19][ T8647] active_file 0 [ 1172.753019][ T8647] unevictable 0 [ 1172.753019][ T8647] slab_reclaimable 270336 [ 1172.753019][ T8647] slab_unreclaimable 315392 [ 1172.753019][ T8647] pgfault 74151 [ 1172.753019][ T8647] pgmajfault 0 [ 1172.753019][ T8647] workingset_refault 0 [ 1172.753019][ T8647] workingset_activate 0 [ 1172.753019][ T8647] workingset_nodereclaim 0 [ 1172.753019][ T8647] pgrefill 46 [ 1172.753019][ T8647] pgscan 46 [ 1172.753019][ T8647] pgsteal 0 [ 1172.753019][ T8647] pgactivate 0 [ 1172.846196][ T8647] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8647,uid=0 [ 1172.846293][ T8647] Memory cgroup out of memory: Killed process 8647 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1172.851497][ T1058] oom_reaper: reaped process 8647 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:53:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3dd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:47 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x34d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:47 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x100000000) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$GIO_CMAP(r4, 0x4b70, &(0x7f0000000080)) getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000180)=0x8, &(0x7f00000001c0)=0x4) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:53:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3de, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:47 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x10000, 0x8, 0x4, 0x0, 0x0, [{r1, 0x0, 0x6}, {r2, 0x0, 0x4}, {r2, 0x0, 0xffffffff80000001}, {r0, 0x0, 0x6}]}) write(r2, &(0x7f0000000100)="4d91649dab29cf17e55dce20a39229bd6ac07843b4162d18fee8695e2d84b697e8b930be3a047d11e3c0852a7c6f883626630c044e0ca0b0bad942b590c2c751f15ddb600ac3541f4feae63e336815ae843c5af6cc8c6d83c88b3f14b2620842ad8856b35deb6a726c83bbd2d1641205eb438802107bd0962f1130", 0x57) r3 = socket$rds(0x15, 0x5, 0x0) r4 = io_uring_setup(0xa4, &(0x7f0000000080)) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x100, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000680)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000006c0)={@empty={[0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, 0x8, r6}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000280)=[0xffffffffffffffff, r3], 0x2) ioctl$KDMKTONE(r5, 0x4b30, 0xd00f) ioctl$TIOCSRS485(r5, 0x542f, 0x0) 22:53:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:53:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xa000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x34e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3df, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:48 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x10000, 0x8, 0x4, 0x0, 0x0, [{r1, 0x0, 0x6}, {r2, 0x0, 0x4}, {r2, 0x0, 0xffffffff80000001}, {r0, 0x0, 0x6}]}) write(r2, &(0x7f0000000100)="4d91649dab29cf17e55dce20a39229bd6ac07843b4162d18fee8695e2d84b697e8b930be3a047d11e3c0852a7c6f883626630c044e0ca0b0bad942b590c2c751f15ddb600ac3541f4feae63e336815ae843c5af6cc8c6d83c88b3f14b2620842ad8856b35deb6a726c83bbd2d1641205eb438802107bd0962f1130", 0x57) r3 = socket$rds(0x15, 0x5, 0x0) r4 = io_uring_setup(0xa4, &(0x7f0000000080)) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x100, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000680)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000006c0)={@empty={[0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74]}, 0x8, r6}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000280)=[0xffffffffffffffff, r3], 0x2) ioctl$KDMKTONE(r5, 0x4b30, 0xd00f) ioctl$TIOCSRS485(r5, 0x542f, 0x0) [ 1174.105370][ T8714] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 22:53:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x34f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:48 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x24, r5, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x8000}}, [""]}, 0x24}}, 0x80) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$IOC_PR_RELEASE(r4, 0x401070ca, &(0x7f0000000480)={0x9, 0x100000000, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:53:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:53:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xc000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x350, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:49 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x65}, [@ldst={0x7, 0x3, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='OPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48) 22:53:49 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x351, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xe000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:49 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1174.820654][ T8750] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 22:53:49 executing program 4: r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0xc0505350, &(0x7f0000000500)) 22:53:49 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:49 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x352, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:50 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000005c0)={0x0, 0xb0, "ca1030ee363a0cc169d6b6f332419937316d5232f770107bb759c2e2d884acca24c2fdd871cc4c1343271761c0895f0223f1a398fcc257a2cbc3f11acfb3873d5c10f9a7314012091cf46992c301fb0a7e4c8c7827e47eecbec67c406c16e44677eefe033717772b7c6fb8b7038446f68d5e84047d6208ecc197feaebb35521a71dd2b5ea6696ded9464e54be1bb16dedf0cba0ec64d00e21daca83d65ec8da0e078fa1f35c3ae834a882ef486447772"}, &(0x7f0000000080)=0xb8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180)={r5, 0x7}, &(0x7f00000001c0)=0x8) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1176.777381][ T8814] IPVS: ftp: loaded support on port[0] = 21 [ 1176.841258][ T109] device bridge_slave_1 left promiscuous mode [ 1176.847665][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1176.885589][ T109] device bridge_slave_0 left promiscuous mode [ 1176.891832][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1178.934679][ T109] device hsr_slave_0 left promiscuous mode [ 1178.974139][ T109] device hsr_slave_1 left promiscuous mode [ 1179.021724][ T109] team0 (unregistering): Port device team_slave_1 removed [ 1179.040939][ T109] team0 (unregistering): Port device team_slave_0 removed [ 1179.052697][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1179.099988][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1179.182518][ T109] bond0 (unregistering): Released all slaves [ 1179.292556][ T8814] chnl_net:caif_netlink_parms(): no params data found [ 1179.324366][ T8814] bridge0: port 1(bridge_slave_0) entered blocking state [ 1179.332965][ T8814] bridge0: port 1(bridge_slave_0) entered disabled state [ 1179.340906][ T8814] device bridge_slave_0 entered promiscuous mode [ 1179.348620][ T8814] bridge0: port 2(bridge_slave_1) entered blocking state [ 1179.355779][ T8814] bridge0: port 2(bridge_slave_1) entered disabled state [ 1179.363494][ T8814] device bridge_slave_1 entered promiscuous mode [ 1179.392506][ T8814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1179.403595][ T8814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1179.427552][ T8814] team0: Port device team_slave_0 added [ 1179.435060][ T8814] team0: Port device team_slave_1 added [ 1179.637114][ T8814] device hsr_slave_0 entered promiscuous mode [ 1179.690243][ T8814] device hsr_slave_1 entered promiscuous mode [ 1179.810008][ T8814] debugfs: Directory 'hsr0' with parent '/' already present! [ 1179.839588][ T8814] bridge0: port 2(bridge_slave_1) entered blocking state [ 1179.846762][ T8814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1179.854216][ T8814] bridge0: port 1(bridge_slave_0) entered blocking state [ 1179.861393][ T8814] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1179.946442][ T8814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1179.970860][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1179.986881][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1180.000308][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1180.013118][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1180.034620][ T8814] 8021q: adding VLAN 0 to HW filter on device team0 [ 1180.058274][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1180.067042][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1180.074214][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1180.082131][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1180.090783][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1180.097933][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1180.136498][ T8814] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1180.147172][ T8814] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1180.177118][ T8814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1180.188005][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1180.197129][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1180.205876][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1180.214864][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1180.224388][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1180.232289][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1180.505057][ T8822] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1180.516083][ T8822] CPU: 1 PID: 8822 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1180.523634][ T8822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.533693][ T8822] Call Trace: [ 1180.537002][ T8822] dump_stack+0x16f/0x1f0 [ 1180.541351][ T8822] dump_header+0x10b/0x831 [ 1180.545809][ T8822] oom_kill_process.cold+0x10/0x15 [ 1180.550929][ T8822] out_of_memory+0x79a/0x12d0 [ 1180.555618][ T8822] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1180.561257][ T8822] ? cgroup_file_notify+0x140/0x1b0 [ 1180.566471][ T8822] ? oom_killer_disable+0x280/0x280 [ 1180.571690][ T8822] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1180.577252][ T8822] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1180.582913][ T8822] ? cgroup_file_notify+0x140/0x1b0 [ 1180.588129][ T8822] memory_max_write+0x262/0x3a0 [ 1180.592985][ T8822] ? mem_cgroup_write+0x360/0x360 [ 1180.598016][ T8822] ? lock_acquire+0x190/0x400 [ 1180.602693][ T8822] ? kernfs_fop_write+0x227/0x480 [ 1180.607726][ T8822] cgroup_file_write+0x307/0x790 [ 1180.612684][ T8822] ? mem_cgroup_write+0x360/0x360 [ 1180.617712][ T8822] ? cgroup_show_path+0x590/0x590 [ 1180.622751][ T8822] ? cgroup_show_path+0x590/0x590 [ 1180.627780][ T8822] kernfs_fop_write+0x2b8/0x480 [ 1180.632633][ T8822] __vfs_write+0x8a/0x110 [ 1180.636962][ T8822] ? kernfs_fop_open+0xd80/0xd80 [ 1180.641897][ T8822] vfs_write+0x268/0x5d0 [ 1180.646169][ T8822] ksys_write+0x14f/0x290 [ 1180.650517][ T8822] ? __ia32_sys_read+0xb0/0xb0 [ 1180.655289][ T8822] ? do_syscall_64+0x26/0x6a0 [ 1180.659969][ T8822] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1180.666036][ T8822] ? do_syscall_64+0x26/0x6a0 [ 1180.670720][ T8822] __x64_sys_write+0x73/0xb0 [ 1180.675312][ T8822] do_syscall_64+0xfd/0x6a0 [ 1180.679823][ T8822] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1180.685716][ T8822] RIP: 0033:0x459829 [ 1180.689611][ T8822] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1180.709219][ T8822] RSP: 002b:00007f98093d2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1180.717633][ T8822] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1180.725601][ T8822] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1180.733575][ T8822] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1180.741545][ T8822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f98093d36d4 [ 1180.749529][ T8822] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1180.758164][ T8822] memory: usage 5184kB, limit 0kB, failcnt 597911 [ 1180.764710][ T8822] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1180.771693][ T8822] Memory cgroup stats for /syz0: [ 1180.772812][ T8822] anon 4255744 [ 1180.772812][ T8822] file 106496 [ 1180.772812][ T8822] kernel_stack 0 [ 1180.772812][ T8822] slab 585728 [ 1180.772812][ T8822] sock 0 [ 1180.772812][ T8822] shmem 0 [ 1180.772812][ T8822] file_mapped 0 [ 1180.772812][ T8822] file_dirty 0 [ 1180.772812][ T8822] file_writeback 0 [ 1180.772812][ T8822] anon_thp 4194304 [ 1180.772812][ T8822] inactive_anon 0 [ 1180.772812][ T8822] active_anon 4255744 [ 1180.772812][ T8822] inactive_file 0 [ 1180.772812][ T8822] active_file 0 [ 1180.772812][ T8822] unevictable 0 [ 1180.772812][ T8822] slab_reclaimable 270336 [ 1180.772812][ T8822] slab_unreclaimable 315392 [ 1180.772812][ T8822] pgfault 74217 [ 1180.772812][ T8822] pgmajfault 0 [ 1180.772812][ T8822] workingset_refault 0 [ 1180.772812][ T8822] workingset_activate 0 [ 1180.772812][ T8822] workingset_nodereclaim 0 [ 1180.772812][ T8822] pgrefill 46 [ 1180.772812][ T8822] pgscan 46 [ 1180.772812][ T8822] pgsteal 0 [ 1180.772812][ T8822] pgactivate 0 [ 1180.867263][ T8822] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8821,uid=0 [ 1180.883267][ T8822] Memory cgroup out of memory: Killed process 8821 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1180.901708][ T1058] oom_reaper: reaped process 8821 (syz-executor.0), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 22:53:55 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:53:55 executing program 4: r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0xc0505350, &(0x7f0000000500)) [ 1181.329869][ T8814] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1181.340041][ T8814] CPU: 1 PID: 8814 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1181.347592][ T8814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1181.357677][ T8814] Call Trace: [ 1181.361004][ T8814] dump_stack+0x16f/0x1f0 [ 1181.365343][ T8814] dump_header+0x10b/0x831 [ 1181.369761][ T8814] ? oom_kill_process+0x94/0x3c0 [ 1181.374704][ T8814] oom_kill_process.cold+0x10/0x15 22:53:55 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x353, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:55 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xf000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:55 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SCSI_IOCTL_STOP_UNIT(r4, 0x6) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000180)={0x8000, 0x8, 0x4bb, 0x6, 0x9, 0x10, 0xf, "c1136439653b6376ec1dc421cc2cbb8ab57493db", "d222df845c4199852d007913615ec34310472d5e"}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000140)) ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000005c0)={[0x2, 0x3, 0x0, 0xdce, 0x10001, 0x6, 0x1, 0x40, 0x8, 0x80000000000, 0x7, 0x6, 0x7, 0x1ff, 0x6, 0x8], 0x0, 0x2}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1181.379823][ T8814] out_of_memory+0x79a/0x12d0 [ 1181.384511][ T8814] ? lock_downgrade+0x920/0x920 [ 1181.389400][ T8814] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1181.395226][ T8814] ? oom_killer_disable+0x280/0x280 [ 1181.400459][ T8814] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1181.406011][ T8814] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1181.411656][ T8814] ? do_raw_spin_unlock+0x57/0x270 [ 1181.416779][ T8814] ? _raw_spin_unlock+0x23/0x30 [ 1181.421643][ T8814] try_charge+0x1053/0x1430 [ 1181.426252][ T8814] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1181.431806][ T8814] ? percpu_ref_tryget_live+0x104/0x270 [ 1181.437353][ T8814] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1181.442886][ T8814] mem_cgroup_try_charge+0x136/0x590 [ 1181.448196][ T8814] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1181.453827][ T8814] wp_page_copy+0x27c/0x1380 [ 1181.458403][ T8814] ? find_held_lock+0x35/0x130 [ 1181.463189][ T8814] ? pmd_pfn+0x1d0/0x1d0 [ 1181.467447][ T8814] ? lock_downgrade+0x920/0x920 [ 1181.472294][ T8814] ? swp_swapcount+0x520/0x520 [ 1181.477042][ T8814] ? __kasan_check_read+0x11/0x20 [ 1181.482061][ T8814] ? do_raw_spin_unlock+0x57/0x270 [ 1181.487215][ T8814] do_wp_page+0x499/0x14d0 [ 1181.491645][ T8814] ? finish_mkwrite_fault+0x570/0x570 [ 1181.497006][ T8814] __handle_mm_fault+0x2120/0x3ce0 [ 1181.502144][ T8814] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1181.507687][ T8814] ? handle_mm_fault+0x294/0xa90 [ 1181.512641][ T8814] ? handle_mm_fault+0x675/0xa90 [ 1181.517587][ T8814] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1181.522857][ T8814] handle_mm_fault+0x3bb/0xa90 [ 1181.527629][ T8814] __do_page_fault+0x536/0xdd0 [ 1181.532432][ T8814] do_page_fault+0x38/0x536 [ 1181.536921][ T8814] page_fault+0x39/0x40 [ 1181.541249][ T8814] RIP: 0033:0x430906 [ 1181.545142][ T8814] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1181.564758][ T8814] RSP: 002b:00007ffd2b6b38f0 EFLAGS: 00010206 [ 1181.570830][ T8814] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1181.578805][ T8814] RDX: 00005555563a2930 RSI: 00005555563aa970 RDI: 0000000000000003 [ 1181.586778][ T8814] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555563a1940 [ 1181.594748][ T8814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1181.602722][ T8814] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1181.610995][ T8814] memory: usage 792kB, limit 0kB, failcnt 597919 [ 1181.617357][ T8814] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1181.624246][ T8814] Memory cgroup stats for /syz0: [ 1181.624358][ T8814] anon 0 [ 1181.624358][ T8814] file 106496 [ 1181.624358][ T8814] kernel_stack 0 [ 1181.624358][ T8814] slab 585728 [ 1181.624358][ T8814] sock 0 [ 1181.624358][ T8814] shmem 0 [ 1181.624358][ T8814] file_mapped 0 [ 1181.624358][ T8814] file_dirty 0 [ 1181.624358][ T8814] file_writeback 0 [ 1181.624358][ T8814] anon_thp 0 [ 1181.624358][ T8814] inactive_anon 0 [ 1181.624358][ T8814] active_anon 0 [ 1181.624358][ T8814] inactive_file 0 [ 1181.624358][ T8814] active_file 0 [ 1181.624358][ T8814] unevictable 0 [ 1181.624358][ T8814] slab_reclaimable 270336 [ 1181.624358][ T8814] slab_unreclaimable 315392 [ 1181.624358][ T8814] pgfault 74217 [ 1181.624358][ T8814] pgmajfault 0 [ 1181.624358][ T8814] workingset_refault 0 [ 1181.624358][ T8814] workingset_activate 0 [ 1181.624358][ T8814] workingset_nodereclaim 0 [ 1181.624358][ T8814] pgrefill 46 [ 1181.624358][ T8814] pgscan 46 [ 1181.624358][ T8814] pgsteal 0 [ 1181.624358][ T8814] pgactivate 0 [ 1181.624358][ T8814] pgdeactivate 46 [ 1181.720126][ T8814] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8814,uid=0 [ 1181.735509][ T8814] Memory cgroup out of memory: Killed process 8814 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB 22:53:56 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x10000, 0x8, 0x4, 0x0, 0x0, [{r1, 0x0, 0x6}, {r2, 0x0, 0x4}, {r2, 0x0, 0xffffffff80000001}, {r0, 0x0, 0x6}]}) write(r2, &(0x7f0000000100)="4d91649dab29cf17e55dce20a39229bd6ac07843b4162d18fee8695e2d84b697e8b930be3a047d11e3c0852a7c6f883626630c044e0ca0b0bad942b590c2c751f15ddb600ac3541f4feae63e336815ae843c5af6cc8c6d83c88b3f14b2620842ad8856b35deb6a726c83bbd2d1641205eb438802107bd0962f1130", 0x57) r3 = socket$rds(0x15, 0x5, 0x0) r4 = io_uring_setup(0xa4, &(0x7f0000000080)) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x100, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000680)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000006c0)={@empty={[0x4c, 0x0, 0x0, 0x0, 0x0, 0x48]}, 0x8, r6}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000280)=[0xffffffffffffffff, r3], 0x2) ioctl$KDMKTONE(r5, 0x4b30, 0xd00f) ioctl$TIOCSRS485(r5, 0x542f, 0x0) 22:53:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x354, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x355, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:53:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x356, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:56 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f00000001c0)=0xe8) r6 = getgid() write$FUSE_CREATE_OPEN(r0, &(0x7f0000000780)={0xa0, 0x0, 0x3, {{0x6, 0x1, 0x7, 0x20, 0x1000200000000, 0x2, {0x2, 0x7a, 0xfffffffffffffc01, 0x4, 0xbc, 0x3, 0x3, 0x57, 0x5, 0x6, 0x1, r5, r6, 0x7fff, 0xfff}}, {0x0, 0x10}}}, 0xa0) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x101) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r7 = getgid() getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) r9 = getgid() setresgid(r7, r8, r9) fcntl$setlease(r0, 0x400, 0x0) 22:53:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x10000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000001c0)={0x0, @broadcast, 0x0, 0x1, 'fo\x00', 0x0, 0xbd}, 0x2c) 22:53:57 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:53:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x357, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3e9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 4: 22:53:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x1d010000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:53:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x358, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 4: 22:53:57 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCGSTAMP(r3, 0x8906, &(0x7f0000000080)) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:53:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3ea, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x359, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:53:57 executing program 4: 22:53:58 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3eb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1184.318489][ T8957] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1185.341954][ T8963] IPVS: ftp: loaded support on port[0] = 21 [ 1185.418423][ T109] device bridge_slave_1 left promiscuous mode [ 1185.424884][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1185.495293][ T109] device bridge_slave_0 left promiscuous mode [ 1185.501649][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1187.574448][ T109] device hsr_slave_0 left promiscuous mode [ 1187.614122][ T109] device hsr_slave_1 left promiscuous mode [ 1187.681592][ T109] team0 (unregistering): Port device team_slave_1 removed [ 1187.696677][ T109] team0 (unregistering): Port device team_slave_0 removed [ 1187.710006][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1187.761311][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1187.842868][ T109] bond0 (unregistering): Released all slaves [ 1187.929837][ T8963] chnl_net:caif_netlink_parms(): no params data found [ 1187.961420][ T8963] bridge0: port 1(bridge_slave_0) entered blocking state [ 1187.968589][ T8963] bridge0: port 1(bridge_slave_0) entered disabled state [ 1187.976740][ T8963] device bridge_slave_0 entered promiscuous mode [ 1187.985923][ T8963] bridge0: port 2(bridge_slave_1) entered blocking state [ 1187.992992][ T8963] bridge0: port 2(bridge_slave_1) entered disabled state [ 1188.001414][ T8963] device bridge_slave_1 entered promiscuous mode [ 1188.024579][ T8963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1188.035976][ T8963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1188.059034][ T8963] team0: Port device team_slave_0 added [ 1188.066960][ T8963] team0: Port device team_slave_1 added [ 1188.126230][ T8963] device hsr_slave_0 entered promiscuous mode [ 1188.164353][ T8963] device hsr_slave_1 entered promiscuous mode [ 1188.223976][ T8963] debugfs: Directory 'hsr0' with parent '/' already present! [ 1188.284327][ T8963] bridge0: port 2(bridge_slave_1) entered blocking state [ 1188.293694][ T8963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1188.301157][ T8963] bridge0: port 1(bridge_slave_0) entered blocking state [ 1188.308290][ T8963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1188.403236][ T8963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1188.430055][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1188.447642][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 1188.459076][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 1188.472688][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1188.497242][ T8963] 8021q: adding VLAN 0 to HW filter on device team0 [ 1188.510529][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1188.519381][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1188.526484][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1188.565691][ T8963] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1188.576195][ T8963] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1188.593228][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1188.602005][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1188.609129][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1188.617637][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1188.626525][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1188.635159][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1188.643704][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1188.653602][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1188.661641][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1188.690239][ T8963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1189.021623][ T8971] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1189.031954][ T8971] CPU: 1 PID: 8971 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1189.039595][ T8971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.049674][ T8971] Call Trace: [ 1189.052979][ T8971] dump_stack+0x16f/0x1f0 [ 1189.057330][ T8971] dump_header+0x10b/0x831 [ 1189.061761][ T8971] oom_kill_process.cold+0x10/0x15 [ 1189.066884][ T8971] out_of_memory+0x79a/0x12d0 [ 1189.071580][ T8971] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1189.077222][ T8971] ? cgroup_file_notify+0x140/0x1b0 [ 1189.082434][ T8971] ? oom_killer_disable+0x280/0x280 [ 1189.087739][ T8971] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1189.093464][ T8971] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1189.099112][ T8971] ? cgroup_file_notify+0x140/0x1b0 [ 1189.104334][ T8971] memory_max_write+0x262/0x3a0 [ 1189.109204][ T8971] ? mem_cgroup_write+0x360/0x360 [ 1189.114236][ T8971] ? lock_acquire+0x190/0x400 [ 1189.118918][ T8971] ? kernfs_fop_write+0x227/0x480 [ 1189.123957][ T8971] cgroup_file_write+0x307/0x790 [ 1189.128906][ T8971] ? mem_cgroup_write+0x360/0x360 [ 1189.133935][ T8971] ? cgroup_show_path+0x590/0x590 [ 1189.138972][ T8971] ? cgroup_show_path+0x590/0x590 [ 1189.144002][ T8971] kernfs_fop_write+0x2b8/0x480 [ 1189.148865][ T8971] __vfs_write+0x8a/0x110 [ 1189.153197][ T8971] ? kernfs_fop_open+0xd80/0xd80 [ 1189.158157][ T8971] vfs_write+0x268/0x5d0 [ 1189.162410][ T8971] ksys_write+0x14f/0x290 [ 1189.166748][ T8971] ? __ia32_sys_read+0xb0/0xb0 [ 1189.171515][ T8971] ? do_syscall_64+0x26/0x6a0 [ 1189.176202][ T8971] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1189.182269][ T8971] ? do_syscall_64+0x26/0x6a0 [ 1189.186959][ T8971] __x64_sys_write+0x73/0xb0 [ 1189.191580][ T8971] do_syscall_64+0xfd/0x6a0 [ 1189.196200][ T8971] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1189.202094][ T8971] RIP: 0033:0x459829 [ 1189.205995][ T8971] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1189.225609][ T8971] RSP: 002b:00007f2eeffd8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1189.234031][ T8971] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1189.242105][ T8971] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1189.250082][ T8971] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1189.258068][ T8971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2eeffd96d4 [ 1189.266050][ T8971] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1189.274319][ T8971] memory: usage 5172kB, limit 0kB, failcnt 597920 [ 1189.280863][ T8971] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1189.287864][ T8971] Memory cgroup stats for /syz0: [ 1189.288654][ T8971] anon 4284416 [ 1189.288654][ T8971] file 106496 [ 1189.288654][ T8971] kernel_stack 65536 [ 1189.288654][ T8971] slab 585728 [ 1189.288654][ T8971] sock 0 [ 1189.288654][ T8971] shmem 0 [ 1189.288654][ T8971] file_mapped 0 [ 1189.288654][ T8971] file_dirty 0 [ 1189.288654][ T8971] file_writeback 0 [ 1189.288654][ T8971] anon_thp 4194304 [ 1189.288654][ T8971] inactive_anon 0 [ 1189.288654][ T8971] active_anon 4284416 [ 1189.288654][ T8971] inactive_file 0 [ 1189.288654][ T8971] active_file 0 [ 1189.288654][ T8971] unevictable 0 [ 1189.288654][ T8971] slab_reclaimable 270336 [ 1189.288654][ T8971] slab_unreclaimable 315392 [ 1189.288654][ T8971] pgfault 74283 [ 1189.288654][ T8971] pgmajfault 0 [ 1189.288654][ T8971] workingset_refault 0 [ 1189.288654][ T8971] workingset_activate 0 [ 1189.288654][ T8971] workingset_nodereclaim 0 [ 1189.288654][ T8971] pgrefill 46 [ 1189.288654][ T8971] pgscan 46 [ 1189.288654][ T8971] pgsteal 0 [ 1189.288654][ T8971] pgactivate 0 [ 1189.383939][ T8971] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8970,uid=0 [ 1189.399798][ T8971] Memory cgroup out of memory: Killed process 8970 (syz-executor.0) total-vm:72576kB, anon-rss:4232kB, file-rss:35808kB, shmem-rss:0kB [ 1189.418416][ T1058] oom_reaper: reaped process 8970 (syz-executor.0), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 22:54:04 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:04 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:04 executing program 4: 22:54:04 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3ec, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:04 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x20000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1189.903649][ T8963] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1189.913689][ T8963] CPU: 0 PID: 8963 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1189.921245][ T8963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.931307][ T8963] Call Trace: [ 1189.934618][ T8963] dump_stack+0x16f/0x1f0 [ 1189.938949][ T8963] dump_header+0x10b/0x831 [ 1189.943368][ T8963] ? oom_kill_process+0x94/0x3c0 [ 1189.948306][ T8963] oom_kill_process.cold+0x10/0x15 [ 1189.953422][ T8963] out_of_memory+0x79a/0x12d0 [ 1189.958108][ T8963] ? lock_downgrade+0x920/0x920 [ 1189.962957][ T8963] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1189.968768][ T8963] ? oom_killer_disable+0x280/0x280 [ 1189.973978][ T8963] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1189.979530][ T8963] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1189.985167][ T8963] ? do_raw_spin_unlock+0x57/0x270 [ 1189.990280][ T8963] ? _raw_spin_unlock+0x23/0x30 [ 1189.995137][ T8963] try_charge+0x1053/0x1430 [ 1189.999646][ T8963] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1190.005363][ T8963] ? percpu_ref_tryget_live+0x104/0x270 [ 1190.010919][ T8963] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1190.016463][ T8963] mem_cgroup_try_charge+0x136/0x590 [ 1190.022165][ T8963] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1190.027800][ T8963] wp_page_copy+0x27c/0x1380 [ 1190.032399][ T8963] ? find_held_lock+0x35/0x130 [ 1190.037252][ T8963] ? pmd_pfn+0x1d0/0x1d0 [ 1190.041514][ T8963] ? lock_downgrade+0x920/0x920 [ 1190.046385][ T8963] ? swp_swapcount+0x520/0x520 [ 1190.051153][ T8963] ? __kasan_check_read+0x11/0x20 [ 1190.056175][ T8963] ? do_raw_spin_unlock+0x57/0x270 [ 1190.061286][ T8963] do_wp_page+0x499/0x14d0 [ 1190.065703][ T8963] ? finish_mkwrite_fault+0x570/0x570 [ 1190.071092][ T8963] __handle_mm_fault+0x2120/0x3ce0 [ 1190.076210][ T8963] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1190.081751][ T8963] ? handle_mm_fault+0x294/0xa90 [ 1190.086701][ T8963] ? handle_mm_fault+0x675/0xa90 [ 1190.091636][ T8963] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1190.096942][ T8963] handle_mm_fault+0x3bb/0xa90 [ 1190.101711][ T8963] __do_page_fault+0x536/0xdd0 [ 1190.106479][ T8963] do_page_fault+0x38/0x536 [ 1190.110985][ T8963] page_fault+0x39/0x40 [ 1190.115131][ T8963] RIP: 0033:0x430906 [ 1190.119022][ T8963] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1190.138627][ T8963] RSP: 002b:00007ffefce69170 EFLAGS: 00010206 [ 1190.144690][ T8963] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1190.152654][ T8963] RDX: 0000555555e7d930 RSI: 0000555555e85970 RDI: 0000000000000003 [ 1190.160625][ T8963] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555555e7c940 [ 1190.168601][ T8963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1190.176569][ T8963] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1190.184888][ T8963] memory: usage 788kB, limit 0kB, failcnt 597928 [ 1190.191237][ T8963] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1190.198170][ T8963] Memory cgroup stats for /syz0: [ 1190.198271][ T8963] anon 24576 [ 1190.198271][ T8963] file 106496 [ 1190.198271][ T8963] kernel_stack 0 [ 1190.198271][ T8963] slab 585728 [ 1190.198271][ T8963] sock 0 [ 1190.198271][ T8963] shmem 0 [ 1190.198271][ T8963] file_mapped 0 [ 1190.198271][ T8963] file_dirty 0 [ 1190.198271][ T8963] file_writeback 0 [ 1190.198271][ T8963] anon_thp 0 [ 1190.198271][ T8963] inactive_anon 0 [ 1190.198271][ T8963] active_anon 24576 [ 1190.198271][ T8963] inactive_file 0 [ 1190.198271][ T8963] active_file 0 [ 1190.198271][ T8963] unevictable 0 [ 1190.198271][ T8963] slab_reclaimable 270336 [ 1190.198271][ T8963] slab_unreclaimable 315392 [ 1190.198271][ T8963] pgfault 74283 [ 1190.198271][ T8963] pgmajfault 0 [ 1190.198271][ T8963] workingset_refault 0 [ 1190.198271][ T8963] workingset_activate 0 [ 1190.198271][ T8963] workingset_nodereclaim 0 [ 1190.198271][ T8963] pgrefill 46 [ 1190.198271][ T8963] pgscan 46 [ 1190.198271][ T8963] pgsteal 0 [ 1190.198271][ T8963] pgactivate 0 [ 1190.203227][ T8963] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8963,uid=0 [ 1190.306929][ T8963] Memory cgroup out of memory: Killed process 8963 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1190.321306][ T1058] oom_reaper: reaped process 8963 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:54:04 executing program 4: 22:54:04 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3ed, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:04 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x25000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:04 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:05 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f000001000000000000"], 0x0) 22:54:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3ee, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:05 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f000001000000000000"], 0x0) 22:54:05 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:05 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3ef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:05 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000005c0)=[@in={0x2, 0x4e24, @remote}, @in6={0xa, 0x3, 0x8, @empty, 0x100000001}, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e23, 0x40, @remote, 0x400}, @in6={0xa, 0x4e20, 0x4, @loopback, 0x7fff}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}, @in={0x2, 0x4e24, @remote}], 0xa4) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000440)="66b8080000000f23c00f21f86635030007000f23f866b9820300000f32d70fb75300c4c205ddf50f0113350000f2a7baf80c66b88436628666efbafc0c66b88759000066ef6626150000c0fe", 0x4c}], 0x1, 0x8, &(0x7f00000001c0)=[@flags={0x3, 0x10}, @cstype0={0x4, 0x3}], 0x2) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000180)={0xfffffffffffffffb, 0x8003fe}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:05 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x40000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:05 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f000001000000000000"], 0x0) 22:54:05 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:05 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f000001000000000000"], 0x0) 22:54:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x48000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) 22:54:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x4c000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x35f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:06 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) [ 1193.825013][ T109] device bridge_slave_1 left promiscuous mode [ 1193.831455][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1193.898672][ T109] device bridge_slave_0 left promiscuous mode [ 1193.906258][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1195.949163][ T109] device hsr_slave_0 left promiscuous mode [ 1195.994296][ T109] device hsr_slave_1 left promiscuous mode [ 1196.051936][ T109] team0 (unregistering): Port device team_slave_1 removed [ 1196.068105][ T109] team0 (unregistering): Port device team_slave_0 removed [ 1196.081889][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1196.119213][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1196.203193][ T109] bond0 (unregistering): Released all slaves [ 1196.335910][ T9121] IPVS: ftp: loaded support on port[0] = 21 [ 1196.425332][ T9121] chnl_net:caif_netlink_parms(): no params data found [ 1196.525347][ T9121] bridge0: port 1(bridge_slave_0) entered blocking state [ 1196.532909][ T9121] bridge0: port 1(bridge_slave_0) entered disabled state [ 1196.541309][ T9121] device bridge_slave_0 entered promiscuous mode [ 1196.557759][ T9121] bridge0: port 2(bridge_slave_1) entered blocking state [ 1196.565289][ T9121] bridge0: port 2(bridge_slave_1) entered disabled state [ 1196.573463][ T9121] device bridge_slave_1 entered promiscuous mode [ 1196.607019][ T9121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1196.620121][ T9121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1196.656610][ T9121] team0: Port device team_slave_0 added [ 1196.664730][ T9121] team0: Port device team_slave_1 added [ 1196.747387][ T9121] device hsr_slave_0 entered promiscuous mode [ 1196.791256][ T9121] device hsr_slave_1 entered promiscuous mode [ 1197.044072][ T9121] debugfs: Directory 'hsr0' with parent '/' already present! [ 1197.082072][ T9121] bridge0: port 2(bridge_slave_1) entered blocking state [ 1197.089461][ T9121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1197.097055][ T9121] bridge0: port 1(bridge_slave_0) entered blocking state [ 1197.104343][ T9121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1197.170797][ T9121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1197.187639][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1197.197017][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 1197.205507][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 1197.229590][ T9121] 8021q: adding VLAN 0 to HW filter on device team0 [ 1197.243364][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1197.252070][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1197.259209][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1197.303398][ T9121] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1197.313996][ T9121] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1197.339058][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1197.347777][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1197.354905][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1197.363473][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1197.372475][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1197.381199][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1197.390012][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1197.406466][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1197.414955][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1197.432420][ T9121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1197.687840][ T9129] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1197.698198][ T9129] CPU: 1 PID: 9129 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1197.705834][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.715938][ T9129] Call Trace: [ 1197.719237][ T9129] dump_stack+0x16f/0x1f0 [ 1197.723573][ T9129] dump_header+0x10b/0x831 [ 1197.727984][ T9129] oom_kill_process.cold+0x10/0x15 [ 1197.733096][ T9129] out_of_memory+0x79a/0x12d0 [ 1197.737769][ T9129] ? retint_kernel+0x10/0x10 [ 1197.742384][ T9129] ? oom_killer_disable+0x280/0x280 [ 1197.747626][ T9129] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 1197.753353][ T9129] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1197.758926][ T9129] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1197.764576][ T9129] ? cgroup_file_notify+0x140/0x1b0 [ 1197.769776][ T9129] memory_max_write+0x262/0x3a0 [ 1197.774628][ T9129] ? mem_cgroup_write+0x360/0x360 [ 1197.779680][ T9129] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1197.785153][ T9129] cgroup_file_write+0x307/0x790 [ 1197.790123][ T9129] ? mem_cgroup_write+0x360/0x360 [ 1197.795143][ T9129] ? cgroup_show_path+0x590/0x590 [ 1197.800163][ T9129] ? kernfs_ops+0x9f/0x110 [ 1197.804571][ T9129] ? cgroup_show_path+0x590/0x590 [ 1197.809624][ T9129] kernfs_fop_write+0x2b8/0x480 [ 1197.814494][ T9129] __vfs_write+0x8a/0x110 [ 1197.818845][ T9129] ? kernfs_fop_open+0xd80/0xd80 [ 1197.823774][ T9129] vfs_write+0x268/0x5d0 [ 1197.828023][ T9129] ksys_write+0x14f/0x290 [ 1197.832356][ T9129] ? __ia32_sys_read+0xb0/0xb0 [ 1197.837106][ T9129] ? do_syscall_64+0x26/0x6a0 [ 1197.841785][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1197.847851][ T9129] ? do_syscall_64+0x26/0x6a0 [ 1197.852517][ T9129] __x64_sys_write+0x73/0xb0 [ 1197.857136][ T9129] do_syscall_64+0xfd/0x6a0 [ 1197.861648][ T9129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1197.867531][ T9129] RIP: 0033:0x459829 [ 1197.871418][ T9129] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1197.891023][ T9129] RSP: 002b:00007f50cfae7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1197.899443][ T9129] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1197.907608][ T9129] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1197.915601][ T9129] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1197.923592][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f50cfae86d4 [ 1197.931583][ T9129] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1197.939714][ T9129] memory: usage 5192kB, limit 0kB, failcnt 597929 [ 1197.946269][ T9129] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1197.953249][ T9129] Memory cgroup stats for /syz0: [ 1197.954660][ T9129] anon 4255744 [ 1197.954660][ T9129] file 106496 [ 1197.954660][ T9129] kernel_stack 0 [ 1197.954660][ T9129] slab 724992 [ 1197.954660][ T9129] sock 0 [ 1197.954660][ T9129] shmem 0 [ 1197.954660][ T9129] file_mapped 0 [ 1197.954660][ T9129] file_dirty 0 [ 1197.954660][ T9129] file_writeback 0 [ 1197.954660][ T9129] anon_thp 4194304 [ 1197.954660][ T9129] inactive_anon 0 [ 1197.954660][ T9129] active_anon 4255744 [ 1197.954660][ T9129] inactive_file 0 [ 1197.954660][ T9129] active_file 0 [ 1197.954660][ T9129] unevictable 0 [ 1197.954660][ T9129] slab_reclaimable 270336 [ 1197.954660][ T9129] slab_unreclaimable 454656 [ 1197.954660][ T9129] pgfault 74349 [ 1197.954660][ T9129] pgmajfault 0 [ 1197.954660][ T9129] workingset_refault 0 [ 1197.954660][ T9129] workingset_activate 0 [ 1197.954660][ T9129] workingset_nodereclaim 0 [ 1197.954660][ T9129] pgrefill 46 [ 1197.954660][ T9129] pgscan 46 [ 1197.954660][ T9129] pgsteal 0 [ 1197.954660][ T9129] pgactivate 0 [ 1198.048751][ T9129] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9127,uid=0 [ 1198.064750][ T9129] Memory cgroup out of memory: Killed process 9127 (syz-executor.0) total-vm:72576kB, anon-rss:4184kB, file-rss:34816kB, shmem-rss:0kB [ 1198.086176][ T1058] oom_reaper: reaped process 9127 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1198.570869][ T9121] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1198.580920][ T9121] CPU: 1 PID: 9121 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1198.588485][ T9121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.598557][ T9121] Call Trace: [ 1198.601879][ T9121] dump_stack+0x16f/0x1f0 [ 1198.606233][ T9121] dump_header+0x10b/0x831 [ 1198.610760][ T9121] ? oom_kill_process+0x94/0x3c0 [ 1198.615709][ T9121] oom_kill_process.cold+0x10/0x15 [ 1198.620819][ T9121] out_of_memory+0x79a/0x12d0 [ 1198.625507][ T9121] ? lock_downgrade+0x920/0x920 [ 1198.630363][ T9121] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1198.636184][ T9121] ? oom_killer_disable+0x280/0x280 [ 1198.641380][ T9121] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1198.646930][ T9121] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1198.652605][ T9121] ? do_raw_spin_unlock+0x57/0x270 [ 1198.657715][ T9121] ? _raw_spin_unlock+0x23/0x30 [ 1198.662588][ T9121] try_charge+0x1053/0x1430 [ 1198.667092][ T9121] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1198.672722][ T9121] ? percpu_ref_tryget_live+0x104/0x270 [ 1198.678297][ T9121] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1198.683860][ T9121] mem_cgroup_try_charge+0x136/0x590 [ 1198.689169][ T9121] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1198.694802][ T9121] wp_page_copy+0x27c/0x1380 [ 1198.699385][ T9121] ? find_held_lock+0x35/0x130 [ 1198.704168][ T9121] ? pmd_pfn+0x1d0/0x1d0 [ 1198.708444][ T9121] ? lock_downgrade+0x920/0x920 [ 1198.713385][ T9121] ? swp_swapcount+0x520/0x520 [ 1198.718145][ T9121] ? __kasan_check_read+0x11/0x20 [ 1198.723178][ T9121] ? do_raw_spin_unlock+0x57/0x270 [ 1198.728312][ T9121] do_wp_page+0x499/0x14d0 [ 1198.732737][ T9121] ? finish_mkwrite_fault+0x570/0x570 [ 1198.738106][ T9121] __handle_mm_fault+0x2120/0x3ce0 [ 1198.743232][ T9121] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1198.748800][ T9121] ? handle_mm_fault+0x294/0xa90 [ 1198.753773][ T9121] ? handle_mm_fault+0x675/0xa90 [ 1198.758735][ T9121] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1198.764054][ T9121] handle_mm_fault+0x3bb/0xa90 [ 1198.768842][ T9121] __do_page_fault+0x536/0xdd0 [ 1198.773638][ T9121] do_page_fault+0x38/0x536 [ 1198.778170][ T9121] page_fault+0x39/0x40 [ 1198.782530][ T9121] RIP: 0033:0x430906 [ 1198.786415][ T9121] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1198.806021][ T9121] RSP: 002b:00007fffc203f6a0 EFLAGS: 00010206 [ 1198.812081][ T9121] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1198.820048][ T9121] RDX: 0000555556767930 RSI: 000055555676f970 RDI: 0000000000000003 [ 1198.828021][ T9121] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555556766940 [ 1198.835986][ T9121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1198.843986][ T9121] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1198.852121][ T9121] memory: usage 808kB, limit 0kB, failcnt 597937 [ 1198.858544][ T9121] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1198.865475][ T9121] Memory cgroup stats for /syz0: [ 1198.865590][ T9121] anon 57344 [ 1198.865590][ T9121] file 106496 [ 1198.865590][ T9121] kernel_stack 0 [ 1198.865590][ T9121] slab 724992 [ 1198.865590][ T9121] sock 0 [ 1198.865590][ T9121] shmem 0 [ 1198.865590][ T9121] file_mapped 0 [ 1198.865590][ T9121] file_dirty 0 [ 1198.865590][ T9121] file_writeback 0 [ 1198.865590][ T9121] anon_thp 0 [ 1198.865590][ T9121] inactive_anon 0 [ 1198.865590][ T9121] active_anon 57344 [ 1198.865590][ T9121] inactive_file 0 [ 1198.865590][ T9121] active_file 0 [ 1198.865590][ T9121] unevictable 0 [ 1198.865590][ T9121] slab_reclaimable 270336 [ 1198.865590][ T9121] slab_unreclaimable 454656 [ 1198.865590][ T9121] pgfault 74349 [ 1198.865590][ T9121] pgmajfault 0 [ 1198.865590][ T9121] workingset_refault 0 [ 1198.865590][ T9121] workingset_activate 0 [ 1198.865590][ T9121] workingset_nodereclaim 0 [ 1198.865590][ T9121] pgrefill 46 [ 1198.865590][ T9121] pgscan 46 [ 1198.865590][ T9121] pgsteal 0 [ 1198.865590][ T9121] pgactivate 0 22:54:12 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:12 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000001c0)='\x00', 0x0, r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = semget(0x2, 0x3, 0x88) semctl$SETALL(r4, 0x0, 0x11, &(0x7f0000000340)=[0x9, 0x2, 0x10001, 0x1, 0x39]) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000080)=0x9, &(0x7f0000000180)=0x2) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) r7 = getpgrp(0x0) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000440)=0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000700)={0xffffffffffffffff, r0, 0x0, 0xb, &(0x7f0000000480)=')vboxnet1{\x00', 0xffffffffffffffff}, 0x30) fstat(r6, &(0x7f0000003780)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000003600)={0x0, 0x0, 0x0}, &(0x7f0000003640)=0xc) sendmsg$netlink(r0, &(0x7f00000036c0)={0x0, 0x0, &(0x7f0000003500)=[{&(0x7f0000000780)={0x1e4, 0x19, 0x200, 0x70bd27, 0x25dfdbfe, "", [@typed={0xc, 0x2d, @u64=0xffff}, @typed={0xc, 0x6d, @u64=0x401}, @generic="68836364407fda9b2cdcb7dce6eab399ef73bec7f957ea20204dc16191d9ee265ca32fc8e33063cd37947df6d86dcf79506bbeb6730b082bfbdeb18adaa2d2b7686c8fc6b8158db74dce394b53d7de23b6cae620151f6f9c7adf14cbdba2815e25d5e3ee528d742a1a2035599ecad48f789ef5c9e1dd8feb815fb0d3ab9cd538d9341d96a0a3df553c43677c7834b19fa8eb6f2c", @nested={0x128, 0x45, [@generic="bfb75b11564199e7b1d49952a7280ce0a19e1c2d24359c0ed3e07a5fd22b312843c7685819cb260ae20d2d39f3c8db29acc65f4d49b0b0f07731babaaaeb01f00d770e9c530f65a9fc06336880758c17ae8812a2c55ac5b63c9ff37570fdcca34d9d7a6b9dfe92e409f3e153344e19bfc5450e", @generic="a41270d32d78205cb6ba716b432f10e16cfec6602c69675f74f2e7756c4d7a087d5e52d2d6197b7954ca", @generic="3f858e95d2a3de94e41bf7c3d999faf29d10bc044136c1e8a097c1d923bb585b6b4232b26431fd44d0328f34473fe1d09f5963221f96e31bc565aaa4d52c575b8440ad7cd707c2f7a1d13d5551dfa0d6053991d7639f76193f2374ed9feacf19509c2f0b724ddc380ce8c0b79a8c5f02bcbd2b8b57d77aa5d8124ad69ea3f416594e59e771"]}]}, 0x1e4}, {&(0x7f00000005c0)={0x12c, 0x21, 0x800, 0x70bd2a, 0x25dfdbfb, "", [@typed={0x100, 0x8e, @binary="ba2563c2365daadf5c5e565116f5954607603a5907b627e667a4f818831d6733833ca12905ef1a650945a563f6025a927ed3218585e336471894853276a82d40251bb95c9ce93d1ee452cc1047495879a18c05ab976e83dec103ee5fe2b5c16bb292d907aef29aa9d38d5a65af5f463dfe3a7277ace8e1f912a7d25331b04de18351b35563530025938e1dbf59ecd87707c40103269bb69c8cbb8894dffb0f94e3cb678d6ba85a89929d997489a5c2e1a658eb93f1dfa59ceacaf01d472ab8850ae439bf38aaeb8618b7da8e47e58d7d7bb18f31e845ab8d311870ada1c274936cd5f4e93adb4722d1c48a08f2e564185bd63df516fb4cfeccdfab"}, @typed={0x8, 0x47, @u32=0x5}, @nested={0x10, 0x60, [@typed={0xc, 0x4b, @u64=0x1}]}, @typed={0x4, 0x4d}]}, 0x12c}, {&(0x7f0000000980)={0x1690, 0x31, 0x721, 0x70bd25, 0x25dfdbfd, "", [@nested={0x268, 0x65, [@typed={0x64, 0x95, @binary="714eab23d23674eb2c86035ee61e2fd79992fb8d8a26c1a97e6f258b4b16199d1cbf58b5278ac82f0aec21b925b26194c261196151fdf57d334bd44de4553f0a8085ed8873a53702e9a961d0192250f6233d4b391e76b89038623fbcd34469"}, @generic="1567858b62b2f76be610e175266b729ddce8cae9ea6ac28e246e4e1a0af35307dc8fa8f67e1b5277efcbeff115a16612e30a", @typed={0x8, 0x55, @str='nat\x00'}, @typed={0xc, 0x3, @u64=0x1}, @generic="1171a2106cfb085a2e5e3b62ec6a1388a730b2f5892451c15054fb9a8b49bc83de576812a3f694808252447197c9b29c1574e85f389ec9f8f423c824758928545f016278d7a9ce13a03de4616fc9b283a5266c2441a2a79ee93631a4ff42c59d5916993412c7ca4ff80894ba869b874835c7b4f705d32f8ab8acd901a35f6c9b9f805207704aacbd3ed8372c47d4df0ffe7d007ffdb41d0d3dc78cc576dae901d7780364ae8c61051ab7aa151463", @generic="e8bde71fc679db68f07ea03df746bc1690792c280f58df9362454d696194cb89be73c27076e8a844579b062c33501e318e0aa4684b318a5d16620bd396567e8149c09b75a7b2e71f6d20246b5ddaf401ae7117858d09294a4b8d7958544b41e7bc5c282923d697a113ecb9de9efa4571eddc4027a295ff6313c98f06603da5beba9f8ae468809d7268b75dcd6d07a7b310c1e62b174ab04d58c5c155876b8e85229125744a1775b576cb4cb83b4557dec335eb9df1a926fce0cd650734c635936ea0a195d93eee99a469c35662f1f4984499db8a480c9dc9d95afaf3707d3dd215dcb90a43881cf2a58edc7c0944a7d1436344d14b875faa9cbf6e50ba2c49", @typed={0xc, 0x3e, @u64=0x4}, @generic]}, @nested={0x208, 0x5, [@typed={0x8, 0x32, @ipv4=@remote}, @typed={0x8, 0x7f, @str='\x00'}, @typed={0x4, 0x6f}, @generic="b67c92170e82337407783224f5e74da1bf95f9baec60431f82acddf8afc7828d34c4d99c10f0bb21b5329d5acd7bb7b3849944f3120e415a30385a08f9a8ed9978c96be81d21b051db03947ef875de0bd09ea9a357fe49fbb62dbc4c2f7dd7732daa84ff36196b8542a635d4d6367d002733fd217ca445d4f1d9b7b6ccc4ed8891b9be0feeb3f97bf77a58aec3b8a58dfb8144972a59c141de16008d08fe", @generic="a3d17a534101c192fdd0831cc4dc3f348db362d857295ad707fda52f8ceace3d67a5e779ea7096db41beb01658865f0c5a36ee0134f956c65a41a5837ac8917788ea1ea2d040ce33d9b96957efb0642bdd5a79ff71166021acccd3522cc1a68d6bd589327caa2c6955a3c3d58449d3a21b2a1f79149deb1f1c8c95171fe6365f", @generic="33c8c8349e22ead43f6bdd130760ece8f5ef841e66029cfeef990575274709bbdbbb5298f537658d5917da7ca31d32b61aa87ec7b3e6d62bd576f728cc6c1350563e1db71cdb981926237e86e5442f11085f64b612bbff8a20181d3a5c505c21f7134659c0aab755b01235da64d1e061a5ed160c448781b9ec6976602c8665ac18c7cc29f83be46e94b0b2162a67cfe8c5048f5986545358efab4affd05a01fd7a4e0ca02523c039eb866bad0328059690a0e651644048f2764cebf5ffaef00f", @typed={0x8, 0x64, @fd=r2}, @typed={0x8, 0x1f, @pid=r7}]}, @typed={0x14, 0x7c, @ipv6=@dev={0xfe, 0x80, [], 0x1a}}, @nested={0xe0, 0x19, [@generic="28e2e2781aaa18fa485622a04aa80d3de62244b3fd36b39fbf7dd904a36475b9c21726f04dfc5c78284197e2c5dd22e800b4b591f8363540394e1c853fe50bcb132218b6bec62600b09a5e9f64f9d448e0a9b1b24abee13f02c48019e9b016cd05d7cba2d3a1446f30396d76921bb3b0fe9eabada3d0bafd82553ff110d905792fcb7446fed529bcaa61c38256b48713eb6b23dfc1af670502308ad100bb282a8e6cab7232ce7c7ea2c023fd79ddd98dfdd80ffd67c238f4498a1bdeccbd", @typed={0x14, 0x67, @ipv6=@local}, @typed={0x8, 0x7a, @u32=0x3ff}]}, @generic="2c012c17fab1eaeec3d4f653f447c0f52c763ac2eca3586201c83b6caebab60b81280287a987bbb5767d04ca2db85344191d0c97e7cd9b38f0745a0105c8bbcb8925567a0312642c96866f9157b0b310d5defab16f38c7e583beb45b23858ef4d26e003768a0f76c498758ac2355ae55d6393ba2cb7b23eafa58775c72865ac879cefdc14ece13b4bebcb81237a6d62f86e2e71b85af05660a4df3e9dd5c202a82d262aef8a80dc8d81a4ecbd587d5a6001df2d8e605dbf026f441b3122680fbc819df5defceae376af20823f0c06f6566e69d8dff454842aba607c38ff07492e819e4a83132899f32b274cf4723dee260975f654d76dc75207c066edcf05ee2351928e8992eab6a54b40cfb80e4936c048587806b52a19538c2a55155f2c10f01cc9b5d82258edfceafcc6471454b56f1d28d43cf9cfe08a16b7db2ba3de64313b8dd95488b64134bfd9fad1438f3fb65a34e84472cf9faee5cc65479f5b2cf7491ccf7da444fc1e388c887984596201a1859d8ddc6901664b97e22fe3375759b14e064b98aa406cd727322756dceb0ea1a18a6cf8bb435f971b9efc6d66654088a864b913e711d8cfa9bef46558461c1659740d0e0a9c17e6a13840016c123c2865dd8e4b218fe09dcb207da12d71a5a677dd83138ae58e81c3cc7052fc334e67fcf4da3cd4b200e4d7aa907fe20adff5facff5ce231284ae056448a45a5332152a7396bc7a6a7ea677bdc98999bc0a6b870dd6fac1a178d3375bb6286e7c3f6d68643a995e00e40aaf573cdd3948133ff4678370f2367eecc168f9d668ed571cf9e4a32dc461ae289e2c2f8d5a7d574bf6d9eac022d02f4dfae9c7b7cad1ffc92bb4936311bbccee4b0ba9b39eadf45ae53b99a33a7518a1ef577414e5017491c9f035f997b06946883acda52788f92a7abc83154c3947b277378ea303858d641941bb834b84bbc6802119f7ae73c32023cf5835824f5db4156bf75d44956cfc29cffe1c84cf349d61636daaf6c985dfe282853079d13568139248d34da51e85829cba744ed6c15a02f736ddb5e4917ce9b55fda833556d013757052728a37f620da4a869aa094299ab2ccc5feba651132a8d3e46b8cc9c2b1a8d02189563d985155fab1ee384099657667cd1eb4daa94638689f2d88bb4486d846341657d9b17a778abc1ae561a629b5db27b48ee6cd135ecc10f516797e8f7bfb257b8ddef9da706cc576c82b701da2f800fe8b1a58413269bd8c7537f743505ac5d49ecace10cd6df29127500568367bc8da541e9d6606fa05da11d72111a3deac1958b47703df45396670e921bd588b1de2b9dfb25c6dc48b22ea6a882bd7b0652495ccdfef9163ad31a077da3c8ee040bf5646e299a79c672dfb0acc8f9146a4f2407ac3d62e2b3f70e6a86caa3af915ce5c56b01fef8565b7ae6decf8ff64ad32f67d49d1a2c946ec5c05008f17dac8989ea0816a3de84512b2873551eac438e83ae2daeeb0e3f5744c1a94e32f49fda32f0cb565e47985a76cba1465d5c953f06d2cd7ae20653d412e6d92ff1748384ee65dd4816045adce9f93670a726a258af6940130aa0b467b73bce12c58f594e185f955f7a17b2e76ffab62dbc3cb568d2df872bc7bcbc7be607fe74e703d841df7cebf35943e50290004116e520cd4b6216118821924be67883a754d313139197094ab40eeaf681995ced41b751055efe2830b76efd0d636ffd8a583d58b5f0318e0a21b89349e124a426731b0a3d54233f810e2dfa12417873192f74d367e2dfb7af57059437768c8991fa438edfcab4bb06001cb72c0ea7364fe1e02e703210616910939d85b864a101a7c86752f6e059ada51685a7d14474ff8a8cf85baf26e0ac56d73f16dd6a9b42e272bf297a2b1b48f422058c85c78b6bd1b9cb38f4891da069cfdfae862a7fe81186f79cac276dc8eaecbf6d05e62c93e29d73858eff007c6ba149e76c345367e99fc8a8eeb2f1e4aabf2536956c78910e93390ea1b57c73eab150ae94079b506bf94b443ebf7b93936b05049458aa63dd74989b153acfe84774e3a29c4e0f6c9e13866acc6f86a6f2bbdb426203505dc7703860ed0fa4ac43de09d5d4b7ee71c05deab6ffddde6f17f797bd5c5724fba9dad797e2960d16e17dcd58b45fea85336d5f95fc6e2727ed4b582b9f851fa46683f46c0b68b0e0cddc65695bb44fb90c5de781ba8edd606227cd719fbfe245ca96cc73485b4f82481edcf78682f13cf89ff6487fb6d21d0f388a372547f065e591041b0e3f971c47ed7861066ca55afbc8049f685b5dbaba96634e74477b88da8f3381269630846cc97111992e5a82b18fe001093c2cae687ae1a02c2edda199de3fa2dadf7d4843f25780ac610ebeef6a2978147383f756f10425c17be1ca42e07ccf32a49cc3aa97c6e1ee8e8f1b0a0317f04a7e7ae3f3e7284a59d81d21312e6cd5822b04e521096dc2b15db97e1a0325a032cd97cf73009b85bbdcb56359c3362b957bc8d1c95bdc994d5c983be0c9a723faf9a8953774c9b4d037063f584781f12c06b9dc35d742d9c4fb72615cb788526b3398674fcaeac9d9583fa7f66513d7b34999ff18f671af9644e65560d5d3209687dc5daf43311e70f99b20b1cc06d92737662a23a37000c4aed9eba97471ced0ca469739fe1987083cbb873b2a3936afc9c56e4e581c1bb31549225041e22a617f44d59bf17043550d2de40ea9ea8f28e9e98285a891be0ac771c0145907b9cdf628726a497edc4738cde078baa31e023114edc635a08b4f4063f350397d28f7a06d86b06905cbc81a2171b87e89a5ef4afbe6843ccf957eac3f06c1f9d65b877410afa4473f022f29eec7115312c655af418281c4ae308c562d205ca40775ea100f5b3cce6071f2f8bf76af7965bd5dcae1ef0a1a166502e0a4a552dfb14d60b2adab971119a5dd15593ad1941875620fdfdb4658a0bf80c8ca0005e01b12b591b9b0f6afb3cd06ba3f8f2f386cb6b7a39ebedb7d9be57e5a7ece8e106102474f5e53767cce0f85e353406e9de07d3680ab13749e68753c58f5c8e422abf4c48d2a28951ccabcdb955b13b81db42a85b1018df478e8f6c5464a268305f26a46fa07f8bb10dfb605fb2d5752187416f864126f5fe3aa8449ed93c8a97d590b7a60eccf832a8414d3cbc93d8284bba3bf2825d950217a9ef9229cd200998092e11cf9646066dcfbc35c4dd9e5009bb13a04bd53a1fbc7ec643de8dd323bcc263ad9a6977386e96fab6d217001d9743a1987d3b9f203b04eff8114ca79c66aaf3bd8add5d733656f3e1f02d5d3bfb434786497ceb504d3ca029693743ef7344b42fadf53dbe1dd5b9c352b23c33c0cb08d7d62820cd349012a9ff62059d75b67af5f39d532a4316b1d849ad7160f018d09012b942bb855930bf844aff8f6f04cb1cfe8fade5f6741ce7b00ec2df7fa5e3d5d8c421f07cb6000c1ebbbe88c3d4bb2620fb1d0259758f06067fbf38ade19a1ac252a9c2b11a465dfe6d6cbc4e744e13ffc4b6e796ab3c10474cef3e2b309d53fce3a289f46372a1ced197f65ae1c2204fdc1cac064d0ab2707aa7ceb29a87bcb9e7f0cf124e7c3341c6132edba69a76277289d1fd80f25311e6198d559ce584fc66dcc131239b00f6071aa7e026cdb860e8323f7ce786920f3cd48036c5afa37be3211a6c8e41c7e26c3cfaa1a3ca988133c16f50703f4f15ea5c850be89fa847c60178a116ab2ca5688c8cbb1f7c09dd99f516c443bfae915a699be94b931914e44f0490a334bc12aedb6c75d6140b6adc2a5445d33a865331643106b535b91aa2e527e1fe80a987b05cd480aaff0f60e83f2d2d4d21b40511bf45542f5ef5021ea2e6b0b15b36e2ff60c548c266800009ba66a3a9787b81f5474ab411ec58c5271ead6eea70bb6cc59f19ed67897ff676456f25b21cc8530a636348f34ce2491f13ab2b72917f64e8bb06e566fa383c3598feca82ae3f18c6f7aa703b3cdbad2d60c48a421fcb8f9c7def1e1d32e441e4a975128e504794de3f56522c29401605ea59e96c89b05f3f366c8964d76f39c1f98eea28c4069570bc46a5b554166dcb538dee26b41ddce90e09476f863a11bf0e701fabdd8d33a58623c06cb7e9457cba201bb43bd0eb48f6c046dd091df66267756b849534d96feac6bfcd5c6d88562c7790f60c93cd9710d775bae4d3ae4860f30dabc1e35bc3f41d9f8972c53791a563cd4fe721160aaf24fbdf2542926538f60d6289a4d4545060de2962894952b53fcfe4690cc68174a65f8f2edad8630d05218bc220ba3fa51ebfd14d52442866b22525ce3b7411832747f4196ddd66117d20ba78a7ff141158f88f71cc8ad5f85a1900d09c9c7573362ece4f2ca05404f76fc65267187ecaa92fbb613fd7f46e9dd885301f293cc48a48245c692c32a1f0a6f42efa2b070df8f7112191572a811bcd665c15dcb8af87ed403b8b88f7ad411ed079c5f3f67663963ce47290fe804f93baacc3945e5d764a9e2528c187ac3717a2464b0dbfc93d85e6708501178cd403bd5c7791165a8c7a8a55ed9149c58ce7c045128e1a1c1cb015632ca9bfc10219b8c8674be840af3d1b93505f2cb869a78cee888b7fa688708ee83a36d179c9a9322e9c43afc0d636f224dd5563a70b12fa7abc3e3ac27b6b8538398dcd9afef3a22559e1170425b9aed0ae4a7355940f56e9c34d2356e756a6f92b7c804cc22e7be16b975fe95a2b5f1f81c6453cac03818c5281e3c037481b171443bf0173e1d071cf3ca788b810a92b57b62d63945ff55d93199ca00d8d850695783feddd73486383d2d60df35ff1495dc6f0295b9e7b9574dcc4631fc31a2bd8b8e9bc27833e9c096271e58470d92136673a6392cde4024191d3b4af9263de4b2ebbd195a39152958a442c52926d55ba46fa9676fcd7b3e1f84d5d0041de90c3b8e4c7a3a3abee220b8c13538c465f74eba82fe0bde7360c1cd20c011be504e8cd195cc41de35dd9c1824fed6589acdeacae46d55e3e66f80c2e768093935fad2371eb47f11f9e38434f0238265068d681feb0989ac585811de534a3bf3c74184fefd712e3f677ffcdec5852b67be99b80b5764a34a820c5cfe7b0b7738de858d47b750c906c8e52e4068a1fb676f5ff7750b4230fa4013bfed1b648995e0b6f701cef88ca1e20c1b4acc3f801a6f2e3fb99bd0e87fbe062a7e43ef682d1bdd423cf4a326c6f0831fa4ffa81ee1236cc3cbde12bede595a4783d1b054fd209092ad5d84c180e032b8e665dfcc3eedcfa7dc0ac8889c28b8d9c983d1363b3feace4d81663ed58ed90aaa7d54a508d6a19cb5635d6742d71d22871ffb99070c8e0636be7b39b6abaca5a6a48469f310dd66079506476543e6b899abfd5d3e60eade639725a92bab6080e66baf10af970f0f6f90ed30846321c425f6bc25d998d02865300da41632cd1695e8461bf428cd334f8598eafd27f037f7474d8e1aeb6206cfa8f2f8c5334746590bdf7b9a85b3dcc8b7697f70b18cc8da671f5a4eeb083bd025fb7d5350df252f3076ff77a0c45e2c5b0eeefa3d17df50b941a9f0ac27f64486bdb8a795777b2814e6a5592537419607b4dc3e8c19a15ba8742ad05268a8b3e31c30c6fa4d24c00e53bbe7b39bf269e7a283165a12cb82e73eb71da84553a5bae2fd0fd466e63aa9b9d14bd11c59d0e23a4df72cdca651db7a8647c5612f3778dc9050026d4440e067092b1a7202ad6feb5a79dac5c9e0f09eaba7d7c2c82420ef405c8f9c8afa5fd5243299045a88", @typed={0xc, 0x72, @u64=0x3}, @generic="ca27ee6684da865b2f808bd0e68bab633beb1876f49b3756fa056c43b49fc91cc7761fdac4085cf51da528e8d62ceb3dfed6df35b40a2ec21518b19458ebfa7c377a795336c1b8feea8461dc542727daaea8d6ab61bd787a6b6ac6b825c35c9e894d557a3af6a5d6e5a9688965324ea92a083ab3f276f7348c1e83dfb37ff9e7d0bba523ba590afda3dc992f4adeb3f6131770daba3b402497e99c9eab9dc06173446623755d97c26858264be7feee75a261bb15ffe5292911e6ec2913594e7408013e7a4b81a6fafa5baab4892d0d4937baeaab4af016f1356429bbad206032316b3bac92ab2fbfbd", @nested={0x1c, 0x6d, [@generic="69650ecc9510631c6751dbee09dc81fe747562ab5c"]}, @typed={0x8, 0x11, @pid=r8}]}, 0x1690}, {&(0x7f0000002040)={0x204, 0x15, 0x20, 0x70bd27, 0x25dfdbfb, "", [@nested={0xd0, 0x28, [@generic="c0a3c87be7adbbde9a185cb77523c31d3205b957347fc4daa3c2f7a6bf96609294ec7448f488867546b1313df264ff95cb9034db40a1ef3c81fa4b81d6af26a436bb7b376266406c31ec94c12958f1c8a16b1b03af73666750ffea6bb7240e8a60fcd8f9cf506e827d03c616d96b58044d412b85ab2d4af6339127f90fcf6b0c246aaa600250478e571ba7291b24caae135c3d102a7afdb538d00bff6aac1c18c5ae160703b648c64d7815936d77da85", @typed={0x8, 0x35, @ipv4=@remote}, @typed={0x14, 0x1c, @ipv6=@loopback}, @generic]}, @typed={0xc, 0x6a, @u64=0x9}, @generic="c9ec608a2051ff1c858d348116cc5c8efc8bde6767c5d813cddc2410c0bc56908dbd897d85f50a6d4f04ca030b934d240c51e5a9cc81835effb1460f9b2262749eb7e7f5ae9403bdb01d9320983bcf3ef9", @typed={0x8, 0x8d, @fd=r6}, @generic="4e0d275b978de86bf87b72d9168125f08c280d97ef60bafd21b6f76edde093a3f2a593abaeb9ce1cc892f6b2574912c80d7864d621ebc6af23", @generic="1ca6e8bc73a89cfb83d4e269808fd4afb368fde9a9895c852e524abfa3639130bdf66a49b125a4ccf7bdf9f8f110332441ebd86f731030965348bac3636e787a471c6c3bab10d7fbc59e266ddcb89afc16a5ce60b424cd20ae8a0af5d9c4ac3c177a7b54df4ac04b38db57c731d8da3999354d5a5d68ba21c5b4dcff207db7bea0bcc3"]}, 0x204}, {&(0x7f0000002280)={0x1184, 0x1e, 0x400, 0x70bd27, 0x25dfdbfc, "", [@nested={0x10e0, 0x5e, [@generic="b902530ea8ab6e6e20ac1e82c86c2106d7ba85b75c57697eb50e8edb4c4c026886f43c25aef39802677ab69da0afa5bc8c590398c0db8a0105e05c9f215ec59d9ea42abb7aabffaa1ab66fcbebd3d520c7767732edd4bfb337fa36b37fb2236c4dff0a92ec9aedb19a00fb189f729e5bd0769eefeaf7352b600cacd389063bdac6f8702a2757dd724ffdbebf5f6514f5bfa78ba93bd759dec854a5dda9b79b5d3ec9e8c99a6f01c2e94354caec68986164c8460dd96087ae349c8bbaae75a039c7fd83a5d197fc0865e415e6efb304410354374e6d1d655cd2673ddd7a8b1627806d07670a3b759b2b332441dea969d19ca43e1249d1c9ca66f7347c611894905f7a0eb0e1afce1363e9519b50336a0f3e03a3637af9755acfabcd7082e5f1ae3b59d15113eb53f55d1d7653b45f1ade8d97b5f87b3e81558be400aca70effa9878f6597e5e5e8dce7afaddd23805e77e3ad404d1eef4ab691106503cfa984f2b4e80eb2012ccd0d54fdfddafbb368b47bb8a86bcc3aa8150c328ee48497ed1135e6f8c4e0762043c24f6d66d0abbc3349a3d804ce1afc701efeb68ddb27f70aa717f19d72484fbeb4e93f6c8ccd0f11e05a6fd1850e179dbe6d1737346cf76d10183043f782eae43463efd67a52d8316a84f3eeee83bca0d55da20fdfe0c43866443f0fbee02e95f326b0f8a0def98fa2c78a73a2b64b4c96f0d24aaeba6103ceb34a0c72fef696eb14813f723bdd41cd77f48a04c1fa8e5f9bc5a963810b4549d738f0bdd762307b9460aa6fa262a96cdc1694b01ba8103e181d55972c46d5643f108b1e37dddba826c6a20803583db82e136f9fa76b9f8945fc15b730e0177937bbe9f98c5e6a63b0922e70f1b05cad399f6a096bab831be2d84927fd1ceea9b8de565f643d0f8fc3cf2f9329547a6a397fb89f6a7826241eee8ec596485bd7735f53b0cdc416278ecaa261b148bf801f4ade7231fc87b8eb9dbe1fb0395d11eaed5b6b73c0b29eb985b7a9d3c8c8e4af081b3b2cae4af0e03679dcb62c9f2adbaf1b45ccf60c9e941d0174f3d684dff1ee7ae618bef6e9980359af3b3b37588b9025e2a4783590ebbbbeb2461cc6cb14c1236dfaad2a3376cf30b41274a43e501dc52100c95f727481b45d67c30f998026a50e23333497b972da3586c9e217734320cf25b6d3446259fcfe00fee37aa2515a5ce70243d2dda227bb9d94b7b7c6def51e6ebbce88dbe14c4822401f1a1d9a35e26ee62d1531201514629fecb57e8ab3555d6108a091358ca942dcaa855eb05a95e0b9c9f48f6f763e92d3db09d0d0649d87465fd5d1fc120e230d2c0818c07d42fa8456268d92994ce5a4fca78ed14c0b403f5084b5c698728765b515b955b9951388cce42c9d094f97e5feafdc73e8915b6f719a5d47072499e9764202df7d35423d140a5421f9296cfe7e9bd08f60c336d673df29049027bf4d1b92c75c1634fa4236a2a822f02baab42ddefc58b8a557dee18d234d4a828d44de29323f0b49dea19fbd14846195219f2954d990e4863cb8265b48b112b92f156caaa2e6e6d71b724dc416ad07b75f04cc96c4afc358527eee58541c146398de612eab50e3b618fc1a6a4e8544ce546789f7530e580d459e62c175dc90b7770b0cc8cb123bcefe6da021bee6cdb8f01741e996e9cf9272bb62efba32787a96d08b0a1c3f6f0c0927d0a4d2e7b442ef3a8763c401b909a064e806b9bc028bfc41513546f9dbb8b6c35a325dffed968e760f6df30fb41dd3231890b45c3133a41150372e9513530981939089eb0d9e6df4c0e9a2558f4bf95865a3d4f783aa712b7f9de6af0192bfbe8f5f7ce82341601c5e067f22c88af4ace0f02860ccc3f37299dce61793e554a2cec1c49d2900af2c6ebad94d85d83fea3f34da16f9556ba57f1a425477fd4432a2bf5ea2614ef4676ef73bc8c98a4f50033880d5604ed326cfe058e71cbe057cb2652784d127d73c1db24b7172e480786f8fec02e2ac9163010a1df91c7b417a361c335011168159237f0cece26185d2b2037bbae4ceb7d391e33af146b794b68e4092e2ed150e4d8851e9115edec7d8b0ac861f30d6830e55a4fefae428f0ce7a1927ced0642ae8f7d0c0fa4f381abf64ec68e9a82f7339fc6e1e4da595d79c17a7ff2a9ac4067f1a200793339b996857658c9bfa30ab99fdd9aa1f988acf507ff3356e43684f6ed20d6e33bb41d110424425155aaba71532175b39b8db12c0910d8e32af63a9f1227650cea9ef54c53c2c09cbc1c3e9256f71995682c71654f59456d33f6553ea414fa9a217aed3b811cbc4efc9219b0ffa355452fcc3cc86f3ac5a70000a030004cc39118d749de70ad6b272075e6bb6664ff157ba50861f3584134d97034bbab8da9b027f583468d57ece4609402ced04c566f2c3fdd4d296c8b0827144d283695592fe4a9836830ee35ca64586f46f7c33a2ccc776dae242fe31caed853e0d05a9b2560729c7528ff0f5b785477036b1c2e3fcc94ea6bae022d335a29946b4229358eddf17503a8cd1da78a53095918a375f779f3cc26a0d294d41dee96b32fdc1da642939efb75638af37f940aaa1a4190749ec71052c429f4413ace922b682262710578bfe2b514569c0655375f929500b6422b271e856c51716692fb8aa0f11c629a27c1f7cf7ca8cd97eb190d28728ffab34d76c63188eb4e8312a3ef9167a581cdcf06fad771b0c2634f47d9dddebe4cdf6e1166ba9ce73dc72b68bd9703f9d7730fa3ac654109a0ca203a9cad5fa2e12ffc48bd62733212f94fda89be43f8d307d134ed70b179d10d1456aa264c23cafbc4f15e8e836682ecd1dc31222c8a514b148ef4a712e0013767ee93f1723a2ced248a3fd6ec34107ce06a193b6bdafc55d4e2058bd5bddb704596cd8975d849ea574cedf7a1eb4c78eb47e1de37348be556615731794487d1761f8c1d7fbbbbf8d190769d07e06809c2329a2716513578206316918ab89ed421f221e24a173cda52f2816d3507004846bd3901930e33effbc1bc84de361124715c9b583b9315fb371cc9f6f2c38d042cd1f63e0f65bbaed06e7aea73ea40e94d840701171b311f8efb100ba054ebc8adde59f132dba8dbc4aa75398b29a35a05bdbfb4a0a961f3e474e305aaae3d972f6edea1a7f9c45c0d37d9ca2ec23ea502f0da2d038918af34999418465879e1bd5466f6e9dd3c92359371fbf9aa86f8c39d4296114205f65376825ce857c9817c239a119b225222706b0787c3c094a48fbf4a6591cb072c33221b7216dde4ffcd6dcd62e2a5bce36dbf7ddc2d7c5f94e8224fb508640103430485871485e3603556efd6a8952c2e8546c975ac6358cc80c5ada645461dca529c0118cece12b8689d444b17c8e53e5f669b4e8adc915341afd5ec779a8827bc22629f29a243ffbb248c6765e1e5a99a22923d71f643210ec6fc47de840472cf332294eec5150f8b68fc39639820a9cf71a024624c6b31000d60ff01e92dc3f2d33fd19afc804645806ea0c1133389c5ec346fae783628b02c974121a2ad11d2c36952b56d455148e29241c29556d7b63f6115d908cbc929872235a536ac9ab3ac5e0ee32771a2518124568ff8b515a9ffdbc3569911f9bc08d0f9b48c525e6b2dcd8ac9d6c9e48f096d8e5e74c2d86110a2ccebf7eb094677941986bd9181e4bc4e0132a059217119546c4f59bf159247aba87725cd5b5ec9486200d58240b8c51da5a9bcd04936a9f1098141abf2bc6827d6d69a4e585f2626ba1361b33c8b3d5e4d29c7557c9b337e0d21037fee991353dbd3b183ba0f37420c1321eab74a00cfaa1de9f00563a8ee029903fc24d5d5c4bd5d8d993701ad4b4640a06283ac50ded53b6284b1fe491f040d35d91985bf680e07ac20f1a2d0d8aa43e71e7aa69fd337233b7c52faa66a96a6ed518d704dbded3cf65682d55ff3b96cf3a4d5d2c64b117ab4c179a7838855114e02714538e5d928967177600135d4ffe1fc998a9d058661943031688aba88e388e86f8634f7fc5d088bdcd569267117771407720538e92565d9985dad6e8df6b35fd72556b837abc9a92cceb3af75ae4550029c149493f030b7398ee8eae39462f7f2abc04ce1764e615ff8710f82d4987ddf14d7da4eb4bb8a0bc62c89096fd04510fbf9098bb9796c3daeeae886712216c2e32e9a7861c711b910ff1dea913f50600e03766c0d76b680cb015f3358a6de4ec0e6fe937b6045f1d445f8631f25deb1ea479f59b1ccc5d651d425869e856d953be84e81b04b9bdc263f384e9c3990a8ad38cd552d765c8b29e6ee391abb5010b092e2aca24205e1fbd18957518dad744772faad6dd5f5d18708728a4e3f020554750a70d5b8ecb6f7deb206f8337bb285cefca3fe97bce06dffdbdc2b90aabb32ef97bd699259d4cf77aae9066e5eca36e31b11e1f12ef32f8fe313b4935e03838355ab6f2d7bfaade30a2f6e536b0a0277d7eb2d023a63426fe2af6ff6b15320795b16b83032f059560f6df7a770deffb794c636afc4d0835a361fb6f16229dd49fa4c3c12aadd46f34727d02047a90a9ec711ae2f22608269612eb0238009252ba92028edbfed2acc1ad08504a99ab6e8cdc53db9b89527fb001bc4c26269ff4884c92107395109cfe1569a0e6406b89fc422333405ab13683b5b6076f0daa96cd2eb3f2d7bc02417f9874d16d035e68550302a4b89078f3727ca07b40159c51658260ff287f41a961c7fc0275897b4bc73121cf6ba8f97d07905ee06ae124269062fdf7afab796d89682c97d1e1af8e0dcc4b3b0253f24b32107ecbb44219071f485c6b36ac676b7e4f461b714933c696c8e41d094dc0bd3c80a115afcf59707fe498f6d4392fdfce8d628485647981865a81f340d08598fd726d51baee2e43890ca3c1048227df1d82cd306d887809581a605d53f6990f668e57d3022e3bd9f22b7525568a1596d4cf581b8162bd9720d2f7e8a3db86e2a4eef78f2d3be6281277280b7c57ec1a0f46ffc19e36e52f8c44e428d34e83bf2465278a0c15735530835e944ed16aa3152cc9ab0e6fede2fd8d051f5ae36c1735b523e1b55a12cd518cb90703d5d4d87aa36ffd675fb91647009f2c5c8e9d8401cab053dcc8480034e336db8d2e0ced01f153f7ebf5b4b1fbe23962c0614ae8501b13e299ddebddb9d8f16b9a22100ae1a82959a2f8ba48b1f625bcc84e1def932333373bc691846da42472e978cbacdeac03d8d0d82b483abfce13c4db192d9d91466d30389372fd5cf4a6908cc800478ed9533d5e5c5ff4a82bb5b1377a261058cc0210a5c0ae630e0c371cfdd5c9b25c748d83a255b957a5fc98cc8ab013c0cbcec430b46952498b55fa17a971e7d984686e9d1d37607576e22459848c8f7c0bb615e43b0a85d34f050fd5a8bdb831a2682c059cbe5fc64a6551bb56f800b5012e01aca1c1a875001ce11e2d8f2ec53d056d7b61c89eaaa4685590555585da36ef962306544262d91013c26d2a9b996b6b969347524542571676363f658fa2b8f8c205968b81e0afd5111ec2a3c980c4ec81e5f74540e0bc7ca9fc1215828681236a6e3e4a1fcb12f54e3c0af87eb69025a8c0b71259b58f748f1be3f5d33c3c8d6eb9f5febbaa37b67dbe3e48a296c928184edfc7a03e4898f7fa82d8fb11c5598d9556657ca85114626219a2f97656743e4b446b5776472c1585ddbb124a5371245cdc12d59df09cd1d2fb6a7fa023505428aa36f0adca7f96cb9d426e5947d6235ccb61c16c1838e6a78063aa12493b", @typed={0xbc, 0x27, @binary="244788766a5b4076b18b3c6fbcdcd0edcccf0e1cb0646938e17a6de8c0bca40f341cbccd33a8628adb16d2b0e4ac7c7064cbd9f88ecc0936e0864701e461462c4f01c1f678ac079d82c8a1ec6548a0e27bbc6c630632f278890fe5cf2ff48bdad87fa3a6a2dbf8c596cc9ac37f7fd0eb9026f67e8bc9275592206a3f52dcd98efa4966e3027108b8463ceb6b01be27d0f7c48f3478636ea7fa9ee49a77df092699bda9abc1f539bd80782fb332190a8db9a33a1ffb8650"}, @typed={0x8, 0x7c, @ipv4=@dev={0xac, 0x14, 0x14, 0xd}}, @generic="8e508999be4d2c42fc88254d946b0361aceb290810"]}, @generic="8cbb1c334da1711023949e89fc329a1481b92b556998ceea1d22a77402df4b4cc95e0aa871ad6bca56db386981bb16fa0db1face5787d43c478ce4ad989ed34d65cdbc826dd06800692d8be9b9852b6a51e0c2ff52f8f70969390cec6f82eedcc9d78f0a308c56d78d1ffe5ef269eefb146a6664cd2df3a8bc40a0977ceb6d10", @typed={0x14, 0x91, @ipv6=@ipv4={[], [], @loopback}}]}, 0x1184}, {&(0x7f0000003440)={0xac, 0x2e, 0x2, 0x70bd27, 0x25dfdbff, "", [@typed={0x10, 0x54, @str='/dev/hwrng\x00'}, @typed={0x8, 0x7, @u32=0x59b}, @typed={0x8, 0x34, @ipv4=@multicast1}, @generic="9d3df4d9af452f8d143ac7a58d3ad16f6a29681c49e7a9ffbfc542524e6716367e696f2ad5f88423c5d64bbce638fb44cf844be8c29ff58ebfd23800de60535c5b7be6986b92fb8faf4f55c02f6be735d3a67efa3103bf1b1dcb761d979035b581f09dc3f1a711ed82bdf2df73d6208697bef358a738b10c85d0"]}, 0xac}], 0x6, &(0x7f0000003680)=[@cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}, @rights={{0x14, 0x1, 0x1, [r0]}}], 0x38, 0x10}, 0x4004) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:12 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x360, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:12 executing program 4: syz_emit_ethernet(0x0, 0x0, 0x0) 22:54:12 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:12 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x60000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1198.958743][ T9121] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9121,uid=0 [ 1198.974147][ T9121] Memory cgroup out of memory: Killed process 9121 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB 22:54:13 executing program 4: syz_emit_ethernet(0x0, &(0x7f0000000040)=ANY=[], 0x0) 22:54:13 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:13 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x361, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:13 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x65580000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:13 executing program 4: syz_emit_ethernet(0x0, &(0x7f0000000040)=ANY=[], 0x0) 22:54:13 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:14 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:14 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000080)=0x0) ioctl$VIDIOC_S_STD(r1, 0x40085618, &(0x7f0000000180)=r6) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000340)) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000440)={0x87, @broadcast, 0x4e23, 0x4, 'dh\x00', 0x3a, 0x20, 0x64}, 0x2c) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:14 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x68000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:14 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:14 executing program 4: syz_emit_ethernet(0x0, &(0x7f0000000040)=ANY=[], 0x0) 22:54:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x362, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:14 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) 22:54:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x363, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:14 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) 22:54:14 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x6c000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x364, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:15 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4) r6 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) ioctl$SG_GET_RESERVED_SIZE(r6, 0x2272, &(0x7f0000000180)) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:15 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3f9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:15 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) 22:54:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x365, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x366, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1202.350562][ T9271] IPVS: ftp: loaded support on port[0] = 21 [ 1202.509752][ T9271] chnl_net:caif_netlink_parms(): no params data found [ 1202.543236][ T684] device bridge_slave_1 left promiscuous mode [ 1202.549696][ T684] bridge0: port 2(bridge_slave_1) entered disabled state [ 1202.605699][ T684] device bridge_slave_0 left promiscuous mode [ 1202.611894][ T684] bridge0: port 1(bridge_slave_0) entered disabled state [ 1204.765030][ T684] device hsr_slave_0 left promiscuous mode [ 1204.820898][ T684] device hsr_slave_1 left promiscuous mode [ 1204.875804][ T684] team0 (unregistering): Port device team_slave_1 removed [ 1204.889954][ T684] team0 (unregistering): Port device team_slave_0 removed [ 1204.901544][ T684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1204.930921][ T684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1205.003411][ T684] bond0 (unregistering): Released all slaves [ 1205.096821][ T9271] bridge0: port 1(bridge_slave_0) entered blocking state [ 1205.104083][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state [ 1205.112147][ T9271] device bridge_slave_0 entered promiscuous mode [ 1205.119875][ T9271] bridge0: port 2(bridge_slave_1) entered blocking state [ 1205.127035][ T9271] bridge0: port 2(bridge_slave_1) entered disabled state [ 1205.135221][ T9271] device bridge_slave_1 entered promiscuous mode [ 1205.156575][ T9271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1205.174866][ T9271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1205.197321][ T9271] team0: Port device team_slave_0 added [ 1205.205026][ T9271] team0: Port device team_slave_1 added [ 1205.256592][ T9271] device hsr_slave_0 entered promiscuous mode [ 1205.294254][ T9271] device hsr_slave_1 entered promiscuous mode [ 1205.344082][ T9271] debugfs: Directory 'hsr0' with parent '/' already present! [ 1205.461284][ T9271] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1205.486669][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1205.499281][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1205.507522][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1205.518882][ T9271] 8021q: adding VLAN 0 to HW filter on device team0 [ 