kasan_check_read+0x11/0x20
[ 1140.757213][T24896]  ? __filemap_set_wb_err+0x2b0/0x2b0
[ 1140.762563][T24896]  ? __alloc_pages_nodemask+0x653/0x900
[ 1140.768091][T24896]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1140.774313][T24896]  ? xas_start+0x166/0x560
[ 1140.778718][T24896]  ? shadow_lru_isolate+0x430/0x430
[ 1140.783902][T24896]  add_to_page_cache_lru+0x1d8/0x790
[ 1140.789172][T24896]  ? add_to_page_cache_locked+0x40/0x40
[ 1140.794712][T24896]  ? __page_cache_alloc+0x116/0x490
[ 1140.799894][T24896]  pagecache_get_page+0x3c6/0xa00
[ 1140.804905][T24896]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1140.810437][T24896]  grab_cache_page_write_begin+0x75/0xb0
[ 1140.816057][T24896]  ext4_da_write_begin+0x33b/0xc00
[ 1140.821158][T24896]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1140.827385][T24896]  ? ext4_write_begin+0xd80/0xd80
[ 1140.832491][T24896]  ? copyin+0x150/0x150
[ 1140.836633][T24896]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1140.842335][T24896]  ? ktime_get_coarse_real_ts64+0x1ba/0x2b0
[ 1140.848232][T24896]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1140.854469][T24896]  generic_perform_write+0x23b/0x540
[ 1140.859745][T24896]  ? timestamp_truncate+0x2f0/0x2f0
[ 1140.864943][T24896]  ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0
[ 1140.872999][T24896]  ? current_time+0x110/0x110
[ 1140.877670][T24896]  ? generic_write_check_limits.isra.0+0x270/0x270
[ 1140.884165][T24896]  ? aa_file_perm+0x40b/0xeb0
[ 1140.888832][T24896]  __generic_file_write_iter+0x25e/0x630
[ 1140.894455][T24896]  ext4_file_write_iter+0x317/0x13c0
[ 1140.899724][T24896]  ? __kasan_check_read+0x11/0x20
[ 1140.904744][T24896]  ? ext4_release_file+0x380/0x380
[ 1140.909842][T24896]  ? mark_lock+0xc2/0x1220
[ 1140.914244][T24896]  ? __kasan_check_read+0x11/0x20
[ 1140.919253][T24896]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1140.925492][T24896]  ? iov_iter_init+0xee/0x220
[ 1140.930172][T24896]  new_sync_write+0x4d3/0x770
[ 1140.934835][T24896]  ? new_sync_read+0x800/0x800
[ 1140.939593][T24896]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 1140.945736][T24896]  ? rcu_read_lock_bh_held+0xb0/0xb0
[ 1140.951027][T24896]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1140.957266][T24896]  __vfs_write+0xe1/0x110
[ 1140.961583][T24896]  vfs_write+0x268/0x5d0
[ 1140.965816][T24896]  ksys_write+0x14f/0x290
[ 1140.970248][T24896]  ? __ia32_sys_read+0xb0/0xb0
[ 1140.974994][T24896]  ? do_syscall_64+0x26/0x760
[ 1140.979655][T24896]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1140.985701][T24896]  ? do_syscall_64+0x26/0x760
[ 1140.990364][T24896]  __x64_sys_write+0x73/0xb0
[ 1140.994948][T24896]  do_syscall_64+0xfa/0x760
[ 1140.999433][T24896]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1141.005304][T24896] RIP: 0033:0x45a219
[ 1141.009180][T24896] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1141.028764][T24896] RSP: 002b:00007f612e486c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1141.037155][T24896] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1141.045117][T24896] RDX: 00000000000000f0 RSI: 0000000020000a40 RDI: 0000000000000005
[ 1141.053192][T24896] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1141.061158][T24896] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4876d4
[ 1141.069124][T24896] R13: 00000000004cab18 R14: 00000000004e2fb8 R15: 00000000ffffffff
[ 1141.077904][T24896] memory: usage 295852kB, limit 307200kB, failcnt 85114
[ 1141.085359][T24896] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1141.092397][T24896] Memory cgroup stats for /syz3:
[ 1141.093163][T24896] anon 280317952
[ 1141.093163][T24896] file 61440
[ 1141.093163][T24896] kernel_stack 2293760
[ 1141.093163][T24896] slab 8847360
[ 1141.093163][T24896] sock 0
[ 1141.093163][T24896] shmem 147456
[ 1141.093163][T24896] file_mapped 0
[ 1141.093163][T24896] file_dirty 0
[ 1141.093163][T24896] file_writeback 0
[ 1141.093163][T24896] anon_thp 266338304
[ 1141.093163][T24896] inactive_anon 135168
[ 1141.093163][T24896] active_anon 280317952
[ 1141.093163][T24896] inactive_file 0
[ 1141.093163][T24896] active_file 0
[ 1141.093163][T24896] unevictable 0
[ 1141.093163][T24896] slab_reclaimable 1892352
[ 1141.093163][T24896] slab_unreclaimable 6955008
[ 1141.093163][T24896] pgfault 114675
[ 1141.093163][T24896] pgmajfault 0
[ 1141.093163][T24896] workingset_refault 0
[ 1141.093163][T24896] workingset_activate 0
[ 1141.093163][T24896] workingset_nodereclaim 0
[ 1141.093163][T24896] pgrefill 26260
[ 1141.093163][T24896] pgscan 26283
[ 1141.093163][T24896] pgsteal 102
[ 1141.187275][T24896] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22828,uid=0
[ 1141.203408][T24896] Memory cgroup out of memory: Killed process 22828 (syz-executor.3) total-vm:73112kB, anon-rss:9472kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:151552kB oom_score_adj:1000
07:51:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:22 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r44, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:22 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1141.598201][   T26] audit: type=1800 audit(1573026682.778:133): pid=25095 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=17028 res=0
[ 1141.625032][T25066] FAT-fs (loop2): bogus number of reserved sectors
07:51:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1141.647564][T25066] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:22 executing program 0:
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000180)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {0x9, 0x0, 0x0, [], 0x6}, {0x4, 0x0, 0x7}, {0x1}, {0x5, 0x0, 0x9}, {0x5, 0x0, 0x3}, {0x3}, {0x80000001, 0x7}, {0x5, 0x0, 0x0, [], 0x81}, {}, {0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, [], 0x5}, {0x0, 0x0, 0x0, [], 0xa}, {0x0, 0x0, 0xda}, {}, {0x0, 0x0, 0x1ff}]}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
clock_getres(0x0, &(0x7f0000000000))
r3 = open(&(0x7f0000ba0000)='./file0\x00', 0x82dc, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:51:23 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1141.989323][T25165] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1142.001295][T25165] CPU: 1 PID: 25165 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1142.009186][T25165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1142.019232][T25165] Call Trace:
[ 1142.022543][T25165]  dump_stack+0x172/0x1f0
[ 1142.026896][T25165]  dump_header+0x10b/0x82d
[ 1142.031315][T25165]  oom_kill_process.cold+0x10/0x15
[ 1142.036425][T25165]  out_of_memory+0x334/0x1340
[ 1142.041100][T25165]  ? lock_downgrade+0x920/0x920
[ 1142.045948][T25165]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1142.051745][T25165]  ? oom_killer_disable+0x280/0x280
[ 1142.056985][T25165]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1142.062566][T25165]  ? memcg_stat_show+0xc40/0xc40
[ 1142.067523][T25165]  ? do_raw_spin_unlock+0x57/0x270
[ 1142.072653][T25165]  ? _raw_spin_unlock+0x2d/0x50
[ 1142.077508][T25165]  try_charge+0xf4b/0x1440
[ 1142.081916][T25165]  ? find_held_lock+0x35/0x130
[ 1142.086685][T25165]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1142.092222][T25165]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1142.097763][T25165]  ? find_held_lock+0x35/0x130
[ 1142.102519][T25165]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1142.108072][T25165]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1142.113612][T25165]  ? memcg_kmem_put_cache+0x50/0x50
[ 1142.118807][T25165]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1142.124355][T25165]  __memcg_kmem_charge+0x13a/0x3a0
[ 1142.129473][T25165]  __alloc_pages_nodemask+0x4f5/0x900
[ 1142.134854][T25165]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1142.140565][T25165]  ? ___might_sleep+0x163/0x2c0
[ 1142.145421][T25165]  ? copyin+0x100/0x150
[ 1142.149589][T25165]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1142.155847][T25165]  alloc_pages_current+0x107/0x210
[ 1142.160969][T25165]  pipe_write+0x66d/0xf40
[ 1142.165309][T25165]  new_sync_write+0x4d3/0x770
[ 1142.169985][T25165]  ? new_sync_read+0x800/0x800
[ 1142.174750][T25165]  ? common_file_perm+0x238/0x720
[ 1142.179766][T25165]  ? __fget+0x384/0x560
[ 1142.183923][T25165]  ? apparmor_file_permission+0x25/0x30
[ 1142.189464][T25165]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1142.195698][T25165]  ? security_file_permission+0x8f/0x380
[ 1142.201327][T25165]  __vfs_write+0xe1/0x110
[ 1142.205650][T25165]  vfs_write+0x268/0x5d0
[ 1142.209889][T25165]  ksys_write+0x14f/0x290
[ 1142.214213][T25165]  ? __ia32_sys_read+0xb0/0xb0
[ 1142.218973][T25165]  ? do_syscall_64+0x26/0x760
[ 1142.223644][T25165]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1142.229700][T25165]  ? do_syscall_64+0x26/0x760
[ 1142.235253][T25165]  __x64_sys_write+0x73/0xb0
[ 1142.239836][T25165]  do_syscall_64+0xfa/0x760
[ 1142.244334][T25165]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1142.250220][T25165] RIP: 0033:0x45a219
[ 1142.254110][T25165] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1142.273711][T25165] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1142.282116][T25165] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1142.290087][T25165] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1142.298050][T25165] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1142.306026][T25165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1142.313991][T25165] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1142.322160][T25165] memory: usage 307200kB, limit 307200kB, failcnt 85202
[ 1142.329173][T25165] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1142.336083][T25165] Memory cgroup stats for /syz3:
[ 1142.336186][T25165] anon 292073472
[ 1142.336186][T25165] file 61440
[ 1142.336186][T25165] kernel_stack 2293760
[ 1142.336186][T25165] slab 8986624
[ 1142.336186][T25165] sock 0
[ 1142.336186][T25165] shmem 147456
[ 1142.336186][T25165] file_mapped 0
[ 1142.336186][T25165] file_dirty 0
[ 1142.336186][T25165] file_writeback 0
[ 1142.336186][T25165] anon_thp 278921216
[ 1142.336186][T25165] inactive_anon 135168
[ 1142.336186][T25165] active_anon 292073472
[ 1142.336186][T25165] inactive_file 0
[ 1142.336186][T25165] active_file 0
[ 1142.336186][T25165] unevictable 0
[ 1142.336186][T25165] slab_reclaimable 1892352
[ 1142.336186][T25165] slab_unreclaimable 7094272
[ 1142.336186][T25165] pgfault 115401
[ 1142.336186][T25165] pgmajfault 0
[ 1142.336186][T25165] workingset_refault 0
[ 1142.336186][T25165] workingset_activate 0
[ 1142.336186][T25165] workingset_nodereclaim 0
[ 1142.336186][T25165] pgrefill 26260
[ 1142.336186][T25165] pgscan 26283
[ 1142.336186][T25165] pgsteal 102
[ 1142.434096][T25165] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25153,uid=0
[ 1142.449558][T25165] Memory cgroup out of memory: Killed process 25153 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1143.570071][ T1071] oom_reaper: reaped process 25153 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[ 1143.605393][T25165] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1143.617351][T25165] CPU: 1 PID: 25165 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1143.625244][T25165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1143.635299][T25165] Call Trace:
[ 1143.638580][T25165]  dump_stack+0x172/0x1f0
[ 1143.642916][T25165]  dump_header+0x10b/0x82d
[ 1143.647316][T25165]  oom_kill_process.cold+0x10/0x15
[ 1143.652518][T25165]  out_of_memory+0x334/0x1340
[ 1143.657180][T25165]  ? lock_downgrade+0x920/0x920
[ 1143.662038][T25165]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1143.667838][T25165]  ? oom_killer_disable+0x280/0x280
[ 1143.673025][T25165]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1143.678552][T25165]  ? memcg_stat_show+0xc40/0xc40
[ 1143.683475][T25165]  ? do_raw_spin_unlock+0x57/0x270
[ 1143.688573][T25165]  ? _raw_spin_unlock+0x2d/0x50
[ 1143.693408][T25165]  try_charge+0xf4b/0x1440
[ 1143.697807][T25165]  ? find_held_lock+0x35/0x130
[ 1143.702579][T25165]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1143.708107][T25165]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1143.713633][T25165]  ? find_held_lock+0x35/0x130
[ 1143.718381][T25165]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1143.723920][T25165]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1143.729450][T25165]  ? memcg_kmem_put_cache+0x50/0x50
[ 1143.734631][T25165]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1143.740174][T25165]  __memcg_kmem_charge+0x13a/0x3a0
[ 1143.745269][T25165]  __alloc_pages_nodemask+0x4f5/0x900
[ 1143.750624][T25165]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1143.756328][T25165]  ? ___might_sleep+0x163/0x2c0
[ 1143.761163][T25165]  ? copyin+0x100/0x150
[ 1143.765305][T25165]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1143.771534][T25165]  alloc_pages_current+0x107/0x210
[ 1143.776638][T25165]  pipe_write+0x66d/0xf40
[ 1143.780957][T25165]  new_sync_write+0x4d3/0x770
[ 1143.785619][T25165]  ? new_sync_read+0x800/0x800
[ 1143.790373][T25165]  ? common_file_perm+0x238/0x720
[ 1143.795385][T25165]  ? __fget+0x384/0x560
[ 1143.799525][T25165]  ? apparmor_file_permission+0x25/0x30
[ 1143.805053][T25165]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1143.811287][T25165]  ? security_file_permission+0x8f/0x380
[ 1143.816905][T25165]  __vfs_write+0xe1/0x110
[ 1143.821216][T25165]  vfs_write+0x268/0x5d0
[ 1143.825444][T25165]  ksys_write+0x14f/0x290
[ 1143.829757][T25165]  ? __ia32_sys_read+0xb0/0xb0
[ 1143.834508][T25165]  ? do_syscall_64+0x26/0x760
[ 1143.839169][T25165]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1143.845228][T25165]  ? do_syscall_64+0x26/0x760
[ 1143.849888][T25165]  __x64_sys_write+0x73/0xb0