1205.558101][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1205.566907][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1205.575585][ T2624] bridge0: port 1(bridge_slave_0) entered blocking state [ 1205.582648][ T2624] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1205.590363][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1205.599105][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1205.607616][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state [ 1205.614812][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1205.623290][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1205.632151][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1205.641940][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1205.650567][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1205.667788][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1205.682100][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1205.700403][ T9271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1205.731540][ T9271] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1206.046395][ T9279] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1206.056854][ T9279] CPU: 1 PID: 9279 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1206.064404][ T9279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.074460][ T9279] Call Trace: [ 1206.077765][ T9279] dump_stack+0x16f/0x1f0 [ 1206.082105][ T9279] dump_header+0x10b/0x831 [ 1206.086535][ T9279] oom_kill_process.cold+0x10/0x15 [ 1206.091657][ T9279] out_of_memory+0x79a/0x12d0 [ 1206.096344][ T9279] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1206.101987][ T9279] ? cgroup_file_notify+0x140/0x1b0 [ 1206.107202][ T9279] ? oom_killer_disable+0x280/0x280 [ 1206.112419][ T9279] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1206.117977][ T9279] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1206.123625][ T9279] ? cgroup_file_notify+0x140/0x1b0 [ 1206.128837][ T9279] memory_max_write+0x262/0x3a0 [ 1206.133699][ T9279] ? mem_cgroup_write+0x360/0x360 [ 1206.138734][ T9279] ? lock_acquire+0x20b/0x400 [ 1206.143425][ T9279] cgroup_file_write+0x307/0x790 [ 1206.148378][ T9279] ? mem_cgroup_write+0x360/0x360 [ 1206.153410][ T9279] ? cgroup_show_path+0x590/0x590 [ 1206.158463][ T9279] ? cgroup_show_path+0x590/0x590 [ 1206.163493][ T9279] kernfs_fop_write+0x2b8/0x480 [ 1206.168380][ T9279] __vfs_write+0x8a/0x110 [ 1206.172714][ T9279] ? kernfs_fop_open+0xd80/0xd80 [ 1206.177663][ T9279] vfs_write+0x268/0x5d0 [ 1206.181917][ T9279] ksys_write+0x14f/0x290 [ 1206.186254][ T9279] ? __ia32_sys_read+0xb0/0xb0 [ 1206.191020][ T9279] ? do_syscall_64+0x26/0x6a0 [ 1206.195702][ T9279] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1206.201773][ T9279] ? do_syscall_64+0x26/0x6a0 [ 1206.206460][ T9279] __x64_sys_write+0x73/0xb0 [ 1206.211055][ T9279] do_syscall_64+0xfd/0x6a0 [ 1206.215578][ T9279] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1206.221471][ T9279] RIP: 0033:0x459829 [ 1206.225369][ T9279] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1206.244978][ T9279] RSP: 002b:00007f25bbfcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1206.253394][ T9279] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1206.261371][ T9279] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1206.269365][ T9279] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1206.277347][ T9279] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f25bbfcf6d4 [ 1206.285322][ T9279] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1206.293517][ T9279] memory: usage 5200kB, limit 0kB, failcnt 597938 [ 1206.303446][ T9279] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1206.310609][ T9279] Memory cgroup stats for /syz0: [ 1206.311588][ T9279] anon 4255744 [ 1206.311588][ T9279] file 106496 [ 1206.311588][ T9279] kernel_stack 65536 [ 1206.311588][ T9279] slab 724992 [ 1206.311588][ T9279] sock 0 [ 1206.311588][ T9279] shmem 0 [ 1206.311588][ T9279] file_mapped 0 [ 1206.311588][ T9279] file_dirty 0 [ 1206.311588][ T9279] file_writeback 0 [ 1206.311588][ T9279] anon_thp 4194304 [ 1206.311588][ T9279] inactive_anon 0 [ 1206.311588][ T9279] active_anon 4255744 [ 1206.311588][ T9279] inactive_file 0 [ 1206.311588][ T9279] active_file 0 [ 1206.311588][ T9279] unevictable 0 [ 1206.311588][ T9279] slab_reclaimable 270336 [ 1206.311588][ T9279] slab_unreclaimable 454656 [ 1206.311588][ T9279] pgfault 74448 [ 1206.311588][ T9279] pgmajfault 0 [ 1206.311588][ T9279] workingset_refault 0 [ 1206.311588][ T9279] workingset_activate 0 [ 1206.311588][ T9279] workingset_nodereclaim 0 [ 1206.311588][ T9279] pgrefill 46 [ 1206.311588][ T9279] pgscan 46 [ 1206.311588][ T9279] pgsteal 0 [ 1206.311588][ T9279] pgactivate 0 [ 1206.406110][ T9279] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9278,uid=0 [ 1206.422981][ T9279] Memory cgroup out of memory: Killed process 9278 (syz-executor.0) total-vm:72576kB, anon-rss:4228kB, file-rss:35808kB, shmem-rss:0kB [ 1206.443174][ T1058] oom_reaper: reaped process 9278 (syz-executor.0), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 22:54:21 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:21 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00080600010800060400"], 0x0) 22:54:21 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3fa, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:21 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x74000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:21 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x367, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:21 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1206.850237][ T9271] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1206.860290][ T9271] CPU: 1 PID: 9271 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1206.867844][ T9271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.877901][ T9271] Call Trace: [ 1206.881205][ T9271] dump_stack+0x16f/0x1f0 [ 1206.885548][ T9271] dump_header+0x10b/0x831 [ 1206.889977][ T9271] ? oom_kill_process+0x94/0x3c0 [ 1206.894930][ T9271] oom_kill_process.cold+0x10/0x15 [ 1206.900051][ T9271] out_of_memory+0x79a/0x12d0 [ 1206.904826][ T9271] ? lock_downgrade+0x920/0x920 [ 1206.909685][ T9271] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1206.915490][ T9271] ? oom_killer_disable+0x280/0x280 [ 1206.920677][ T9271] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1206.926215][ T9271] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1206.931833][ T9271] ? do_raw_spin_unlock+0x57/0x270 [ 1206.936928][ T9271] ? _raw_spin_unlock+0x23/0x30 [ 1206.941777][ T9271] try_charge+0x1053/0x1430 [ 1206.946297][ T9271] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1206.951853][ T9271] ? percpu_ref_tryget_live+0x104/0x270 [ 1206.957418][ T9271] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1206.962998][ T9271] mem_cgroup_try_charge+0x136/0x590 [ 1206.968283][ T9271] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1206.973909][ T9271] wp_page_copy+0x27c/0x1380 [ 1206.978498][ T9271] ? find_held_lock+0x35/0x130 [ 1206.983251][ T9271] ? pmd_pfn+0x1d0/0x1d0 [ 1206.987477][ T9271] ? lock_downgrade+0x920/0x920 [ 1206.992340][ T9271] ? swp_swapcount+0x520/0x520 [ 1206.997277][ T9271] ? __kasan_check_read+0x11/0x20 [ 1207.002303][ T9271] ? do_raw_spin_unlock+0x57/0x270 [ 1207.007433][ T9271] do_wp_page+0x499/0x14d0 [ 1207.011868][ T9271] ? finish_mkwrite_fault+0x570/0x570 [ 1207.017241][ T9271] __handle_mm_fault+0x2120/0x3ce0 [ 1207.022363][ T9271] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1207.027900][ T9271] ? handle_mm_fault+0x294/0xa90 [ 1207.032847][ T9271] ? handle_mm_fault+0x675/0xa90 [ 1207.037775][ T9271] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1207.043057][ T9271] handle_mm_fault+0x3bb/0xa90 [ 1207.047818][ T9271] __do_page_fault+0x536/0xdd0 [ 1207.052577][ T9271] do_page_fault+0x38/0x536 [ 1207.057083][ T9271] page_fault+0x39/0x40 [ 1207.061219][ T9271] RIP: 0033:0x430906 [ 1207.065093][ T9271] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1207.084682][ T9271] RSP: 002b:00007fffd7deb080 EFLAGS: 00010206 [ 1207.090726][ T9271] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1207.098862][ T9271] RDX: 00005555561ee930 RSI: 00005555561f6970 RDI: 0000000000000003 [ 1207.106834][ T9271] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555561ed940 [ 1207.114786][ T9271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1207.122740][ T9271] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1207.130814][ T9271] memory: usage 816kB, limit 0kB, failcnt 597946 [ 1207.137201][ T9271] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1207.144223][ T9271] Memory cgroup stats for /syz0: [ 1207.144338][ T9271] anon 0 [ 1207.144338][ T9271] file 106496 [ 1207.144338][ T9271] kernel_stack 65536 [ 1207.144338][ T9271] slab 724992 [ 1207.144338][ T9271] sock 0 [ 1207.144338][ T9271] shmem 0 [ 1207.144338][ T9271] file_mapped 0 [ 1207.144338][ T9271] file_dirty 0 [ 1207.144338][ T9271] file_writeback 0 [ 1207.144338][ T9271] anon_thp 0 [ 1207.144338][ T9271] inactive_anon 0 [ 1207.144338][ T9271] active_anon 0 [ 1207.144338][ T9271] inactive_file 0 [ 1207.144338][ T9271] active_file 0 [ 1207.144338][ T9271] unevictable 0 [ 1207.144338][ T9271] slab_reclaimable 270336 [ 1207.144338][ T9271] slab_unreclaimable 454656 [ 1207.144338][ T9271] pgfault 74448 [ 1207.144338][ T9271] pgmajfault 0 [ 1207.144338][ T9271] workingset_refault 0 [ 1207.144338][ T9271] workingset_activate 0 [ 1207.144338][ T9271] workingset_nodereclaim 0 [ 1207.144338][ T9271] pgrefill 46 [ 1207.144338][ T9271] pgscan 46 [ 1207.144338][ T9271] pgsteal 0 [ 1207.144338][ T9271] pgactivate 0 [ 1207.144338][ T9271] pgdeactivate 46 [ 1207.240484][ T9271] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9271,uid=0 [ 1207.255939][ T9271] Memory cgroup out of memory: Killed process 9271 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB 22:54:21 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00080600010800060400"], 0x0) 22:54:21 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3fb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:21 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x368, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1207.438920][ T9297] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 22:54:21 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x7a000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:22 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00080600010800060400"], 0x0) 22:54:22 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x369, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:22 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:22 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3fc, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:22 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:22 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff"], 0x0) 22:54:22 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000005c0)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000080), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:22 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x81000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:22 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff"], 0x0) 22:54:22 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:22 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3fd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:23 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff"], 0x0) 22:54:23 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x3fe, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x88a8ffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:23 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100"], 0x0) 22:54:23 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x9) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:23 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x402, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100"], 0x0) 22:54:23 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:23 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x403, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1210.055607][ T9399] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1210.895145][ T684] device bridge_slave_1 left promiscuous mode [ 1210.901354][ T684] bridge0: port 2(bridge_slave_1) entered disabled state [ 1210.935476][ T684] device bridge_slave_0 left promiscuous mode [ 1210.941692][ T684] bridge0: port 1(bridge_slave_0) entered disabled state [ 1212.958870][ T684] device hsr_slave_0 left promiscuous mode [ 1213.014693][ T684] device hsr_slave_1 left promiscuous mode [ 1213.065121][ T684] team0 (unregistering): Port device team_slave_1 removed [ 1213.078888][ T684] team0 (unregistering): Port device team_slave_0 removed [ 1213.091071][ T684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1213.120642][ T684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1213.203230][ T684] bond0 (unregistering): Released all slaves [ 1213.305015][ T9432] IPVS: ftp: loaded support on port[0] = 21 [ 1213.388357][ T9432] chnl_net:caif_netlink_parms(): no params data found [ 1213.420338][ T9432] bridge0: port 1(bridge_slave_0) entered blocking state [ 1213.427494][ T9432] bridge0: port 1(bridge_slave_0) entered disabled state [ 1213.435718][ T9432] device bridge_slave_0 entered promiscuous mode [ 1213.443364][ T9432] bridge0: port 2(bridge_slave_1) entered blocking state [ 1213.450561][ T9432] bridge0: port 2(bridge_slave_1) entered disabled state [ 1213.458454][ T9432] device bridge_slave_1 entered promiscuous mode [ 1213.538183][ T9432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1213.555556][ T9432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1213.598746][ T9432] team0: Port device team_slave_0 added [ 1213.612124][ T9432] team0: Port device team_slave_1 added [ 1213.797419][ T9432] device hsr_slave_0 entered promiscuous mode [ 1213.944468][ T9432] device hsr_slave_1 entered promiscuous mode [ 1214.204062][ T9432] debugfs: Directory 'hsr0' with parent '/' already present! [ 1214.235508][ T9432] bridge0: port 2(bridge_slave_1) entered blocking state [ 1214.242664][ T9432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1214.250105][ T9432] bridge0: port 1(bridge_slave_0) entered blocking state [ 1214.257398][ T9432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1214.312727][ T9432] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1214.329682][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1214.339130][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 1214.347866][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 1214.369780][ T9432] 8021q: adding VLAN 0 to HW filter on device team0 [ 1214.381298][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1214.390254][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1214.399371][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1214.406493][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1214.425781][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1214.434925][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1214.443954][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state [ 1214.451045][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1214.474401][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1214.483335][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1214.504077][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1214.512898][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1214.521696][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1214.530570][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1214.539293][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1214.547892][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1214.556386][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1214.565039][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1214.574461][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1214.585020][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1214.614989][ T9432] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1214.877984][ T9440] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1214.888470][ T9440] CPU: 0 PID: 9440 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1214.896042][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1214.906139][ T9440] Call Trace: [ 1214.909448][ T9440] dump_stack+0x16f/0x1f0 [ 1214.913825][ T9440] dump_header+0x10b/0x831 [ 1214.918266][ T9440] oom_kill_process.cold+0x10/0x15 [ 1214.923417][ T9440] out_of_memory+0x79a/0x12d0 [ 1214.928134][ T9440] ? cgroup_file_notify+0x140/0x1b0 [ 1214.933357][ T9440] ? oom_killer_disable+0x280/0x280 [ 1214.938670][ T9440] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1214.944246][ T9440] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1214.949903][ T9440] ? cgroup_file_notify+0x140/0x1b0 [ 1214.955111][ T9440] memory_max_write+0x262/0x3a0 [ 1214.959978][ T9440] ? mem_cgroup_write+0x360/0x360 [ 1214.965013][ T9440] ? lock_acquire+0x20b/0x400 [ 1214.969832][ T9440] cgroup_file_write+0x307/0x790 [ 1214.974787][ T9440] ? mem_cgroup_write+0x360/0x360 [ 1214.979807][ T9440] ? cgroup_show_path+0x590/0x590 [ 1214.984832][ T9440] ? cgroup_show_path+0x590/0x590 [ 1214.989852][ T9440] kernfs_fop_write+0x2b8/0x480 [ 1214.994704][ T9440] __vfs_write+0x8a/0x110 [ 1214.999036][ T9440] ? kernfs_fop_open+0xd80/0xd80 [ 1215.004121][ T9440] vfs_write+0x268/0x5d0 [ 1215.008400][ T9440] ksys_write+0x14f/0x290 [ 1215.012753][ T9440] ? __ia32_sys_read+0xb0/0xb0 [ 1215.017526][ T9440] ? do_syscall_64+0x26/0x6a0 [ 1215.022216][ T9440] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1215.028281][ T9440] ? do_syscall_64+0x26/0x6a0 [ 1215.032995][ T9440] __x64_sys_write+0x73/0xb0 [ 1215.037618][ T9440] do_syscall_64+0xfd/0x6a0 [ 1215.042166][ T9440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1215.048103][ T9440] RIP: 0033:0x459829 [ 1215.052012][ T9440] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1215.071629][ T9440] RSP: 002b:00007f53c95f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1215.080083][ T9440] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1215.088258][ T9440] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1215.096372][ T9440] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1215.104446][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53c95f56d4 [ 1215.112455][ T9440] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1215.120677][ T9440] memory: usage 5172kB, limit 0kB, failcnt 597947 [ 1215.127450][ T9440] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1215.134588][ T9440] Memory cgroup stats for /syz0: [ 1215.135376][ T9440] anon 4251648 [ 1215.135376][ T9440] file 106496 [ 1215.135376][ T9440] kernel_stack 65536 [ 1215.135376][ T9440] slab 724992 [ 1215.135376][ T9440] sock 0 [ 1215.135376][ T9440] shmem 0 [ 1215.135376][ T9440] file_mapped 0 [ 1215.135376][ T9440] file_dirty 0 [ 1215.135376][ T9440] file_writeback 0 [ 1215.135376][ T9440] anon_thp 4194304 [ 1215.135376][ T9440] inactive_anon 0 [ 1215.135376][ T9440] active_anon 4251648 [ 1215.135376][ T9440] inactive_file 0 [ 1215.135376][ T9440] active_file 0 [ 1215.135376][ T9440] unevictable 0 [ 1215.135376][ T9440] slab_reclaimable 270336 [ 1215.135376][ T9440] slab_unreclaimable 454656 [ 1215.135376][ T9440] pgfault 74514 [ 1215.135376][ T9440] pgmajfault 0 [ 1215.135376][ T9440] workingset_refault 0 [ 1215.135376][ T9440] workingset_activate 0 [ 1215.135376][ T9440] workingset_nodereclaim 0 [ 1215.135376][ T9440] pgrefill 46 [ 1215.135376][ T9440] pgscan 46 [ 1215.135376][ T9440] pgsteal 0 [ 1215.135376][ T9440] pgactivate 0 [ 1215.230323][ T9440] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9438,uid=0 [ 1215.245959][ T9440] Memory cgroup out of memory: Killed process 9438 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1215.262948][ T1058] oom_reaper: reaped process 9438 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1215.617882][ T9432] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1215.627960][ T9432] CPU: 0 PID: 9432 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1215.635511][ T9432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1215.645659][ T9432] Call Trace: [ 1215.648961][ T9432] dump_stack+0x16f/0x1f0 [ 1215.653301][ T9432] dump_header+0x10b/0x831 [ 1215.657720][ T9432] ? oom_kill_process+0x94/0x3c0 [ 1215.662672][ T9432] oom_kill_process.cold+0x10/0x15 [ 1215.667804][ T9432] out_of_memory+0x79a/0x12d0 [ 1215.672669][ T9432] ? lock_downgrade+0x920/0x920 [ 1215.677540][ T9432] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1215.683364][ T9432] ? oom_killer_disable+0x280/0x280 [ 1215.688586][ T9432] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1215.694146][ T9432] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1215.699804][ T9432] ? do_raw_spin_unlock+0x57/0x270 [ 1215.704984][ T9432] ? _raw_spin_unlock+0x23/0x30 [ 1215.709854][ T9432] try_charge+0x1053/0x1430 [ 1215.714387][ T9432] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1215.719954][ T9432] ? percpu_ref_tryget_live+0x104/0x270 [ 1215.725533][ T9432] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1215.731095][ T9432] mem_cgroup_try_charge+0x136/0x590 [ 1215.736396][ T9432] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1215.742220][ T9432] wp_page_copy+0x27c/0x1380 [ 1215.746832][ T9432] ? find_held_lock+0x35/0x130 [ 1215.751615][ T9432] ? pmd_pfn+0x1d0/0x1d0 [ 1215.755878][ T9432] ? lock_downgrade+0x920/0x920 [ 1215.760744][ T9432] ? swp_swapcount+0x520/0x520 22:54:30 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:30 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100"], 0x0) 22:54:30 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x404, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:30 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x36f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x9effffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:30 executing program 1: r0 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0xfffffffffffffff9, 0x80000) r1 = openat$cgroup_ro(r0, &(0x7f0000000600)='c\xf7l\xb7\xe0q9\x02\x80\xcd\x17g\xd2\x1c\xb1puack\x9e\xe9B\x12\x01N', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r1, 0x3ff, 0x6, r1}) 22:54:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xc3ffffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1215.765524][ T9432] ? __kasan_check_read+0x11/0x20 [ 1215.770559][ T9432] ? do_raw_spin_unlock+0x57/0x270 [ 1215.775688][ T9432] do_wp_page+0x499/0x14d0 [ 1215.780121][ T9432] ? finish_mkwrite_fault+0x570/0x570 [ 1215.785520][ T9432] __handle_mm_fault+0x2120/0x3ce0 [ 1215.790653][ T9432] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1215.796222][ T9432] ? handle_mm_fault+0x294/0xa90 [ 1215.801185][ T9432] ? handle_mm_fault+0x675/0xa90 [ 1215.806192][ T9432] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1215.811489][ T9432] handle_mm_fault+0x3bb/0xa90 22:54:30 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100000000"], 0x0) [ 1215.816275][ T9432] __do_page_fault+0x536/0xdd0 [ 1215.821058][ T9432] do_page_fault+0x38/0x536 [ 1215.825584][ T9432] page_fault+0x39/0x40 [ 1215.829747][ T9432] RIP: 0033:0x4034f2 [ 1215.833646][ T9432] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8d 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 42 05 00 48 [ 1215.853260][ T9432] RSP: 002b:00007ffd22269b60 EFLAGS: 00010246 [ 1215.859336][ T9432] RAX: 0000000000000000 RBX: 0000000000128969 RCX: 0000000000413430 [ 1215.867329][ T9432] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffd2226ac90 [ 1215.875316][ T9432] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000555555b89940 [ 1215.883295][ T9432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2226ac90 [ 1215.891273][ T9432] R13: 00007ffd2226ac80 R14: 0000000000000000 R15: 00007ffd2226ac90 [ 1215.899696][ T9432] memory: usage 792kB, limit 0kB, failcnt 597955 [ 1215.906089][ T9432] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1215.906095][ T9432] Memory cgroup stats for /syz0: [ 1215.906198][ T9432] anon 0 [ 1215.906198][ T9432] file 106496 [ 1215.906198][ T9432] kernel_stack 0 [ 1215.906198][ T9432] slab 724992 [ 1215.906198][ T9432] sock 0 [ 1215.906198][ T9432] shmem 0 [ 1215.906198][ T9432] file_mapped 0 [ 1215.906198][ T9432] file_dirty 0 [ 1215.906198][ T9432] file_writeback 0 [ 1215.906198][ T9432] anon_thp 0 [ 1215.906198][ T9432] inactive_anon 0 [ 1215.906198][ T9432] active_anon 0 [ 1215.906198][ T9432] inactive_file 0 [ 1215.906198][ T9432] active_file 0 [ 1215.906198][ T9432] unevictable 0 [ 1215.906198][ T9432] slab_reclaimable 270336 [ 1215.906198][ T9432] slab_unreclaimable 454656 [ 1215.906198][ T9432] pgfault 74514 [ 1215.906198][ T9432] pgmajfault 0 [ 1215.906198][ T9432] workingset_refault 0 [ 1215.906198][ T9432] workingset_activate 0 [ 1215.906198][ T9432] workingset_nodereclaim 0 [ 1215.906198][ T9432] pgrefill 46 [ 1215.906198][ T9432] pgscan 46 [ 1215.906198][ T9432] pgsteal 0 [ 1215.906198][ T9432] pgactivate 0 [ 1215.906198][ T9432] pgdeactivate 46 22:54:30 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x370, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1215.906217][ T9432] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9432,uid=0 [ 1215.906299][ T9432] Memory cgroup out of memory: Killed process 9432 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB 22:54:30 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100000000"], 0x0) 22:54:30 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x405, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:30 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:54:31 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f00000100000000"], 0x0) 22:54:31 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x371, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:31 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x406, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xf0ffffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:31 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f0000010000000000"], 0x0) 22:54:31 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x407, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000700)={0x44, &(0x7f0000000680)=""/68}) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000d40)=ANY=[@ANYBLOB="6d616e676c650000000000000023eb9c2b634e7b991c745cc2000000001f00000000000000000000000000001f00000006000000480500000000000000b0040000b0040000b0040000b0040000b004000006000000", @ANYPTR=&(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/96], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000003000616800000000000000000000000000000000000000000000000000000000080000000300000001000000000000002800434845434b53554d000000000000000000000000000000000000000000000100000000000000ffffffffffffffffff0000ff000000006772657461703000000000000000000069703665727370616e30000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000110003440000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000a00000000000000280045434e000000000000000000000000000000000000000000000000000000010000000000000080000001ac1414aaff000000ffffff0079616d30000000000000000000000000726f7365300000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000002900014800000000000000000000000000009800c0000000000000000000000000000000000000000000000000002800434845434b53554d00000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00040010000000000000000000000000000000000000000000000002000736f636b6574000000000000000000000000000000000000000000000000280069636d70000000000000000000000000000000000000000000000000000011fe0001000000006000434c55535445524950000000000000000000000000000000000000000000010000000180c200000e4f000a0009000e0017001900240037000a001a003900210039003b003c0000001d00270000000200000007000000ffffff7f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003974019e000000000000009800d80000000000000000000000000000000000000000000000000040005450524f585900000000000000000000000000000000000000000000000100800000d792ffffff0100000000000000000000000000014e21000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x5a8) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f00000005c0)={0x0, @in={{0x2, 0x4e20, @local}}}, &(0x7f0000000180)=0x84) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000001c0)={r6}, 0x8) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$SIOCAX25OPTRT(r0, 0x89e7, &(0x7f0000000080)={@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2, 0x56}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000340)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:31 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:31 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x372, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x408, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f0000010000000000"], 0x0) 22:54:31 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x373, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040002ff000001ffffffffffff7f0000010000000000"], 0x0) 22:54:31 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x374, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:31 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x409, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:32 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfcffffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:32 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:32 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x375, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:32 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x0, 0x0, 0x5fd, 0x3f, 0x101, 0x0, 0x4, 0x5, 0x9, 0x0, 0x1, 0x5, 0x7, 0x3b, 0x3, 0x2], 0x4000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1219.305213][ T109] device bridge_slave_1 left promiscuous mode [ 1219.311438][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1219.354726][ T109] device bridge_slave_0 left promiscuous mode [ 1219.360884][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1221.406528][ T109] device hsr_slave_0 left promiscuous mode [ 1221.444858][ T109] device hsr_slave_1 left promiscuous mode [ 1221.494507][ T109] team0 (unregistering): Port device team_slave_1 removed [ 1221.508080][ T109] team0 (unregistering): Port device team_slave_0 removed [ 1221.520017][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1221.589193][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1221.686699][ T109] bond0 (unregistering): Released all slaves [ 1221.774778][ T9588] IPVS: ftp: loaded support on port[0] = 21 [ 1221.858008][ T9588] chnl_net:caif_netlink_parms(): no params data found [ 1221.897013][ T9588] bridge0: port 1(bridge_slave_0) entered blocking state [ 1221.904157][ T9588] bridge0: port 1(bridge_slave_0) entered disabled state [ 1221.912124][ T9588] device bridge_slave_0 entered promiscuous mode [ 1221.922531][ T9588] bridge0: port 2(bridge_slave_1) entered blocking state [ 1221.929711][ T9588] bridge0: port 2(bridge_slave_1) entered disabled state [ 1221.937466][ T9588] device bridge_slave_1 entered promiscuous mode [ 1221.961718][ T9588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1221.973365][ T9588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1222.048693][ T9588] team0: Port device team_slave_0 added [ 1222.059400][ T9588] team0: Port device team_slave_1 added [ 1222.167255][ T9588] device hsr_slave_0 entered promiscuous mode [ 1222.294390][ T9588] device hsr_slave_1 entered promiscuous mode [ 1222.344070][ T9588] debugfs: Directory 'hsr0' with parent '/' already present! [ 1222.377953][ T9588] bridge0: port 2(bridge_slave_1) entered blocking state [ 1222.385130][ T9588] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1222.392526][ T9588] bridge0: port 1(bridge_slave_0) entered blocking state [ 1222.399691][ T9588] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1222.477051][ T9588] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1222.501127][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1222.516283][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state [ 1222.530584][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 1222.554317][ T9588] 8021q: adding VLAN 0 to HW filter on device team0 [ 1222.567547][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1222.576157][ T9832] bridge0: port 1(bridge_slave_0) entered blocking state [ 1222.583227][ T9832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1222.623546][ T9588] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1222.634018][ T9588] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1222.654227][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1222.662901][ T9832] bridge0: port 2(bridge_slave_1) entered blocking state [ 1222.670053][ T9832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1222.681109][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1222.690061][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1222.698741][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1222.707390][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1222.725276][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1222.733257][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1222.754112][ T9588] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1223.003908][ T9597] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1223.015158][ T9597] CPU: 0 PID: 9597 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1223.022730][ T9597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1223.032819][ T9597] Call Trace: [ 1223.036189][ T9597] dump_stack+0x16f/0x1f0 [ 1223.040567][ T9597] dump_header+0x10b/0x831 [ 1223.045124][ T9597] oom_kill_process.cold+0x10/0x15 [ 1223.050457][ T9597] out_of_memory+0x79a/0x12d0 [ 1223.055202][ T9597] ? cgroup_file_notify+0x140/0x1b0 [ 1223.060714][ T9597] ? oom_killer_disable+0x280/0x280 [ 1223.066109][ T9597] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1223.071761][ T9597] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1223.077574][ T9597] ? cgroup_file_notify+0x140/0x1b0 [ 1223.082830][ T9597] memory_max_write+0x262/0x3a0 [ 1223.087733][ T9597] ? mem_cgroup_write+0x360/0x360 [ 1223.092971][ T9597] ? lock_acquire+0x190/0x400 [ 1223.097683][ T9597] ? kernfs_fop_write+0x227/0x480 [ 1223.102776][ T9597] cgroup_file_write+0x307/0x790 [ 1223.107786][ T9597] ? mem_cgroup_write+0x360/0x360 [ 1223.112854][ T9597] ? cgroup_show_path+0x590/0x590 [ 1223.118135][ T9597] ? cgroup_show_path+0x590/0x590 [ 1223.123196][ T9597] kernfs_fop_write+0x2b8/0x480 [ 1223.128103][ T9597] __vfs_write+0x8a/0x110 [ 1223.132461][ T9597] ? kernfs_fop_open+0xd80/0xd80 [ 1223.137436][ T9597] vfs_write+0x268/0x5d0 [ 1223.141720][ T9597] ksys_write+0x14f/0x290 [ 1223.146091][ T9597] ? __ia32_sys_read+0xb0/0xb0 [ 1223.150983][ T9597] ? do_syscall_64+0x26/0x6a0 [ 1223.155689][ T9597] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1223.161793][ T9597] ? do_syscall_64+0x26/0x6a0 [ 1223.166511][ T9597] __x64_sys_write+0x73/0xb0 [ 1223.171278][ T9597] do_syscall_64+0xfd/0x6a0 [ 1223.175825][ T9597] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1223.181746][ T9597] RIP: 0033:0x459829 [ 1223.185672][ T9597] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1223.205872][ T9597] RSP: 002b:00007f5495b9ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1223.214318][ T9597] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1223.222474][ T9597] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1223.230807][ T9597] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1223.239166][ T9597] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5495b9f6d4 [ 1223.247536][ T9597] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1223.293794][ T9597] memory: usage 5156kB, limit 0kB, failcnt 597956 [ 1223.301283][ T9597] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1223.308874][ T9597] Memory cgroup stats for /syz0: [ 1223.309437][ T9597] anon 4370432 [ 1223.309437][ T9597] file 106496 [ 1223.309437][ T9597] kernel_stack 65536 [ 1223.309437][ T9597] slab 724992 [ 1223.309437][ T9597] sock 0 [ 1223.309437][ T9597] shmem 0 [ 1223.309437][ T9597] file_mapped 0 [ 1223.309437][ T9597] file_dirty 0 [ 1223.309437][ T9597] file_writeback 0 [ 1223.309437][ T9597] anon_thp 4194304 [ 1223.309437][ T9597] inactive_anon 0 [ 1223.309437][ T9597] active_anon 4370432 [ 1223.309437][ T9597] inactive_file 0 [ 1223.309437][ T9597] active_file 0 [ 1223.309437][ T9597] unevictable 0 [ 1223.309437][ T9597] slab_reclaimable 270336 [ 1223.309437][ T9597] slab_unreclaimable 454656 [ 1223.309437][ T9597] pgfault 74580 [ 1223.309437][ T9597] pgmajfault 0 [ 1223.309437][ T9597] workingset_refault 0 [ 1223.309437][ T9597] workingset_activate 0 [ 1223.309437][ T9597] workingset_nodereclaim 0 [ 1223.309437][ T9597] pgrefill 46 [ 1223.309437][ T9597] pgscan 46 [ 1223.309437][ T9597] pgsteal 0 [ 1223.309437][ T9597] pgactivate 0 [ 1223.411806][ T9597] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9594,uid=0 [ 1223.428388][ T9597] Memory cgroup out of memory: Killed process 9594 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1223.446404][ T1058] oom_reaper: reaped process 9594 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1223.629174][ T9588] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1223.639625][ T9588] CPU: 0 PID: 9588 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1223.647197][ T9588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1223.657365][ T9588] Call Trace: [ 1223.660992][ T9588] dump_stack+0x16f/0x1f0 [ 1223.665351][ T9588] dump_header+0x10b/0x831 [ 1223.669801][ T9588] ? oom_kill_process+0x94/0x3c0 22:54:38 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:38 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") syncfs(r0) r2 = socket$inet(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000800)="24000000210007031dfffd946fa2830020200a000000003fa61d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, 0x0) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000100), 0x4) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) fremovexattr(0xffffffffffffffff, 0x0) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{0x0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) fstatfs(0xffffffffffffffff, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 22:54:38 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x376, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:38 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:38 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000001c0), &(0x7f0000000340)=0xfffffffffffffece) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = pkey_alloc(0x0, 0x2) pkey_free(r4) 22:54:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xffffa888}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1223.674887][ T9588] oom_kill_process.cold+0x10/0x15 [ 1223.680376][ T9588] out_of_memory+0x79a/0x12d0 [ 1223.685415][ T9588] ? lock_downgrade+0x920/0x920 [ 1223.690498][ T9588] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1223.696517][ T9588] ? oom_killer_disable+0x280/0x280 [ 