[ 1143.854459][T25165]  do_syscall_64+0xfa/0x760
[ 1143.858950][T25165]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1143.864832][T25165] RIP: 0033:0x45a219
[ 1143.868711][T25165] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1143.888417][T25165] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1143.896818][T25165] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1143.904784][T25165] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1143.912744][T25165] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1143.920716][T25165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1143.928779][T25165] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1143.937007][T25165] memory: usage 295636kB, limit 307200kB, failcnt 89842
[ 1143.943938][T25165] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1143.950801][T25165] Memory cgroup stats for /syz3:
[ 1143.950905][T25165] anon 279433216
[ 1143.950905][T25165] file 61440
[ 1143.950905][T25165] kernel_stack 2293760
[ 1143.950905][T25165] slab 9678848
[ 1143.950905][T25165] sock 0
[ 1143.950905][T25165] shmem 147456
[ 1143.950905][T25165] file_mapped 0
[ 1143.950905][T25165] file_dirty 0
[ 1143.950905][T25165] file_writeback 0
[ 1143.950905][T25165] anon_thp 266338304
[ 1143.950905][T25165] inactive_anon 135168
[ 1143.950905][T25165] active_anon 279433216
[ 1143.950905][T25165] inactive_file 0
[ 1143.950905][T25165] active_file 106496
[ 1143.950905][T25165] unevictable 0
[ 1143.950905][T25165] slab_reclaimable 1892352
[ 1143.950905][T25165] slab_unreclaimable 7786496
[ 1143.950905][T25165] pgfault 115434
[ 1143.950905][T25165] pgmajfault 0
[ 1143.950905][T25165] workingset_refault 0
[ 1143.950905][T25165] workingset_activate 0
[ 1143.950905][T25165] workingset_nodereclaim 0
[ 1143.950905][T25165] pgrefill 28570
[ 1143.950905][T25165] pgscan 28593
[ 1143.950905][T25165] pgsteal 102
[ 1144.046104][T25165] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25156,uid=0
07:51:25 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1144.061575][T25165] Memory cgroup out of memory: Killed process 25157 (syz-executor.3) total-vm:73112kB, anon-rss:11464kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1144.165919][ T1071] oom_reaper: reaped process 25157 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:51:25 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1144.215409][T25209] FAT-fs (loop2): bogus number of reserved sectors
[ 1144.282614][T25209] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:25 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x6000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:25 executing program 0:
r0 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x238, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000110000000000000081006263736630000000000800000000000073697430000002000000ffff00000000626f6e64300000000000000000000000766574382d863573e35cea0000000000ffffffffffff0000000000000000000000000000000000000000d0000000d000000000010000766c616e000000ff03000000000000000000000000000000000000000000000008000000000000000100000000000100766c616e000000000000000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000001000000feffffff01000000030000000000000000006970365f76746930000000000000000073797a6b616c6c6572300000000000006263736630000000000000000000000076657468305f746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaaaa00000000000000007000000070000000a8000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fc0700ff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000"]}, 0x2b0)

07:51:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:51:25 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:25 executing program 0:
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @random="8c1b1069f01c", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

07:51:25 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:25 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
sendmsg$TIPC_NL_PUBL_GET(r43, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1144.742005][T25304] FAT-fs (loop2): bogus number of reserved sectors
07:51:25 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000)='\x00', 0x0)
r1 = dup(r0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
remap_file_pages(&(0x7f00001e3000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x100)
execveat(r1, 0x0, &(0x7f0000000140), 0x0, 0x1000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140))

[ 1144.784163][T25304] FAT-fs (loop2): Can't find a valid FAT filesystem
[ 1144.860155][   T26] audit: type=1800 audit(1573026686.038:134): pid=25314 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16542 res=0
07:51:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:26 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

07:51:26 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r43=>0xffffffffffffffff})
r44 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r44, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r45 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r45, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r46 = fcntl$dupfd(r45, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r46, 0x40042408, r43)
r47 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r47, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r48 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r48, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1145.258788][T25332] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[ 1145.270725][T25332] CPU: 0 PID: 25332 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1145.278617][T25332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1145.288675][T25332] Call Trace:
[ 1145.291960][T25332]  dump_stack+0x172/0x1f0
[ 1145.296292][T25332]  dump_header+0x10b/0x82d
[ 1145.300697][T25332]  oom_kill_process.cold+0x10/0x15
[ 1145.305796][T25332]  out_of_memory+0x334/0x1340
[ 1145.310461][T25332]  ? lock_downgrade+0x920/0x920
[ 1145.315302][T25332]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1145.321102][T25332]  ? oom_killer_disable+0x280/0x280
[ 1145.326291][T25332]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1145.331821][T25332]  ? memcg_stat_show+0xc40/0xc40
[ 1145.336755][T25332]  ? do_raw_spin_unlock+0x57/0x270
[ 1145.341866][T25332]  ? _raw_spin_unlock+0x2d/0x50
[ 1145.346716][T25332]  try_charge+0xf4b/0x1440
[ 1145.351118][T25332]  ? find_held_lock+0x35/0x130
[ 1145.355900][T25332]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1145.361454][T25332]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1145.367015][T25332]  ? find_held_lock+0x35/0x130
[ 1145.371800][T25332]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1145.377372][T25332]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1145.382925][T25332]  ? memcg_kmem_put_cache+0x50/0x50
[ 1145.388114][T25332]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1145.393646][T25332]  __memcg_kmem_charge+0x13a/0x3a0