1223.701768][ T9588] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1223.707568][ T9588] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1223.714111][ T9588] ? do_raw_spin_unlock+0x57/0x270 [ 1223.719634][ T9588] ? _raw_spin_unlock+0x23/0x30 [ 1223.724741][ T9588] try_charge+0x1053/0x1430 [ 1223.729297][ T9588] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1223.735420][ T9588] ? percpu_ref_tryget_live+0x104/0x270 [ 1223.741128][ T9588] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1223.746711][ T9588] mem_cgroup_try_charge+0x136/0x590 [ 1223.752310][ T9588] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1223.758577][ T9588] wp_page_copy+0x27c/0x1380 [ 1223.763478][ T9588] ? find_held_lock+0x35/0x130 [ 1223.768896][ T9588] ? pmd_pfn+0x1d0/0x1d0 [ 1223.773641][ T9588] ? lock_downgrade+0x920/0x920 [ 1223.778896][ T9588] ? swp_swapcount+0x520/0x520 [ 1223.784034][ T9588] ? __kasan_check_read+0x11/0x20 [ 1223.789548][ T9588] ? do_raw_spin_unlock+0x57/0x270 [ 1223.795160][ T9588] do_wp_page+0x499/0x14d0 [ 1223.799799][ T9588] ? finish_mkwrite_fault+0x570/0x570 [ 1223.805216][ T9588] __handle_mm_fault+0x2120/0x3ce0 [ 1223.810468][ T9588] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1223.816131][ T9588] ? handle_mm_fault+0x294/0xa90 [ 1223.821387][ T9588] ? handle_mm_fault+0x675/0xa90 22:54:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfffff000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1223.826603][ T9588] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1223.832089][ T9588] handle_mm_fault+0x3bb/0xa90 [ 1223.837312][ T9588] __do_page_fault+0x536/0xdd0 [ 1223.842116][ T9588] do_page_fault+0x38/0x536 [ 1223.846957][ T9588] page_fault+0x39/0x40 [ 1223.851454][ T9588] RIP: 0033:0x430906 [ 1223.855493][ T9588] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1223.875646][ T9588] RSP: 002b:00007ffe7a440640 EFLAGS: 00010206 [ 1223.882094][ T9588] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1223.890679][ T9588] RDX: 00005555570a5930 RSI: 00005555570ad970 RDI: 0000000000000003 [ 1223.898774][ T9588] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555570a4940 [ 1223.907171][ T9588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1223.915348][ T9588] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1223.924382][ T9588] memory: usage 772kB, limit 0kB, failcnt 597964 [ 1223.931365][ T9588] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1223.938653][ T9588] Memory cgroup stats for /syz0: [ 1223.938768][ T9588] anon 57344 [ 1223.938768][ T9588] file 106496 [ 1223.938768][ T9588] kernel_stack 65536 [ 1223.938768][ T9588] slab 724992 [ 1223.938768][ T9588] sock 0 [ 1223.938768][ T9588] shmem 0 [ 1223.938768][ T9588] file_mapped 0 [ 1223.938768][ T9588] file_dirty 0 [ 1223.938768][ T9588] file_writeback 0 [ 1223.938768][ T9588] anon_thp 0 [ 1223.938768][ T9588] inactive_anon 0 [ 1223.938768][ T9588] active_anon 57344 [ 1223.938768][ T9588] inactive_file 0 [ 1223.938768][ T9588] active_file 0 [ 1223.938768][ T9588] unevictable 0 [ 1223.938768][ T9588] slab_reclaimable 270336 [ 1223.938768][ T9588] slab_unreclaimable 454656 [ 1223.938768][ T9588] pgfault 74580 [ 1223.938768][ T9588] pgmajfault 0 [ 1223.938768][ T9588] workingset_refault 0 [ 1223.938768][ T9588] workingset_activate 0 [ 1223.938768][ T9588] workingset_nodereclaim 0 [ 1223.938768][ T9588] pgrefill 46 [ 1223.938768][ T9588] pgscan 46 [ 1223.938768][ T9588] pgsteal 0 [ 1223.938768][ T9588] pgactivate 0 [ 1223.943991][ T9588] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9588,uid=0 [ 1223.944087][ T9588] Memory cgroup out of memory: Killed process 9588 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1224.066782][ T1058] oom_reaper: reaped process 9588 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 22:54:38 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x377, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:38 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:38 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x378, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:38 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x379, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xffffff7f}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:39 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x405006e52b) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:54:39 executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, 0x0) 22:54:39 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x40f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:39 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:39 executing program 4: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000800)="24000000420007031dfffd946fa2830020200ae800000000a61d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 22:54:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xffffff9e}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:39 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x410, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:40 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20ncci\x00', 0xa2000, 0x0) getpeername$unix(r1, &(0x7f00000025c0), &(0x7f0000000500)=0x6e) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x5, @loopback, 0x6}}, 0x24) listen(r2, 0x9) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000140)) readv(r0, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/246, 0xf6}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/136, 0x88}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/67, 0x43}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000300)=""/111, 0x6f}, {&(0x7f0000000380)=""/39, 0x27}, {&(0x7f00000003c0)=""/29, 0x1d}], 0xa) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000580)=@add_del={0x3, &(0x7f0000000540)='ip6erspan0z\x00'}) 22:54:40 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x411, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:40 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:54:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xffffffc3}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:40 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x412, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1227.775363][ T109] device bridge_slave_1 left promiscuous mode [ 1227.782072][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.834824][ T109] device bridge_slave_0 left promiscuous mode [ 1227.841364][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1229.904566][ T109] device hsr_slave_0 left promiscuous mode [ 1229.944209][ T109] device hsr_slave_1 left promiscuous mode [ 1229.992212][ T109] team0 (unregistering): Port device team_slave_1 removed [ 1230.006016][ T109] team0 (unregistering): Port device team_slave_0 removed [ 1230.019533][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1230.061202][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1230.151401][ T109] bond0 (unregistering): Released all slaves [ 1230.242817][ T9777] IPVS: ftp: loaded support on port[0] = 21 [ 1230.337202][ T9777] chnl_net:caif_netlink_parms(): no params data found [ 1230.424395][ T9777] bridge0: port 1(bridge_slave_0) entered blocking state [ 1230.431756][ T9777] bridge0: port 1(bridge_slave_0) entered disabled state [ 1230.440515][ T9777] device bridge_slave_0 entered promiscuous mode [ 1230.456980][ T9777] bridge0: port 2(bridge_slave_1) entered blocking state [ 1230.464485][ T9777] bridge0: port 2(bridge_slave_1) entered disabled state [ 1230.472610][ T9777] device bridge_slave_1 entered promiscuous mode [ 1230.505571][ T9777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1230.519958][ T9777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1230.550183][ T9777] team0: Port device team_slave_0 added [ 1230.559706][ T9777] team0: Port device team_slave_1 added [ 1230.748390][ T9777] device hsr_slave_0 entered promiscuous mode [ 1230.834451][ T9777] device hsr_slave_1 entered promiscuous mode [ 1230.894172][ T9777] debugfs: Directory 'hsr0' with parent '/' already present! [ 1230.933181][ T9777] bridge0: port 2(bridge_slave_1) entered blocking state [ 1230.940343][ T9777] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1230.947815][ T9777] bridge0: port 1(bridge_slave_0) entered blocking state [ 1230.955591][ T9777] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.043192][ T9777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1231.061336][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1231.071977][ T9832] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.094265][ T9832] bridge0: port 2(bridge_slave_1) entered disabled state [ 1231.114134][ T9777] 8021q: adding VLAN 0 to HW filter on device team0 [ 1231.133063][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1231.142325][ T9832] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.150833][ T9832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.159214][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1231.168254][ T9832] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.176427][ T9832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1231.202032][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1231.227010][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1231.235498][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1231.244169][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1231.259490][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1231.268514][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1231.281840][ T9777] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1231.311621][ T9777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1231.584601][ T9795] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1231.601791][ T9795] CPU: 1 PID: 9795 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1231.610131][ T9795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1231.621972][ T9795] Call Trace: [ 1231.625930][ T9795] dump_stack+0x16f/0x1f0 [ 1231.630694][ T9795] dump_header+0x10b/0x831 [ 1231.635898][ T9795] oom_kill_process.cold+0x10/0x15 [ 1231.641431][ T9795] out_of_memory+0x79a/0x12d0 [ 1231.646395][ T9795] ? retint_kernel+0x10/0x10 [ 1231.651149][ T9795] ? oom_killer_disable+0x280/0x280 [ 1231.656455][ T9795] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1231.662209][ T9795] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1231.668114][ T9795] ? cgroup_file_notify+0x140/0x1b0 [ 1231.673884][ T9795] memory_max_write+0x262/0x3a0 [ 1231.679274][ T9795] ? mem_cgroup_write+0x360/0x360 [ 1231.685009][ T9795] ? cgroup_file_write+0x86/0x790 [ 1231.694497][ T9795] cgroup_file_write+0x307/0x790 [ 1231.703334][ T9795] ? mem_cgroup_write+0x360/0x360 [ 1231.708388][ T9795] ? cgroup_show_path+0x590/0x590 [ 1231.714026][ T9795] ? cgroup_show_path+0x590/0x590 [ 1231.719083][ T9795] kernfs_fop_write+0x2b8/0x480 [ 1231.724299][ T9795] __vfs_write+0x8a/0x110 [ 1231.728756][ T9795] ? kernfs_fop_open+0xd80/0xd80 [ 1231.734222][ T9795] vfs_write+0x268/0x5d0 [ 1231.738700][ T9795] ksys_write+0x14f/0x290 [ 1231.743802][ T9795] ? __ia32_sys_read+0xb0/0xb0 [ 1231.748982][ T9795] ? do_syscall_64+0x26/0x6a0 [ 1231.753855][ T9795] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1231.760686][ T9795] ? do_syscall_64+0x26/0x6a0 [ 1231.765858][ T9795] __x64_sys_write+0x73/0xb0 [ 1231.772419][ T9795] do_syscall_64+0xfd/0x6a0 [ 1231.777461][ T9795] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1231.784621][ T9795] RIP: 0033:0x459829 [ 1231.788918][ T9795] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1231.811686][ T9795] RSP: 002b:00007fb746dc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1231.823486][ T9795] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1231.833195][ T9795] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1231.843176][ T9795] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1231.853131][ T9795] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb746dc86d4 [ 1231.862543][ T9795] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1231.874011][ T9795] memory: usage 5160kB, limit 0kB, failcnt 597965 [ 1231.881307][ T9795] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1231.888612][ T9795] Memory cgroup stats for /syz0: [ 1231.889630][ T9795] anon 4317184 [ 1231.889630][ T9795] file 106496 [ 1231.889630][ T9795] kernel_stack 65536 [ 1231.889630][ T9795] slab 724992 [ 1231.889630][ T9795] sock 0 [ 1231.889630][ T9795] shmem 0 [ 1231.889630][ T9795] file_mapped 0 [ 1231.889630][ T9795] file_dirty 0 [ 1231.889630][ T9795] file_writeback 0 [ 1231.889630][ T9795] anon_thp 4194304 [ 1231.889630][ T9795] inactive_anon 0 [ 1231.889630][ T9795] active_anon 4317184 [ 1231.889630][ T9795] inactive_file 0 [ 1231.889630][ T9795] active_file 0 [ 1231.889630][ T9795] unevictable 0 [ 1231.889630][ T9795] slab_reclaimable 270336 [ 1231.889630][ T9795] slab_unreclaimable 454656 [ 1231.889630][ T9795] pgfault 74646 [ 1231.889630][ T9795] pgmajfault 0 [ 1231.889630][ T9795] workingset_refault 0 [ 1231.889630][ T9795] workingset_activate 0 [ 1231.889630][ T9795] workingset_nodereclaim 0 [ 1231.889630][ T9795] pgrefill 46 [ 1231.889630][ T9795] pgscan 46 [ 1231.889630][ T9795] pgsteal 0 [ 1231.889630][ T9795] pgactivate 0 [ 1232.003811][ T9795] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9792,uid=0 [ 1232.023798][ T9795] Memory cgroup out of memory: Killed process 9792 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1232.043309][ T1058] oom_reaper: reaped process 9792 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:54:46 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:46 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1232.464838][ T9777] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1232.475193][ T9777] CPU: 0 PID: 9777 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1232.483261][ T9777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1232.493744][ T9777] Call Trace: [ 1232.497073][ T9777] dump_stack+0x16f/0x1f0 [ 1232.501539][ T9777] dump_header+0x10b/0x831 [ 1232.506072][ T9777] ? oom_kill_process+0x94/0x3c0 [ 1232.511115][ T9777] oom_kill_process.cold+0x10/0x15 [ 1232.516927][ T9777] out_of_memory+0x79a/0x12d0 [ 1232.521746][ T9777] ? lock_downgrade+0x920/0x920 [ 1232.526798][ T9777] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1232.532888][ T9777] ? oom_killer_disable+0x280/0x280 [ 1232.538158][ T9777] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1232.544154][ T9777] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1232.550439][ T9777] ? do_raw_spin_unlock+0x57/0x270 [ 1232.556416][ T9777] ? _raw_spin_unlock+0x23/0x30 [ 1232.563153][ T9777] try_charge+0x1053/0x1430 [ 1232.567844][ T9777] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1232.573615][ T9777] ? percpu_ref_tryget_live+0x104/0x270 [ 1232.579675][ T9777] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1232.585768][ T9777] mem_cgroup_try_charge+0x136/0x590 [ 1232.591466][ T9777] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1232.597502][ T9777] __handle_mm_fault+0x1c63/0x3ce0 [ 1232.603416][ T9777] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1232.609177][ T9777] ? handle_mm_fault+0x294/0xa90 [ 1232.614462][ T9777] ? handle_mm_fault+0x675/0xa90 [ 1232.619991][ T9777] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1232.625304][ T9777] handle_mm_fault+0x3bb/0xa90 [ 1232.630489][ T9777] __do_page_fault+0x536/0xdd0 [ 1232.635681][ T9777] do_page_fault+0x38/0x536 [ 1232.640217][ T9777] page_fault+0x39/0x40 [ 1232.644740][ T9777] RIP: 0033:0x42fd7c [ 1232.648781][ T9777] Code: 83 c0 17 41 55 41 54 55 53 48 89 c5 48 83 e5 f0 48 89 fb 48 81 ec 98 00 00 00 48 83 f8 20 b8 20 00 00 00 48 0f 42 e8 48 85 ff <48> 89 74 24 08 0f 84 3a 08 00 00 48 3b 2d ea 51 64 00 77 70 89 ef [ 1232.670248][ T9777] RSP: 002b:00007ffc302c8f90 EFLAGS: 00010202 [ 1232.677577][ T9777] RAX: 0000000000000020 RBX: 0000000000715640 RCX: 0000000000458b94 [ 1232.686751][ T9777] RDX: 00007ffc302c9080 RSI: 0000000000008030 RDI: 0000000000715640 [ 1232.695119][ T9777] RBP: 0000000000008040 R08: 0000000000000001 R09: 0000555556c4c940 [ 1232.703469][ T9777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc302ca260 22:54:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfffffff0}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:46 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x413, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:46 executing program 1: openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x80, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/autofs\x00', 0x100, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) openat$cgroup_ro(r1, &(0x7f00000001c0)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) tee(r1, r1, 0x8, 0xe) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f00000005c0)) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:54:46 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20ncci\x00', 0xa2000, 0x0) getpeername$unix(r1, &(0x7f00000025c0), &(0x7f0000000500)=0x6e) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x5, @loopback, 0x6}}, 0x24) listen(r2, 0x9) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000140)) readv(r0, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/246, 0xf6}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/136, 0x88}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/67, 0x43}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000300)=""/111, 0x6f}, {&(0x7f0000000380)=""/39, 0x27}, {&(0x7f00000003c0)=""/29, 0x1d}], 0xa) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000580)=@add_del={0x3, &(0x7f0000000540)='ip6erspan0z\x00'}) [ 1232.712077][ T9777] R13: 00007ffc302ca250 R14: 0000000000000000 R15: 00007ffc302ca260 [ 1232.720883][ T9777] memory: usage 780kB, limit 0kB, failcnt 597973 [ 1232.727968][ T9777] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1232.734964][ T9777] Memory cgroup stats for /syz0: [ 1232.735074][ T9777] anon 57344 [ 1232.735074][ T9777] file 106496 [ 1232.735074][ T9777] kernel_stack 65536 [ 1232.735074][ T9777] slab 724992 [ 1232.735074][ T9777] sock 0 [ 1232.735074][ T9777] shmem 0 [ 1232.735074][ T9777] file_mapped 0 [ 1232.735074][ T9777] file_dirty 0 [ 1232.735074][ T9777] file_writeback 0 [ 1232.735074][ T9777] anon_thp 0 [ 1232.735074][ T9777] inactive_anon 0 [ 1232.735074][ T9777] active_anon 57344 [ 1232.735074][ T9777] inactive_file 0 [ 1232.735074][ T9777] active_file 0 [ 1232.735074][ T9777] unevictable 0 [ 1232.735074][ T9777] slab_reclaimable 270336 [ 1232.735074][ T9777] slab_unreclaimable 454656 [ 1232.735074][ T9777] pgfault 74646 [ 1232.735074][ T9777] pgmajfault 0 [ 1232.735074][ T9777] workingset_refault 0 [ 1232.735074][ T9777] workingset_activate 0 [ 1232.735074][ T9777] workingset_nodereclaim 0 [ 1232.735074][ T9777] pgrefill 46 [ 1232.735074][ T9777] pgscan 46 [ 1232.735074][ T9777] pgsteal 0 [ 1232.735074][ T9777] pgactivate 0 [ 1232.832168][ T9777] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9777,uid=0 [ 1232.847933][ T9777] Memory cgroup out of memory: Killed process 9777 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1232.863317][ T1058] oom_reaper: reaped process 9777 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:54:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfffffffc}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:47 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x37f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x414, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:47 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f0000000180)={0x5, 0x2, @start={0x0, 0x1}}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = fcntl$getown(r1, 0x9) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000440)=0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000cc0)={{{@in6=@initdev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000480)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000700)={0x0}, &(0x7f0000000dc0)=0xc) r8 = getuid() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000043c0)={{{@in=@multicast2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f00000044c0)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000076c0)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in6=@empty}}, &(0x7f00000077c0)=0xe8) fcntl$getownex(r0, 0x10, &(0x7f0000007800)={0x0, 0x0}) fcntl$getownex(r3, 0x10, &(0x7f0000007ac0)={0x0, 0x0}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000007dc0)=0x0) stat(&(0x7f0000007e00)='./file0\x00', &(0x7f0000007e40)={0x0, 0x0, 0x0, 0x0, 0x0}) r15 = getegid() getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000007ec0)={0x0}, &(0x7f0000007f00)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000007f40)={{{@in6=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@remote}}, &(0x7f0000008040)=0xe8) lstat(&(0x7f0000008080)='./file0\x00', &(0x7f00000080c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r19 = getpid() getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000008140)={{{@in=@broadcast, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@broadcast}}, &(0x7f0000008240)=0xe8) r21 = getgid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000008280)=0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000082c0)={{{@in6=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f00000083c0)=0xe8) r24 = getegid() r25 = fcntl$getown(r3, 0x9) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000008400)={{{@in=@multicast1, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000008500)=0xe8) lstat(&(0x7f0000008780)='./file0\x00', &(0x7f0000008840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r0, &(0x7f0000008700)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x4800}, 0xc, &(0x7f0000007d00)=[{&(0x7f00000005c0)={0x10c, 0x19, 0x0, 0x70bd29, 0x25dfdbfb, "", [@typed={0x8, 0x5e, @u32=0x21a}, @nested={0xe8, 0x64, [@generic="47ab5f516c9b8cd1a2dd512db40c47b4d7bd8bd1dedf53ca287aa1e1472f5f87128334dc30e7245514471497cac970416ce5fb04a978005eaa3f7e07c0b983693a237477ccfec30a81f7efe138b9d2bce26f62b04f6685607425e500a4bf2085fba83f81ac512697f5111b8601ebac6408e9a985754424fd3882b4b1ca35b09cc4cf8b79cb845a2026b31793155f4b2545f0c5e256e3a7746959162e3fb623ebd4ec066e6bcf9107c7b38205287a05f89d569413f9722c410353ba6fc4d8063149866d365f4905972560b72647b493", @typed={0x14, 0x18, @ipv6=@rand_addr="48aa77f7b2b40690c18d5920a16ed5c1"}]}, @generic="4ef780454372e81602"]}, 0x10c}, {&(0x7f0000000340)={0x18, 0x39, 0x410, 0x70bd28, 0x25dfdbfd, "", [@generic="664bd1dc80c5"]}, 0x18}, {&(0x7f0000000780)={0x274, 0x21, 0x1, 0x70bd27, 0x25dfdbfc, "", [@generic="c708c565314bc9af228805dd669121df273c8140aa17118633df2fee49159b1fed", @nested={0x1d8, 0x11, [@generic="af16ad5496d93e9c7965ac3c15e46a8e65c9de0c59240456e5adc233d16d18b28cc9b808ab2c9546489891021be66bef36de142cf982da0fb1be0e3653e3cc87085fe39364c58b1f7955c7d4b321034a1ce0ca2bf3ec3f5468", @typed={0x48, 0x7e, @binary="54603ddcfafd1037708eb9817810ffb43c3d2ce8da0286ecef74b00a0b5368bbece4bea4ac3c4cdcb73e87db421945c8b65541160224debd6bd284e782d60a1fbbca8106"}, @generic="e0736f5e26298e82c8204dbc839a76c2f4ec8db43be2354fb920717a01d1b215f445ac1447d5f1f8a6c4c17af6c7d5e373567afebacaccef648b7f3d46157c0af1cfb03db7febd6bf9df5e91d7cb1ecde8b7ed791bf47a73b73114b36a7eda307cb6928e8b469478ebed85b1103075ac57504f8a6973570cb7cf44d5ec6e7cb63aa83b270395b6cbb5ad8c3629d04ad4d8c8da51e62d7bb259f700f4b163ce57d9df74c7890b34b9fbba9c3aff56b3801729ec", @typed={0x8, 0x2c, @u32}, @generic="81cabfdc53ff046b0877d1f25a49357d60549cd75bb8731d96545b28912672c1dc7a1e75dae47083a066c3cd2642457a0ed29bd4b44686cc0910b0dada2a1007f23fbb47ccdba1451b81a84d502b0ab109bddffa16", @typed={0x8, 0x9, @u32}, @typed={0x8, 0x81, @str='}\x00'}, @typed={0x8, 0x8d, @ipv4=@multicast2}, @typed={0x8, 0xa, @ipv4=@local}]}, @generic="57584324d9eb48881aa63f0d37d13328f6983e17f0a9687dc7bfe7acb8ea572df4f63477f468ccc061444931efe0104dd9d46907941915c28ad58b3a5fd21d008f9e9b9004bb180ecd49e3bdf24df557a347b0042a04c611efec061b854b6c81379f8258726633", @typed={0x4, 0x51}]}, 0x274}, {&(0x7f0000000a00)={0x298, 0x1a, 0x4, 0x70bd28, 0x25dfdbfd, "", [@nested={0x19c, 0x2d, [@typed={0x8, 0x4a, @fd=r3}, @generic="f2f9c93b5eb2da9f708ffcf52e988048458f97ee9cc6c7a086db34916539fd6bdd504d030e602a10300283f87ca65e889b996a8b35effacbe49017053208b4fe5de959fc28c931f743d4e69adf9e35b7b94bfd6731a074b4aa67086400192f2c51bfadd49292265e6351426df4f0f6054c5ba6af43", @typed={0x14, 0x52, @ipv6=@dev={0xfe, 0x80, [], 0x11}}, @generic="d95bd12ec5a9496b3a14e107373642d7b3a18b44a1aa4d7bea93137c55a27a9eeb515a47a51ba582d36c56c6cb064fb7d1ac872f6f667dece1f2402ce46779d3b75f1fecb57ab3d428f8c119d108558dfb7d4944325ce7c3e83b30f82929bb6601991cf6de48", @generic="8c99e5e038933e2c2181dc7053a8e6098e759b6de37b2ad6937781b831e9555467c05247936bd55a0cc9fb4ce118987132823944aa17b9c648e44fe3ef72bbc05e1a0ddf62602f7b387a54ebd6ef9306fced076291a86ee97ae4722dc32f26c03964777203aea17be43baa6706e17a31c71e983be5e6fb81b378b93fda44403343ff681c5e6ec8a47ed3ebbb441b01b6561886aa59dc15c07577f6daa27c75"]}, @generic="9381e64b278ecf8e34179faa57e1c6046837232a539e029f809510903ba3d7a3d099944a026052a9b38acaf491ca5c86fc06d93e20eafaa21f6d865627545ebaff149120632be45416202d6f1ca1e95a056302f7", @generic="571eae39f001d8abc5058463898e830229bb926f4cc077ae59e2c99e2be13484c5c98c757dadac1b7e62a18868c79657ca170410a34f89e2f13530e8a0636d8e0fb036b879043e00", @typed={0x8, 0x1c, @pid=r4}, @nested={0x48, 0x4c, [@typed={0xc, 0x68, @u64=0x8000}, @generic="21208974c2294ca31e3077d96942e84e260ac8b6ba5f03866cd6b545ddf23c46229081460ec9476f9fcb27774f9119cdb69a21e14e75a424"]}]}, 0x298}, {&(0x7f0000000e00)={0x2e0, 0x15, 0x300, 0x70bd2c, 0x25dfdbff, "", [@nested={0xc, 0x49, [@typed={0x8, 0x92, @pid=r5}]}, @generic="963fdba6332e6d92325e721764f44bf7f9bffc1219bf6a99a93183f1923ca5d9abd8298cf8c9fbb4db95ec271ba8fe0274dfde49ced638f1202dcd7425e81855fd8dbbb3342f0a615e9fed4762c91b5c1f27b6438092b7e5cc484afcc33d86769ce1b7d3410c1e7b613f6ef8117ea459de051dc796f9a266864fc6888ad669a50e18fc0c4ad6d1df20322e56a8394b5d45ce68398778eeff8d88e1dcbb559521fd2bfa73264a5b80bf588c02fa65", @typed={0xc, 0x7d, @u64=0xfffffffffffffffa}, @nested={0xb4, 0x61, [@generic="d3b3882943df1d120e3b8a4aa86d2eb66112c2853d800b545972381fd273b4c8882bc076681bf0a75988335fa77adf057026fab8c895d289982d268e7be2bf82869705f6b6240edd6f0cb6d280d6aae24601b306994a3f7385c94d312ab969c17a6f35ec28b666f978ae78a922085a3657b239bcc1aff30062c68892d399cbc9bb7db4c97bfe273940f730da21bb8532b6bd59ec5cf3ea7e87037bcc63ad01d386b5a35060c535bc14e538d581"]}, @typed={0x4, 0x53}, @typed={0x8, 0x71, @uid=r6}, @typed={0x8, 0x92, @pid=r7}, @nested={0xfc, 0x26, [@typed={0x8, 0x60, @uid=r8}, @typed={0xc, 0x3a, @u64=0x4}, @typed={0x8, 0x8c, @u32=0xcaeb}, @generic="d250e17bd56ca25d7e0fcd1152e3c10195f26c09820f047154bfa4761f95af761da878546c5b49cf83468660d10f77834154cc31634c29ce70fb33bb05780fcd64589d6bf5d48e3bb41e161843e7453c31a85f6f2081a3a1540586263654680cb72c897efb43adbe791b9e64088e4db89028d5bee1a8ebe33e8416948bce46aa040aa6358c059fe1943d72309f7c30d8b53f34201d7b777c12bb29fdaf91f66690aaa9ce916a7effd8954612f5a320b21f7983135a128dc139aae01a12f57de886d26d3e54921b92da465f7cb7c959259f2eb852608e4720e8dae5"]}, @generic="963976ec32b51fce346138ed26fb9f763a5e5693e4961844d394286c00924a3c5133d8b8c743d944ab21557f4472ecbd3b81335f52dbe04c28ef123915f6ddb7dcc9824081"]}, 0x2e0}, {&(0x7f0000001100)={0x32bc, 0x2d, 0x200, 0x70bd2b, 0x25dfdbff, "", [@nested={0x204, 0x93, [@generic="1a052eb94097f825ce0687e67ce8c4e87ebd9222ecb6622c612704f20a3bce7b930208f6d7efa3bd2240a309211cca2fee1e3ab37194b9442e6e09201c71ac8bb5404df58fc01a3af6cfebf3fe17900ce79438f9b3878beefcf6d0107cda439b4efd967a5bb2e4447424ccb8a3bef7097067cd7bd5d76f7965e007449114c5b47644c713c9049d2923cd03894f2f78121ce1f7b5e9ad32a5a235c768c1240116b33e08aca8736e1f95", @typed={0xc, 0x88, @u64=0x8}, @generic="24dbc8ba57c731", @typed={0x14, 0x59, @str='eth0eth1vmnet1\x00'}, @generic="4175413dc9232ee60d7fa6b82691de0273ac89e621cccd770afa63e162dac4a8101884ca3382e3721e15e0df80744f9cc41e888894d69925548d4b7cc0f09413e8d9a0a4722a43faf891f9d1a1542381a8cf35e33709645ffb73f2b397b86df4971c118f9cecd9a463518fbf2eb236b2e8867592ba32ef8d6ce046bbb85dc2f319b7a6eca47a2fb335a6242b7b7e35e430ea5e1c7773b2d1e0c9c18552ff8612de6ec36f687a771cda956d79f61b33660044374789f328cf98db4902120ebece0f445fafd2a26be46cea43bc5e278d9eec67c6c0b03fe4d3e02b1462d0ff13391d18ee27ed5c21f2a33a28aa63dba515401e1b7fee557c907112", @generic="a84f01ac11912267036318820e0ce2b8aad6bd29fac7a2cc114317c0f2820cfebdca55eea562a8b5562e066531f602589d381b3c"]}, @nested={0x2004, 0x27, [@generic="1cd1a728548c6162cd40f8efa59900383afc72c8733bb581f09b1955340e88d7887d1da6c12a62af90bdf9adf9377a8e53da3b979a68d844190a44e3b2f3805dbff48bcdb6c29127025bb5303687e67574f9f5ba18e8bd2dd22062f39cb464b74d673498119112620f82ae814c74ccca7b29ee29d001ae66798996414cc8b4a72c67b0edab2eb34068a564d55b4e1c97f7a2cfd80905144aa3d1bafbf0547f7cb511af198de85d96d12d1a286e2e28aadc2bb1f77e923dbbe0911b19fb14a2f62539b3158ea6ff23c480694145e857a312fdaded2bcfde95acb632db2b9eef0397a1570962cc2f8f0a8d35452e73308bb9a6303975842940cacf64221c19f0b1f64e64d32261d0775666cd49cdcc5dd39297ab4b7c23604a320b7ca67fcf8851e957f7b43db4787fa41f8127d4dbc6ae68667f90534a11847c5e3403a85c18dd6817834baf1f320bc7fd7d62f892d300d10e904feb3e4b26fe9c8109be8203a766090cdd94b98d3057161b5b859685060c71e9dd6746754a6c74e2aaf43e276382e91e8546e1904a53522ef992dc88e259631a997321c16e725732d0b5a209d5f4ba96e890aff2b8c4d284f0a2157ffafaebf6df04eb05d50a83fefaf230b37ba9633e8f664101a63557aef5af688d9812599fb35ac5ed8816ed4f021d8fea6ab2d0ccbc328a7fb038179b9fc66e5b4d2b25404471288ce0cfef61167042d5018acce04e5263ab179decc2085d45c3548d9c63a4f23ee1bfccd2f73f5ba9cb917ce198585c0d45c84d9524feb48cb240fcc01420ae05564490e836411957e8c46b33bc6e36b5f3c7dbaa6599349f5f717aa132c0405ebb4112de085c81a0bdefd27937e5db4ca11867f68b26a3beba3ea3d9d28019493b7dcb716b50690d6d0d832917aa08caf605076521dbe16fcd7a3ebd80b8ed1e26aa559736e0ed123947d6e430d15b0549c3c9288769579c187eceea75afd04ddcc5d927c621a407cdcd622f830770174e1558b9044b6ebefa2fa4988c0e9014a87b2fcc98fbbe6410b900c2464be20d06552e7ac2ab503a26e20d81a9d5c246d52381f2138bf345ea105fda3fce2dcfbe5d0ee917d04499edb22c3cc45ee0901f8ba9b806be1cff3ce98d40b1f14af161a53f36143c27b34ddd8f29cfc4273aa3f27f8070509da49049e254c977ecde9561d2c62d64b54ae2a16b9c6d31f35ff6bd963fcd82b3255055bfdf75552111d512a7e027d628de7350867ec5b3083c96d324e39c0bf62b10a4959a8d103491c8df9d4d98402b30bbd67403ba6bf5194f72643c68ca38fa4c3592c2092fd7202aeda7d2f92f73c0130b5667341b10a62b475f4b3246eb5b437f88dbc709685d7e34dbf5834bb72a0dd93f4b0ceb4ee661bb893a63f98a95227c18c21dd3f0215ffbce5dc62bd74646691c1b5bba6ca37c78ac614b784d590f1b9ca36a3984b4ff9af606e2b6a1733fe4fb56ba43ba33a4c9e10ce30900f81497156bcc2a9fe23654e357aeb526aa984f422cf40cb7377977928f3832cc111effae5be6014fa7ebdb0a1a2036bef8f2bb6f23993b9f78bf645033dc9ea68b4b6c6e4beac0959f7794aa59482ac87779ddf12383679303d0a2e59e1f837ff370ef311fd622c04e05e46949e15197a86c0d64aabb3b168bd559c8d48fb29714f4270a3072f020e8e12a1dc9d69d69986bc6d7c4824a8e93613cccb02f7acf30afe6858d4c1068b1bf923deb72d505a699e6585b5be052a4db49a64745ed582538910357f615b644eb6920ab16446857106039987b0bf116cbb592043eb43e118e1d4e4decb7bfb56746a134caa21466d8de0511523a876179d9c2bc2786bd6f40a2147f5e2b5a0848fd82e55752c7fb27b92fa27a5d3f475e65217b526d1a376398128878d61abd8ca8f2553a896cf3f42b815731a84825cb6dcd1da6147ca9095296aef1c60a5ed6cd4e68032138943d78a933a9cb50b42a204db017652a0460061ea314ce58f4a810d9fadb4637cdd1ff1901e3fe5d64408564da997ff627f24e622e21a71aabeda71ff63844fc79b660c37762665017a5776aea4b89c2baee2ba64c1aa45b64a6081df4865759438036644b40544dff84e475daf66800154a2f81e56b90721b8378973f88711d14fbac94bdc2eb2f05b750a588764e3fb48da22343c8532b1c0472878c34b174511de4858368fc5deafcc691d37ab6fe57e560b9cd1bbb98059555ce4507dfb1ca487fed216aac11bcc4d237e5dfe1e8e977407c4d756a7e9f432cc3e8a72ab460a180b46d42e47a963639093dcd88e37c0e91ceeb90b55d47bfc173afd34887bb8e04a850f1abf9af27b7d9317104194d2b53e4755d49ad86090d77fb663e0fc254a23312afcc06d26c3b9f112ca75855cd805bff0333a6483f4a9f85115878e9e26171fb69c120d9103ddbfb94dfd048e624abae37f705c7ab50d1b21513003c98e04e2ab3ada72c068ba73c78064bc933b2553b6d01a352e4ed2d572c8e116c23afda3d21821c48744b4c26f11f86123c05dd07aee2d31030d4197c26dfe6ab7b6467a58d56e78c59d023b60704e22437a272d193d1ae1d7d39b103a87f5d983e3dbb15ae6d5f744e3b9c14336004e95b4cd6e43621f1fd26e47d4d2a4739f84ab1d8f75867804a54d631019ce53c427eefcea1250199e1dcd76dd3e0e2eebb5a13a321261716d720827d9b3690b7c75ea284067c4cb442aca99d318439ff41065af65ed29d910bec2a89ca698075725b662aabe9c989937a5f91da9b999a4d804ed78ca84b5871b60c6846998d02813b791063c1741ff7a65ea5df1dcc730ec18f57557a87ac2fe8f800e8173f186043b68363f80ca2503de0858283afd31dc94db43939cb65e3d749c7c7d722b503bb85ddfbe53b2e09ef9441856bee993c72007d3f6dfff979889abe6506e89ad4d621b1824ae8ba8d9576c4a90e6047625a9cedb226e1d13201f314a86ca895a8c7c02227a52089e3ede67b248550750095f00998cf6526a84dcb6df39c6afcc69b6ef5a04b838384bddc6265b2103659270473379e82ec95a86eabe88ade39d31b14e1beddbe1cac2cefc8857be75b00474cc3eeb38e097814e48f7c136c23778283a76cc8513cd438af1230f51de116f310d36d90645fc0cc839c5e637e15a9de4f3a68420593183229bc3b8e20499085e3ca010ebb2446ae7f9017e3371a9f61a505b59e270eb53d60f4662726026c0377c9332fffde0f8cdcf1b22adc05a19d254db76de014a42d77ced8204f0b98652d8047bc05143e47cb8fd6653b3780611dafb43772c7a4c9594dd379072432b5254c6530f215c1193db23daf5a2a7b15b0d85bb4c933b5202f4b40367d15b857a2fd44a9c268fe2f3a0c6c440b62b10673f8b87ba375567c674893d38315772b031482f63210dd55e093696994346efc99d606084ca069cf5a715368e8767811d72a8f2b3d336be8c803fbe67fd0b74c1d30f90fa48b2f5c9232b9c44c656e295a7b00d4499b90ab69b1ae1631605f06c2b1f96f29463c983a577c40523970bd8171607f58ddb39ab0c5f2cc45e8a73309ea464ec2fed0f04cb11550e37820f95803d8523033fbe0c72a5de69d995dd22d22b3fdb992596e1db78d4bc52986ef74b1f602c551cab195bd676622d04712759042bbdcfdbb9dedaaaca3d949f810b973293ce3a2af9dc9426413926868e838884471d24252a19ebf36ed8377f3c9cae912261aad0bfee8f62263ec80d03e359de37fd7cb589271bf775bde48d5b183b266b7741cfdf13bcd4e7b6d58eb99dc855e6bb1c0a6531a89a1cab1f78f0bea4cfce7d97fa15de402ddfcfd903e3834fed0b0b521205163ed894b5b8066a855b5ff5f364cd9fbc986ce23c01201dc1efbc68357ce586d0dcf63bf4c8b876379f94f7c5bbfeeaa4323e25b7a2655859e3f4e1f9c0509a3623640d928452ff3f7f89dd4583b13b57fc8c481735afba4a1c4cc298f056baaf3f8207bc7b38d6ea69bb3175d7a5fdd0b7c1b0b616e07d52addf4fc95de84f36dd14b88afb3562bdc779efedf22ab3b2e048de4bd78ab9d156e11504b99e00f9130698b15fe6bdfb26cb84450e2cf2f9350ea12f2241518168156f23abfdb83ccc117726e84e5fdbe7c5ae894161224224724b3925ea9f26038ead87e19e6573e0e4655a09f0d11e541b6508072d9e3065738fcf42d0d3fe34501c61b8ea0d0a824395b11b6e7e03678a89218b3505a5ecf3294ae0c86d9a00e30a2d48dc940435d5a5139383e04f0a0f2f994342339007738f8f4bb88213980019c1cc58f481c968bcad1f3372caf2e6b8c5308edd2a65e1cc0aadf924d23f00842608798a5e7398d10e7e284561fa19815c520b0d55ba20e52db27ba4f1f9f0adc5d9912993487bd6d44d22c89468b5c4dd9497834b9609e917156e6601523c561fcb013f8ec4355705dde7103a1edc142844679a83aef16072573d19902656972d6a950ece7209caf3c781489ca0c831c430470714034273a42b6965a8d013837e650b300cecfebfdfc8a6e62658974cd7b2eb7b099a321d8bd088846992ab38893d31378a33c44bb73e8f6d729f56c1b74278d88c7ca8725dbe2f41c7e19f87f5e7145c21ad52b10dc83be098b07c5a5bfd27e040e92d8c8aa25d11a8a4e0ca3b93a883dc2a242e9f083c6726e3668db1bbd22734bf992895b102c6b2b7fde20ae735a50c02faa77401088e80223503f8e3983622cb65c4d23e8bea251e525f0e31d8dbea4bf615bdd628b34486f1b669c4b4455bd17e338939a57cac995abf952e2ecdb6bfa39c6d7a14add59b3f81e9d0f6592c1b0c5c9cb588213c86d165047eff16ca05b6addbab2e17834b57cc6ec35865c69022bfd1e444d3e66be0819fac8f8de428cbdd7ed99e173d12c001859928be2045cb3a876a72883d177dac0665b3d48e0032e37d728e83ab2526e036b6202a6c98d4f36df89010c5880e7a6db4faa594adf3cf6a9c1dfb399d9028d957195670a3e89bd6f86761f4175df44bfa629bd1355e77967b736b65c409f8c16931e8e94fb9e3717fdc3aab86ffd846abb8ecb988454a44042f062e3d312f7d4fecdb820f2c45884c6e929f633c625cc587ac6bf8607968561edae4344dfb92507578d36ddb856166684c5b44a0b372b2b9460eb48e1b52bcac607f83422fe013fb4923987bae3a669ee6dce62f658a535b54dcb4ec1acab4faea1b56083db70f7c54d0fafad4504750201173e91d960fecfbbe4277070d04acd94c9c30ce26373fdb23ee11e2e2dd4f9f696978efcc86c8a77255acd1087e8abc97193b95e06e0047838f60a54aaa9c1ea9f1cc545adbc4feac6653c8baff312cc19dc9c2bab4bc0eb8e72197fac401c6db5d110e8dd49716436f53c8548dde9dca9b6435b727656c360342ea582f0fdd0e10fc932602a0bc1cbd9b712200dd5eda0248b71abf74456951fa93086345f6e7cdb5370681ac1e78e4b03a1dc43cf7530bcd985f74b5c8858984fb2bb577c77fd4fe899f4ad44193078c7a8daddd8f2fb1d2626f54e9fdf5a7dd23cc55736f287d655d0715b9074c2e3fffaf42e51f1911fa185922997e203289be49469f2ff87da5167f9feb5690c710a8ba88fa94b7033a42e25a4538cd3c75f040a2715962a74bd5ec44f4f68ac78a7f5d077b252aa8eb52b0c2eff4b28ea23986809fb733788e4014ef74da4d3a2d4c5068b21f69f1ce3b17a3418b8ecf2635acffd32798b22f697f3a42a03784b4907188eb3ee9ab5ea6a7b682b75c0ea9eb22d7161ba54", @generic="b7b0be36c68f6c05cd6a2baf225012359462d0d44e1a10979b211a2d6d88cb66c056518e35d21652f166e8f9487f69e9e1fe82cb2617097227526311ea1000982c20096fde4011b769f10dd8b89ddcfe2c133cd915cfafdea69d889162f9a191e283193764af21127fb5ba19c59acd29cf3f14b067863c83c0dd57472557446edd0def56690bbe2146811835446794776e518beb46c5c721f12c545e967b6bd05aba053fd5b57c8bced12f0dcb4d73bf9e79e289ef665c4d5ebee581b4a0e75b60c27cca99ea97cee816abb0d4bb6455f813445c5480e8d93a098d393431f643b04aeffce05d6233a59d92fc3d9704590af15669e4967a77dc1285498528b1b2d705e051d08dfa269bd83ad24d0de37d8abb28f72dd0e316af8f54cacbe795bff1e44d973a8ba6bf8baeee340a09b377b28141df014e52c3930ed49dcb586846325262b9c1639c514f102f0cc72e6b730e82e369a40ce594a766c1efe782cf3c2838d407b2cce1d0eb7b8a28b6ed6a4c8926d9af570ddfa847df2437f5180a36449026a2fc6a2719c790528703fedd3bba399548eeb8bd7978c2f916852c008925b36abc640d6da1ffca1f507bbca2611ff99a5fbda8f241e205c3b7e4201de41b2eeea56dee60507cb0af77a056257984f7a57ff335cf2b38da16338b25225e53ae7d51cd5e0b9168e454fd6cd95f1ce803d6c3c33f616c5bba33bc71fbf6c9a95a5902e18c8c4aee8e652fd83b53bee1d650093cf326622f964b725b310e3174d760fb9a0296eaa2d085f4e7af990ff4099d398a9ee575bcbd28795600a1a71bdc85ba2a4a566b5146fc6e52b5c2e3af5ec822a36016c9c2b1cb83913ed82223cdb9aaf91012b3ffd216e43ffab7649ff90c2322c2647df105a9f8b081532ba3dab50f826e60d10e2fd96cb65f01eb34c65c4db905dc4f6c2aa13d970496095cc3a87389006f266b869ab2b3612b2d9c618c808b14ec143f875b81491c4d84e43931fe0edfba72f79d1f8851b24aed232fdf552ba972212dd4f8d4cfe4c40286744d0e8ab25615ad51105a9a1f9c91afdf9ac417957ffdbdbd42ea79d8aab9d6ed43ac7840ca303e8bc8ff09e4ba94428ce349683edaeb09d41019d0bf97b3815da1eaf3d4c20f78db471f2dbf860745b933b47c82dbd1f32f09ba25ddf2495ae4067d96ecd18b134eb966115b5aac9871466950a5c1327dd6908296046899e890b098b09d86b1a1fd84189174bb62dd4cc4e77bdd27c142539de2ccd4baa949ec9147aec882ef2cdf39b30264f806ade5bab65dd431f3dfe2cca4c51fa5343e977f1eb156562c5f9b37696b0377a48c402d4d806e94178d2d758235839e546570693e4c6ce4d78fcab0116eb469d7abbee9880bed8701511cd414a15be98e7e4ad1dbc053c239b2805cfbd3ac207f3c1cbd3cc6472ccfd7a76795879ba8c1441a9bfed284367fc7dc0ebda71b39c9b3704c00546a82ad350142ad1f27c8d5c330315038c98e569bb84bb170f6391cab26dc951fc2fffbea8f0fd245501ddab6c30a0112881344b5482d769384f9db4d30a7cabdf7592d45470b2b6107240406f27327f6dcefb0c0e20668beeac349703999ed8bd7ffb648ec6fdf4aa0a52f393e485ee911c7ca91c848849165e4aeb3e6261be5933e3ead545990b4a30c13e3329fe501b3408339dc501f598703559306b9227ec71f19de2a1fc8a744259b7245ea275d922193e9a412b57cece83d4e72938b01b1ead6dd39c26193c2e00cb160cd6bf66bbf95312a888b74a2471e54db988ae09ca22f6453bdf40069b67c42e590463c366e975572591bf7b2c84423d09a2613be997606235d58daf5a01e03e46e5adf0edc794a5489935f6a14ec04a2855dfaaaebbc2b938d1a9535f9c091f934674776d8ad4cfae9aaf2e1e2ccb9508721969285d102f832a64e3e3ed0c890dd1f0a882798b80d46150f1b9b6690ea3bdc66d0c8f884d1fcd627559e44a711248dc14ee678918f0c9d9ed1a7ebe96cf2c5e1c5e2bbf99b826d6284af3e92b963bd08b71e518d67ba6aeb0f4fa585299cf08ac2e5bd59c95ee723c121ebe5439f6abf0479c1176243b03c62a603e8362d6504855364e78786de893696312adfb9415483a016b617edc4c58bc88df16c162b40285f9f78fecf4eab19d785b5d3f949e037c901ca9bbd29f7780e43bd703211b5d04dfcc5cbf48e9f95072db58c0fe793f7952940b634cc0c43cc4bddec6c7a4867102e951f692bef49f89337d57d45b0bde49d3d878f60c7b6b435dd4e35fbaf7346b054b49071459aa327e6544f59a6cd114dae10b6dac28807f1401591318a8d355d99fbba663dd8f05e97c23a73a6f42763b1d0826ccd6172496a84a6434fc149d007a16251eebcab5eaef46d054df4099703271216f25b5ffc6f398421b562e5649999921c7110135697f95192cd7a73a6a060321cd1e70a92257e312b41bfbbc2ae87418d50e292df4130951677cb4fe52d2f0b18446ee5491750fb9fd592c24d6b0fa7a268d19fabbf915117df80ac997bc91d28d5ae6e6a8c6ff678110051a72ce963646d1c138089a89790a3d76437a0d780717b87d3559f491810987ece73620318c78fec507eacaa5763e608fd42591eabddcd37674d6ecf605ee252ec48f1fa7b8fca7e33f71a6e9571321e0b9b22aed087240ddfc7f7807b6217404318700c6890cf63a60bd5af6f7040670680b1238e1ad052c4f5011d1f351e91b152f73feb18a1c62103429febeeba286e95cbf14b5433d18964ae36160497d3c60b9036cd6154302c288d4c598fa9dcfa9d72dfafa1370d77a440d2d5b7639572f8789c375a726f2bb2a4490bf27927374d52ba25e05ff8cd7b4c33f676dc59874981af9d6d9df4ad77037b0d0457f4e44fb5267a93b1b77725d55b81dbdac53d0563dab141e9f79954ae2bd9b57d8bc2680a70999fc71320fcb7b60d9b15f73b4cbe27b60aa711b8fd35598b6c933895848a4fc8dd53577a42eac3d6988c45a77540286c56f7a5bc1c2167194195ac54b7e3ae247207d9c1f0674d7f4a427f1ad066173c6f1d2b3b955407670f5aad6984cfa5d875d49baf83f74229b8d751959ca01a4e7e64c8e5fccb7e62cff3032eeeda86a0b2ce56fcff51789b9b6100d8c34a5b6290efd7f86fb9fe8fbdd1a921741b461090e95c226c3d1e7ee31cdf3a93982d45ec7a286c0e667b467bac8af824c8fa0904bbe4b996364a8d5bb3c2f73feeb40c139d0a567c6fba38436be5f18b7093c68fc9fcf11cb0879cc2673c597ee94742eca4c50e0e1e26ee4f554e6cdd6695f78228f489bfd2df571a75384d70ef4bfeea815af3622d4dcd856764dc687bca3ffb798c5ad04e31f961ff5586009432f130aff30339d43bdab51838de233e5e514204650f498b17df2a42e65481a04613918f1b594a98ffdd2221a7b7baa8e788b8f6f081dbde6c17008d2820cb87e76c676225195b2e4ea60fc0d493efba4bf81cb5cb1553cb2cdc4522df4b20e955166a31014d176de7eacdb96c9cfb711ae3869ecf9ef0f03461a7fd14c2918084d6e0f39067f81cad8fbe4a225febb72748153e3f1e6d2b86b1650d5dddf063b412abcadde7fc35223948832258c33139093fe4266f05b285bed01731f181c23ef41bc0f6247e680a16459f61d9cb5d98e97afa1b694ee1f3dd51e4c846e47a9def6af254a72e08ded2d041ad859f2b142c5de34fd5409523c3a9dfefae5d181938dcef26045e4b5b365055e4a53b270ec6a3e82618d9955616b57b563e42feef9f3b3a9ebabe7564cd5cb6044f5ef13ae6dba5b0171101a69af3195df375e15ef230c9aeeeb7356ad9ab3822adab1b4fc5c0bfdc67041e05e73255684ad31827a1efc172e837bae56d72f277962fce0dc81e43f2f2b564ec312c4cd33d0312ad8901b2da65f2f75844bc546698913659f9ab7ba2135e3a45656710e0bfff0605a6acde233be9ec8e56a4683c4cb8770466e001c7dc3974d0bd9a495be5a31f93caf916dd95290342428f7a38a60dc7d3cedd77e362619de7ed3225d9f572f8a38463a36629d0ca286f8adcddec0fde83a1ab4eaceadd789639869339ec73543728c96839cb45fbce672f8fd07a1ef1dea802d9e042b5e5e81e9d8cae628e836afa6a68f63536ff83a56c03e734a4d7f572c830c45d8c9dcc7f429403743faaef2567359912445ecf2b0258f6c66f3f21596bbd247e3ce82ecbd900bf2241de0d8074b3c3163c3ff9bbff6b348b89316969a555d1bc744e9a0fb05946f83776e29f573a9d3d8ab4420e53d3038ee5eb9a667ff233b5445e0f58d1e575322079a3c05bd095fe42ade155263ba3cf7a4afe215b78f4770715c9d37884b35c360d8d6f97e24fde4a205e9d7607e55757bd031a69c9b4cd865e64e940a43cca26919eb3c16ddfdb7f0e2da5385584c5ac9a40b8c3a3c1d454567b8d7de7bacd50c3f12e6c8936a820ffb2debca8ebfc1dad5d760defd73e7ecbba9f7e6080523d5ce5f969f8fe5fabbffb2ebeff667ac0276de4f585d245162addd58a344accae41c75f651dd7f2666a6f9dc0ef1aa3a054d64d08b70adaa86822780af10654df8877fe4991c182ca981f7f20bda6fb4a4fa4b0689bcc9cac9256af3655a9768979d1a4a4430f8f31d91bf7c5b5a8a4e9725cbd450752af3f314f3528b1c7796f44ddcb2f2ee0eaebae38ba91f392214e703e64803738991d479413ab8f8677e8a1ebede3ce602b32ec833bc5ef1ae32b44d5acb28ad4044336528bea4a45e869054604cc432ea7c5dfa2203ea73dce017f8b492f64813e16c57494b5181484cbb240ec97e7deaac0e2ac1ff5b9347244542ad2303366701cf1bc4c27188e8e1bb178578cea850042c00d4a1ab7078d1a102ac2714c5b5ffd92ac2d5398f4d87263abd1885baea20f3f9a67b1672159ab32e373ae1108b46bfca3f630fadc8ef7d77ca0b5418350d577cf5107db6c2445bd3179d72ad37667b2b7bc0bcf20357eb44a0f195ed1039c3037c3b31e8a4d4e7fec9ad468a09b2dfe585e8cc92ae84ed997c4f2de19970e0e5c518e1f7836b9919e488854ad1dd3197911bb5016d3ff5bf0b318444e74d91602947edf1b0fa9510b9142b48ad57accfc34940be852590de32de750c85fb88645a65feed82ad4046bc6f6fff97205d4377306b3d95d48a440e61ac563c4ecf71a9bcf59e88ececad39c648b5ee6c089b625a3a9166a7fd2c3c2b57f12b0917b8f33540d6fe54c1fcbe12141b80c5fa7a94eee57812d1eb9c4ec305027da6e2a38e583d75da173b31c6f74492f03f98bcc184f6b35721d9c614ffce5ba28b41ddb609e1cf7fa3c554d89908d80011b8f164db2872da9812bb79a72d5897f3563e175bb724ae15ceb983f94eca4e72e7905c1f7fdea388f16df51b7ab5a07069d9b194da66cca3c25269f7bfdb9c1ff30866742947457be308fe7da49d778b5f2999acf624c6023a40c584fe4e1fa062fc538ea2856a4887bf6afd45143bcae96c3c1e93db0d1c4b6ca28353900079007bb6e582668476fb1cf9bf5d7eae4213e8ec96698d428ce8608c11e525e800b810bc62a56d0d030bab7b76bc5b790d243c47c15be8c41ae557f764c898455e7e3067a7d99f6d9ea932398254fe87deb01c8e8f52b2682adaa03f351b28f3e9fe3beeefe975c2953b49fb45652f4efe6a6aac1d284de7ac7476f91836256d71a716a03792cab13abb4acda74158ec3c129d93104b91548baabed29e6cd358711e291340db04abc4408bc209b438eb426"]}, @nested={0x10a4, 0x55, [@typed={0x8, 0x84, @ipv4=@empty}, @typed={0x8, 0x8, @u32=0x6}, @generic="43afb8b915efaa6711aec03f2a6cafa46af097ca146eb326b720e87d2a3ef279577476a5247415ca1875ed70ba06f44f8b1325feab5b7abc074ed00e15ec594a8dd05c21d90dfa57efa2f4befe9a4f4a1a7d6bd484be3a20056cc637960d1589a545657a223b4bf96bf59a315cce775988fd11e64f928266c714e83ddb2c8a656955c4cadd555a1a971ec2ee5123", @generic="cf896e27ed901db8b4767b35ba7e8e47e6262bf32750043fb438b4799dcb4e6ae8ef5d4d8a0924119513e752aaa4be10e912f7327796cd1c2c21ed6a6b77c88886e734017e981e7a0ea7a4b14ac7140c6b51be6f6177316acb47883ff3e130225f8b7532ccc286731ee814e3df0b31e70b2370b8ee4255686200681e4f1b3516715839e4cd8a1d3d9b2df6a20ce26a16b4d1f4b6adae48125c0817f72f00ea7641ad05bb03c6cc76727cf30d562041f6f7dd6124d1fbf6bac010cf3f9c549cde02271b5268f5d4a1c71aaab197341fac66dd8f7891178905e667cd675c46ffb2fceaeef518eb204bafb249c72090609738cfd59c19bbb8a0c81c7844979be28cd19d337badf04ff18203e32ce0ecdb6670f757f52fafaf70173581fc4080a8e418b756e5aadebbcaf7440bf83e19e00df72a9eb3cd0156ae95ebfacb5924225707c3fc8a550fbc1d04a90cee32536cf3af0894de0472e9d0094c47876f38c5ac6895a5720f15ce835ebb2e2eeab4b3b400da53bca25e45e9c9f502854de2845e921ecf2565c9b76bf725c291f88120ef2bb912e5d2f671ea73223fd83440f01a617016fc73ce498ca1102fe0d8e62a04ced7187845912a8bd738819da121346b2a5b7e1ae9addcf5074f499dc22a974b97bc3c0bfcd0068262064517603c9e0f4431f2fd2bb7ceaaee64910b5ad59e7328a10e620ae3039638206d50bc701b73bd377a3117d6c20670d632659ee128b3e9f276417505e0f2e641017e7c2a0758d2447b153050b41c374fcc8f11ca26ed4992d99131a44ab16529a1d96f98a2dd1edd79303633c96b96d2c72655bf8d781cd1a052e470a7dbe0f3fa306300ef3b7d1d2f826e212b9e4785820105fe80acd29389ccc2145582bc1234cbf9391f9ca35e28ddc6c66fdafcb048ac2a0bf36e718a5047bc33e5e38de48f2d08c10aa7d65fba917df171809217d389a0494c5c6c20e07774a43814d3294f22c209098990430ae43acb054873eb1b60a8d2093f8f9b146d5d3f163ef56f6e99b9f74108a4d1a00a951a0ea2af58a951f9ca5252e038e8a0ac73ca2ab2055bc10b444ce0212d5c1229d75a76132c2ec370fe6613501f5b4c2c0d9083174016ceba3ac02bdb0444df364aa6a70c91f299b39bd76d3661bc0d2dba569b8304b628d6117c22d83888f27c52f0f964aef0c26ad02fdbacf47993ebeed391870f175ec1384b5e164f4d4d4234622adec420db1c3e675f32d4135f311e9242d3c981c282aee29864287934ab7edf4dc7c70a72e5da4616c64111f5df1c7405c6f67ca1d14c63fa316d14a6567851ea8d9ad2c28175b5b9b06b3dbf0367c27bccd99e43c265f5b5f11192f08d422896cf02583ad775bd0a64e300ad437fb4ce3e767168432d319c5d5fc1793614ab0d63b701671adae76cc1b7b77300070481c4ef31dd92e9e5b4c3f7355b6ef5006b3be1e533a835491ab839a6a2a4536331ae94c9cfe5a469916ecf3a45f9090298d361ddd8f9518557e7181041b03dcc09ad52a852d551aa1b9e295fe8c4fb6444ff151010fe7585a5c3e69b93d580e82919d1fead338644ed1227259069aef54468b975b540eaec34518d91c3522326496be0429c05249739a4aeea43b0e63ac9919f58938da89c2c2b3ebaabd8f630447669a17a0a87b765f33f724829a9880bd78d1dd1615ec57fccd2bff916fd5432dd88ca35c271b032d6dfeeace12e0609004fdba4414212c7497ade5505e3c5e5a904cd5273f61161698cc1c674b25ab07f86239c74379ca226ada67dad1cf838f1f3e509292581becb7c483465728796989878d126df4651d4a46fa900a70ad4958a04a73cb1bfd95ec31ee06da99cd71dcaf472a2efe3f92d833c97851048f80742fb97d03a5a29288822a65bbedf7c6257a4a21d28a48b5386c90b5b8f26164a5bd61c554b55a6d31ff9c46b2ff6fb5547956eab9999950c6e73529efa320c847e8830f00016c739956dc70df9ca33da5d7af537dd91ce9b60bb17fd0782becd48c82fa50aca7464b43037fdc9f094f2672c0b4b3a6264596cd25e36fd3a0f1befebdf0aacbddbcf1920022d782833f6fd63e7742ad1e307ea3f20ca7371d9d282125d5324db76f0c2ae8ad3e4308dadb476b22cba0cd7a37a81a1e3e8b720a7fb28f4e9d732cd103b54fdf6ff0685d2c4b5677fdede312a093c4c9c27ed547037dc3b371c9437626795fcec283ed9d6eec5db1dfabc23bc5e70615f2278da4e8e33389fd38b4059eefc72ab311dabaf08aa1671b7a61ce0dffb23ad603fa46b9334368c02dd688389e238015cfa61f82f8f7f519e660de079c19d18ce61a58f1f167a13142b086446b46d5ca192066e625682827558fddf4ad71d05d903788583af4f47e2f830f8fb488013614c82d3dd59c6a42aaf8d5bff4706b7e5f20965f1145f928f27758b7ffd3c0c2b41a3c991a42ccaf6e10f6860dc722653c19313399a690b0c647592f12df006053c03792b159f05ef5006b4aa6d87800428a6f64e2e8139e31f001715c3aa4a6bf48fadc4cd8953ae57fea0d0346afb4b31e40d9dfa77d82f10b51118b61d7ba231eda34bdc1d7d4ae4ddb240bc9ae0b20ee7dda34038d12f5b25b07d25e414b9d3f761712aa8703b76b1eeff6caa8fa4690f9e9512d33bf37672992914619534f6d83de4655b16d253b10df232e3df0b3090ecfcd7cc311177c4d0fe592f46b4a67e708491b969f60e588ba1dd3a7da4999a4869f927bcdc9f808501f033dbe55565cf2a25cc78ec6e4cb7c107a40f3a7896ddaaf9ae12fad182ad54c4b235ade14851fa5fbff92b2534e3fed29b363f38c62152c1952de0bd1ba5d528ea6cf0869cf08e2fd1469cdaffd54e092bf889c30a4c415bbba9d063b5bbe4e16b5070981b0d235a79bb9c48796de973f9a8857b107e99a3d83611892618c0d362e3237e28e271846ea2a913179f51388090ec7c046fb5a82f4259c0d4a060cb907e103fbb9b54566cf3de07fea0311e09cdcbd97af38966137fa20986ed43fc63a995293cd354fc91b11925a07cd575b1888288660f191f9c77aa09b618a2ef1f0c1de5077eb1d7f4c6ed3534234060b951bf8ff40ca3bd318cf53767478814896b9a4f49a3f2806bdf63f8806081249d931b89c1f90460b1cf5555f1d59af908000a9b71c66c294b4d7807b1fb6ff2dd8197537167687573d424348a7a986b2e3dc945a72878d4430a85dd9d657cf32dc46f690c1fa0dd76b43fcdd2fb1dcf1c8d440b96e8a50800e6585ebfb502eb9851437afe0c2183ec09e311d3f96a258025e92845a223c56dce1720f286f432f9b6a5b692617cda8f7a061ea509cd423f86cdf0f52f8555ae1e9360757e0ee84b94a7b6360acad6905012de1e1463dc6974c25b873fc113b9c2d6a0a95621aef7aedb7937d9cdccd5c1c2ce37b832f2f154ba6f2cb2eb379de75b88bcf7d53ccfd11a05c3aabfeaa9242213e5b14825747325b7f065374b2d6d02a72667b432a32dd5aaeedfb5c6bb5e55d691aa75e2b9d289f3c7a55e5f7683220762e4087dd914319b886d9d395b5dc43cd8b0559f39912715c3f5f921df69e27dbf2b58d2e9d3d6638d11219f9120aa05629e55afcf1219d53936446d5563238c849402c2de5605dbe941e2541afab7db0b147ab52146328bccf86ce07c182e17f4d2cb065cbf5eb0499863b8f24e8c33c6c8aedf9fea3d41a620904e212c5506f4f312f83ac849d73c378b41fe7e82481b5a607939bc2cc3c4596444912c988c4b08875d85eef0d2d920e29949cb4cfdb8692984911a2c035ca95e3c6e7fd4d96e88f1b383ded0bedfe15a1a79f6a72f291dc265bbe011d5a117012bdd872b21b317d051f23f4c9faa79cb4bcbcf768994696417dc3957117d42dc4777d584f6526620266b3b5af003e0c4fbd7218dd92004d32889f7f9381a3a4592ff4892f96019100ef1f8201c2167b22aaed5a14ac5483fe23d8322200680918d7ef5182b66e3c2f342ea9cdbce3d97f63caab814621e8e0ac3e9f277a1556b2da1930169d67b065737b89aa3f3346edfb4a14cb8928c3efa43250405d8c26da7c3772b299842bcdba30f53496147fd070261fa280112c22e867fd4e0bfe1408b2757dc42fe1e45f9cb7c362acfe5dc514d753d6c85b62d07826e173674fde5506861ec3e83ad9c233a37d0bf65d884eeb7749e79e23bcb303951cec6ee653609390c561cae37050ef9639747df6bed917bf0654a3617f439c6b49ad4de6c8c850da27020e0b6175bc6b7b38feb4b0eb10939a4bbae8559117b25ab87a2ef1761e232aa4ad0f541a3faa3fcbce3d924eeb6225b78aba83e848116af118159b2e098b17cc7b2797ae310132d11ffbc474decd4cbaad5dbc67cc5ccde63802c9d0e7a5fb21af96b9c671ff4857ae43e8ec68b66cfd9192c1a40e95fcd5d99ec564e49971f0ce4ea5f27cd1a899216fa61fec76e7d8dc8eef28beebde48d80a5b4536b26ee7fbc03d4a1858c5abd22a1365a85df32e85678d46640fe0803233cc6596a7c8c323f51bd8ac7e01f60ced8b5d89ff494b207328d3c0d777977dff626a51b0c7a926df53405f983280bfd79a63588bc5571760fb13eca25265ba144af7fbd147db152bd747928b78774f4c105d650599f298a0a3aa976f3bb0f384a887d30dd131243a038ddef4be48b68fd0a90578962d367925afd830b799dd4e4050275e2440f8f7bfa31c4ceb55a8a4da47eaf0f3a10311691571c6724ab54db04be2270ca1e10f50231b820bde143442775300738d21fcc93255e182ca0b42ad18e0e1e5f2ff32a3b0c390a7befc44c170423ebe2e45424cd9dabf03b8f13a887e0f3e099e4718be135768b98b3cb179cf1fe233a509d4b0e978b7703fc138dcfd7ed864809645dd00b1edaa2fc37911c7bfbb7351fbe7d4c00afcbe6f7223b807950ca1e2cf5c30d304b60c1dabeddfd290715357ca43023ba85cd64e8ed3d04cd8c64fe5390bc087cbb0150f6417e96fdf5fa80026780c5f7e83fedfc71da126e373d9822d7262d74e047b220e7bc383ff1ce57f64e0ed0722ebe12d2f09f07439daea6110a6ca053601a535809c27581f3db2c7a2684b5c1e65fa294c717d3b120202f1bc74971570fcff610f7638d0df8c72b79a36a077d5764a760d05ba50aa8da5108c761708dc85bd51079d91887b16a960ad831aebc22e81bfc48772cb0b69fb2945dcf07ddb0d9023b4c5af574b5bf8a6ec03807a70254ee18df68261650b03e33bb39b32e8c11f2e83aa2535b3dbd6062357f9db96aeb383be88edf65131ac319091ea5191b385dfcf2843a48e7cd58e61be74ffced30ee41807330694ff594f28078d2a846e08b868a239889acbf4d54cc6422497ac404733207d80179812cbf54240a8cd707a0bcd527b2b162cbef9f5464623aec5abf91160e62544c6c61c5eb8314caf557c90f4b97d58ffff2201d21bbaa6b798676f59db8423295708c7e389afdde786dd39756cded240bbf49ba2501f2e84bcade2f5b80e0beeb0cd96f19dc48f7c93bef105edaecfd940badb99b215ef39941f8aaf47fdb8e6af5792586d362738bd843a64aedf5dcbff0b0e4aaef262444d5855716511918e47fdd9b64c269bfc8bf35325c07de561e88825e004e5f1146b8b1a6120c3062799ded538c708bd6c3e5dafc8800930350f5fe183ed6bb500a56c870a57a652d2880b2ca71fd1dc58785e3b9591c642f8c8a46323d8f105e204adc9e135afa8610f5c8b1b29d6f40231cc03c054e83d3b8aea1eb3d"]}]}, 0x32bc}, {&(0x7f0000004500)={0x31b4, 0x37, 0x800, 0x70bd2a, 0x25dfdbfe, "", [@typed={0xc, 0x58, @u64=0x40}, @nested={0x1004, 0x12, [@generic="fefe91e61d666a4571683b2561a3e220e05276d330fdeac6eb93bfd28d4302287eea4e76b5db0de0b0651e89ac3a1cb8253b75be0eec9a016c6900ce6996709faa3c9548d22e6c0bbd1d9e15fdef0c772d1c4636f33be67dbaa45f12df10f981066c40c1237020068d02118630709149bf70dc276d1cc82b802b94e2cc0fa8c6853b2dadbfdfe22373b5b049a2038a5ce745b46b2a0c9115cb9aee1aecb2ef720279a41f19769ec2217f32b4dfcbbe016cf0bd9c6f1232174067b538447057fe305056da2c5b58a8cae5b497ed7bc8aa09e2b941f2b6bbf147329d87d1d46714ccb35f81de89efb4f19f7d875ffe74687ec8b8847a23e0cad9e6d9112142531314fb73b22a703dafbf4c352fb959d6c719098a69edbd223f6c24199df150433685438d622def8f00d44de80c3fee08eeab93b444ce7feb597785f51e7ccc583d74d0a7ef4584e138baaf9c953ff615a83aa71a0eb6a6c5c2d8ab41aad447a9317820059200d26b41fd9b624a1eb980135d4e630afc13817ee07900a591de292c6b1d64756966c6bdaa5cb9fed846352e9ae8aeb98503852d106991703a53e8344b0e6af941af63a866e4b3d399ca4e54356c386ddf4fa8fbca00d5503d6229be50cb02035520b9442371c92ed531c4e46fbb271ac00658e0a95ee8058dec930681c533c498bb27606bac5fc608839ed911e978e607c14248d156ce0911a531b1f88f27d8cf57c2f424d46ce906eaf305b0843c96cfeaad43fe421feddd5a4513673fc2e327ec811a950d27951fea34a79919f12810626dfd140cb7528e27f3fefde92e4c9e0e3638a8dbe7e91cc37c3168ac3613b9c13b556c70e7c9abb2ea14a6cc8d377420eb372b13d1a24db7678a84eff4358fea9856d5bd6eef8d21e2fffdacc519e60af331e4fe03ace0ae964e68e1dc726103683327aa2b239548e6df6a2f3180e7f20e434aaf7e8f5f46ca155192445d35272c1e4cc5f693e4934b54c0762d5cdd005536fedc8606c1cface92f2cf36f1f1e4c3970b754963e7df8491f9d69e6faa32acc955aa78b0917487b4c36315dd029d1f2fb5ac64c79f7f5a152b609925da58464c7030baed5cfa79ea1b52b96eb016e035bda0cb0595de92456075e68f227937728b3d90d69a6054ff62180b599e2dec84d3295f86a87fe005af89bd0b2ff175f9d91931751029072c7b56ea8707ed90f1e82ec092c6fd6902ddb5f6184f771fba2a19fa0238279041d31367bf59760585b45b1c2f391eeedcd115121241eeb6da4bdc9adde960f8d92b2f09399d1636ab7d91c7f7838ec0b1e0fd021f7433c22e2c4406a19abf12187843de726adb5e7ef8c5953d6097843365624452fa06829baaf10144c64a6a9a2248029705e7f35b0fe8217e4eafc170693a25dd5e6dbf6952ab62cdd73ac9232ce56efea7fd03a3527cae2def14c948ab62f720d34d238d6ae2d6016c74b2a0d8b23e9e105a14e649c544810ff8ef76aa4b981b7a44692752509e2e21e4259e07d221f6f4a073cd611b866f9fdad87142ae51871c0434a75acf89d7c096010ead2dfa391f447e8b56b9ba4bc82b48801ee8e3dff3273fee48b6bf3f31f7587156a722e4b313a6f3dc18f7dfb6995e043e0155d6876b2f56683dbd0ad27388706bf3a6284921c00795c0f58d5d1950d77c0fe8fa2cf0a0c469fc33943f56a54b855238ae33399a892ca8eeb1c04bf98ed14bcb20812e4e0fac02fa60a3e93fc322a8bb42fc8f63de6289f9e362e63a355673e663363906334b3ab62c57b3865f8e30604613d1903a0c04d4b74c35316c2634e3ee2f9c31be9b3b62a28a8079d26ce14649939531ffecd4111f4621b0ca03ae800e9363c9f2beaa21518bce8bd245e13d89f03deb649c9bb4760db6861f649641cc39a169c967d9cc27e4278fabd4688b64242b23ea43cf9729571aab3c6f3643c4815590eecc01971746421563e2d85793f6e35ced8f03cc551dc44cb8f74d36556dea9622217cff82301b88c01c496ae40463fff27fb7c4557ac289280a18fec619bf2b9910c73605b65445cc3e6696e0e7bdf298e32a9efa81985982f18b6a781542e3b4a326ab16e9509ddca238fb14a686b4025ab832237f82b610d844cb0d21b359bfbb0d57d3446bcf65546fbd73797cd483d5133249bb2865774c904fe479d60fcc7e02a67f766e4da9b004b75ec97e0b2a842078c33a0ec3df44b13440402630dcf0ee28e769a0bbe312163585f686cec9ead02870014d4ef51c6bbe9bf7bfa73e000f598bb0c6e9a2f4d394e9c93d44cc361607ab3cad602b0ecb895ea157b89ecd29d1039e19cb73fe9dc4642e964bdab40092a70025b8bfaf7ae3d1d8500abf4e1d31fe393352448b19343af5d1b7f74db7ec8f5d188cdb6e7dd086f8390b5ac2099f84eb8bc1265604421e0a883a7252db130e310ee454b512469a18179c3b4f9269c0f1ea19a02a24602d8bbc46cfdd9af661a03754cbedf81f828fc5dd1c3007c31497080312148e6d043ef1baef70a09aa4fc95334b754d59da642a313e7018a761906063fad9853e731e145f3c655cc466bb7fed2ef57b25388d078db73d7e911cac79d1e6780ff430cfb404a356eac18bdda3e61266f8797bbefcba1a04910c8023979cdd258ca1c26d87e9b342e4c6a5c0e2331fd7e8c1b485fafbeff798b8923ba68fcd1c55052cf3d3479572ee4917255ed3df127eac67c7e8990a84e5622e758c07fe90ed04e41fb3c4a74b02933fa4bf52c6eacce56ddc6fab2fd109dfd0a6ecb46133f9d1f4a22c235f1a6922e6af96c8206ca9c8d3639b76f683e9f259404662c73d1ca63d8d75052b4f1be777954e9310ed5079de1811ee683ccd2d368d3907711558dc23e67fc85cc4046d3dd720300d3b034476b35a8adbb6a6b64109326161b21c3e318856b324690f032909f9e3557643fd53b5f1c902531073adc7594c8f57f09fcbcf3109d87f7f9210af529aba3b431d25f42963bfa0bebe05e79d094a72146bf2e893709f2d36eab7a8991ee97d65712b987d4467c5f9543d041e8be3149f478b2291157010606bf2a10f85d48e5095554324b048739bc5a2c7e141e5e55804a2ee96b273dabd65736bc481246a5f78fca3b6f1d4b6948e43f68e5257aa8fb6aeab112be135d8b51c8e1717c33cbd48834c6abaf078fb6cc0f06b0ab6ce210df779bf763b072690f28ef906023210ee8e9d88244348710a20baf7932e2a219b7fafc0192c20295c8a4f1a0475eee5dfc45cf1ca9a66538958c9985686118d115f0efddcddb6c9b4f74fed971673f8a656592491f2c6c2d00503239a0d79e661890ffcb196ad597213e51c253a7777731f91ac4d49e032843928a264af3898474c17af18e4604b53baab1ae88e97dbeec01d29d1f0a7c4a87b180c83e87ebbe88f3ff7a9a9b48a601face13d716e49d7c492a04852feb18d087c72e60dd47291650947d8072345179346bdf3a8de6ec3c3afa8a0b704d73d890b0891a6b10c11e6749d6a44b97d4a5f26399e3a306c344c9996f12389fe6af0b30de4341841ea3c6693f02ddec212921fd43a1d357a98d5d002ba0b207955068e96f7a6ff3704fe42523f7f45dba0aee00dce8dfb1f9f67df5affea35fff9f377037b386fc0ea81e08040e4f3994a28ef81c8b33fda6084fa85e460c7a912f53db2b4c4232a3633cb5e5fd10ebe4a7543a634876de3b479aafe64fe63ca8fff5cfc9d3a83439b599f6a09114e5d706b6958bfafb27d1f0a96a28acf9b168c6ced0c8c9a9ad61d7726c05e3b0fbafda2650b61fa2c6c0f9e7108fa0cba28382768f9709571fe1596f59c88b7d280c22c5b172d1140e1a8858e7d0788b5e15b0f30500875cd4a51bc571037ddfdef9ee62219f20f1c2237aa53c8f5203e0daa4e6db21cb2c987f766ddbf171193e5f10bf048e26294bd973d6116dc73c9a464da8351ca1f653a1d777c828694b885ecb0cb0fcb51f66833a8b54436e613d42fa73d4255690da1be3a890b3c35b2eb0c781a9ec6a7f5b84436ecab70c9e0505a3a93ea4896e44dd1da4460c0fb87689ba1fe43c4f6e501b8d3bbffa1a85218def56ce6c46eb8f9536449b41a9517b054df0951628c105317f85b59f46f64d7a63a03bfeec12cd3dc2df863803189400ddc5a8422f093412c66abc8c3150defb000c60f18ebe09df51f9b32af97563c4c2d438e23e80ce50da74342e678fa66c9fadecfc655b9883dc034975167c4199bf62a18ee9041ac1a7ee62910efa2966ab6f2a60260baf4b167a1fd62b9ba9e2d473fab338afc914c8a07261205c310fe6d7ee646c6e52622a085492e0fb8e147bb98770aa87e38fdcd202d499b7bf61ee7c96ca67c6e084ea8361f88e0535e3345d0db7c95d531fe57d18a3ec6241ddbcf85fec2eef9dfe4bacadcd94f9bf2e27a0ece077e017d23a1ed0e6bf164dc7f2a38e5eab43dfa000b35fb6ee773f2b7bef33b64bf7e486132bf39ae508511b3cbd28489d24cfad508789c4ee808bf0095cbcc631eab8d68c6b3ecc457ea9c354b8f0f58462ad974f7c50b99d1c3585503b70a9676df9517a00e00210361e63b9919d0c8a73b983e9d014c5434c66ac223438e7f78d2d882c472cf66ec7e50868902a6b389665f23314f3464109aa048cfb264a03edcca9332709c0a2cd1f2b58640a030a579023842269fede496954d5984ac0797b88dbbb11d8cc1d3e113e0781b90fcc7e2dfe554dd67fb377b1adc4101bb7bc2ae95b292612b4fb6fe0daca107fd9e461dcc98cc16e89bc2ac2529dc18786157ac810d55c1a74092f3f0dd65dbd8ed7cb82ef4903463a32487519d4a29f447d11c6192b54f6cd172cb93a9f4f1589462613c72ea4dfb7f513b9199ce5aa93c7f8a9121b1a3e9662f3862e994800453476c7d67bd3774d85bc0863e338f53f64d57d3bd30e766a3ebea924db1ea8b694f7032f95164289548c3b6b534fa8c5ce90a538089f6f5bbc90c7c94c5d3225f9c5caef68b37f300e02c8c2cd10d25a756ca92c5defa124971f05ab11ededb4080ccc1da3e65103350592e2ff91464984d8a86b97b950d08d84b50801c294af1b12fe64df0587ee485fd7d0a0a90fa314e73fd5ecb8dfe479dcde5d1dee7042c36b7500d549fd3d50a452b54dc4c3b788ae76a46aff228fe5ee39a82a8b26f3f468dcf2192aeefb709743bbc65ecd6716ba5b5ec14bd7e0f1f1aa63966a6d070b5e95b09c8d4d85d34d0fee97ad07dee79945f8454648cb1937f17612fcd2d88265f7f5bfc9e7d38f2222adcf852878264c4802f54bba3764d383fa077197a08243757dee32c565e27eea25140fd4f4ad787d175b89b02792a6a777297c9745ea9e3ef5bf92645ddb4781d12509236410b29c565aa67fc5aeb8c61c7bbe0556bc2304f8a8ada93e40cca555e681965422025d471e83e9623953684c749c9dd1bd3d5c923cac7e941df330d83c3aa98c3d499b2aab0bfbf5b62e673f61cb1547397ada73e9e0fe21ee24e06b584339732f8f15a827df099f0b70d0aa1958c8cd0e19d2fbc7d3fd00d84e420e41744b9f6e7c449704f1f60c3981d64b3d806e99e543b9b0ac98ca8b57a39f6e74b2222931f5babfd7af4148f5b327dafe1786eb3fc363d2b9b3cf05f6db8a8f379982e8524b76cc51da3df102cf2ff90b8c140044a93b91053c85ec7fd9ed579ca6b614b1495ca1d2e500dd929bb88a7529981b1ac040acbc3b40a63b4cc0435dd30f5f3d94b05a0ffe29c75161761a19264f58dad788172ad2f40581b61ca95570fd692c"]}, @nested={0x2110, 0x79, [@generic="2b4c2532f35d610d3eee74bfbc9b1c626b6262766532ab073a25e5bc7d356e5fa351073803dd2b3b09f87ef1355033258bb4e3a637628a", @generic="f3cff15846f84280fcacb88f79e33fa59d52cf3c5fa24da6b78469b417a48b848e5643d0d52467b16ce1239c8be03f6c115277f54c2382812418a6698c7c44673600bc5de4f4e595a7f59008d5ec92ed4768759ec1ce0f9ab568cdd2db43b4f32f84b41a5e8c76502f3e8ff740d5ae89468bf658d8f32abb9f08fddddd1c77de293d83c20aadc27347faf92e1f6ad32aa18a50377c077fb460b985f204065add2dc3d23f2fac92c534897023f7d1b9e9730e45a0429f76a422da7e62e40958d805b0231bec1180aca2b84c0bcd84fa67e80f05904983e4a3ca3d8d7c0d89a0e595ece83933614d09a05836f89609e282a6b6e28659d37055ed5e93a95df1eac1bf9b6cf3558ae2aeb9db4fe50cc94562e649b673ef9a1a44dd43cb3c79db1c920eeac66cda30608b0349c01532acc17eb566937d7a6161b04c978c2f9781966dd451b3420a945dfd5b97028667ad6a6848a1590096582474aa4f1d701275f802bef281ce678fdd286cb02fa0cfdc1b03353ec62866fdfbf395c64281ed4d0f2f6091c876c672d96e7450b595a868741a7d97b136e534dfb72d06d1a870685f87527c8867bd68474317337239c10afc3668bcfb6bc218ffdd3b01db4b61e9d489196d1ad2b442e320e0b4dfbae8d08931c55d4dcad201c2c909438a310caa16951f72852f28649da5e476f9c9bcb3c4eda5d94abc48939fe2bafa6734225e5a43f8c0cf09d6b2ad47de0588669d6272a0dd69f1ddf1bfb61c0c92e36efdf5c72f5367bd44aa1ae74076d0a02c4ab7ca9152cb85e3cf4692c201697b6c1d6dd1a63b329b02dd1db369e94f75b86ba17a155e09a1e768954940a493fa8d8bfdee5e383af99ff9d8d8202163df9653511a96558d2ee171b43694add66547445b61a95a790f9b4dceae67d4b863ce612db92082d787159949f4fe871bb94112ecd0aa1a3af4962bcac986acbe0fa7950256a6efc71a4a35cc02fdace5054e7c76fd2cbb1cd659f838682e1bcbf81b200f721b140fc5f2c6dffe8328dd91bdd660aeb26e4920577894740ac40271a99ce0d5b82070a90137a819fe5e6969fed01691f1b078197968da58d46b2b1e5f06db47ce523d6012a84c56cf215c686c70f63b78500184ddef716c59d4599db0f3f75caf3f59f707c78fbeb27e044daeb5ea9c607d3b04b9451c50331a38611276ffef775c1eb9f5d54d72a1c87df9d2a9556239b1cbfcf7714b44031cf3780757d060d4a7eeade93a131db664ec9f58726fe429801cfa0912d1403add6dec97f306d9160fedf789fcaf7efbff61e8fb4ff79b8d72361a91aaf6474f9589a221ee7c55184b733a8bee4f3f74d6c92e211c8d051498719582da13f56eaedb86d52b977a336b81453d56f32bfef55e4ce669303fd2acdc868c659f4d72d4de7239264a7b2c4a2080058c574ba21196abe212fb672734a9d767697eec3132d1a32a08cc4dfaaeabe4db9268b894d547767f49db64613c6c1015548b6c36840116513df92701d59ecb57dfb13b769c5f8baa5a0a8d7c22c488206b6534a22977ce09627ad74239c8f74c4ce4fe0b2d826d8470d043e7382c2790a7829551a650e397351cf540a2a2a9edb728675195ff6276fc1effb33b65325803215494870519e90f3d0136f406ffc94fa49341a359da0904c5ac1549abefd5a6af18684b7419539cc90dfa97141d8327f337ebe290172d1fdcda8d5345133364c77060d7b560817337235ba1c752063711a7a2451323ca308c41d4ad7a1c920b055b00b6582cad142251c2aa34f21fd6599dd48e8e1f8426f6f595663fb6abcf56def861203d40e568a257ee4ff30d346c7b981637201fa106f908168505dc14fb97d35fce62978fbbf67970015fd6f4520f951315bfedb1ebab964af5f643ec53bcff790e09278a2fc3adeccbc5c0c88564930c92769e20f46b88ba53416027a5b86a364ce2735fb89f9625993ed0dcfd52b7ad0ebd538d709446422780985f24813caa33af556d58ce3f0d326cfae7c1d4d299d4b4ced4ac9d7f71f8bf45e69fd8ae7a056b5008f43d093303a0c4231950e0e54447c2a8ff03bec6930c8fce6cf753de5b986efd7fb1827b012e4d47817ed44d760dd3f15760a4779cd064d8774b851031aa16d10aa251c2a40419428a015a619e547ca5afb0c3f8c4c59c161da9335e30af0e017b0f4109a1caa5fa0ecab4c28f4259ceea7c3ac884d2ce2029db2a749c0d4bb71c3a64895cc25bd040f98c32acb4ccc7cf8ea356f78ec57542c5e373864fe5382c17f6b6cbfb829b38f6cd9524f01b22f157f856c4332f3eb4b69665afbd7f6b6dee1a349f2ed4c8e0398eb1adcb2b4fc419dc0335ae935b4934d6b9c45ffa4cb5716ae40d7f5f4a9b9a1d9c35dd0a60fad4f0039652d8601c64fd4a67de1648acefd64768450b2ae4ab0631e789dc214cdb75365b934747b86af731c9dc7cde9d40a6616f81c4b736bd8d5241d1958dfd33ece7ae59326f9c1505da67601d10f28d54aa776520096cb9efdfea3aafdc7e20ebfcb279aac85af34ccf7bf1f046b2a947d81547ed904d088bc4765ecfebdc0962861cd52e6c6b6fa26a2311b590f2451e021b8b09e0c8cb203d97673ed7f8f1e7dfa5efce612b40afe55f59c8ee189139d74816641e13175471930a76dc2ec27e356d76cad8793057edd365d584c54846484ad1679cba4dcdce86ce5e866475059f397b42cf5fb4995c14455be7453e8add620ba3e66bdf48ec78b210e6f84bbc5fda516bb3069b132ca55c683a23a8c1bcc9561b5dc5b0708fc105fe0bb434aa2989c96db0e24fe152145be994c1e2000e752b704599701805ef1c69ec73e482cee108e0e8397267c001963fee5b3c401f53a940f3436fafda8e3534caad71fe4c69bc4bc0e11a33f44b3a43a3198754ef9d779cc4193bd891163d9af04a7170dbe4a4165987a0e7e75ce45b4f9c5e8464b56a1db0eb3fbd1978f6020cf196bdbad37f63802b4edc51e8ae38487a4ab38be3be31586286a14e39dbff789fdc89fd9de42c82c746758421a10bf1ec6fcc1f001271d9a32df2e7302c34c0000011cb1a18f29177e4c169dbd1867bc0c9ff6161954c82c8ece64511e00d2a76e994816c2881e5ac4e52ce3c5eea3dfeef02875b5deca3a9d430381dc17f59911bfe85eff995d0145b161f4c41706cfacf6849585d914dea71008f1d3faaaead9de536bd0887b97a7029dc64ea691e5eddc8904d40537b82560e9c9e0cf73ac34b3fd7722b095d5840ba16b8a57ee0ba84b8679275e6306be74c1a7d275b8f7f8ebeaf82e5be552f106da16d921c3830f0d2e05ca85c4c1614f228b8f1715882894533bde7d9b9c6f01a24799506f49a4541341ff388d0391a2dc68b988ab669664765058e878c4baf551c402a22b222e6b49f458a747a8a530aece2f18ce8fb4ff5e9f42e7fdc49459816f8e5bd26061e022c5623f9ba5d982258d01aa97f6ca8a9a45130f677c377d1459fdacf26bbafc0dc98d04694fc00c0e6d9b23b18ff7d246ffd253666d401c2049df34544a2d763495656954f1ee1299ceeabc7d5e2ff6ea2c59b2cf10183cd14d57926efec387b484261eff298c25da28f75d0626a1a3da3e1b9f35a169683b4f906461ae28408092d8e89cf0dc8d07b1bb7b0331564ad4131ff26c97f4c39607567bb1d72809d33dbf22a57c547165dbed67f8f1cb3bfb4e83c9195be7ed5f4bff7e0cd95c3a999dcfddb1c2975caa85aae60b4669992abf16bb36aea6d0f7801ce3ca33ebd55e4dca252a1c824406b5ada1a6c2392c199445be4fc1a723a67d03e40294680b3ab5312df6a1c065e100cfaf2afbdc3d9d5acbaa4240939e90b07096323c91f348c63828959fe65c60b219e526e0245ac5dc1c5530edb7285e187e5a42788cb9c24826fffd994c6e8f230d1b34544b4a27e6249e80d34df4b056e7526889ee161d037111df4dde8c9dff5e2a39cd880bae770c3469b41eb9199017ab2cf516ca19801ce5c9d2e47cea0757960d836e109f702c25f9d2a23e81dbd8b23aa027ead069ec24c103b80dc579f1f1569ba57b65b3b63aca5c8ef247a4728f4dd6de5430df53cb813eccd1b7301b631a319d49a1cc4e65b335de38b824dd98f1a381e002420d89b1e5237878d9f5d5ebb32fc6cd7c99bf782b135c6adfe77124b5cf6721e42a0a7fb110d9bf3594297c2b38cb370922ccba55b362ad8a613ef8cf4fef8f8c8358ade3f36ff75a391c0cc8910853a1beb0ed4085382063643507455b7e5f2e8353fde62e55e68d314cd9f767eb49153014b481f2cdde0d8eef8b96447e1f9a25b0445a557381c1f17f492304786b2002e89e16caf2e68b9c4095f4b995c52b8b758429c01d16b4b3c93b24c76db9fbe3734309ff04b6b93babd03b09a2a604e97127d7f54bfd7c8856006aa712073a1cab44e940895b1d0c60f01a235a0f8bc2b5545682592b3f0178a5ef8aa8825c6e896ceaa6f82147a47d1142721ddc7aa4eb568fc2e5fa73afe0ca47fe65f312446a21b6b8b97fdf45b7ad03ccf2f48caf4f2bdc9c89285837e072ffe1cab5b5ad3366679e6025beb39102c865c258f6e6e49f51b25df858606c8552587a9ea647c9f754b4fae0044df35fe89def562dc6e8cd6f949bfdce151af74071751294ecd3259509d4d2fa6133e131f292907a3336c684f7e3ce9dbca9eb57d3d1c8db446800d7e8f623f25823bbeb265d4ea358987874632bb4f060b330ba5f8f71d170bc633b522e35950f0641b7de99b5e0ebd11c8f787e37c3d470002b752188da936a5465dca592d4cef0dffe80c415784bfbe92365de78a947463e8825c1c11bc03c79630fabf942da3e7dccb99428af32386c5167810f78eda2007f63118e08a0aece08ce54b1c325da90f232decfef47157dd9b47e3371c0ac43428f32b6bab769abbaded43daad785c74144129a09712e72234945a03121ddc29012178ea76c9a2a7d8a7a82c5e1521007326accac2009af1add3dc4e5da29b67faf6b6befdd4f03e0cc0f6be54f49c0c6b7a3594caf6c84367ec90a7713ed6f1a0d299bc346fd9c79e7a56e2fdcb5693b47536e5c23f25c0437e0505d1e54ec4ce379fefd5435e90dbc839f192578088c38aebe05356e92819138ab66d1d8fda99327aee5f5a0631f4d468bb6b35016549984cbae8ae7c4b9d95e6794541813e476ebf42860ea02b4264c5a14f9dd3af81dfaed5c81445639802650bd0c0553452a73900c2285425b661e4a4b24bded0a1219167779c876b344cbc13a19364548043a08dc9a9bfebe631f9b4fe2c0c6769c8ece79601bb02e03fa133f238d7541e9d66ef892de19192b6a9d44be331044adfe823382c329ed5384ee32b6bbaa0e7d358d110641c057d44d0d1a9d772d7372a3e80b3ef91b9069f457a3d5b239a2816d58f67005c422969477be0826a5c4dc562082a7e64f4ed7dffdce9c5207b1a5e5f9b6162b4710ff27f49e506e4d8a3c4997b5d621a58da9ba41b4342cc879f15b439ad86b03ac6664231c9ab31af03c23a1e22cbc256af31be448609ea7ea36625000168bbfbda00d50bfc80ff33a31b59f4cb0e96e65dfdb4ccac82a979a879fdc5e08f47fb857b5cb5fb35dbd31ded0548bed4f14bad99de21ebb34e9523baae3b9d1de3e4358e7a0902af934c60c29b244c883bf649cebb8d2862148ec386d9a8ea5d98ecfc9fd4ced6d915a2ee60275a120ff3f80aa3ae37af6beb273563bf732d240cbe8321558141d47bddced3d24d426841b84d617ceddb6e0c9aca6296", @generic="ab3fa74979f3f399cf38db51b66da24f2391d6836d5a98bdab6c7dc6afd9d1cc263d9b96aa5ef10bc594a2c728229bfc546144ec40ddec816ddfce5a83964f4da02718d05af80fdf4e3702d4a9", @generic="c91726570db46f9f9cd1829d7f6e8efb9261d00514bb0fdc9c9ff4da4ce8402628ff79e006a6f14b45ce6b430b2e382a9f71ae96ef46242d0b6d039359511ccab8610e0f31c9d38b0f750598dc64a2c505e62016554956ec18982e6f7496e91a68817a1b08bf4a84eedabb1f042233ecb37d5b0f6f0b", @typed={0xc, 0x4d, @u64=0x6}, @typed={0x1004, 0x2f, @binary="35a959ee4760838d3b8d48c6ca370fb48f400a4034f715a528fb216e619bf6025327e946157b1ae7d57663b64a2debb2508c7f487d6c2ccaeeeed542413f9b84e1b6478058b83ecac1f64b66e9e705036bfb75ea79d5c9acacad68fa983986b701d1a615bdeab55e59a5090dda3686e107a7c75d4b97543379774dd864117f8cb8f3816ed2ee37dafcea97e5a5a9edf2ef80dfd0e2fe812f58b7fd5475ae4af49738f2f929ebacd523e89204be68915382790d53b23288f0b4ab82b7cd07d7cc047ec75141fb75053a13383fb6fe30651bb517df5adb53416bbcff537075ffa51542814f27043f4ab892f61414d030c9d2107a0fdb1b8ed475ba106b373c32052c46ac4b17a6da6aff2a554f7020bd75b2e242380f3314d1235f47f6026854f399c4cf844a37a6a8f189bebc93ae2331f99cf5a5d43ddd2f7698fc3d5f358a839f4c2c53175345416ddc4efc9d544f8e7ceb59f5b7082329f2f65a0bda170b11c2ef1ccb6bbaaa44897a803a47daa1c86f4e3323039958c1f92408a0f7d1843121aff141513e31236b55c904450760a21d8f77eec96babe2467ab046be777613308b16892ed40946c4fa7e267611aa9e56dc2433d6156c1ab4f242159b0eb6317a9a4a674bc211d727b77f2b36fd7da0e42bd5d506b09b12d7bcb1b7ae44f9c3c6ecba2c9b69b8efe05f964b3cb19c28a58f2287f5184f841823d501434cfacf3b81a76a5600489942784e69bc5306ea663a56dd15eb31e9e004c232b413e5c35bd3f8988266202d6a51cfbc8dec82bc7413e0d74495bc9583aca9c2dec69ad6ae54ab65b0ff39efc5e40a58df1c664cb38faed7f8a68053a9b704b0e521bb8437d6d9a1563b955fb73abd2542e9cc9b52cd3051c2805fd340aae9e2d53dddf5ef5995489e1d802e375cda52cde384d4bea0f76ead7d091f1141980a43e08c4258650fcfa707366dd992e19a2dc37be20fa6758f5ff880b6f32cf51760fdc9ac70fdf2e11d8b74c6c0be001d4c21f0bed942f895ffa0f68b4e758fe43db5893694669aa8c33d8b98fd6ea156619b37e943a5bd9d2a1c9910a7deb40cfa86a6336098884c73a2ee736daa28946ad49f7c4848d4599ddff0fd44c4301c7193200b692e8c98d98bf06cfc18447930e478007873b35373d5a88ce969a540318d9198fff66307db83df742779c1bd920f8f6de7296487803ed4aeaad64f4195112292935fdac57dd2117f7dff0774d0a3966d677a0fe9d56a0db9beff31bf8d96dd656021527a896929515cfe677c90f96fd692e5fe69857b4cf7c7349a3a8857662421eaf30fc2f3bf77fb603d365e926f092db25ac7d8ca312863339dbbb139d43dd22c71e14a0a3c093074663df202c539fba320f57a764d6eeac85ef7efd053116dca8449d430c361e01879d4ec9e58a7c60b5563146e20d212aeb460ced8ae6874592feb7133635d0b25052a1da524fc1085cb5e62e0bda266b0c0c3a221061a1793b0201cafb717b5c4f06619ef3405363e039348749dc729aecff2be2aa73fed329f4ebc2bc588eb80b5e1f1ceb53727217e58202b08f797fc7a04098ddecbee8e94bb87c9d81627f8400b959bfc88cde93df0b0afbbf1834031bb87b566f2415f129150f697770a8dbbbfab1052527941f8961045feacfe05c146422ad01e2b3e4bae69bf6b12dbd18d7957eea41ab3cfc1ebb54246692fff1123571a16a6e00754b1026d2ae8632158dfa57dd5270b027e3361aadd7cb419563c7bcff8b59290ebbf12fba484cbc51b2bdb74a511b2653831c7dd4fd5a27922bcb579e0b00cd5dafc6a4adbf964f348e22349babd0eeae98fe3f1ea5789013d6527e65195fa0267e8ead7a67d6066ce0ce493dfdf5d1028afc0123a068d44a92e1ca326c86bd0e7c6d1d40d9b36cb04308df613ebe5aacfc96a563c6c67a08cb067970116cfaf6ef1fb0e9f76a2bf90e5d8a80a2713c2e8319b77c71cdb5814b19eb6a665b65981177ba11bb809c8ba629f00b6de65f4b38566f88281e1afcded4c3da85248dc48d41aefba2526bfc25455d298b74790c5cced3d6e15e82a13228b7981377a8e953fbec6c1c4693674e1c6ee887e20eff1291c0f27e8e795e0e67682e335485d7d079d8bfb3a7b1b96e636eaa68a9b90f9713b5ff26bb965ffa3834298c7fba574fb2487554b36e0af814f24820d63679db2c69c723f2d02aef91cf8878cea7fcb349920fa1bcbf03e2f68ed204c381af7e25f37469045bf5ebddd38a54daae159fddf84731b1e061896cc744aecd3c033fb35f1a61f49eb2bd3083c5e8845159641fdcdb347926dcaaa558c94129b9a0ed0d1b8b1052663823306dfc321bac3e204e0528f7ce1ccbf2ea0d2bbdda4baedca8c19694466d9ba788c473fa311054270b12c816e019790bfbb0275cf73c635690023e75121a1c3cce1349d8746dc4b4d95c654960e2835a9be87024e21b87e46ee79b845059af1fb972de0c9dd3281411fb3863176a3548cf7c9d45c7641f38d4d9b38f93f3d62d9110608d1c8e63f6330a671cd3d46df5792275d4c97bd91293d6bf0844b4703079b66cb6315b7189f20f185d66085e25477f11f928f68b32dde769dae34222db9ff60a2b2dc23d90add04bc115560ea3932834957b2e31321db2f59169441c3ce0fac2557c1aebc9e4611eb0b1391cd4f1cc3fa6c732fa47a32e7243d48cfd2f291a6218e140283f8a87836126bf57067c6e5bf2032e372a2161b581cc08afadbd1c79b26ae8b80be9f99b49f0f6b0a486fa033254ee1ceadc6ed98e80e8d47f856bd19447fe2b83077a0998a11b2869c75ec5bb1492e0de6c55de330ee23dad45f65edb9a8a2d0fae70932c20dbffd91fb4e0b46be91b8e739a23568e04490a1ca9f1b1c39bf150e7d07c15eb90291b8aca9bd50618eb22da19fbc5af850696bd0135ed8da2cfc4ff0ff2f59babf29caf523e4eb5306e134ae47d96c6b416c58d65a2768ef0d6f50b8d9b019cacb0863a3a5ea3e43d6951569d06f767755036d7bca4a45fd26de37a8307a90f744c212f292ba88be5e61833bb851180dc28bea48a44fe4ec3e633d9a2d03f02e87ff3be0b1f35aa90ce5e32fee087bd1cab34da06b3269018ce052278a367723d920c64f1cb36ee7e286b6b045b8fe8a3b3e1284cd29783ae422cc7a7a352b55d9389c85eacfb4df8db389e928a5c0ed94e58c7c380e16752c33ee3955dac4fcad517ba71a429173956d5c13514e999bc7388ad93bf21d4b00016914ba1036ff71034ba43f6f8fe36e2816316558e3ff7cce73ec4a30032caddc48f3f535ca832dfa27f3d3627f905973ebc9a94434f4acbbc1f8d6edc21ed44801e835795010c0cd6321aab79ea9e39abdecf0d3f0562ca41a69ac76b3248239c6bbdb9eadbd56ac9695d817e2038e501ca399b4c5d7fa4b5e79bdf5cf40d7fe8274c08eb29eef1603db6736df4ca06c41b437db37125b40fe9b8363cf7e8316c2e7ec005edcbb03e5d1eac3e54c14adbb8180a1cbb8e6a830727473751da381ccc79b51cc8f588a5bd57e3a9ca7de5e54b49fb87efa28ccc943a678e4b763855b011f3a11b55dfbac723b5840f9e8cf4a0992719b4ff68923424241f01cf3540df5c8f05e05a510a72a0c6040fe1aaec757aca31fc446695909bd84ee719b9fa0b6caef6a958619435f48fb7a323a94a1a5d62523ed5e01598ce08c0a2260535bf4fc6b52f4f23eb70f031cab53d6bc81a31d9d5a95a06298033dc7f05ebff118c4ad4f8cf2e7e550c427fcd842d7b0da65773696fe26c27da9f4b0f10effde411bd2f36f8501c541825ea949d6210cadca4e2dfaf30a48ec5d03d026ecbcf1251b6551a6031bbfe4a486c1a6a613988093576277b4e0297faf1c30c00c2b4c56ecfb10980f7bf99bc22dfd32d47e27bc8519b45f8e1b42d200256327db0a1cf881b78fe605fa63ac7a360122f09c47b54a0a9b0cdb68ab9c17a5a45accda3af6d43f09957470bcd840f5b128d3a3aa0452aec67b9944b8947553859a2420e628418cd7f9f8fce3ee44d872637c252588c95c8addfe7b12957b6e5e70a66628cdf67f9b22d13fd9a874cf72ffa090bd66ac4396071a2d7c17f2022168ac5440d03cb4549ccb98ec06d772ccab5e86d5227d1d914e09c15bd19af52b29851e1fa3d09a42bac3f84db5500b73414b82eaa8ea6007e81c40c3bd186f20c81d1e22f4e2439f3dbac16e6a9714a2790a8779dd16ee56a7d3a73528901a39e629e0d9535c31041fce6076bf58c7fe334f5d47f0f0a0c1e8935ad97358b8fd3d09d2009b7c14cb524fa41e1e3a3605afc7474cd1305defa14246f9ff2fde067fa5075f2ea24a6977c8df4e7d86db8af16f7a95bb77760bc17b1ca02f4db36acecc5470729fa47a56d423a08e13b0f02c7983759bc8f90bd222c5c52695bdbc2ac7018027a8046d403bfa2785d0d4ae585876b03260681aeb185a631bebb5c08ef3f49db32e9ca19bad2ad5a72453421f825a1c977ce0d318e335f2f5c45b613e46fe278ced6d8726d42304bb1a966f5d6319c0c57af6bd3018c551da95dd1696a29edddfa556b2fcdb5af7d2c1351b749ed9a0c612809d34dd1c5971a75f050038fca03d8b657b488fb8f8fa508cf27bbdd9bb3ecb93c7024590de1fb309b80d332e9e62c2e41046ea599c5cd10201d35f157fcbe9a90fbf5d97917c220a5df16cb86d67378104f2bd012a9d85f185ad933d88f28504c21d57f25efe99b69b961dbcd181b7880f1a3c75b8635c4be63e4df310f68b5403097116f5a0b476d7cb37967cf75357e010cc8671405c96dfadc60eb7cb31431049a9e7963f2a752f7b32936c857269fd8f5bd533a3119cde93329df9f061f5183ae065bf4afba9ee674069835e2354dacc15c62337ce36bfde636b87f0e8784b86a1e7b88029790616c38ce7b64516188f70f16dc6a907dcb726600589233b5dcd295772ead4e29dc7c9dfa9dd7a671d69cdc92331e4740a63870e1e1e5a1cb4840aea8a92ef7bb6789add7d8cd90e4d8bfa93452f2b274b048f1ed689c2cacd2c87ad16b4ccf2ca1ff2810a620e88e6c980cb012991c4846879e59683558d29d79af329bab7bfd7ae8d6d91e5248a24907dcdb1b6c598e9eaf464acc1227971a37516e8101c5a88f0114e8f8c0b56a652ad903530d7b9269e138368ac5442f92256c586a11e631684b5263d59159bbad828f7641c1ab4679ff5c84fe3fb7d2b79acfc0481577c6aabe7a30f9994dc4bec5e80f4d2faebd667eab6044b572e26fd91dbecb9f48b6086dfe4932ff556b98780c96c8955d7d15f8c74be471f600130e9d30d597c6996d0acc4133426c4d70af7fefe973d17021f22e57626be4e7f009ec0bfe78c46b35162ae9a0c8ce24389a70ea5a4295ed919915aa2f782973e66504c6ddb0c42bdeda26cfe7cdf75c7a8877e80d8e9e76669f893471de2acbdc4e6da3ca98896c4bc64192322e9d0d6b89092ed7a47aa3a958748ab5d78eb8c69205ced64c07ea51c1892c76fa633bf5bfc1172b9131e2ee706901978361a1504ea3f0c583a35ab935780ea9f2e5835b72380620b92a310a9c23d19c25ed7b811ca87f5fed2b54b845bc64a076b0b9767ee646061cc3dbbb89ef8999bed98e5bd035421a849d2b60dfe66ad57a3383ff384031b4950d338279597afc573059f626e160896ff855304f3f9f930b01def5d061d761ff55afdc96ea5b475293effb870b649f9402b7e4389a5439a7a991b95c6c2f78d1e4b2416bde99f8284d768e571608fcf1d30759d"}]}, @generic="e70d9b26ae57be1217e3e9f9e44ea8f521", @generic="f0fffa6955bb87af2f48a271c284ff158a8e0a0b211e93fa4bcb83377d3f9d55e0a31a25dcf5fd23d57204d4856bc67787fd668b198c0b82353bef1c8a3a73604609", @typed={0x8, 