[ 1145.398756][T25332]  __alloc_pages_nodemask+0x4f5/0x900
[ 1145.404126][T25332]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1145.409830][T25332]  ? ___might_sleep+0x163/0x2c0
[ 1145.414672][T25332]  ? copyin+0x100/0x150
[ 1145.418819][T25332]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1145.425046][T25332]  alloc_pages_current+0x107/0x210
[ 1145.430154][T25332]  pipe_write+0x66d/0xf40
[ 1145.434474][T25332]  new_sync_write+0x4d3/0x770
[ 1145.439136][T25332]  ? new_sync_read+0x800/0x800
[ 1145.443889][T25332]  ? common_file_perm+0x238/0x720
[ 1145.448913][T25332]  ? __fget+0x384/0x560
[ 1145.453067][T25332]  ? apparmor_file_permission+0x25/0x30
[ 1145.458719][T25332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1145.464947][T25332]  ? security_file_permission+0x8f/0x380
[ 1145.470567][T25332]  __vfs_write+0xe1/0x110
[ 1145.474881][T25332]  vfs_write+0x268/0x5d0
[ 1145.479116][T25332]  ksys_write+0x14f/0x290
[ 1145.483432][T25332]  ? __ia32_sys_read+0xb0/0xb0
[ 1145.488192][T25332]  ? do_syscall_64+0x26/0x760
[ 1145.492850][T25332]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1145.498899][T25332]  ? do_syscall_64+0x26/0x760
[ 1145.503564][T25332]  __x64_sys_write+0x73/0xb0
[ 1145.508148][T25332]  do_syscall_64+0xfa/0x760
[ 1145.512637][T25332]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1145.518510][T25332] RIP: 0033:0x45a219
[ 1145.522392][T25332] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1145.541979][T25332] RSP: 002b:00007f612e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1145.550384][T25332] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219
[ 1145.558338][T25332] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000004
[ 1145.566292][T25332] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1145.574246][T25332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4666d4
[ 1145.582201][T25332] R13: 00000000004c6cf5 R14: 00000000004e2238 R15: 00000000ffffffff
[ 1145.590373][T25332] memory: usage 307048kB, limit 307200kB, failcnt 89864
[ 1145.597499][T25332] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1145.604366][T25332] Memory cgroup stats for /syz3:
[ 1145.604481][T25332] anon 291295232
[ 1145.604481][T25332] file 61440
[ 1145.604481][T25332] kernel_stack 2228224
[ 1145.604481][T25332] slab 9678848
[ 1145.604481][T25332] sock 0
[ 1145.604481][T25332] shmem 147456
[ 1145.604481][T25332] file_mapped 0
[ 1145.604481][T25332] file_dirty 0
[ 1145.604481][T25332] file_writeback 0
[ 1145.604481][T25332] anon_thp 278921216
[ 1145.604481][T25332] inactive_anon 135168
[ 1145.604481][T25332] active_anon 291295232
[ 1145.604481][T25332] inactive_file 0
[ 1145.604481][T25332] active_file 106496
[ 1145.604481][T25332] unevictable 0
[ 1145.604481][T25332] slab_reclaimable 1892352
[ 1145.604481][T25332] slab_unreclaimable 7786496
[ 1145.604481][T25332] pgfault 115830
[ 1145.604481][T25332] pgmajfault 0
[ 1145.604481][T25332] workingset_refault 0
[ 1145.604481][T25332] workingset_activate 0
[ 1145.604481][T25332] workingset_nodereclaim 0
[ 1145.604481][T25332] pgrefill 28570
[ 1145.604481][T25332] pgscan 28593
[ 1145.604481][T25332] pgsteal 102
[ 1145.699674][T25332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25325,uid=0
[ 1145.699772][T25332] Memory cgroup out of memory: Killed process 25325 (syz-executor.3) total-vm:72980kB, anon-rss:12468kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1145.749723][ T1071] oom_reaper: reaped process 25325 (syz-executor.3), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
07:51:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1145.783698][   T26] audit: type=1800 audit(1573026686.958:135): pid=25342 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16592 res=0
[ 1145.838669][T25338] FAT-fs (loop2): bogus number of reserved sectors
[ 1145.905211][T25338] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:27 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x7000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:51:27 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1146.208807][T25365] FAT-fs (loop2): bogus number of reserved sectors
[ 1146.247030][T25365] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:27 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0))
r43 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r43, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r44 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r44, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
fcntl$dupfd(r44, 0x605, 0xffffffffffffffff)
r45 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r45, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r46 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r46, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

07:51:27 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

[ 1146.339581][   T26] audit: type=1800 audit(1573026687.518:136): pid=25369 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16617 res=0
[ 1146.423212][ T8735] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1146.491681][ T8735] CPU: 0 PID: 8735 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1146.499530][ T8735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1146.509586][ T8735] Call Trace:
[ 1146.512882][ T8735]  dump_stack+0x172/0x1f0
[ 1146.517220][ T8735]  dump_header+0x10b/0x82d
[ 1146.521640][ T8735]  ? oom_kill_process+0x94/0x3f0
[ 1146.526579][ T8735]  oom_kill_process.cold+0x10/0x15
[ 1146.531698][ T8735]  out_of_memory+0x334/0x1340
[ 1146.536410][ T8735]  ? lock_downgrade+0x920/0x920
[ 1146.541272][ T8735]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1146.547123][ T8735]  ? oom_killer_disable+0x280/0x280
[ 1146.552341][ T8735]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1146.557890][ T8735]  ? memcg_stat_show+0xc40/0xc40
[ 1146.562837][ T8735]  ? do_raw_spin_unlock+0x57/0x270
[ 1146.567952][ T8735]  ? _raw_spin_unlock+0x2d/0x50
[ 1146.572811][ T8735]  try_charge+0xf4b/0x1440
[ 1146.577232][ T8735]  ? find_held_lock+0x35/0x130
[ 1146.582007][ T8735]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1146.587561][ T8735]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1146.593113][ T8735]  ? find_held_lock+0x35/0x130
[ 1146.597882][ T8735]  ? get_mem_cgroup_from_mm+0x139/0x320
[ 1146.603438][ T8735]  __memcg_kmem_charge_memcg+0x7c/0x130
[ 1146.609003][ T8735]  ? memcg_kmem_put_cache+0x50/0x50
[ 1146.614212][ T8735]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1146.619792][ T8735]  __memcg_kmem_charge+0x13a/0x3a0
[ 1146.624911][ T8735]  __alloc_pages_nodemask+0x4f5/0x900
[ 1146.630280][ T8735]  ? __alloc_pages_slowpath+0x2920/0x2920
[ 1146.636002][ T8735]  ? lock_downgrade+0x920/0x920
[ 1146.640869][ T8735]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1146.647118][ T8735]  alloc_pages_current+0x107/0x210
[ 1146.652239][ T8735]  __pmd_alloc+0x41/0x460
[ 1146.656564][ T8735]  ? pud_alloc+0xbd/0x150