0x4b, @uid=r9}, @typed={0x8, 0x7c, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @nested={0x20, 0x31, [@typed={0x14, 0x86, @ipv6=@loopback}, @typed={0x8, 0x5d, @ipv4=@rand_addr=0x80000001}]}]}, 0x31b4}, {&(0x7f0000007840)={0x274, 0x29, 0x0, 0x70bd26, 0x25dfdbfc, "", [@typed={0x8, 0x4f, @uid=r10}, @generic="44e5179369f98df19bc9a196ad70b37ceb187ed204fb501894d83d5fe8aedeeae4a7ef8f021163c030470fcc108165178e817ab9a5a861dc1ce590473aeffe91a66dbea7d114bfc82f110400b44a4df29767d1e45cfa658fc3608227fdef48bf4e3bce16b42f14fc571caa2cc7d36b42975b49f925a1396bfbff011ce8c589ebb026124736b4b12ed5", @typed={0x8, 0x1b, @ipv4=@dev={0xac, 0x14, 0x14, 0x25}}, @nested={0xd8, 0x5e, [@typed={0xc, 0x38, @u64=0x3}, @typed={0x8, 0x6c, @pid=r11}, @generic="0798d5d25a91bf2d0e03c74a7b05425acf537d171c1537ddbd111a2b67954f9c183fa84e4fd206d897ea800f1849480044438401b96c6a0b5718a4dd06182ce137312eb15a0cd2169c2492cfa6e594d308951ab08bfcccbf51a6689baa158c9a78a0ceffb774e96afaf383fb0a94704e376cd22df8850de97e44274a5dd6055ae448b7f039f8d1d2eb013077575943c82c99c77641db10e38be7a24599e8149bc968985d7e18dd7fb06bbc2d41fc0af242588486e6822680552e47cd975a23"]}, @generic="1be22edfa737d54190d92574b2d5e9486fd57c2db3852e2c478476194f8b66e3b3db8874bc80e8da71debb481c61a060e9ef1de66d09bb7114a8ee3ab1a2018741bde42f3c67d90ba6454f47a8d7a39e68c13bf8ad7dca337bb54ebb329a8b9ffdcb5236e0a12f5b286e4ea4e2d1044f1f248c0a69c279d6d3889785c925ae51c15b763628bf39241ed262ab0ac0cdca7f6736526f438766b5f8e2a880312d9f4e2555c5aa33173ef43b8c6f75b97840faa133dac0508e42c1c5d800414ce4d3c5ddccc5216def63b0a589a6287a8542811c7a7edde86655fbbe69f323e55fd90a7af32cf38fb68fe2f25e2ec151fab21776"]}, 0x274}, {&(0x7f0000007b00)={0x1cc, 0x38, 0x100, 0x70bd2a, 0x25dfdbfd, "", [@nested={0x5c, 0x8, [@generic="4fa15585b6d59e93bcc71495856a8b26ad14397ad2b263d2fc9bd7af8b969d0a86da1264c68d67345532b541b602e0134d13ea39b2bee94ccba994554eaf10bf5873251b66b86e0f74562d2d8ef9cc7117c63bcc35ab"]}, @generic="92d5fce5a00842eb20e9cdbbbd8de1eb058a43a59c31a983ffc6270a5e586fb2eb00d212fc6d813e791c6a1258a29dd9f8f5807d464fb031fe25035084abb66a3a8da26745326a5bd0dc0c8ef9218f4a7439b3573b0e52d90e2100869069d57f4937d178869341b7beb5885facb3f3db284d95790df824a2a3fdc62c7a7a8a9677bfec44351f2b8d07eac839f2c8b1ceeb32ceb9c0", @generic="b45ec07b869081d26fab5f82e56245347faf0e24fc376d1b1344a738660e1faea9e51eb2509c14d498d7f8206d0cd1c09528d5433a4bc15114785660f753ca4c82e505a71f12ee1bd7593696e549adaaa837237ca5dacb7bab50cb2b8f3fe9e5cc26fa04af27438ba20ab35bbb4051e83015c733195e288b094f55e4c012e7fd333c4a6d1ba77dff", @typed={0x4, 0x78}, @generic="67ab1da3b3d18521f40db0c063d9d2a5724bb0c205ffec31bf8ff0827609a11a2ed2c36da0b8ff", @generic="dd18451b54ddfc2c2e0f97ea5fd847ae", @typed={0x8, 0x6, @pid=r12}]}, 0x1cc}], 0x9, &(0x7f0000008600)=[@cred={{0x1c, 0x1, 0x2, {r13, r14, r15}}}, @cred={{0x1c, 0x1, 0x2, {r16, r17, r18}}}, @cred={{0x1c, 0x1, 0x2, {r19, r20, r21}}}, @cred={{0x1c, 0x1, 0x2, {r22, r23, r24}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x18, 0x1, 0x1, [r2, r1]}}, @cred={{0x1c, 0x1, 0x2, {r25, r26, r27}}}], 0xd0, 0x8000}, 0x20000000) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r28, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:47 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x380, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x415, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:54:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x381, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xf0ffffffffffff}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x416, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x382, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20ncci\x00', 0xa2000, 0x0) getpeername$unix(r1, &(0x7f00000025c0), &(0x7f0000000500)=0x6e) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x5, @loopback, 0x6}}, 0x24) listen(r2, 0x9) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000140)) readv(r0, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/246, 0xf6}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/136, 0x88}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/67, 0x43}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000300)=""/111, 0x6f}, {&(0x7f0000000380)=""/39, 0x27}, {&(0x7f00000003c0)=""/29, 0x1d}], 0xa) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000580)=@add_del={0x3, &(0x7f0000000540)='ip6erspan0z\x00'}) 22:54:48 executing program 1: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000940)='/selinux/mls\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000d40)={{{@in6=@mcast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000e40)=0xe8) sendto$packet(r0, &(0x7f0000000980)="dbf2e9e79e0967fb464271634b39f327414a5328e38e5d5b128fe1aa265d7c4cdae0b4f40d99fe31b79c7a4ece05ef216cc4a12b30200547cfc0ac826d64ec0e7183f6009cfe82cda579138706d8e414e52a2f02496b765f8a94339f77d38515ef43da1b54252b2eb6e95287ec0ee43013bc42e89f9df824d23300a1a140e316277e20a1551d572e009236ac82695101fa731d5d24a4eb40dea9960499f4066051a3962b2a6324b0d246e4d56094f7af0197f04b98bcb4", 0xb7, 0x4000000, &(0x7f0000000e80)={0x11, 0x10, r1, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='\x00\x00\x00\x00\t\x13\x00\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) vmsplice(r2, &(0x7f0000000540)=[{&(0x7f0000000780)="e2274dc6846407d5475b597c342f6a3b07b204708567f845f716f08ec7edd09ccddcdd061ab7906c98a720ad3c838e04f7c2fc27167e4285547ccc6b37f05ee0d3d7f171056c0de8db65a30883f8301cb8f293397058032d6db7177ce29759fc29b7a2838ef7ee22c4593d703cb919d23f4c171ba7153f23ebc36bd409ecaa0fdf8cd4a725a5740902de581710b3620557a5c2c74cf0a537d4bf4bd8c5ba5befac680a0be102ed7fc9047e21583482c0e2c2038bfdec3a8a131bbfd6be3a96994a387050471aae74461e9be7d8b334"}], 0x9e, 0x200000000000002) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_PUBL_GET(r2, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f00000005c0)={0x13c, r3, 0x105, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x75}]}, @TIPC_NLA_MEDIA={0x84, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffbff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}]}]}, @TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2800000000000000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffffffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x24}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x40}]}, @TIPC_NLA_LINK={0x18, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x13c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getrlimit(0x2, &(0x7f0000000700)) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_RUN(r6, 0xae80, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000080)={0x7fff}, 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_NMI(r6, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000480)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000880)={'broute\x00'}, &(0x7f0000000900)=0x78) 22:54:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:54:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x417, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x383, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x100000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:48 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x418, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:48 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x384, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x200000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:49 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x419, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:49 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) set_mempolicy(0x8003, &(0x7f0000000080)=0x5, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0xfffffffffffffffc, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20ncci\x00', 0xa2000, 0x0) getpeername$unix(r1, &(0x7f00000025c0), &(0x7f0000000500)=0x6e) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x5, @loopback, 0x6}}, 0x24) listen(r2, 0x9) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000140)) readv(r0, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/246, 0xf6}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/136, 0x88}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/67, 0x43}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000300)=""/111, 0x6f}, {&(0x7f0000000380)=""/39, 0x27}, {&(0x7f00000003c0)=""/29, 0x1d}], 0xa) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000580)=@add_del={0x3, &(0x7f0000000540)='ip6erspan0z\x00'}) 22:54:49 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x385, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:49 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:49 executing program 1: getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0}, &(0x7f0000000180)=0x14) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x10, 0x0, 0x4, 0x924, 0x90, 0x1, 0x100000001, [], r0, r1, 0x1, 0x2}, 0x3c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 1235.929599][ T9959] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1236.946387][ T9966] IPVS: ftp: loaded support on port[0] = 21 [ 1237.025412][ T936] device bridge_slave_1 left promiscuous mode [ 1237.031772][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1237.087044][ T936] device bridge_slave_0 left promiscuous mode [ 1237.093211][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1239.178194][ T936] device hsr_slave_0 left promiscuous mode [ 1239.234617][ T936] device hsr_slave_1 left promiscuous mode [ 1239.284057][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1239.297064][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1239.308240][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1239.359084][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1239.442890][ T936] bond0 (unregistering): Released all slaves [ 1239.556089][ T9966] chnl_net:caif_netlink_parms(): no params data found [ 1239.588565][ T9966] bridge0: port 1(bridge_slave_0) entered blocking state [ 1239.596185][ T9966] bridge0: port 1(bridge_slave_0) entered disabled state [ 1239.603975][ T9966] device bridge_slave_0 entered promiscuous mode [ 1239.611958][ T9966] bridge0: port 2(bridge_slave_1) entered blocking state [ 1239.619127][ T9966] bridge0: port 2(bridge_slave_1) entered disabled state [ 1239.627183][ T9966] device bridge_slave_1 entered promiscuous mode [ 1239.650904][ T9966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1239.661812][ T9966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1239.684411][ T9966] team0: Port device team_slave_0 added [ 1239.691866][ T9966] team0: Port device team_slave_1 added [ 1239.756435][ T9966] device hsr_slave_0 entered promiscuous mode [ 1239.814508][ T9966] device hsr_slave_1 entered promiscuous mode [ 1239.864105][ T9966] debugfs: Directory 'hsr0' with parent '/' already present! [ 1239.923427][ T9966] bridge0: port 2(bridge_slave_1) entered blocking state [ 1239.930608][ T9966] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1239.938049][ T9966] bridge0: port 1(bridge_slave_0) entered blocking state [ 1239.945178][ T9966] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1240.035044][ T9966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1240.059691][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1240.075658][ T9832] bridge0: port 1(bridge_slave_0) entered disabled state [ 1240.091731][ T9832] bridge0: port 2(bridge_slave_1) entered disabled state [ 1240.102946][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1240.124400][ T9966] 8021q: adding VLAN 0 to HW filter on device team0 [ 1240.149516][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1240.158152][ T9832] bridge0: port 1(bridge_slave_0) entered blocking state [ 1240.165459][ T9832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1240.242003][ T9966] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1240.252499][ T9966] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1240.274847][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1240.283496][ T9832] bridge0: port 2(bridge_slave_1) entered blocking state [ 1240.290645][ T9832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1240.299652][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1240.308636][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1240.317334][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1240.326032][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1240.344588][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1240.352565][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1240.385272][ T9966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1240.674689][ T9974] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1240.685456][ T9974] CPU: 0 PID: 9974 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1240.693035][ T9974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1240.703124][ T9974] Call Trace: [ 1240.706448][ T9974] dump_stack+0x16f/0x1f0 [ 1240.710820][ T9974] dump_header+0x10b/0x831 [ 1240.715277][ T9974] oom_kill_process.cold+0x10/0x15 [ 1240.720426][ T9974] out_of_memory+0x79a/0x12d0 [ 1240.725134][ T9974] ? cgroup_file_notify+0x140/0x1b0 [ 1240.730371][ T9974] ? oom_killer_disable+0x280/0x280 [ 1240.735631][ T9974] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1240.741207][ T9974] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1240.746885][ T9974] ? cgroup_file_notify+0x140/0x1b0 [ 1240.752130][ T9974] memory_max_write+0x262/0x3a0 [ 1240.757025][ T9974] ? mem_cgroup_write+0x360/0x360 [ 1240.762097][ T9974] ? lock_acquire+0x190/0x400 [ 1240.766807][ T9974] ? kernfs_fop_write+0x227/0x480 [ 1240.771887][ T9974] cgroup_file_write+0x307/0x790 [ 1240.776859][ T9974] ? mem_cgroup_write+0x360/0x360 [ 1240.781922][ T9974] ? cgroup_show_path+0x590/0x590 [ 1240.787005][ T9974] ? cgroup_show_path+0x590/0x590 [ 1240.792052][ T9974] kernfs_fop_write+0x2b8/0x480 [ 1240.796943][ T9974] __vfs_write+0x8a/0x110 [ 1240.801293][ T9974] ? kernfs_fop_open+0xd80/0xd80 [ 1240.806282][ T9974] vfs_write+0x268/0x5d0 [ 1240.810566][ T9974] ksys_write+0x14f/0x290 [ 1240.814924][ T9974] ? __ia32_sys_read+0xb0/0xb0 [ 1240.819716][ T9974] ? do_syscall_64+0x26/0x6a0 [ 1240.824416][ T9974] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1240.830686][ T9974] ? do_syscall_64+0x26/0x6a0 [ 1240.835397][ T9974] __x64_sys_write+0x73/0xb0 [ 1240.840012][ T9974] do_syscall_64+0xfd/0x6a0 [ 1240.844557][ T9974] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1240.850469][ T9974] RIP: 0033:0x459829 [ 1240.854392][ T9974] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1240.874042][ T9974] RSP: 002b:00007fd3dbe1ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1240.882494][ T9974] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1240.890494][ T9974] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1240.898491][ T9974] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1240.906490][ T9974] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd3dbe1f6d4 [ 1240.914571][ T9974] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1240.923257][ T9974] memory: usage 5156kB, limit 0kB, failcnt 597974 [ 1240.929966][ T9974] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1240.937198][ T9974] Memory cgroup stats for /syz0: [ 1240.938599][ T9974] anon 4251648 [ 1240.938599][ T9974] file 106496 [ 1240.938599][ T9974] kernel_stack 65536 [ 1240.938599][ T9974] slab 724992 [ 1240.938599][ T9974] sock 0 [ 1240.938599][ T9974] shmem 0 [ 1240.938599][ T9974] file_mapped 0 [ 1240.938599][ T9974] file_dirty 0 [ 1240.938599][ T9974] file_writeback 0 [ 1240.938599][ T9974] anon_thp 4194304 [ 1240.938599][ T9974] inactive_anon 0 [ 1240.938599][ T9974] active_anon 4251648 [ 1240.938599][ T9974] inactive_file 0 [ 1240.938599][ T9974] active_file 0 [ 1240.938599][ T9974] unevictable 0 [ 1240.938599][ T9974] slab_reclaimable 270336 [ 1240.938599][ T9974] slab_unreclaimable 454656 [ 1240.938599][ T9974] pgfault 74712 [ 1240.938599][ T9974] pgmajfault 0 [ 1240.938599][ T9974] workingset_refault 0 [ 1240.938599][ T9974] workingset_activate 0 [ 1240.938599][ T9974] workingset_nodereclaim 0 [ 1240.938599][ T9974] pgrefill 46 [ 1240.938599][ T9974] pgscan 46 [ 1240.938599][ T9974] pgsteal 0 [ 1240.938599][ T9974] pgactivate 0 [ 1241.037265][ T9974] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9973,uid=0 [ 1241.053868][ T9974] Memory cgroup out of memory: Killed process 9973 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1241.081700][ T1058] oom_reaper: reaped process 9973 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:54:56 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:54:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x386, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x300000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:56 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:56 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r2 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) poll(&(0x7f0000000180)=[{r2}, {r0}], 0x2, 0x3) 22:54:56 executing program 1: r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x80, 0x100) sendto$x25(r0, &(0x7f00000005c0)="61165e8c5e575e0b6439c8f7de78b7fcf1804d4ed72b545b0bba895b179f115f532071f952a8fe629ca1b326dd2bacdfb3bfab3ff5c8739e2ae105f867ea8760c6419ddb84b8224d12567979d2039d4197224294d9bed0c380e4ca805ce129453cbd54d9b594b53f08c53f73c897f63bf0e081ad2f3b75ae45482135e6490d744685b64bacbff941c8f269ad97fa9bb2d09fdc7a9ad52f9b48486df98c46b0e7903bb999ab3b2ed29a6a9997b1a0b0431c2345b61c3442dbab65366f932b35c4eb303c8a5b6cc8d797952f217f17b4", 0xcf, 0x4000080, &(0x7f0000000180)={0x9, @remote={[], 0x2}}, 0x12) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1241.668510][ T9966] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1241.678533][ T9966] CPU: 0 PID: 9966 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1241.686087][ T9966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1241.696150][ T9966] Call Trace: [ 1241.699448][ T9966] dump_stack+0x16f/0x1f0 [ 1241.703788][ T9966] dump_header+0x10b/0x831 [ 1241.708207][ T9966] ? oom_kill_process+0x94/0x3c0 [ 1241.713165][ T9966] oom_kill_process.cold+0x10/0x15 [ 1241.718295][ T9966] out_of_memory+0x79a/0x12d0 [ 1241.722974][ T9966] ? lock_downgrade+0x920/0x920 [ 1241.727830][ T9966] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1241.733633][ T9966] ? oom_killer_disable+0x280/0x280 [ 1241.738848][ T9966] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1241.744396][ T9966] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1241.750047][ T9966] ? do_raw_spin_unlock+0x57/0x270 [ 1241.755169][ T9966] ? _raw_spin_unlock+0x23/0x30 [ 1241.760030][ T9966] try_charge+0x1053/0x1430 [ 1241.764552][ T9966] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1241.770094][ T9966] ? percpu_ref_tryget_live+0x104/0x270 [ 1241.775647][ T9966] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1241.781201][ T9966] mem_cgroup_try_charge+0x136/0x590 [ 1241.786495][ T9966] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1241.792131][ T9966] wp_page_copy+0x27c/0x1380 [ 1241.796723][ T9966] ? find_held_lock+0x35/0x130 [ 1241.801494][ T9966] ? pmd_pfn+0x1d0/0x1d0 [ 1241.805737][ T9966] ? lock_downgrade+0x920/0x920 [ 1241.810590][ T9966] ? swp_swapcount+0x520/0x520 [ 1241.815349][ T9966] ? __kasan_check_read+0x11/0x20 [ 1241.820368][ T9966] ? do_raw_spin_unlock+0x57/0x270 [ 1241.825481][ T9966] do_wp_page+0x499/0x14d0 [ 1241.829907][ T9966] ? finish_mkwrite_fault+0x570/0x570 [ 1241.835283][ T9966] __handle_mm_fault+0x2120/0x3ce0 [ 1241.840394][ T9966] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1241.845942][ T9966] ? handle_mm_fault+0x294/0xa90 [ 1241.850885][ T9966] ? handle_mm_fault+0x675/0xa90 [ 1241.855827][ T9966] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1241.861152][ T9966] handle_mm_fault+0x3bb/0xa90 [ 1241.865925][ T9966] __do_page_fault+0x536/0xdd0 [ 1241.870693][ T9966] do_page_fault+0x38/0x536 [ 1241.875197][ T9966] page_fault+0x39/0x40 [ 1241.879345][ T9966] RIP: 0033:0x4034f2 [ 1241.883235][ T9966] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8d 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 42 05 00 48 [ 1241.902849][ T9966] RSP: 002b:00007ffe50a88b70 EFLAGS: 00010246 [ 1241.908921][ T9966] RAX: 0000000000000000 RBX: 000000000012ee38 RCX: 0000000000413430 [ 1241.916885][ T9966] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe50a89ca0 [ 1241.924859][ T9966] RBP: 0000000000000002 R08: 0000000000000001 R09: 00005555558e6940 [ 1241.932841][ T9966] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe50a89ca0 [ 1241.940819][ T9966] R13: 00007ffe50a89c90 R14: 0000000000000000 R15: 00007ffe50a89ca0 [ 1241.949026][ T9966] memory: usage 776kB, limit 0kB, failcnt 597982 [ 1241.955418][ T9966] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1241.962260][ T9966] Memory cgroup stats for /syz0: [ 1241.962364][ T9966] anon 53248 [ 1241.962364][ T9966] file 106496 [ 1241.962364][ T9966] kernel_stack 0 [ 1241.962364][ T9966] slab 724992 [ 1241.962364][ T9966] sock 0 [ 1241.962364][ T9966] shmem 0 [ 1241.962364][ T9966] file_mapped 0 [ 1241.962364][ T9966] file_dirty 0 [ 1241.962364][ T9966] file_writeback 0 [ 1241.962364][ T9966] anon_thp 0 [ 1241.962364][ T9966] inactive_anon 0 [ 1241.962364][ T9966] active_anon 53248 [ 1241.962364][ T9966] inactive_file 0 [ 1241.962364][ T9966] active_file 0 [ 1241.962364][ T9966] unevictable 0 [ 1241.962364][ T9966] slab_reclaimable 270336 [ 1241.962364][ T9966] slab_unreclaimable 454656 [ 1241.962364][ T9966] pgfault 74712 [ 1241.962364][ T9966] pgmajfault 0 [ 1241.962364][ T9966] workingset_refault 0 [ 1241.962364][ T9966] workingset_activate 0 [ 1241.962364][ T9966] workingset_nodereclaim 0 [ 1241.962364][ T9966] pgrefill 46 [ 1241.962364][ T9966] pgscan 46 [ 1241.962364][ T9966] pgsteal 0 [ 1241.962364][ T9966] pgactivate 0 [ 1242.055736][ T9966] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9966,uid=0 [ 1242.071246][ T9966] Memory cgroup out of memory: Killed process 9966 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1242.085878][ T1058] oom_reaper: reaped process 9966 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:54:56 executing program 4: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000800)="240000004f0007031dfffd946fa2830020200ae800000000a61d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 22:54:56 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x28200}, 0xc, &(0x7f0000000180)={&(0x7f0000000780)={0x198, 0x3c, 0x105, 0x70bd2a, 0x25dfdbfe, {0xc}, [@typed={0x10, 0x6a, @str='/dev/hwrng\x00'}, @generic="6ccf1b54c74cc11face6ba7c1de6e11fffa2de5e3fb670e593a14f255ff95258c747b217d9dd59c859e44f63dd4a12f4fae114ae0ace1191ed72cd9efe32542beaaa2ea3beeee380c3cc691d5505fc793d5ef61999aaddbd296694911fc6f6cd268c0316813d6f2263a645dad289eb1edd8a5040b21f4ae55f1e9310bcab6ef8b4753d0e92843033389405b6408a5092592aef1aff5dc315f4", @typed={0x8, 0x8b, @ipv4=@rand_addr=0x7}, @generic="8204f89c4df3995ca8da7f11ba362d212b64ad56d7878860a907f7b379bb145bc800c9ab5be2be9de45566", @nested={0x88, 0x7f, [@generic="b1df1b99f5b2fbe7ec02b903dbec3c002d82d01c55c5c30ce3b933a1bf7ae087357925f24b860c131b7d6aae96b712", @typed={0x14, 0x6b, @ipv6=@ipv4={[], [], @broadcast}}, @typed={0x4, 0x52}, @typed={0x8, 0x5d, @str='&(\x00'}, @typed={0x10, 0x7a, @str='/dev/kvm\x00'}, @generic="d57839815af719fa9e0a1ee4092fb4591cea36b19e18fc467e714f43c03efe79b6786681"]}, @generic="6751275b0d306132502cbbb80e08620032a05ed8f097aefe43903a484efbde55"]}, 0x198}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x0, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x387, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:56 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x400000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:56 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x388, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x389, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1242.942850][T10000] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. 22:54:57 executing program 4: clone(0x800083102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f553e5) setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.ima\x00', 0x0, 0x0, 0x0) 22:54:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x500000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:57 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(r0, &(0x7f0000000540)=[{&(0x7f0000000180)="03825454467993eb1e77379090957adbb2bd806da1fcd564ce2ea26964f3bbc6fe2c218f1322c6a5341776976cf55a67b285e6422398d90298c1b8bb02cf14cfda48612291a0068c367bdf67d48d71534aba"}], 0x1236, 0x5) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x2000000301000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000080)) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:54:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:54:57 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x41f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:57 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fstatfs(r0, &(0x7f0000000080)=""/13) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:54:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x600000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:58 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:58 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x420, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:58 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup2(r0, r0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0xfffffffffffffda3, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10) dup3(r2, r0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={0x0}}, 0x20000000) sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) 22:54:58 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:58 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x700000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:54:58 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x421, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:54:58 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1245.754699][ T936] device bridge_slave_1 left promiscuous mode [ 1245.760896][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1245.805530][ T936] device bridge_slave_0 left promiscuous mode [ 1245.811708][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1247.854828][ T936] device hsr_slave_0 left promiscuous mode [ 1247.894668][ T936] device hsr_slave_1 left promiscuous mode [ 1247.944268][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1247.957916][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1247.969143][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1248.009262][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1248.103651][ T936] bond0 (unregistering): Released all slaves [ 1248.204609][T10143] IPVS: ftp: loaded support on port[0] = 21 [ 1248.285222][T10143] chnl_net:caif_netlink_parms(): no params data found [ 1248.319828][T10143] bridge0: port 1(bridge_slave_0) entered blocking state [ 1248.327018][T10143] bridge0: port 1(bridge_slave_0) entered disabled state [ 1248.334698][T10143] device bridge_slave_0 entered promiscuous mode [ 1248.342728][T10143] bridge0: port 2(bridge_slave_1) entered blocking state [ 1248.349866][T10143] bridge0: port 2(bridge_slave_1) entered disabled state [ 1248.357631][T10143] device bridge_slave_1 entered promiscuous mode [ 1248.374543][T10143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1248.421274][T10143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1248.446590][T10143] team0: Port device team_slave_0 added [ 1248.454159][T10143] team0: Port device team_slave_1 added [ 1248.517186][T10143] device hsr_slave_0 entered promiscuous mode [ 1248.554359][T10143] device hsr_slave_1 entered promiscuous mode [ 1248.684075][T10143] debugfs: Directory 'hsr0' with parent '/' already present! [ 1248.710370][T10143] bridge0: port 2(bridge_slave_1) entered blocking state [ 1248.717505][T10143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1248.724931][T10143] bridge0: port 1(bridge_slave_0) entered blocking state [ 1248.732007][T10143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1248.794712][T10143] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1248.815896][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1248.826153][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1248.834324][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1248.850930][T10143] 8021q: adding VLAN 0 to HW filter on device team0 [ 1248.863789][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1248.872330][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1248.879430][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1248.894524][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1248.903110][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1248.910236][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1248.932744][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1248.951757][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1248.960524][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1248.969167][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1248.988393][T10143] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1248.999884][T10143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1249.015928][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1249.035763][T10143] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1249.345343][T10151] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1249.356851][T10151] CPU: 0 PID: 10151 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1249.364501][T10151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1249.374578][T10151] Call Trace: [ 1249.377904][T10151] dump_stack+0x16f/0x1f0 [ 1249.382289][T10151] dump_header+0x10b/0x831 [ 1249.386738][T10151] oom_kill_process.cold+0x10/0x15 [ 1249.391889][T10151] out_of_memory+0x79a/0x12d0 [ 1249.396591][T10151] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1249.402254][T10151] ? cgroup_file_notify+0x140/0x1b0 [ 1249.407494][T10151] ? oom_killer_disable+0x280/0x280 [ 1249.412743][T10151] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1249.418321][T10151] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1249.424003][T10151] ? cgroup_file_notify+0x140/0x1b0 [ 1249.429239][T10151] memory_max_write+0x262/0x3a0 [ 1249.434128][T10151] ? mem_cgroup_write+0x360/0x360 [ 1249.439177][T10151] ? lock_acquire+0x190/0x400 [ 1249.443867][T10151] ? kernfs_fop_write+0x227/0x480 [ 1249.448920][T10151] cgroup_file_write+0x307/0x790 [ 1249.453883][T10151] ? mem_cgroup_write+0x360/0x360 [ 1249.458931][T10151] ? cgroup_show_path+0x590/0x590 [ 1249.463997][T10151] ? cgroup_show_path+0x590/0x590 [ 1249.469045][T10151] kernfs_fop_write+0x2b8/0x480 [ 1249.473927][T10151] __vfs_write+0x8a/0x110 [ 1249.478275][T10151] ? kernfs_fop_open+0xd80/0xd80 [ 1249.483236][T10151] vfs_write+0x268/0x5d0 [ 1249.487503][T10151] ksys_write+0x14f/0x290 [ 1249.491857][T10151] ? __ia32_sys_read+0xb0/0xb0 [ 1249.496642][T10151] ? do_syscall_64+0x26/0x6a0 [ 1249.501340][T10151] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1249.507439][T10151] ? do_syscall_64+0x26/0x6a0 [ 1249.512173][T10151] __x64_sys_write+0x73/0xb0 [ 1249.516786][T10151] do_syscall_64+0xfd/0x6a0 [ 1249.521324][T10151] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1249.527236][T10151] RIP: 0033:0x459829 [ 1249.531146][T10151] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1249.550774][T10151] RSP: 002b:00007f52c2fcdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1249.559212][T10151] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1249.567202][T10151] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1249.575198][T10151] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1249.583188][T10151] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f52c2fce6d4 [ 1249.591174][T10151] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1249.604993][T10151] memory: usage 5160kB, limit 0kB, failcnt 597983 [ 1249.611967][T10151] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1249.618957][T10151] Memory cgroup stats for /syz0: [ 1249.619320][T10151] anon 4255744 [ 1249.619320][T10151] file 106496 [ 1249.619320][T10151] kernel_stack 65536 [ 1249.619320][T10151] slab 724992 [ 1249.619320][T10151] sock 0 [ 1249.619320][T10151] shmem 0 [ 1249.619320][T10151] file_mapped 0 [ 1249.619320][T10151] file_dirty 0 [ 1249.619320][T10151] file_writeback 0 [ 1249.619320][T10151] anon_thp 4194304 [ 1249.619320][T10151] inactive_anon 0 [ 1249.619320][T10151] active_anon 4255744 [ 1249.619320][T10151] inactive_file 0 [ 1249.619320][T10151] active_file 0 [ 1249.619320][T10151] unevictable 0 [ 1249.619320][T10151] slab_reclaimable 270336 [ 1249.619320][T10151] slab_unreclaimable 454656 [ 1249.619320][T10151] pgfault 74811 [ 1249.619320][T10151] pgmajfault 0 [ 1249.619320][T10151] workingset_refault 0 [ 1249.619320][T10151] workingset_activate 0 [ 1249.619320][T10151] workingset_nodereclaim 0 [ 1249.619320][T10151] pgrefill 46 [ 1249.619320][T10151] pgscan 46 [ 1249.619320][T10151] pgsteal 0 [ 1249.619320][T10151] pgactivate 0 [ 1249.713906][T10151] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10150,uid=0 [ 1249.730205][T10151] Memory cgroup out of memory: Killed process 10150 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1249.746820][ T1058] oom_reaper: reaped process 10150 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:55:04 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:04 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102041ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, 0xfffffffffffffffe, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f00000002c0)="3bf31fb319ddb9922494873450679bfd", 0x10) 22:55:04 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x422, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:04 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x38f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:55:04 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x900000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1250.328898][T10143] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1250.338929][T10143] CPU: 0 PID: 10143 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1250.346652][T10143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1250.356709][T10143] Call Trace: [ 1250.360009][T10143] dump_stack+0x16f/0x1f0 [ 1250.364351][T10143] dump_header+0x10b/0x831 [ 1250.368775][T10143] ? oom_kill_process+0x94/0x3c0 [ 1250.373752][T10143] oom_kill_process.cold+0x10/0x15 [ 1250.378890][T10143] out_of_memory+0x79a/0x12d0 [ 1250.383750][T10143] ? lock_downgrade+0x920/0x920 [ 1250.388636][T10143] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1250.394454][T10143] ? oom_killer_disable+0x280/0x280 [ 1250.399668][T10143] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1250.405231][T10143] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1250.410878][T10143] ? do_raw_spin_unlock+0x57/0x270 [ 1250.416006][T10143] ? _raw_spin_unlock+0x23/0x30 [ 1250.420891][T10143] try_charge+0x1053/0x1430 [ 1250.425407][T10143] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1250.430954][T10143] ? percpu_ref_tryget_live+0x104/0x270 [ 1250.436997][T10143] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1250.442534][T10143] mem_cgroup_try_charge+0x136/0x590 [ 1250.447825][T10143] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1250.453460][T10143] wp_page_copy+0x27c/0x1380 [ 1250.458069][T10143] ? find_held_lock+0x35/0x130 [ 1250.462851][T10143] ? pmd_pfn+0x1d0/0x1d0 [ 1250.467111][T10143] ? lock_downgrade+0x920/0x920 [ 1250.471966][T10143] ? swp_swapcount+0x520/0x520 [ 1250.476735][T10143] ? __kasan_check_read+0x11/0x20 [ 1250.481760][T10143] ? do_raw_spin_unlock+0x57/0x270 [ 1250.486884][T10143] do_wp_page+0x499/0x14d0 [ 1250.491303][T10143] ? finish_mkwrite_fault+0x570/0x570 [ 1250.496685][T10143] __handle_mm_fault+0x2120/0x3ce0 [ 1250.501805][T10143] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1250.507354][T10143] ? handle_mm_fault+0x294/0xa90 [ 1250.512303][T10143] ? handle_mm_fault+0x675/0xa90 [ 1250.517242][T10143] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1250.522535][T10143] handle_mm_fault+0x3bb/0xa90 [ 1250.527317][T10143] __do_page_fault+0x536/0xdd0 [ 1250.532093][T10143] do_page_fault+0x38/0x536 [ 1250.536597][T10143] page_fault+0x39/0x40 [ 1250.540752][T10143] RIP: 0033:0x430906 [ 1250.544656][T10143] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1250.566025][T10143] RSP: 002b:00007fff578161d0 EFLAGS: 00010206 [ 1250.572744][T10143] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1250.580732][T10143] RDX: 00005555573b9930 RSI: 00005555573c1970 RDI: 0000000000000003 [ 1250.588715][T10143] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555573b8940 [ 1250.596782][T10143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1250.604759][T10143] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1250.613276][T10143] memory: usage 776kB, limit 0kB, failcnt 597991 [ 1250.619679][T10143] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1250.626597][T10143] Memory cgroup stats for /syz0: [ 1250.626699][T10143] anon 57344 [ 1250.626699][T10143] file 106496 [ 1250.626699][T10143] kernel_stack 65536 [ 1250.626699][T10143] slab 724992 [ 1250.626699][T10143] sock 0 [ 1250.626699][T10143] shmem 0 [ 1250.626699][T10143] file_mapped 0 [ 1250.626699][T10143] file_dirty 0 [ 1250.626699][T10143] file_writeback 0 [ 1250.626699][T10143] anon_thp 0 [ 1250.626699][T10143] inactive_anon 0 [ 1250.626699][T10143] active_anon 57344 [ 1250.626699][T10143] inactive_file 0 [ 1250.626699][T10143] active_file 0 [ 1250.626699][T10143] unevictable 0 [ 1250.626699][T10143] slab_reclaimable 270336 [ 1250.626699][T10143] slab_unreclaimable 454656 [ 1250.626699][T10143] pgfault 74811 [ 1250.626699][T10143] pgmajfault 0 [ 1250.626699][T10143] workingset_refault 0 [ 1250.626699][T10143] workingset_activate 0 [ 1250.626699][T10143] workingset_nodereclaim 0 [ 1250.626699][T10143] pgrefill 46 [ 1250.626699][T10143] pgscan 46 [ 1250.626699][T10143] pgsteal 0 [ 1250.626699][T10143] pgactivate 0 [ 1250.720727][T10143] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10143,uid=0 [ 1250.736325][T10143] Memory cgroup out of memory: Killed process 10143 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1250.750843][ T1058] oom_reaper: reaped process 10143 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:05 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x390, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:05 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000080)={0x800, {0x3, 0x1, 0x4, 0x7, 0x4, 0x7fff}}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000640)=0x14, 