[ 1146.660878][ T8735]  copy_page_range+0x17d0/0x2430
[ 1146.665799][ T8735]  ? percpu_ref_put_many+0x94/0x190
[ 1146.670985][ T8735]  ? dup_mm+0x7cd/0x1430
[ 1146.675213][ T8735]  ? dup_mm+0x7cd/0x1430
[ 1146.679441][ T8735]  ? __pmd_alloc+0x460/0x460
[ 1146.684012][ T8735]  ? __rb_insert_augmented+0x20c/0xd90
[ 1146.689458][ T8735]  ? validate_mm_rb+0xa3/0xc0
[ 1146.694117][ T8735]  ? __vma_link_rb+0x5ad/0x770
[ 1146.698870][ T8735]  dup_mm+0xa67/0x1430
[ 1146.702929][ T8735]  ? vm_area_dup+0x170/0x170
[ 1146.707516][ T8735]  ? debug_mutex_init+0x2d/0x60
[ 1146.712355][ T8735]  copy_process+0x26c5/0x6860
[ 1146.717023][ T8735]  ? __cleanup_sighand+0x60/0x60
[ 1146.721943][ T8735]  ? find_held_lock+0x35/0x130
[ 1146.726700][ T8735]  _do_fork+0x146/0xfa0
[ 1146.730841][ T8735]  ? copy_init_mm+0x20/0x20
[ 1146.735331][ T8735]  ? __kasan_check_read+0x11/0x20
[ 1146.740335][ T8735]  ? _copy_to_user+0x118/0x160
[ 1146.745081][ T8735]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1146.751303][ T8735]  ? put_timespec64+0xda/0x140
[ 1146.756054][ T8735]  __x64_sys_clone+0x18d/0x250
[ 1146.760799][ T8735]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1146.765633][ T8735]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1146.770898][ T8735]  ? trace_hardirqs_on+0x67/0x240
[ 1146.775906][ T8735]  do_syscall_64+0xfa/0x760
[ 1146.780397][ T8735]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1146.786271][ T8735] RIP: 0033:0x4587ea
[ 1146.790149][ T8735] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1146.809753][ T8735] RSP: 002b:00007ffe5afc5560 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1146.818145][ T8735] RAX: ffffffffffffffda RBX: 00007ffe5afc5560 RCX: 00000000004587ea
[ 1146.826100][ T8735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1146.834060][ T8735] RBP: 00007ffe5afc55a0 R08: 0000000000000001 R09: 000000000248d940
07:51:27 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1146.842021][ T8735] R10: 000000000248dc10 R11: 0000000000000246 R12: 0000000000000001
[ 1146.849976][ T8735] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe5afc55f0
[ 1146.863655][   T26] audit: type=1800 audit(1573026688.038:137): pid=25480 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16741 res=0
[ 1146.864101][T25432] FAT-fs (loop2): bogus number of reserved sectors
[ 1146.917812][T25432] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:28 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1146.983003][ T8735] memory: usage 307200kB, limit 307200kB, failcnt 90002
[ 1146.992078][ T8735] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1147.003664][ T8735] Memory cgroup stats for /syz3:
[ 1147.003775][ T8735] anon 291508224
[ 1147.003775][ T8735] file 61440
[ 1147.003775][ T8735] kernel_stack 2162688
[ 1147.003775][ T8735] slab 9678848
[ 1147.003775][ T8735] sock 0
[ 1147.003775][ T8735] shmem 147456
[ 1147.003775][ T8735] file_mapped 0
[ 1147.003775][ T8735] file_dirty 0
[ 1147.003775][ T8735] file_writeback 0
[ 1147.003775][ T8735] anon_thp 278921216
[ 1147.003775][ T8735] inactive_anon 135168
[ 1147.003775][ T8735] active_anon 291508224
[ 1147.003775][ T8735] inactive_file 0
[ 1147.003775][ T8735] active_file 106496
[ 1147.003775][ T8735] unevictable 0
[ 1147.003775][ T8735] slab_reclaimable 1892352
[ 1147.003775][ T8735] slab_unreclaimable 7786496
[ 1147.003775][ T8735] pgfault 115995
[ 1147.003775][ T8735] pgmajfault 0
[ 1147.003775][ T8735] workingset_refault 0
[ 1147.003775][ T8735] workingset_activate 0
[ 1147.003775][ T8735] workingset_nodereclaim 0
[ 1147.003775][ T8735] pgrefill 28570
[ 1147.003775][ T8735] pgscan 28593
[ 1147.003775][ T8735] pgsteal 102
[ 1147.013233][ T8735] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25363,uid=0
[ 1147.124919][ T8735] Memory cgroup out of memory: Killed process 25363 (syz-executor.3) total-vm:72848kB, anon-rss:12656kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1147.178861][T25486] FAT-fs (loop2): bogus number of reserved sectors
[ 1147.206642][T25486] FAT-fs (loop2): Can't find a valid FAT filesystem
07:51:28 executing program 0:
syz_emit_ethernet(0x66, &(0x7f00000006c0)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0xffffff3a, 0x0, @remote, @mcast2, {[], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @dev, @local}}}}}}}, 0x0)

07:51:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:51:28 executing program 4:
socketpair(0x29, 0x5, 0x0, &(0x7f0000002980)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
clone3(&(0x7f00000026c0)={0x11040a00, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640), 0x3d, 0x0, &(0x7f0000001680)=""/18, 0x12, &(0x7f00000016c0)=""/4096}, 0x40)
getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002700), &(0x7f0000002740)=0xc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r1, 0xffffffffffffffff, 0x0, 0x2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000002780))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r6 = dup2(r5, r5)
setsockopt$inet6_tcp_int(r6, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r6, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000380)=<r7=>0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r8, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000008c0)={r7, 0x0, r9}, 0xc)
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r12, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r13 = fcntl$dupfd(r12, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r13, 0x40042408, r10)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x20000010)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r11, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r11, r10, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000a40)=<r14=>0x0)
syz_open_procfs(r14, &(0x7f0000000600)='W\xee\xaa')
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800))
r15 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r15, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r16 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r17 = dup2(r16, r16)
setsockopt$inet6_tcp_int(r17, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r17, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r17, 0x540f, &(0x7f0000000380)=<r18=>0x0)
r19 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r19, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
setsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f00000008c0)={r18, 0x0, r20}, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r21=>0xffffffffffffffff})
r22 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r23 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r23, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r24 = fcntl$dupfd(r23, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r24, 0x40042408, r21)
sendmsg$TIPC_NL_PUBL_GET(r21, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r22, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r22, r21, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r21, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f0000000ac0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
r26 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r26, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r27 = fcntl$dupfd(r26, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r27, 0x40042408, r25)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r28=>0xffffffffffffffff})
r29 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r30 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r30, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r31 = fcntl$dupfd(r30, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r31, 0x40042408, r28)
sendmsg$TIPC_NL_PUBL_GET(r28, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r29, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r29, r28, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r28, 0x5429, &(0x7f0000000a40))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r32=>0xffffffffffffffff})
r33 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r34 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r34, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r35 = fcntl$dupfd(r34, 0x605, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_SET_BPF(r35, 0x40042408, r32)
sendmsg$TIPC_NL_PUBL_GET(r32, &(0x7f0000001940)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r33, 0xffffffffffffffff, 0x40000000000000b, 0x1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000008c0)={r33, r32, 0x0, 0x2}, 0x10)
ioctl$TIOCGSID(r32, 0x5429, &(0x7f0000000a40)=<r36=>0x0)
syz_open_procfs(r36, &(0x7f0000000600)='W\xee\xaa')
r37 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r37, 0x1000008912, &(0x7f00000000c0)="0800a1695e0bcfe87b0071")
r38 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r39 = dup2(r38, r38)
setsockopt$inet6_tcp_int(r39, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
getsockopt$sock_int(r39, 0x1, 0x21, &(0x7f00000001c0), &(0x7f00000007c0)=0x4)
ioctl$TIOCGPGRP(r39, 0x540f, &(0x7f0000000380)=<r40=>0x0)
r41 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fstat(r41, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0})
setsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f00000008c0)={r40, 0x0, r42}, 0xc)
pipe(&(0x7f0000000ac0))
r43 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
openat$cgroup_int(r43, &(0x7f0000000380)='cpuset.mems\x00', 0x2, 0x0)
r44 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r44, 0x100000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\xff\x01\x00P\xe0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x60, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r45 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r45, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
r46 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r46, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

[ 1147.263402][   T26] audit: type=1800 audit(1573026688.438:138): pid=25486 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16601 res=0
07:51:28 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r3, &(0x7f0000000a40)=ANY=[@ANYBLOB="23024089d3f495ffcf5a9abfbe726ff1a83dd858d2540c7e90d409ad18d9903b6e9f171b9593753c1c867bc78c205d9b750d3dc268a1e10cd0109e7a3731d57d999c70c9787b744edc5bef1c14f46d94ba60e841f95ef82bfbbb2ec794f96ea6ac69cdb9f22a612b674217a52b411cf3c9133f7651da5ca733de2ad55771b24c32f7c4625751083a544e2ed52767eee236066055727b3448f7c43758cf9725352da96697fad646eaff8be47e68ced624ccc39405cd27922170b8c56fbd09ab28e1442bc7d5dae35d8fb4fe581991e28907dfbdf591d2cfa31e662c3f58574d78dc25c9714fbfaff6fd705ad79e1df4fc"], 0xf0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb9a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r3)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000804, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

07:51:28 executing program 2:
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x1000014, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)

[ 1147.598868][T25514] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1147.609254][T25514] CPU: 1 PID: 25514 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1147.617149][T25514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1147.627198][T25514] Call Trace:
[ 1147.630496][T25514]  dump_stack+0x172/0x1f0
[ 1147.634825][T25514]  dump_header+0x10b/0x82d
[ 1147.639234][T25514]  oom_kill_process.cold+0x10/0x15
[ 1147.644343][T25514]  out_of_memory+0x334/0x1340
07:51:28 executing program 1:
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00002, 0x0, 0x0, 0x8000000, 0x2000000000002)
syz_open_dev$cec(0x0, 0x0, 0x2)

07:51:28 executing program 0:
bind$unix(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
clock_adjtime(0x0, &(0x7f0000000340))

07:51:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x299}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1147.649027][T25514]  ? lock_downgrade+0x920/0x920
[ 1147.653887][T25514]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1147.659687][T25514]  ? oom_killer_disable+0x280/0x280
[ 1147.659712][T25514]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1147.659726][T25514]  ? memcg_stat_show+0xc40/0xc40
[ 1147.659748][T25514]  ? do_raw_spin_unlock+0x57/0x270
[ 1147.680507][T25514]  ? _raw_spin_unlock+0x2d/0x50
[ 1147.685369][T25514]  try_charge+0xf4b/0x1440
[ 1147.689782][T25514]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1147.695309][T25514]  ? percpu_ref_tryget_live+0x111/0x290
[ 1147.700840][T25514]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1147.707079][T25514]  ? __kasan_check_read+0x11/0x20
[ 1147.712086][T25514]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1147.717629][T25514]  mem_cgroup_try_charge+0x136/0x590
[ 1147.722904][T25514]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1147.728620][T25514]  wp_page_copy+0x407/0x1860
[ 1147.733202][T25514]  ? find_held_lock+0x35/0x130
[ 1147.737950][T25514]  ? do_wp_page+0x53b/0x15c0
[ 1147.742525][T25514]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1147.748322][T25514]  ? lock_downgrade+0x920/0x920
[ 1147.753156][T25514]  ? vm_normal_page+0x15d/0x3c0
[ 1147.757990][T25514]  ? __pte_alloc_kernel+0x210/0x210
[ 1147.763169][T25514]  ? __kasan_check_read+0x11/0x20
[ 1147.768176][T25514]  ? do_raw_spin_unlock+0x57/0x270
[ 1147.773269][T25514]  do_wp_page+0x543/0x15c0
[ 1147.782875][T25514]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1147.787881][T25514]  ? lock_acquire+0x190/0x410
[ 1147.792543][T25514]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1147.797903][T25514]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1147.803618][T25514]  __handle_mm_fault+0x23ec/0x4040
[ 1147.808718][T25514]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1147.814244][T25514]  ? handle_mm_fault+0x292/0xaa0
[ 1147.819169][T25514]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1147.825389][T25514]  ? __kasan_check_read+0x11/0x20
[ 1147.830403][T25514]  handle_mm_fault+0x3b7/0xaa0
[ 1147.835150][T25514]  __do_page_fault+0x536/0xdd0
[ 1147.839898][T25514]  do_page_fault+0x38/0x590
[ 1147.844384][T25514]  page_fault+0x39/0x40
[ 1147.848522][T25514] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1147.855089][T25514] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1147.874683][T25514] RSP: 0018:ffff88804a0cfab8 EFLAGS: 00010206
[ 1147.880740][T25514] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1147.888704][T25514] RDX: 0000000000001000 RSI: ffff8880a8ba6b00 RDI: 00000000209b1000
[ 1147.896745][T25514] RBP: ffff88804a0cfaf0 R08: ffffed1015174e00 R09: 0000000000000000
[ 1147.904700][T25514] R10: ffffed1015174dff R11: ffff8880a8ba6fff R12: 00000000209b0500
[ 1147.912668][T25514] R13: ffff8880a8ba6000 R14: 00000000209b1500 R15: 00007ffffffff000
[ 1147.920657][T25514]  ? copyout+0x12d/0x150
[ 1147.924894][T25514]  copy_page_to_iter+0x3de/0xda0
[ 1147.929904][T25514]  ? kill_fasync+0x323/0x4a0
[ 1147.934485][T25514]  pipe_to_user+0xb4/0x170
[ 1147.938889][T25514]  __splice_from_pipe+0x397/0x7d0
[ 1147.943906][T25514]  ? iter_to_pipe+0x560/0x560
[ 1147.948577][T25514]  do_vmsplice.part.0+0x249/0x2b0
[ 1147.953591][T25514]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1147.958774][T25514]  ? import_iovec+0x267/0x410
[ 1147.963439][T25514]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1147.969672][T25514]  __do_sys_vmsplice+0x1bc/0x210
[ 1147.974594][T25514]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1147.979778][T25514]  ? __kasan_check_read+0x11/0x20
[ 1147.984791][T25514]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1147.991015][T25514]  ? put_timespec64+0xda/0x140
[ 1147.995764][T25514]  ? nsecs_to_jiffies+0x30/0x30
[ 1148.000616][T25514]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1148.006057][T25514]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1148.011533][T25514]  ? do_syscall_64+0x26/0x760
[ 1148.016193][T25514]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1148.022241][T25514]  ? do_syscall_64+0x26/0x760
[ 1148.026914][T25514]  __x64_sys_vmsplice+0x97/0xf0
[ 1148.031746][T25514]  do_syscall_64+0xfa/0x760
[ 1148.036232][T25514]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1148.042103][T25514] RIP: 0033:0x45a219
[ 1148.045980][T25514] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1148.065582][T25514] RSP: 002b:00007f612e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1148.073976][T25514] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1148.081938][T25514] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1148.089896][T25514] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1148.097858][T25514] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4456d4
[ 1148.105808][T25514] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff
[ 1148.115258][T25514] memory: usage 307200kB, limit 307200kB, failcnt 90084
[ 1148.122227][T25514] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1148.129136][T25514] Memory cgroup stats for /syz3:
[ 1148.130245][T25514] anon 291115008
[ 1148.130245][T25514] file 61440
[ 1148.130245][T25514] kernel_stack 2293760
[ 1148.130245][T25514] slab 9678848
[ 1148.130245][T25514] sock 0
[ 1148.130245][T25514] shmem 147456
[ 1148.130245][T25514] file_mapped 0
[ 1148.130245][T25514] file_dirty 0
[ 1148.130245][T25514] file_writeback 0
[ 1148.130245][T25514] anon_thp 276824064
[ 1148.130245][T25514] inactive_anon 135168
[ 1148.130245][T25514] active_anon 291115008
[ 1148.130245][T25514] inactive_file 0
[ 1148.130245][T25514] active_file 106496
[ 1148.130245][T25514] unevictable 0
[ 1148.130245][T25514] slab_reclaimable 1892352
[ 1148.130245][T25514] slab_unreclaimable 7786496
[ 1148.130245][T25514] pgfault 116556
[ 1148.130245][T25514] pgmajfault 0
[ 1148.130245][T25514] workingset_refault 0
[ 1148.130245][T25514] workingset_activate 0
[ 1148.130245][T25514] workingset_nodereclaim 0
[ 1148.130245][T25514] pgrefill 28570
[ 1148.130245][T25514] pgscan 28593
[ 1148.130245][T25514] pgsteal 102
[ 1148.224268][T25514] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25339,uid=0
[ 1148.224376][T25514] Memory cgroup out of memory: Killed process 25339 (syz-executor.3) total-vm:72848kB, anon-rss:11056kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[ 1253.134778][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1253.141660][    C1] rcu: 	1-...!: (1 GPs behind) idle=87e/1/0x4000000000000002 softirq=89456/89457 fqs=0 
[ 1253.151913][    C1] 	(t=10500 jiffies g=160137 q=228)
[ 1253.157213][    C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g160137 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1253.168498][    C1] rcu: RCU grace-period kthread stack dump:
[ 1253.174385][    C1] rcu_preempt     R  running task    28944    10      2 0x80004000
[ 1253.182283][    C1] Call Trace:
[ 1253.185576][    C1]  __schedule+0x94f/0x1e70
[ 1253.189997][    C1]  ? __sched_text_start+0x8/0x8
[ 1253.194859][    C1]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1253.200667][    C1]  ? schedule_timeout+0x47c/0xc50
[ 1253.205688][    C1]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1253.210973][    C1]  schedule+0xd9/0x260
[ 1253.215039][    C1]  schedule_timeout+0x486/0xc50
[ 1253.219994][    C1]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1253.225798][    C1]  ? usleep_range+0x170/0x170
[ 1253.230474][    C1]  ? trace_hardirqs_on+0x67/0x240
[ 1253.235495][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.240518][    C1]  ? __next_timer_interrupt+0x1a0/0x1a0
[ 1253.246069][    C1]  ? swake_up_one+0x60/0x60
[ 1253.250576][    C1]  rcu_gp_kthread+0x9b2/0x18d0
[ 1253.255339][    C1]  ? rcu_barrier+0x350/0x350
[ 1253.259923][    C1]  ? trace_hardirqs_on+0x67/0x240
[ 1253.264952][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.269983][    C1]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1253.276218][    C1]  ? __kthread_parkme+0x108/0x1c0
[ 1253.281234][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.286255][    C1]  kthread+0x361/0x430
[ 1253.290319][    C1]  ? rcu_barrier+0x350/0x350
[ 1253.294905][    C1]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[ 1253.300626][    C1]  ret_from_fork+0x24/0x30
[ 1253.305055][    C1] NMI backtrace for cpu 1
[ 1253.309382][    C1] CPU: 1 PID: 25514 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
[ 1253.317263][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1253.327307][    C1] Call Trace:
[ 1253.330586][    C1]  <IRQ>
[ 1253.333439][    C1]  dump_stack+0x172/0x1f0
[ 1253.337773][    C1]  nmi_cpu_backtrace.cold+0x70/0xb2
[ 1253.342975][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.349231][    C1]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[ 1253.354860][    C1]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[ 1253.360840][    C1]  arch_trigger_cpumask_backtrace+0x14/0x20
[ 1253.366823][    C1]  rcu_dump_cpu_stacks+0x183/0x1cf
[ 1253.371944][    C1]  rcu_sched_clock_irq.cold+0x4fd/0xc12
[ 1253.377493][    C1]  ? raise_softirq+0x138/0x340
[ 1253.382693][    C1]  update_process_times+0x2d/0x70
[ 1253.387716][    C1]  tick_sched_handle+0xa2/0x190
[ 1253.392563][    C1]  tick_sched_timer+0x53/0x140
[ 1253.397335][    C1]  __hrtimer_run_queues+0x364/0xe40
[ 1253.402532][    C1]  ? tick_sched_do_timer+0x1b0/0x1b0
[ 1253.407817][    C1]  ? hrtimer_init+0x330/0x330
[ 1253.412493][    C1]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1253.418209][    C1]  ? ktime_get_update_offsets_now+0x2d3/0x440
[ 1253.424283][    C1]  hrtimer_interrupt+0x314/0x770
[ 1253.429235][    C1]  smp_apic_timer_interrupt+0x160/0x610
[ 1253.434780][    C1]  apic_timer_interrupt+0xf/0x20
[ 1253.439707][    C1]  </IRQ>
[ 1253.442646][    C1] RIP: 0010:lock_acquire+0x20b/0x410
[ 1253.450796][    C1] Code: 94 08 00 00 00 00 00 00 48 c1 e8 03 80 3c 10 00 0f 85 d3 01 00 00 48 83 3d c1 cd 99 07 00 0f 84 53 01 00 00 48 8b 7d c8 57 9d <0f> 1f 44 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 65 8b
[ 1253.470414][    C1] RSP: 0018:ffff88804a0cf040 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 1253.478848][    C1] RAX: 1ffffffff11e63bc RBX: ffff888093bf4440 RCX: ffffffff81590382
[ 1253.486820][    C1] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: 0000000000000282
[ 1253.494808][    C1] RBP: ffff88804a0cf088 R08: 0000000000002872 R09: fffffbfff14efd5b
[ 1253.502781][    C1] R10: ffff888093bf4d28 R11: ffff888093bf4440 R12: ffff8880642483c8
[ 1253.510885][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1253.518888][    C1]  ? __lock_acquire+0x16f2/0x4a00
[ 1253.523935][    C1]  _raw_spin_lock+0x2f/0x40
[ 1253.528435][    C1]  ? vmpressure+0x1bf/0x350
[ 1253.532936][    C1]  vmpressure+0x1bf/0x350
[ 1253.537790][    C1]  vmpressure_prio+0x44/0x50
[ 1253.542379][    C1]  do_try_to_free_pages+0x202/0x11f0
[ 1253.547695][    C1]  ? shrink_node+0x14b0/0x14b0
[ 1253.552458][    C1]  ? _raw_spin_unlock_irq+0x5e/0x90
[ 1253.557658][    C1]  try_to_free_mem_cgroup_pages+0x314/0xa80
[ 1253.563557][    C1]  ? try_to_free_pages+0x980/0x980
[ 1253.568667][    C1]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1253.574468][    C1]  ? cgroup_file_notify+0x140/0x1b0
[ 1253.579664][    C1]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1253.585647][    C1]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1253.591451][    C1]  ? cgroup_file_notify+0x140/0x1b0
[ 1253.596648][    C1]  try_charge+0x602/0x1440
[ 1253.601067][    C1]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1253.606609][    C1]  ? percpu_ref_tryget_live+0x111/0x290
[ 1253.612154][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.618394][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.623417][    C1]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1253.628973][    C1]  mem_cgroup_try_charge+0x136/0x590
[ 1253.634276][    C1]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1253.639911][    C1]  wp_page_copy+0x407/0x1860
[ 1253.644502][    C1]  ? find_held_lock+0x35/0x130
[ 1253.649261][    C1]  ? do_wp_page+0x53b/0x15c0
[ 1253.653850][    C1]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1253.659665][    C1]  ? lock_downgrade+0x920/0x920
[ 1253.664517][    C1]  ? vm_normal_page+0x15d/0x3c0
[ 1253.669370][    C1]  ? __pte_alloc_kernel+0x210/0x210
[ 1253.674569][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.679591][    C1]  ? do_raw_spin_unlock+0x57/0x270
[ 1253.684705][    C1]  do_wp_page+0x543/0x15c0
[ 1253.689123][    C1]  ? do_raw_spin_lock+0x12a/0x2e0
[ 1253.694150][    C1]  ? lock_acquire+0x190/0x410
[ 1253.698824][    C1]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1253.704195][    C1]  ? add_mm_counter_fast.part.0+0x40/0x40
[ 1253.709919][    C1]  __handle_mm_fault+0x23ec/0x4040
[ 1253.715030][    C1]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1253.720583][    C1]  ? handle_mm_fault+0x292/0xaa0
[ 1253.725531][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.731768][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.736795][    C1]  handle_mm_fault+0x3b7/0xaa0
[ 1253.741559][    C1]  __do_page_fault+0x536/0xdd0
[ 1253.746332][    C1]  do_page_fault+0x38/0x590
[ 1253.751441][    C1]  page_fault+0x39/0x40
[ 1253.755593][    C1] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30
[ 1253.762182][    C1] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
[ 1253.781782][    C1] RSP: 0018:ffff88804a0cfab8 EFLAGS: 00010206
[ 1253.787844][    C1] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[ 1253.795807][    C1] RDX: 0000000000001000 RSI: ffff8880a8ba6b00 RDI: 00000000209b1000
[ 1253.803774][    C1] RBP: ffff88804a0cfaf0 R08: ffffed1015174e00 R09: 0000000000000000
[ 1253.811737][    C1] R10: ffffed1015174dff R11: ffff8880a8ba6fff R12: 00000000209b0500
[ 1253.819699][    C1] R13: ffff8880a8ba6000 R14: 00000000209b1500 R15: 00007ffffffff000
[ 1253.827696][    C1]  ? copyout+0x12d/0x150
[ 1253.831940][    C1]  copy_page_to_iter+0x3de/0xda0
[ 1253.836875][    C1]  ? kill_fasync+0x323/0x4a0
[ 1253.841470][    C1]  pipe_to_user+0xb4/0x170
[ 1253.845889][    C1]  __splice_from_pipe+0x397/0x7d0
[ 1253.850910][    C1]  ? iter_to_pipe+0x560/0x560
[ 1253.855592][    C1]  do_vmsplice.part.0+0x249/0x2b0
[ 1253.860615][    C1]  ? __splice_from_pipe+0x7d0/0x7d0
[ 1253.865808][    C1]  ? import_iovec+0x267/0x410
[ 1253.870491][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.876730][    C1]  __do_sys_vmsplice+0x1bc/0x210
[ 1253.881669][    C1]  ? do_vmsplice.part.0+0x2b0/0x2b0
[ 1253.886880][    C1]  ? __kasan_check_read+0x11/0x20
[ 1253.891922][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1253.898171][    C1]  ? put_timespec64+0xda/0x140
[ 1253.902942][    C1]  ? nsecs_to_jiffies+0x30/0x30
[ 1253.907804][    C1]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1253.913261][    C1]  ? trace_hardirqs_on_thunk+0x1a/0x20
[ 1253.918720][    C1]  ? do_syscall_64+0x26/0x760
[ 1253.923392][    C1]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1253.929457][    C1]  ? do_syscall_64+0x26/0x760
[ 1253.934140][    C1]  __x64_sys_vmsplice+0x97/0xf0
[ 1253.938995][    C1]  do_syscall_64+0xfa/0x760
[ 1253.943499][    C1]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1253.949387][    C1] RIP: 0033:0x45a219
[ 1253.953276][    C1] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1253.972876][    C1] RSP: 002b:00007f612e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1253.981302][    C1] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
[ 1253.989268][    C1] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 1253.997235][    C1] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1254.005210][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f612e4456d4
[ 1254.013185][    C1] R13: 00000000004ca1a4 R14: 00000000004e21c0 R15: 00000000ffffffff