0x80800) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000680)={'team0\x00', r5}) 22:55:05 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x391, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x423, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:05 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xa00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:05 executing program 4: clone(0x84007bf7, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) ptrace(0x10, r0) pipe2(0x0, 0x0) creat(&(0x7f0000000200)='./file0\x00', 0x0) ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, 0x0) ptrace(0x11, r0) 22:55:06 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x392, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x424, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xc00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000080)={0xca, &(0x7f00000005c0)="25454867528fee5890d0bb2dc6e077c3af1eccd78b6244b08bf18031192b60166001ddf2f5a8262b8789ddea9398fb1f616342c8b06f7c8a292ba3492acdec82c42a1bd0460e15d5963c06bbd30a44ec031dfa60988de9a08dbaaa9716b52b3dccb070ef5e0b90e6073f6e829807f9d21f87cf710eeb40029189578d4bf2979d5c4ba33ef38e435eb1cd84916a69257e483b1aa960a11a13249af876075c93177f76cc87d5c2e0c4b7b6cddc099698269c7ad14d3c742f08bfec036372cdeaefd7a266bcc3e326e460e0"}) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x393, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x425, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:06 executing program 4: clone(0x2220, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000600)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109) dup2(r0, r1) execve(&(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x42, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 22:55:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x426, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x394, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xe00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:07 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000080)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb], 0x4000}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000180)=0x7, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$trusted_overlay_nlink(r2, &(0x7f00000001c0)='trusted.overlay.nlink\x00', &(0x7f0000000340)={'U+', 0xfffffffffffffffc}, 0x28, 0x2) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:55:07 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x395, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:07 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x427, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:07 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:07 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) unshare(0x20000000) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/userio\x00', 0x80800, 0x0) 22:55:07 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x428, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:07 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x396, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1253.711641][T10293] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1253.722112][T10293] CPU: 0 PID: 10293 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1253.729777][T10293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1253.739855][T10293] Call Trace: [ 1253.743204][T10293] dump_stack+0x16f/0x1f0 [ 1253.747563][T10293] dump_header+0x10b/0x831 [ 1253.752019][T10293] oom_kill_process.cold+0x10/0x15 [ 1253.757182][T10293] out_of_memory+0x79a/0x12d0 [ 1253.761912][T10293] ? retint_kernel+0x10/0x10 [ 1253.766549][T10293] ? oom_killer_disable+0x280/0x280 [ 1253.771815][T10293] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1253.777409][T10293] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1253.783109][T10293] ? cgroup_file_notify+0x140/0x1b0 [ 1253.788352][T10293] memory_max_write+0x262/0x3a0 [ 1253.793248][T10293] ? mem_cgroup_write+0x360/0x360 [ 1253.798310][T10293] ? lock_acquire+0x190/0x400 [ 1253.803022][T10293] ? kernfs_fop_write+0x227/0x480 [ 1253.808103][T10293] cgroup_file_write+0x307/0x790 [ 1253.813090][T10293] ? mem_cgroup_write+0x360/0x360 [ 1253.818147][T10293] ? cgroup_show_path+0x590/0x590 [ 1253.823256][T10293] ? cgroup_show_path+0x590/0x590 [ 1253.828318][T10293] kernfs_fop_write+0x2b8/0x480 [ 1253.833209][T10293] __vfs_write+0x8a/0x110 [ 1253.837570][T10293] ? kernfs_fop_open+0xd80/0xd80 [ 1253.842548][T10293] vfs_write+0x268/0x5d0 [ 1253.846922][T10293] ksys_write+0x14f/0x290 [ 1253.851300][T10293] ? __ia32_sys_read+0xb0/0xb0 [ 1253.856124][T10293] ? do_syscall_64+0x26/0x6a0 [ 1253.860842][T10293] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1253.866955][T10293] ? do_syscall_64+0x26/0x6a0 [ 1253.871714][T10293] __x64_sys_write+0x73/0xb0 [ 1253.876356][T10293] do_syscall_64+0xfd/0x6a0 [ 1253.880910][T10293] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1253.886847][T10293] RIP: 0033:0x459829 [ 1253.890777][T10293] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1253.911388][T10293] RSP: 002b:00007fded2bb3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1253.919838][T10293] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1253.927832][T10293] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1253.927844][T10293] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1253.927853][T10293] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fded2bb46d4 [ 1253.927862][T10293] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1253.951430][T10293] memory: usage 32104kB, limit 0kB, failcnt 0 [ 1253.967616][T10293] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1253.975609][T10293] Memory cgroup stats for /syz4: [ 1253.979353][T10293] anon 26664960 [ 1253.979353][T10293] file 118784 [ 1253.979353][T10293] kernel_stack 393216 [ 1253.979353][T10293] slab 3940352 [ 1253.979353][T10293] sock 0 [ 1253.979353][T10293] shmem 77824 [ 1253.979353][T10293] file_mapped 135168 [ 1253.979353][T10293] file_dirty 135168 [ 1253.979353][T10293] file_writeback 0 [ 1253.979353][T10293] anon_thp 23068672 [ 1253.979353][T10293] inactive_anon 135168 [ 1253.979353][T10293] active_anon 26599424 [ 1253.979353][T10293] inactive_file 0 [ 1253.979353][T10293] active_file 0 [ 1253.979353][T10293] unevictable 0 [ 1253.979353][T10293] slab_reclaimable 1757184 [ 1253.979353][T10293] slab_unreclaimable 2183168 [ 1253.979353][T10293] pgfault 72237 [ 1253.979353][T10293] pgmajfault 0 [ 1253.979353][T10293] workingset_refault 0 [ 1253.979353][T10293] workingset_activate 0 [ 1253.979353][T10293] workingset_nodereclaim 0 [ 1253.979353][T10293] pgrefill 0 [ 1253.979353][T10293] pgscan 0 [ 1253.979353][T10293] pgsteal 0 [ 1254.073086][T10293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10288,uid=0 [ 1254.088771][T10293] Memory cgroup out of memory: Killed process 10288 (syz-executor.4) total-vm:72572kB, anon-rss:4244kB, file-rss:35800kB, shmem-rss:0kB [ 1254.106853][ T1058] oom_reaper: reaped process 10288 (syz-executor.4), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB [ 1254.413783][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1254.424209][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1254.431861][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1254.442904][ T9808] Call Trace: [ 1254.446214][ T9808] dump_stack+0x16f/0x1f0 [ 1254.450577][ T9808] dump_header+0x10b/0x831 [ 1254.455118][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1254.460097][ T9808] oom_kill_process.cold+0x10/0x15 [ 1254.465242][ T9808] out_of_memory+0x79a/0x12d0 [ 1254.469942][ T9808] ? lock_downgrade+0x920/0x920 [ 1254.474816][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1254.480641][ T9808] ? oom_killer_disable+0x280/0x280 [ 1254.485895][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1254.491474][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1254.497133][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1254.502274][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1254.507155][ T9808] try_charge+0x1053/0x1430 [ 1254.511682][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1254.517253][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1254.522839][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1254.528408][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1254.533823][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1254.539464][ T9808] wp_page_copy+0x27c/0x1380 [ 1254.544056][ T9808] ? find_held_lock+0x35/0x130 [ 1254.548825][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1254.553056][ T9808] ? lock_downgrade+0x920/0x920 [ 1254.558176][ T9808] ? swp_swapcount+0x520/0x520 [ 1254.562957][ T9808] ? __kasan_check_read+0x11/0x20 [ 1254.567994][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1254.573106][ T9808] do_wp_page+0x499/0x14d0 [ 1254.577541][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1254.582931][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1254.588037][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1254.593579][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1254.598527][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1254.603476][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1254.609481][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1254.614263][ T9808] __do_page_fault+0x536/0xdd0 [ 1254.619055][ T9808] do_page_fault+0x38/0x536 [ 1254.623550][ T9808] page_fault+0x39/0x40 [ 1254.628079][ T9808] RIP: 0033:0x4070de [ 1254.631967][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1254.651566][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1254.657634][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1254.665608][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1254.673691][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1254.681756][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1254.689735][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1254.699289][ T9808] memory: usage 27708kB, limit 0kB, failcnt 12 [ 1254.705492][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1254.712332][ T9808] Memory cgroup stats for /syz4: [ 1254.712418][ T9808] anon 22294528 [ 1254.712418][ T9808] file 118784 [ 1254.712418][ T9808] kernel_stack 393216 [ 1254.712418][ T9808] slab 3940352 [ 1254.712418][ T9808] sock 0 [ 1254.712418][ T9808] shmem 77824 [ 1254.712418][ T9808] file_mapped 135168 [ 1254.712418][ T9808] file_dirty 135168 [ 1254.712418][ T9808] file_writeback 0 [ 1254.712418][ T9808] anon_thp 18874368 [ 1254.712418][ T9808] inactive_anon 135168 [ 1254.712418][ T9808] active_anon 22298624 [ 1254.712418][ T9808] inactive_file 0 [ 1254.712418][ T9808] active_file 0 [ 1254.712418][ T9808] unevictable 0 [ 1254.712418][ T9808] slab_reclaimable 1757184 [ 1254.712418][ T9808] slab_unreclaimable 2183168 [ 1254.712418][ T9808] pgfault 72237 [ 1254.712418][ T9808] pgmajfault 0 [ 1254.712418][ T9808] workingset_refault 0 [ 1254.712418][ T9808] workingset_activate 0 [ 1254.712418][ T9808] workingset_nodereclaim 0 [ 1254.712418][ T9808] pgrefill 0 [ 1254.712418][ T9808] pgscan 0 [ 1254.712418][ T9808] pgsteal 0 [ 1254.805965][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11026,uid=0 [ 1254.821472][ T9808] Memory cgroup out of memory: Killed process 11026 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:35824kB, shmem-rss:0kB [ 1254.837081][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1254.847079][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1254.854644][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1254.864715][ T9808] Call Trace: [ 1254.868008][ T9808] dump_stack+0x16f/0x1f0 [ 1254.872423][ T9808] dump_header+0x10b/0x831 [ 1254.876855][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1254.881820][ T9808] oom_kill_process.cold+0x10/0x15 [ 1254.886953][ T9808] out_of_memory+0x79a/0x12d0 [ 1254.891663][ T9808] ? lock_downgrade+0x920/0x920 [ 1254.896531][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1254.902356][ T9808] ? oom_killer_disable+0x280/0x280 [ 1254.907562][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1254.913111][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1254.919893][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1254.925021][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1254.930474][ T9808] try_charge+0x1053/0x1430 [ 1254.935093][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1254.940727][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1254.946460][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1254.952748][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1254.958080][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1254.963737][ T9808] wp_page_copy+0x27c/0x1380 [ 1254.968329][ T9808] ? find_held_lock+0x35/0x130 [ 1254.973107][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1254.977361][ T9808] ? lock_downgrade+0x920/0x920 [ 1254.982222][ T9808] ? swp_swapcount+0x520/0x520 [ 1254.986981][ T9808] ? __kasan_check_read+0x11/0x20 [ 1254.992089][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1254.997210][ T9808] do_wp_page+0x499/0x14d0 [ 1255.001728][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1255.007135][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1255.012249][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1255.017899][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1255.022942][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1255.027895][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1255.033179][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1255.037964][ T9808] __do_page_fault+0x536/0xdd0 [ 1255.043181][ T9808] do_page_fault+0x38/0x536 [ 1255.048678][ T9808] page_fault+0x39/0x40 [ 1255.054727][ T9808] RIP: 0033:0x4070de [ 1255.058898][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1255.078517][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1255.084593][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1255.092570][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1255.100637][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1255.108601][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1255.116586][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1255.125190][ T9808] memory: usage 25384kB, limit 0kB, failcnt 18 [ 1255.131393][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1255.138323][ T9808] Memory cgroup stats for /syz4: [ 1255.138460][ T9808] anon 20119552 [ 1255.138460][ T9808] file 118784 [ 1255.138460][ T9808] kernel_stack 393216 [ 1255.138460][ T9808] slab 3940352 [ 1255.138460][ T9808] sock 0 [ 1255.138460][ T9808] shmem 77824 [ 1255.138460][ T9808] file_mapped 135168 [ 1255.138460][ T9808] file_dirty 135168 [ 1255.138460][ T9808] file_writeback 0 [ 1255.138460][ T9808] anon_thp 16777216 [ 1255.138460][ T9808] inactive_anon 135168 [ 1255.138460][ T9808] active_anon 20123648 [ 1255.138460][ T9808] inactive_file 0 [ 1255.138460][ T9808] active_file 0 [ 1255.138460][ T9808] unevictable 0 [ 1255.138460][ T9808] slab_reclaimable 1757184 [ 1255.138460][ T9808] slab_unreclaimable 2183168 [ 1255.138460][ T9808] pgfault 72237 [ 1255.138460][ T9808] pgmajfault 0 [ 1255.138460][ T9808] workingset_refault 0 [ 1255.138460][ T9808] workingset_activate 0 [ 1255.138460][ T9808] workingset_nodereclaim 0 [ 1255.138460][ T9808] pgrefill 0 [ 1255.138460][ T9808] pgscan 0 [ 1255.138460][ T9808] pgsteal 0 [ 1255.233652][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11002,uid=0 [ 1255.249332][ T9808] Memory cgroup out of memory: Killed process 11002 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:35824kB, shmem-rss:0kB [ 1255.264782][ T1058] oom_reaper: reaped process 11002 (syz-executor.4), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB [ 1255.264810][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1255.285859][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1255.293412][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1255.303478][ T9808] Call Trace: [ 1255.306765][ T9808] dump_stack+0x16f/0x1f0 [ 1255.311089][ T9808] dump_header+0x10b/0x831 [ 1255.315511][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1255.320452][ T9808] oom_kill_process.cold+0x10/0x15 [ 1255.325567][ T9808] out_of_memory+0x79a/0x12d0 [ 1255.331177][ T9808] ? lock_downgrade+0x920/0x920 [ 1255.336040][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1255.341872][ T9808] ? oom_killer_disable+0x280/0x280 [ 1255.347070][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1255.352607][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1255.358244][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1255.363352][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1255.368194][ T9808] try_charge+0x1053/0x1430 [ 1255.372689][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1255.378318][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1255.383902][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1255.389487][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1255.394787][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1255.400430][ T9808] wp_page_copy+0x27c/0x1380 [ 1255.405031][ T9808] ? find_held_lock+0x35/0x130 [ 1255.409794][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1255.414042][ T9808] ? lock_downgrade+0x920/0x920 [ 1255.419002][ T9808] ? swp_swapcount+0x520/0x520 [ 1255.423782][ T9808] ? __kasan_check_read+0x11/0x20 [ 1255.428909][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1255.434028][ T9808] do_wp_page+0x499/0x14d0 [ 1255.438462][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1255.443870][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1255.448997][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1255.454559][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1255.459532][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1255.464497][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1255.469819][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1255.474607][ T9808] __do_page_fault+0x536/0xdd0 [ 1255.480716][ T9808] do_page_fault+0x38/0x536 [ 1255.485238][ T9808] page_fault+0x39/0x40 [ 1255.489394][ T9808] RIP: 0033:0x4070de [ 1255.494129][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1255.513743][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1255.519801][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1255.527808][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1255.535779][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1255.543758][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1255.551724][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1255.559799][ T9808] memory: usage 23060kB, limit 0kB, failcnt 24 [ 1255.566006][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1255.572833][ T9808] Memory cgroup stats for /syz4: [ 1255.572916][ T9808] anon 17911808 [ 1255.572916][ T9808] file 118784 [ 1255.572916][ T9808] kernel_stack 327680 [ 1255.572916][ T9808] slab 3940352 [ 1255.572916][ T9808] sock 0 [ 1255.572916][ T9808] shmem 77824 [ 1255.572916][ T9808] file_mapped 135168 [ 1255.572916][ T9808] file_dirty 135168 [ 1255.572916][ T9808] file_writeback 0 [ 1255.572916][ T9808] anon_thp 14680064 [ 1255.572916][ T9808] inactive_anon 135168 [ 1255.572916][ T9808] active_anon 17915904 [ 1255.572916][ T9808] inactive_file 0 [ 1255.572916][ T9808] active_file 0 [ 1255.572916][ T9808] unevictable 0 [ 1255.572916][ T9808] slab_reclaimable 1757184 [ 1255.572916][ T9808] slab_unreclaimable 2183168 [ 1255.572916][ T9808] pgfault 72237 [ 1255.572916][ T9808] pgmajfault 0 [ 1255.572916][ T9808] workingset_refault 0 [ 1255.572916][ T9808] workingset_activate 0 [ 1255.572916][ T9808] workingset_nodereclaim 0 [ 1255.572916][ T9808] pgrefill 0 [ 1255.572916][ T9808] pgscan 0 [ 1255.572916][ T9808] pgsteal 0 [ 1255.666297][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10979,uid=0 [ 1255.681828][ T9808] Memory cgroup out of memory: Killed process 10979 (syz-executor.4) total-vm:72704kB, anon-rss:2208kB, file-rss:35800kB, shmem-rss:0kB [ 1255.697307][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1255.702674][ T1058] oom_reaper: reaped process 10979 (syz-executor.4), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 1255.707291][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1255.725869][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1255.738372][ T9808] Call Trace: [ 1255.741694][ T9808] dump_stack+0x16f/0x1f0 [ 1255.746930][ T9808] dump_header+0x10b/0x831 [ 1255.751351][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1255.756500][ T9808] oom_kill_process.cold+0x10/0x15 [ 1255.761628][ T9808] out_of_memory+0x79a/0x12d0 [ 1255.766306][ T9808] ? lock_downgrade+0x920/0x920 [ 1255.771243][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1255.777060][ T9808] ? oom_killer_disable+0x280/0x280 [ 1255.782299][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1255.787845][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1255.793489][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1255.798625][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1255.803488][ T9808] try_charge+0x1053/0x1430 [ 1255.808362][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1255.813935][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1255.819498][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1255.825065][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1255.830384][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1255.836045][ T9808] wp_page_copy+0x27c/0x1380 [ 1255.840648][ T9808] ? find_held_lock+0x35/0x130 [ 1255.845438][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1255.849706][ T9808] ? lock_downgrade+0x920/0x920 [ 1255.854659][ T9808] ? swp_swapcount+0x520/0x520 [ 1255.859443][ T9808] ? __kasan_check_read+0x11/0x20 [ 1255.864475][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1255.869595][ T9808] do_wp_page+0x499/0x14d0 [ 1255.874041][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1255.879441][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1255.884665][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1255.890236][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1255.895283][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1255.900255][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1255.905735][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1255.910516][ T9808] __do_page_fault+0x536/0xdd0 [ 1255.915307][ T9808] do_page_fault+0x38/0x536 [ 1255.919826][ T9808] page_fault+0x39/0x40 [ 1255.924012][ T9808] RIP: 0033:0x4070de [ 1255.927930][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1255.948250][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1255.954326][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1255.962388][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1255.970351][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1255.978336][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1255.986301][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1255.994402][ T9808] memory: usage 20716kB, limit 0kB, failcnt 30 [ 1256.000671][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1256.007568][ T9808] Memory cgroup stats for /syz4: [ 1256.007695][ T9808] anon 15695872 [ 1256.007695][ T9808] file 118784 [ 1256.007695][ T9808] kernel_stack 327680 [ 1256.007695][ T9808] slab 3940352 [ 1256.007695][ T9808] sock 0 [ 1256.007695][ T9808] shmem 77824 [ 1256.007695][ T9808] file_mapped 135168 [ 1256.007695][ T9808] file_dirty 135168 [ 1256.007695][ T9808] file_writeback 0 [ 1256.007695][ T9808] anon_thp 12582912 [ 1256.007695][ T9808] inactive_anon 135168 [ 1256.007695][ T9808] active_anon 15699968 [ 1256.007695][ T9808] inactive_file 0 [ 1256.007695][ T9808] active_file 0 [ 1256.007695][ T9808] unevictable 0 [ 1256.007695][ T9808] slab_reclaimable 1757184 [ 1256.007695][ T9808] slab_unreclaimable 2183168 [ 1256.007695][ T9808] pgfault 72237 [ 1256.007695][ T9808] pgmajfault 0 [ 1256.007695][ T9808] workingset_refault 0 [ 1256.007695][ T9808] workingset_activate 0 [ 1256.007695][ T9808] workingset_nodereclaim 0 [ 1256.007695][ T9808] pgrefill 0 [ 1256.007695][ T9808] pgscan 0 [ 1256.007695][ T9808] pgsteal 0 [ 1256.100983][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11045,uid=0 [ 1256.116496][ T9808] Memory cgroup out of memory: Killed process 11045 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:35804kB, shmem-rss:0kB [ 1256.131856][ T1058] oom_reaper: reaped process 11045 (syz-executor.4), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB [ 1256.131929][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1256.152956][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1256.160531][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1256.170622][ T9808] Call Trace: [ 1256.174038][ T9808] dump_stack+0x16f/0x1f0 [ 1256.178391][ T9808] dump_header+0x10b/0x831 [ 1256.182818][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1256.187769][ T9808] oom_kill_process.cold+0x10/0x15 [ 1256.192916][ T9808] out_of_memory+0x79a/0x12d0 [ 1256.197602][ T9808] ? lock_downgrade+0x920/0x920 [ 1256.202467][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1256.208283][ T9808] ? oom_killer_disable+0x280/0x280 [ 1256.213508][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1256.219049][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1256.224698][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1256.229813][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1256.234665][ T9808] try_charge+0x1053/0x1430 [ 1256.239166][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1256.244739][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1256.250303][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1256.255842][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1256.261136][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1256.266780][ T9808] wp_page_copy+0x27c/0x1380 [ 1256.271501][ T9808] ? find_held_lock+0x35/0x130 [ 1256.276279][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1256.280518][ T9808] ? lock_downgrade+0x920/0x920 [ 1256.285386][ T9808] ? swp_swapcount+0x520/0x520 [ 1256.290179][ T9808] ? __kasan_check_read+0x11/0x20 [ 1256.295306][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1256.300428][ T9808] do_wp_page+0x499/0x14d0 [ 1256.304855][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1256.310255][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1256.315369][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1256.320924][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1256.325876][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1256.330825][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1256.336112][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1256.340870][ T9808] __do_page_fault+0x536/0xdd0 [ 1256.345647][ T9808] do_page_fault+0x38/0x536 [ 1256.350154][ T9808] page_fault+0x39/0x40 [ 1256.354304][ T9808] RIP: 0033:0x4070de [ 1256.358196][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1256.377788][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1256.383957][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1256.391960][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1256.399934][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1256.408106][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1256.416098][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1256.424161][ T9808] memory: usage 18376kB, limit 0kB, failcnt 36 [ 1256.430319][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1256.437215][ T9808] Memory cgroup stats for /syz4: [ 1256.437326][ T9808] anon 13463552 [ 1256.437326][ T9808] file 118784 [ 1256.437326][ T9808] kernel_stack 262144 [ 1256.437326][ T9808] slab 3940352 [ 1256.437326][ T9808] sock 0 [ 1256.437326][ T9808] shmem 77824 [ 1256.437326][ T9808] file_mapped 135168 [ 1256.437326][ T9808] file_dirty 135168 [ 1256.437326][ T9808] file_writeback 0 [ 1256.437326][ T9808] anon_thp 10485760 [ 1256.437326][ T9808] inactive_anon 135168 [ 1256.437326][ T9808] active_anon 13467648 [ 1256.437326][ T9808] inactive_file 0 [ 1256.437326][ T9808] active_file 0 [ 1256.437326][ T9808] unevictable 0 [ 1256.437326][ T9808] slab_reclaimable 1757184 [ 1256.437326][ T9808] slab_unreclaimable 2183168 [ 1256.437326][ T9808] pgfault 72237 [ 1256.437326][ T9808] pgmajfault 0 [ 1256.437326][ T9808] workingset_refault 0 [ 1256.437326][ T9808] workingset_activate 0 [ 1256.437326][ T9808] workingset_nodereclaim 0 [ 1256.437326][ T9808] pgrefill 0 [ 1256.437326][ T9808] pgscan 0 [ 1256.437326][ T9808] pgsteal 0 [ 1256.530943][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9772,uid=0 [ 1256.546412][ T9808] Memory cgroup out of memory: Killed process 9772 (syz-executor.4) total-vm:72836kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 1256.562004][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1256.563141][ T1058] oom_reaper: reaped process 9772 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1256.572001][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1256.572010][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1256.572016][ T9808] Call Trace: [ 1256.572041][ T9808] dump_stack+0x16f/0x1f0 [ 1256.572063][ T9808] dump_header+0x10b/0x831 [ 1256.612650][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1256.617620][ T9808] oom_kill_process.cold+0x10/0x15 [ 1256.622727][ T9808] out_of_memory+0x79a/0x12d0 [ 1256.627415][ T9808] ? lock_downgrade+0x920/0x920 [ 1256.632287][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1256.638088][ T9808] ? oom_killer_disable+0x280/0x280 [ 1256.643292][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1256.648849][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1256.654510][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1256.659624][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1256.664485][ T9808] try_charge+0x1053/0x1430 [ 1256.669010][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1256.674594][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1256.680177][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1256.685733][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1256.691024][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1256.696646][ T9808] wp_page_copy+0x27c/0x1380 [ 1256.701244][ T9808] ? find_held_lock+0x35/0x130 [ 1256.706034][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1256.710287][ T9808] ? lock_downgrade+0x920/0x920 [ 1256.715124][ T9808] ? swp_swapcount+0x520/0x520 [ 1256.719897][ T9808] ? __kasan_check_read+0x11/0x20 [ 1256.724918][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1256.730025][ T9808] do_wp_page+0x499/0x14d0 [ 1256.734430][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1256.739790][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1256.744906][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1256.750484][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1256.755416][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1256.760343][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1256.765635][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1256.770425][ T9808] __do_page_fault+0x536/0xdd0 [ 1256.775195][ T9808] do_page_fault+0x38/0x536 [ 1256.779707][ T9808] page_fault+0x39/0x40 [ 1256.783850][ T9808] RIP: 0033:0x4070de [ 1256.787744][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1256.807619][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1256.813690][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1256.821668][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1256.829638][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1256.837620][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1256.845595][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1256.853680][ T9808] memory: usage 16048kB, limit 0kB, failcnt 42 [ 1256.859901][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1256.866809][ T9808] Memory cgroup stats for /syz4: [ 1256.866934][ T9808] anon 11259904 [ 1256.866934][ T9808] file 118784 [ 1256.866934][ T9808] kernel_stack 262144 [ 1256.866934][ T9808] slab 3940352 [ 1256.866934][ T9808] sock 0 [ 1256.866934][ T9808] shmem 77824 [ 1256.866934][ T9808] file_mapped 135168 [ 1256.866934][ T9808] file_dirty 135168 [ 1256.866934][ T9808] file_writeback 0 [ 1256.866934][ T9808] anon_thp 10485760 [ 1256.866934][ T9808] inactive_anon 135168 [ 1256.866934][ T9808] active_anon 11304960 [ 1256.866934][ T9808] inactive_file 0 [ 1256.866934][ T9808] active_file 0 [ 1256.866934][ T9808] unevictable 0 [ 1256.866934][ T9808] slab_reclaimable 1757184 [ 1256.866934][ T9808] slab_unreclaimable 2183168 [ 1256.866934][ T9808] pgfault 72237 [ 1256.866934][ T9808] pgmajfault 0 [ 1256.866934][ T9808] workingset_refault 0 [ 1256.866934][ T9808] workingset_activate 0 [ 1256.866934][ T9808] workingset_nodereclaim 0 [ 1256.866934][ T9808] pgrefill 0 [ 1256.866934][ T9808] pgscan 0 [ 1256.866934][ T9808] pgsteal 0 [ 1256.960276][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9957,uid=0 [ 1256.975850][ T9808] Memory cgroup out of memory: Killed process 9957 (syz-executor.4) total-vm:72704kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 1256.991502][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1256.991676][ T1058] oom_reaper: reaped process 9957 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1257.001547][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1257.001563][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1257.001569][ T9808] Call Trace: [ 1257.001594][ T9808] dump_stack+0x16f/0x1f0 [ 1257.001616][ T9808] dump_header+0x10b/0x831 [ 1257.042281][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1257.047237][ T9808] oom_kill_process.cold+0x10/0x15 [ 1257.052352][ T9808] out_of_memory+0x79a/0x12d0 [ 1257.057042][ T9808] ? lock_downgrade+0x920/0x920 [ 1257.061893][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1257.067711][ T9808] ? oom_killer_disable+0x280/0x280 [ 1257.072917][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1257.078471][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1257.084107][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1257.089221][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1257.094075][ T9808] try_charge+0x1053/0x1430 [ 1257.098610][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1257.104159][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1257.109735][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1257.115290][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1257.120570][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1257.126228][ T9808] wp_page_copy+0x27c/0x1380 [ 1257.130814][ T9808] ? find_held_lock+0x35/0x130 [ 1257.135591][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1257.139824][ T9808] ? lock_downgrade+0x920/0x920 [ 1257.144945][ T9808] ? swp_swapcount+0x520/0x520 [ 1257.149711][ T9808] ? __kasan_check_read+0x11/0x20 [ 1257.154731][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1257.159943][ T9808] do_wp_page+0x499/0x14d0 [ 1257.164369][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1257.169751][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1257.174874][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1257.180420][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1257.185366][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1257.190392][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1257.195673][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1257.200449][ T9808] __do_page_fault+0x536/0xdd0 [ 1257.205237][ T9808] do_page_fault+0x38/0x536 [ 1257.209775][ T9808] page_fault+0x39/0x40 [ 1257.213946][ T9808] RIP: 0033:0x4070de [ 1257.217886][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1257.237493][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1257.243581][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1257.251557][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1257.259575][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1257.267576][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1257.275592][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1257.284141][ T9808] memory: usage 13752kB, limit 0kB, failcnt 48 [ 1257.290308][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1257.297219][ T9808] Memory cgroup stats for /syz4: [ 1257.297316][ T9808] anon 9043968 [ 1257.297316][ T9808] file 118784 [ 1257.297316][ T9808] kernel_stack 262144 [ 1257.297316][ T9808] slab 3940352 [ 1257.297316][ T9808] sock 0 [ 1257.297316][ T9808] shmem 77824 [ 1257.297316][ T9808] file_mapped 135168 [ 1257.297316][ T9808] file_dirty 135168 [ 1257.297316][ T9808] file_writeback 0 [ 1257.297316][ T9808] anon_thp 8388608 [ 1257.297316][ T9808] inactive_anon 135168 [ 1257.297316][ T9808] active_anon 9048064 [ 1257.297316][ T9808] inactive_file 0 [ 1257.297316][ T9808] active_file 0 [ 1257.297316][ T9808] unevictable 0 [ 1257.297316][ T9808] slab_reclaimable 1757184 [ 1257.297316][ T9808] slab_unreclaimable 2183168 [ 1257.297316][ T9808] pgfault 72237 [ 1257.297316][ T9808] pgmajfault 0 [ 1257.297316][ T9808] workingset_refault 0 [ 1257.297316][ T9808] workingset_activate 0 [ 1257.297316][ T9808] workingset_nodereclaim 0 [ 1257.297316][ T9808] pgrefill 0 [ 1257.297316][ T9808] pgscan 0 [ 1257.297316][ T9808] pgsteal 0 [ 1257.297316][ T9808] pgactivate 0 [ 1257.394592][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9907,uid=0 [ 1257.410544][ T9808] Memory cgroup out of memory: Killed process 9907 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:34816kB, shmem-rss:0kB [ 1257.425778][ T1058] oom_reaper: reaped process 9907 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1257.431628][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1257.446964][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1257.454601][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1257.464756][ T9808] Call Trace: [ 1257.468067][ T9808] dump_stack+0x16f/0x1f0 [ 1257.472477][ T9808] dump_header+0x10b/0x831 [ 1257.476900][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1257.481821][ T9808] oom_kill_process.cold+0x10/0x15 [ 1257.486934][ T9808] out_of_memory+0x79a/0x12d0 [ 1257.491622][ T9808] ? lock_downgrade+0x920/0x920 [ 1257.496478][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1257.502325][ T9808] ? oom_killer_disable+0x280/0x280 [ 1257.507652][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1257.513213][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1257.518858][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1257.523981][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1257.528848][ T9808] try_charge+0x1053/0x1430 [ 1257.533360][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1257.539026][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1257.544617][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1257.550197][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1257.555612][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1257.561437][ T9808] wp_page_copy+0x27c/0x1380 [ 1257.566038][ T9808] ? find_held_lock+0x35/0x130 [ 1257.570821][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1257.575083][ T9808] ? lock_downgrade+0x920/0x920 [ 1257.580152][ T9808] ? swp_swapcount+0x520/0x520 [ 1257.584924][ T9808] ? __kasan_check_read+0x11/0x20 [ 1257.589973][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1257.595118][ T9808] do_wp_page+0x499/0x14d0 [ 1257.599564][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1257.604982][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1257.610117][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1257.615660][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1257.620615][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1257.625565][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1257.630874][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1257.635664][ T9808] __do_page_fault+0x536/0xdd0 [ 1257.640432][ T9808] do_page_fault+0x38/0x536 [ 1257.644936][ T9808] page_fault+0x39/0x40 [ 1257.649104][ T9808] RIP: 0033:0x4070de [ 1257.652981][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1257.672792][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1257.678853][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1257.686827][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1257.694812][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1257.702794][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1257.710762][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1257.718871][ T9808] memory: usage 11372kB, limit 0kB, failcnt 54 [ 1257.725104][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1257.731968][ T9808] Memory cgroup stats for /syz4: [ 1257.732046][ T9808] anon 6828032 [ 1257.732046][ T9808] file 118784 [ 1257.732046][ T9808] kernel_stack 196608 [ 1257.732046][ T9808] slab 3940352 [ 1257.732046][ T9808] sock 0 [ 1257.732046][ T9808] shmem 77824 [ 1257.732046][ T9808] file_mapped 135168 [ 1257.732046][ T9808] file_dirty 135168 [ 1257.732046][ T9808] file_writeback 0 [ 1257.732046][ T9808] anon_thp 6291456 [ 1257.732046][ T9808] inactive_anon 135168 [ 1257.732046][ T9808] active_anon 6832128 [ 1257.732046][ T9808] inactive_file 0 [ 1257.732046][ T9808] active_file 0 [ 1257.732046][ T9808] unevictable 0 [ 1257.732046][ T9808] slab_reclaimable 1757184 [ 1257.732046][ T9808] slab_unreclaimable 2183168 [ 1257.732046][ T9808] pgfault 72237 [ 1257.732046][ T9808] pgmajfault 0 [ 1257.732046][ T9808] workingset_refault 0 [ 1257.732046][ T9808] workingset_activate 0 [ 1257.732046][ T9808] workingset_nodereclaim 0 [ 1257.732046][ T9808] pgrefill 0 [ 1257.732046][ T9808] pgscan 0 [ 1257.732046][ T9808] pgsteal 0 [ 1257.732046][ T9808] pgactivate 0 [ 1257.830691][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9845,uid=0 [ 1257.846925][ T9808] Memory cgroup out of memory: Killed process 9845 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:34816kB, shmem-rss:0kB [ 1257.862273][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1257.862766][ T1058] oom_reaper: reaped process 9845 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1257.872267][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1257.872277][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1257.872283][ T9808] Call Trace: [ 1257.872308][ T9808] dump_stack+0x16f/0x1f0 [ 1257.872330][ T9808] dump_header+0x10b/0x831 [ 1257.913840][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1257.918960][ T9808] oom_kill_process.cold+0x10/0x15 [ 1257.924091][ T9808] out_of_memory+0x79a/0x12d0 [ 1257.928766][ T9808] ? lock_downgrade+0x920/0x920 [ 1257.933610][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1257.939426][ T9808] ? oom_killer_disable+0x280/0x280 [ 1257.944645][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1257.950205][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1257.955855][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1257.960991][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1257.965853][ T9808] try_charge+0x1053/0x1430 [ 1257.970372][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1257.976018][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1257.981596][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1257.987145][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1257.992447][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1257.998115][ T9808] wp_page_copy+0x27c/0x1380 [ 1258.002711][ T9808] ? find_held_lock+0x35/0x130 [ 1258.007473][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1258.011712][ T9808] ? lock_downgrade+0x920/0x920 [ 1258.016661][ T9808] ? swp_swapcount+0x520/0x520 [ 1258.021429][ T9808] ? __kasan_check_read+0x11/0x20 [ 1258.026449][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1258.031549][ T9808] do_wp_page+0x499/0x14d0 [ 1258.035975][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1258.041351][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1258.046454][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1258.051994][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1258.056941][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1258.061880][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1258.067179][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1258.071958][ T9808] __do_page_fault+0x536/0xdd0 [ 1258.076736][ T9808] do_page_fault+0x38/0x536 [ 1258.081427][ T9808] page_fault+0x39/0x40 [ 1258.085587][ T9808] RIP: 0033:0x4070de [ 1258.089607][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1258.109461][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1258.115526][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1258.123518][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1258.131655][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1258.139621][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1258.147590][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1258.155685][ T9808] memory: usage 9056kB, limit 0kB, failcnt 60 [ 1258.161756][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1258.168648][ T9808] Memory cgroup stats for /syz4: [ 1258.168744][ T9808] anon 4620288 [ 1258.168744][ T9808] file 118784 [ 1258.168744][ T9808] kernel_stack 131072 [ 1258.168744][ T9808] slab 3940352 [ 1258.168744][ T9808] sock 0 [ 1258.168744][ T9808] shmem 77824 [ 1258.168744][ T9808] file_mapped 135168 [ 1258.168744][ T9808] file_dirty 135168 [ 1258.168744][ T9808] file_writeback 0 [ 1258.168744][ T9808] anon_thp 4194304 [ 1258.168744][ T9808] inactive_anon 135168 [ 1258.168744][ T9808] active_anon 4624384 [ 1258.168744][ T9808] inactive_file 0 [ 1258.168744][ T9808] active_file 0 [ 1258.168744][ T9808] unevictable 0 [ 1258.168744][ T9808] slab_reclaimable 1757184 [ 1258.168744][ T9808] slab_unreclaimable 2183168 [ 1258.168744][ T9808] pgfault 72237 [ 1258.168744][ T9808] pgmajfault 0 [ 1258.168744][ T9808] workingset_refault 0 [ 1258.168744][ T9808] workingset_activate 0 [ 1258.168744][ T9808] workingset_nodereclaim 0 [ 1258.168744][ T9808] pgrefill 0 [ 1258.168744][ T9808] pgscan 0 [ 1258.168744][ T9808] pgsteal 0 [ 1258.168744][ T9808] pgactivate 0 [ 1258.265404][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9744,uid=0 [ 1258.280811][ T9808] Memory cgroup out of memory: Killed process 9744 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:34816kB, shmem-rss:0kB [ 1258.301809][ T1058] oom_reaper: reaped process 9744 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1258.302177][ T9808] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1258.322804][ T9808] CPU: 1 PID: 9808 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1258.330355][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1258.340416][ T9808] Call Trace: [ 1258.343729][ T9808] dump_stack+0x16f/0x1f0 [ 1258.348051][ T9808] dump_header+0x10b/0x831 [ 1258.352456][ T9808] ? oom_kill_process+0x94/0x3c0 [ 1258.357396][ T9808] oom_kill_process.cold+0x10/0x15 [ 1258.362516][ T9808] out_of_memory+0x79a/0x12d0 [ 1258.367187][ T9808] ? lock_downgrade+0x920/0x920 [ 1258.372034][ T9808] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1258.377850][ T9808] ? oom_killer_disable+0x280/0x280 [ 1258.383318][ T9808] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1258.389036][ T9808] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1258.394679][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1258.399796][ T9808] ? _raw_spin_unlock+0x23/0x30 [ 1258.404641][ T9808] try_charge+0x1053/0x1430 [ 1258.409134][ T9808] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1258.414680][ T9808] ? percpu_ref_tryget_live+0x104/0x270 [ 1258.420236][ T9808] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1258.425781][ T9808] mem_cgroup_try_charge+0x136/0x590 [ 1258.431067][ T9808] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1258.436714][ T9808] wp_page_copy+0x27c/0x1380 [ 1258.441308][ T9808] ? find_held_lock+0x35/0x130 [ 1258.446069][ T9808] ? pmd_pfn+0x1d0/0x1d0 [ 1258.450306][ T9808] ? lock_downgrade+0x920/0x920 [ 1258.455182][ T9808] ? swp_swapcount+0x520/0x520 [ 1258.459966][ T9808] ? __kasan_check_read+0x11/0x20 [ 1258.464988][ T9808] ? do_raw_spin_unlock+0x57/0x270 [ 1258.470106][ T9808] do_wp_page+0x499/0x14d0 [ 1258.474531][ T9808] ? finish_mkwrite_fault+0x570/0x570 [ 1258.479916][ T9808] __handle_mm_fault+0x2120/0x3ce0 [ 1258.485061][ T9808] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1258.490610][ T9808] ? handle_mm_fault+0x294/0xa90 [ 1258.495575][ T9808] ? handle_mm_fault+0x675/0xa90 [ 1258.501663][ T9808] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1258.506946][ T9808] handle_mm_fault+0x3bb/0xa90 [ 1258.511705][ T9808] __do_page_fault+0x536/0xdd0 [ 1258.516484][ T9808] do_page_fault+0x38/0x536 [ 1258.521001][ T9808] page_fault+0x39/0x40 [ 1258.525151][ T9808] RIP: 0033:0x4070de [ 1258.529043][ T9808] Code: 08 ff ff ff 8b 54 24 04 49 8b 37 31 c0 bf cb e9 4b 00 e8 55 ac ff ff 8b 44 24 6c 49 8d 4f 60 ba 40 00 00 00 44 89 f6 44 89 e7 <41> 89 87 b4 00 00 00 48 8d 84 24 80 00 00 00 49 89 87 b8 00 00 00 [ 1258.548652][ T9808] RSP: 002b:00007ffd47a05d60 EFLAGS: 00010202 [ 1258.554715][ T9808] RAX: 0000000000000004 RBX: 00007ffd47a05d80 RCX: 0000000000712d20 [ 1258.562691][ T9808] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 1258.570667][ T9808] RBP: 0000000000714e80 R08: 0000000000006000 R09: 0000000000004000 [ 1258.578631][ T9808] R10: 00007ffd47a05e80 R11: 0000000000000216 R12: 0000000000000003 [ 1258.586681][ T9808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 1258.594740][ T9808] memory: usage 6740kB, limit 0kB, failcnt 66 [ 1258.600896][ T9808] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1258.607783][ T9808] Memory cgroup stats for /syz4: [ 1258.607881][ T9808] anon 2412544 [ 1258.607881][ T9808] file 118784 [ 1258.607881][ T9808] kernel_stack 131072 [ 1258.607881][ T9808] slab 3940352 [ 1258.607881][ T9808] sock 0 [ 1258.607881][ T9808] shmem 77824 [ 1258.607881][ T9808] file_mapped 135168 [ 1258.607881][ T9808] file_dirty 135168 [ 1258.607881][ T9808] file_writeback 0 [ 1258.607881][ T9808] anon_thp 2097152 [ 1258.607881][ T9808] inactive_anon 135168 [ 1258.607881][ T9808] active_anon 2416640 [ 1258.607881][ T9808] inactive_file 0 [ 1258.607881][ T9808] active_file 0 [ 1258.607881][ T9808] unevictable 0 [ 1258.607881][ T9808] slab_reclaimable 1757184 [ 1258.607881][ T9808] slab_unreclaimable 2183168 [ 1258.607881][ T9808] pgfault 72237 [ 1258.607881][ T9808] pgmajfault 0 [ 1258.607881][ T9808] workingset_refault 0 [ 1258.607881][ T9808] workingset_activate 0 [ 1258.607881][ T9808] workingset_nodereclaim 0 [ 1258.607881][ T9808] pgrefill 0 [ 1258.607881][ T9808] pgscan 0 [ 1258.607881][ T9808] pgsteal 0 [ 1258.607881][ T9808] pgactivate 0 [ 1258.704315][ T9808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9689,uid=0 [ 1258.719783][ T9808] Memory cgroup out of memory: Killed process 9689 (syz-executor.4) total-vm:72572kB, anon-rss:2196kB, file-rss:34816kB, shmem-rss:0kB [ 1258.735024][ T1058] oom_reaper: reaped process 9689 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1258.735196][ T9808] Memory cgroup out of memory: Killed process 9808 (syz-executor.4) total-vm:72440kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB [ 1258.761069][ T1058] oom_reaper: reaped process 9808 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 1259.201558][T10319] IPVS: ftp: loaded support on port[0] = 21 [ 1259.574836][T10319] chnl_net:caif_netlink_parms(): no params data found [ 1259.607234][T10319] bridge0: port 1(bridge_slave_0) entered blocking state [ 1259.614453][T10319] bridge0: port 1(bridge_slave_0) entered disabled state [ 1259.622537][T10319] device bridge_slave_0 entered promiscuous mode [ 1259.717257][T10319] bridge0: port 2(bridge_slave_1) entered blocking state [ 1259.724507][T10319] bridge0: port 2(bridge_slave_1) entered disabled state [ 1259.732256][T10319] device bridge_slave_1 entered promiscuous mode [ 1259.754226][T10319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1259.854683][T10319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1259.875182][T10319] team0: Port device team_slave_0 added [ 1259.882542][T10319] team0: Port device team_slave_1 added [ 1259.966398][T10319] device hsr_slave_0 entered promiscuous mode [ 1260.014467][T10319] device hsr_slave_1 entered promiscuous mode [ 1260.054046][T10319] debugfs: Directory 'hsr0' with parent '/' already present! [ 1260.062838][ T936] device bridge_slave_1 left promiscuous mode [ 1260.069185][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1260.144897][ T936] device bridge_slave_0 left promiscuous mode [ 1260.151107][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1262.345113][ T936] device hsr_slave_0 left promiscuous mode [ 1262.384207][ T936] device hsr_slave_1 left promiscuous mode [ 1262.441670][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1262.455786][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1262.469711][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1262.518994][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1262.595246][ T936] bond0 (unregistering): Released all slaves [ 1262.772710][T10319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1262.840125][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1262.848090][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1262.859385][T10319] 8021q: adding VLAN 0 to HW filter on device team0 [ 1262.884455][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1262.893182][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1262.901864][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1262.908976][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1262.916688][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1262.925481][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1262.934012][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1262.941089][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1262.948837][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1262.974488][T10319] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1262.985124][T10319] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1263.010497][T10319] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1263.019319][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1263.027599][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1263.036516][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1263.045371][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1263.053988][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1263.062763][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1263.071408][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1263.079896][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1263.088532][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1263.096976][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1263.112554][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1263.120898][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1263.405440][T10328] oom_kill_process: 1 callbacks suppressed [ 1263.405558][T10328] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1263.421930][T10328] CPU: 1 PID: 10328 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1263.429580][T10328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1263.439654][T10328] Call Trace: [ 1263.443137][T10328] dump_stack+0x16f/0x1f0 [ 1263.447754][T10328] dump_header+0x10b/0x831 [ 1263.452198][T10328] oom_kill_process.cold+0x10/0x15 [ 1263.457358][T10328] out_of_memory+0x79a/0x12d0 [ 1263.462080][T10328] ? retint_kernel+0x10/0x10 [ 1263.467244][T10328] ? oom_killer_disable+0x280/0x280 [ 1263.472470][T10328] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 1263.478224][T10328] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1263.483790][T10328] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1263.489457][T10328] ? cgroup_file_notify+0x140/0x1b0 [ 1263.494683][T10328] memory_max_write+0x262/0x3a0 [ 1263.499566][T10328] ? mem_cgroup_write+0x360/0x360 [ 1263.504789][T10328] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1263.510287][T10328] cgroup_file_write+0x307/0x790 [ 1263.515249][T10328] ? mem_cgroup_write+0x360/0x360 [ 1263.520323][T10328] ? cgroup_show_path+0x590/0x590 [ 1263.525376][T10328] ? kernfs_ops+0x9f/0x110 [ 1263.530481][T10328] ? cgroup_show_path+0x590/0x590 [ 1263.535520][T10328] kernfs_fop_write+0x2b8/0x480 [ 1263.540394][T10328] __vfs_write+0x8a/0x110 [ 1263.544732][T10328] ? kernfs_fop_open+0xd80/0xd80 [ 1263.549684][T10328] vfs_write+0x268/0x5d0 [ 1263.553939][T10328] ksys_write+0x14f/0x290 [ 1263.558285][T10328] ? __ia32_sys_read+0xb0/0xb0 [ 1263.563150][T10328] ? do_syscall_64+0x26/0x6a0 [ 1263.567845][T10328] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1263.573951][T10328] ? do_syscall_64+0x26/0x6a0 [ 1263.578653][T10328] __x64_sys_write+0x73/0xb0 [ 1263.583260][T10328] do_syscall_64+0xfd/0x6a0 [ 1263.588363][T10328] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1263.594261][T10328] RIP: 0033:0x459829 [ 1263.598258][T10328] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1263.618048][T10328] RSP: 002b:00007facd2b4dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1263.626478][T10328] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1263.634464][T10328] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1263.642452][T10328] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1263.650440][T10328] R10: 0000000000000000 R11: 0000000000000246 R12: 00007facd2b4e6d4 [ 1263.658550][T10328] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1263.669539][T10328] memory: usage 5140kB, limit 0kB, failcnt 597992 [ 1263.676539][T10328] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1263.683531][T10328] Memory cgroup stats for /syz0: [ 1263.685011][T10328] anon 4296704 [ 1263.685011][T10328] file 106496 [ 1263.685011][T10328] kernel_stack 65536 [ 1263.685011][T10328] slab 724992 [ 1263.685011][T10328] sock 0 [ 1263.685011][T10328] shmem 0 [ 1263.685011][T10328] file_mapped 0 [ 1263.685011][T10328] file_dirty 0 [ 1263.685011][T10328] file_writeback 0 [ 1263.685011][T10328] anon_thp 4194304 [ 1263.685011][T10328] inactive_anon 0 [ 1263.685011][T10328] active_anon 4296704 [ 1263.685011][T10328] inactive_file 0 [ 1263.685011][T10328] active_file 0 [ 1263.685011][T10328] unevictable 0 [ 1263.685011][T10328] slab_reclaimable 270336 [ 1263.685011][T10328] slab_unreclaimable 454656 [ 1263.685011][T10328] pgfault 74877 [ 1263.685011][T10328] pgmajfault 0 [ 1263.685011][T10328] workingset_refault 0 [ 1263.685011][T10328] workingset_activate 0 [ 1263.685011][T10328] workingset_nodereclaim 0 [ 1263.685011][T10328] pgrefill 46 [ 1263.685011][T10328] pgscan 46 [ 1263.685011][T10328] pgsteal 0 [ 1263.685011][T10328] pgactivate 0 [ 1263.779712][T10328] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10327,uid=0 [ 1263.795788][T10328] Memory cgroup out of memory: Killed process 10327 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1263.820709][ T1058] oom_reaper: reaped process 10327 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1264.237942][T10319] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0 [ 1264.249643][T10319] CPU: 1 PID: 10319 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1264.257291][T10319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1264.267361][T10319] Call Trace: [ 1264.270764][T10319] dump_stack+0x16f/0x1f0 [ 1264.275112][T10319] dump_header+0x10b/0x831 [ 1264.279545][T10319] ? oom_kill_process+0x94/0x3c0 22:55:18 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:18 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x397, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:18 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x429, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:18 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xf00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:18 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3f, 0x200000) r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x400, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:55:18 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) [ 1264.284502][T10319] oom_kill_process.cold+0x10/0x15 [ 1264.289635][T10319] out_of_memory+0x79a/0x12d0 [ 1264.294326][T10319] ? lock_downgrade+0x920/0x920 [ 1264.299195][T10319] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1264.305016][T10319] ? oom_killer_disable+0x280/0x280 [ 1264.310417][T10319] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1264.316143][T10319] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1264.321856][T10319] ? do_raw_spin_unlock+0x57/0x270 [ 1264.327035][T10319] ? _raw_spin_unlock+0x23/0x30 [ 1264.331938][T10319] try_charge+0x1053/0x1430 [ 1264.336672][T10319] ? __lock_acquire+0x7b0/0x4c30 [ 1264.341652][T10319] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1264.347229][T10319] ? cache_grow_begin+0x124/0xc90 [ 1264.352289][T10319] ? find_held_lock+0x35/0x130 [ 1264.357174][T10319] ? cache_grow_begin+0x124/0xc90 [ 1264.362236][T10319] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1264.367744][T10319] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1264.373440][T10319] cache_grow_begin+0x601/0xc90 [ 1264.378498][T10319] ? write_comp_data+0x31/0x70 [ 1264.383288][T10319] ? mempolicy_slab_node+0x139/0x390 [ 1264.388601][T10319] fallback_alloc+0x1fd/0x2d0 [ 1264.393302][T10319] ____cache_alloc_node+0x1bc/0x1d0 [ 1264.398515][T10319] ? trace_hardirqs_off+0x62/0x210 [ 1264.403859][T10319] kmem_cache_alloc+0x1e8/0x700 [ 1264.408751][T10319] __alloc_file+0x27/0x300 [ 1264.413251][T10319] alloc_empty_file+0x72/0x170 [ 1264.418164][T10319] path_openat+0xef/0x4630 [ 1264.422691][T10319] ? kasan_slab_alloc+0xf/0x20 [ 1264.427483][T10319] ? kmem_cache_alloc+0x121/0x700 [ 1264.432561][T10319] ? getname_flags+0xd6/0x5b0 [ 1264.438773][T10319] ? getname+0x1a/0x20 [ 1264.442843][T10319] ? do_sys_open+0x2c9/0x5d0 [ 1264.447438][T10319] ? __x64_sys_open+0x7e/0xc0 [ 1264.452122][T10319] ? do_syscall_64+0xfd/0x6a0 [ 1264.456810][T10319] ? __kasan_check_read+0x11/0x20 [ 1264.461845][T10319] ? mark_lock+0xc0/0x11e0 [ 1264.466266][T10319] ? __kasan_check_read+0x11/0x20 [ 1264.471301][T10319] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 1264.476679][T10319] ? __alloc_fd+0x487/0x620 [ 1264.481190][T10319] do_filp_open+0x1a1/0x280 [ 1264.485709][T10319] ? may_open_dev+0x100/0x100 [ 1264.490395][T10319] ? lock_downgrade+0x920/0x920 [ 1264.495254][T10319] ? rwlock_bug.part.0+0x90/0x90 [ 1264.500211][T10319] ? __kasan_check_read+0x11/0x20 [ 1264.505241][T10319] ? do_raw_spin_unlock+0x57/0x270 [ 1264.510608][T10319] ? _raw_spin_unlock+0x23/0x30 [ 1264.515461][T10319] ? __alloc_fd+0x487/0x620 [ 1264.519978][T10319] do_sys_open+0x3fe/0x5d0 [ 1264.524394][T10319] ? filp_open+0x80/0x80 [ 1264.528633][T10319] ? __detach_mounts+0x2a0/0x2a0 [ 1264.533585][T10319] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1264.539056][T10319] ? do_syscall_64+0x26/0x6a0 [ 1264.543753][T10319] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1264.549832][T10319] ? do_syscall_64+0x26/0x6a0 [ 1264.554521][T10319] __x64_sys_open+0x7e/0xc0 [ 1264.559045][T10319] do_syscall_64+0xfd/0x6a0 [ 1264.563581][T10319] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1264.569494][T10319] RIP: 0033:0x4577a0 [ 1264.573654][T10319] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 [ 1264.593428][T10319] RSP: 002b:00007ffcfb5a6230 EFLAGS: 00000206 ORIG_RAX: 0000000000000002 [ 1264.601857][T10319] RAX: ffffffffffffffda RBX: 000000000013470c RCX: 00000000004577a0 [ 1264.609834][T10319] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffcfb5a7410 [ 1264.617806][T10319] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000555556702940 [ 1264.625793][T10319] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffcfb5a7410 [ 1264.633960][T10319] R13: 00007ffcfb5a7400 R14: 0000000000000000 R15: 00007ffcfb5a7410 [ 1264.642301][T10319] memory: usage 760kB, limit 0kB, failcnt 598004 [ 1264.648697][T10319] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1264.655634][T10319] Memory cgroup stats for /syz0: [ 1264.655749][T10319] anon 57344 [ 1264.655749][T10319] file 106496 [ 1264.655749][T10319] kernel_stack 0 [ 1264.655749][T10319] slab 724992 [ 1264.655749][T10319] sock 0 [ 1264.655749][T10319] shmem 0 [ 1264.655749][T10319] file_mapped 0 [ 1264.655749][T10319] file_dirty 0 [ 1264.655749][T10319] file_writeback 0 [ 1264.655749][T10319] anon_thp 0 [ 1264.655749][T10319] inactive_anon 0 [ 1264.655749][T10319] active_anon 57344 [ 1264.655749][T10319] inactive_file 0 [ 1264.655749][T10319] active_file 0 [ 1264.655749][T10319] unevictable 0 [ 1264.655749][T10319] slab_reclaimable 270336 [ 1264.655749][T10319] slab_unreclaimable 454656 [ 1264.655749][T10319] pgfault 74877 [ 1264.655749][T10319] pgmajfault 0 [ 1264.655749][T10319] workingset_refault 0 [ 1264.655749][T10319] workingset_activate 0 [ 1264.655749][T10319] workingset_nodereclaim 0 [ 1264.655749][T10319] pgrefill 46 [ 1264.655749][T10319] pgscan 46 [ 1264.655749][T10319] pgsteal 0 [ 1264.655749][T10319] pgactivate 0 [ 1264.749467][T10319] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10319,uid=0 [ 1264.764997][T10319] Memory cgroup out of memory: Killed process 10319 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1264.779690][ T1058] oom_reaper: reaped process 10319 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:19 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:19 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x398, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:19 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x1000000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:19 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x3, 0x2) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:55:19 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x399, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:19 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:20 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:20 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:20 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:20 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x1d01000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:20 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000080)={0x2, 0x101}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1267.223247][T10413] IPVS: ftp: loaded support on port[0] = 21 [ 1267.652286][T10413] chnl_net:caif_netlink_parms(): no params data found [ 1267.687731][T10413] bridge0: port 1(bridge_slave_0) entered blocking state [ 1267.695037][T10413] bridge0: port 1(bridge_slave_0) entered disabled state [ 1267.702743][T10413] device bridge_slave_0 entered promiscuous mode [ 1267.897253][T10413] bridge0: port 2(bridge_slave_1) entered blocking state [ 1267.904487][T10413] bridge0: port 2(bridge_slave_1) entered disabled state [ 1267.912364][T10413] device bridge_slave_1 entered promiscuous mode [ 1268.105396][T10413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1268.116796][T10413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1268.139973][T10413] team0: Port device team_slave_0 added [ 1268.147680][T10413] team0: Port device team_slave_1 added [ 1268.210150][T10413] device hsr_slave_0 entered promiscuous mode [ 1268.254436][T10413] device hsr_slave_1 entered promiscuous mode [ 1268.324005][T10413] debugfs: Directory 'hsr0' with parent '/' already present! [ 1268.733104][T10413] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1268.745995][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1268.754510][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1268.765652][T10413] 8021q: adding VLAN 0 to HW filter on device team0 [ 1268.945426][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1268.954395][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1268.962993][ T9832] bridge0: port 1(bridge_slave_0) entered blocking state [ 1268.970152][ T9832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1268.978071][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1268.986861][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1268.996839][ T9832] bridge0: port 2(bridge_slave_1) entered blocking state [ 1269.004017][ T9832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1269.011586][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1269.020512][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1269.029090][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1269.037910][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1269.046942][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1269.055195][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1269.225179][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1269.234574][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1269.248730][T10413] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1269.260095][T10413] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1269.271607][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1269.280041][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1269.288512][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1269.297104][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1269.307050][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1269.322229][ T936] device bridge_slave_1 left promiscuous mode [ 1269.329981][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1269.356236][ T936] device bridge_slave_0 left promiscuous mode [ 1269.362646][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1269.397522][ T936] device bridge_slave_1 left promiscuous mode [ 1269.403874][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1269.455961][ T936] device bridge_slave_0 left promiscuous mode [ 1269.462159][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1273.484886][ T936] device hsr_slave_0 left promiscuous mode [ 1273.524117][ T936] device hsr_slave_1 left promiscuous mode [ 1273.572974][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1273.586710][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1273.598880][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1273.639103][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1273.725482][ T936] bond0 (unregistering): Released all slaves [ 1273.995861][ T936] device hsr_slave_0 left promiscuous mode [ 1274.034471][ T936] device hsr_slave_1 left promiscuous mode [ 1274.083148][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1274.095313][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1274.107181][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1274.149540][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1274.226605][ T936] bond0 (unregistering): Released all slaves [ 1274.327502][T10413] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1274.542144][T10421] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1274.552806][T10421] CPU: 0 PID: 10421 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1274.560446][T10421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1274.570527][T10421] Call Trace: [ 1274.573848][T10421] dump_stack+0x16f/0x1f0 [ 1274.578219][T10421] dump_header+0x10b/0x831 [ 1274.582678][T10421] oom_kill_process.cold+0x10/0x15 [ 1274.587829][T10421] out_of_memory+0x79a/0x12d0 [ 1274.592525][T10421] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1274.598183][T10421] ? cgroup_file_notify+0x140/0x1b0 [ 1274.603429][T10421] ? oom_killer_disable+0x280/0x280 [ 1274.608651][T10421] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1274.614198][T10421] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1274.619868][T10421] ? cgroup_file_notify+0x140/0x1b0 [ 1274.625117][T10421] memory_max_write+0x262/0x3a0 [ 1274.629989][T10421] ? mem_cgroup_write+0x360/0x360 [ 1274.635005][T10421] ? lock_acquire+0x190/0x400 [ 1274.639763][T10421] ? kernfs_fop_write+0x227/0x480 [ 1274.644795][T10421] cgroup_file_write+0x307/0x790 [ 1274.649726][T10421] ? mem_cgroup_write+0x360/0x360 [ 1274.654752][T10421] ? cgroup_show_path+0x590/0x590 [ 1274.659785][T10421] ? cgroup_show_path+0x590/0x590 [ 1274.664814][T10421] kernfs_fop_write+0x2b8/0x480 [ 1274.669701][T10421] __vfs_write+0x8a/0x110 [ 1274.674135][T10421] ? kernfs_fop_open+0xd80/0xd80 [ 1274.679108][T10421] vfs_write+0x268/0x5d0 [ 1274.683362][T10421] ksys_write+0x14f/0x290 [ 1274.687742][T10421] ? __ia32_sys_read+0xb0/0xb0 [ 1274.692500][T10421] ? do_syscall_64+0x26/0x6a0 [ 1274.697183][T10421] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1274.703274][T10421] ? do_syscall_64+0x26/0x6a0 [ 1274.708017][T10421] __x64_sys_write+0x73/0xb0 [ 1274.712626][T10421] do_syscall_64+0xfd/0x6a0 [ 1274.717152][T10421] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1274.723070][T10421] RIP: 0033:0x459829 [ 1274.726984][T10421] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1274.746702][T10421] RSP: 002b:00007f835a024c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1274.755407][T10421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1274.763397][T10421] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1274.771385][T10421] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1274.779365][T10421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835a0256d4 [ 1274.787354][T10421] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1274.796368][T10421] memory: usage 8200kB, limit 0kB, failcnt 73 [ 1274.802596][T10421] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1274.809915][T10421] Memory cgroup stats for /syz4: [ 1274.811313][T10421] anon 4333568 [ 1274.811313][T10421] file 118784 [ 1274.811313][T10421] kernel_stack 65536 [ 1274.811313][T10421] slab 3940352 [ 1274.811313][T10421] sock 0 [ 1274.811313][T10421] shmem 77824 [ 1274.811313][T10421] file_mapped 135168 [ 1274.811313][T10421] file_dirty 135168 [ 1274.811313][T10421] file_writeback 0 [ 1274.811313][T10421] anon_thp 4194304 [ 1274.811313][T10421] inactive_anon 135168 [ 1274.811313][T10421] active_anon 4337664 [ 1274.811313][T10421] inactive_file 0 [ 1274.811313][T10421] active_file 0 [ 1274.811313][T10421] unevictable 0 [ 1274.811313][T10421] slab_reclaimable 1757184 [ 1274.811313][T10421] slab_unreclaimable 2183168 [ 1274.811313][T10421] pgfault 72336 [ 1274.811313][T10421] pgmajfault 0 [ 1274.811313][T10421] workingset_refault 0 [ 1274.811313][T10421] workingset_activate 0 [ 1274.811313][T10421] workingset_nodereclaim 0 [ 1274.811313][T10421] pgrefill 0 [ 1274.811313][T10421] pgscan 0 [ 1274.811313][T10421] pgsteal 0 [ 1274.811313][T10421] pgactivate 0 [ 1274.908270][T10421] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10419,uid=0 [ 1274.926632][T10421] Memory cgroup out of memory: Killed process 10419 (syz-executor.4) total-vm:72576kB, anon-rss:4232kB, file-rss:35872kB, shmem-rss:0kB [ 1274.945320][ T1058] oom_reaper: reaped process 10419 (syz-executor.4), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB 22:55:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfe47bf070") r1 = syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) r2 = dup(r1) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000000)) 22:55:29 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:29 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:29 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x2000000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:29 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:29 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f00000001c0)=""/43) fsetxattr$security_capability(r1, &(0x7f0000000080)='security.capability\x00', &(0x7f0000000180)=@v1={0x1000000, [{0x3, 0x577}]}, 0xc, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1275.422923][T10413] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1275.433004][T10413] CPU: 1 PID: 10413 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1275.440727][T10413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1275.450783][T10413] Call Trace: [ 1275.454086][T10413] dump_stack+0x16f/0x1f0 [ 1275.458437][T10413] dump_header+0x10b/0x831 [ 1275.462878][T10413] ? oom_kill_process+0x94/0x3c0 [ 1275.467843][T10413] oom_kill_process.cold+0x10/0x15 [ 1275.472965][T10413] out_of_memory+0x79a/0x12d0 [ 1275.477654][T10413] ? lock_downgrade+0x920/0x920 [ 1275.482519][T10413] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1275.488331][T10413] ? oom_killer_disable+0x280/0x280 [ 1275.493536][T10413] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1275.499087][T10413] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1275.504723][T10413] ? do_raw_spin_unlock+0x57/0x270 [ 1275.509828][T10413] ? _raw_spin_unlock+0x23/0x30 [ 1275.514676][T10413] try_charge+0x1053/0x1430 [ 1275.519182][T10413] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1275.524725][T10413] ? percpu_ref_tryget_live+0x104/0x270 [ 1275.530276][T10413] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1275.535818][T10413] mem_cgroup_try_charge+0x136/0x590 [ 1275.541116][T10413] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1275.546746][T10413] wp_page_copy+0x27c/0x1380 [ 1275.551331][T10413] ? find_held_lock+0x35/0x130 [ 1275.556094][T10413] ? pmd_pfn+0x1d0/0x1d0 [ 1275.560340][T10413] ? lock_downgrade+0x920/0x920 [ 1275.565193][T10413] ? swp_swapcount+0x520/0x520 [ 1275.569952][T10413] ? __kasan_check_read+0x11/0x20 [ 1275.574969][T10413] ? do_raw_spin_unlock+0x57/0x270 [ 1275.580080][T10413] do_wp_page+0x499/0x14d0 [ 1275.584503][T10413] ? finish_mkwrite_fault+0x570/0x570 [ 1275.589883][T10413] __handle_mm_fault+0x2120/0x3ce0 [ 1275.595029][T10413] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1275.600582][T10413] ? handle_mm_fault+0x294/0xa90 [ 1275.605632][T10413] ? handle_mm_fault+0x675/0xa90 [ 1275.610579][T10413] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1275.615895][T10413] handle_mm_fault+0x3bb/0xa90 [ 1275.620671][T10413] __do_page_fault+0x536/0xdd0 [ 1275.625442][T10413] do_page_fault+0x38/0x536 [ 1275.629946][T10413] page_fault+0x39/0x40 [ 1275.634098][T10413] RIP: 0033:0x430906 [ 1275.638013][T10413] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1275.657621][T10413] RSP: 002b:00007ffe86800520 EFLAGS: 00010206 [ 1275.663707][T10413] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1275.671688][T10413] RDX: 000055555570b930 RSI: 0000555555713970 RDI: 0000000000000003 [ 1275.679670][T10413] RBP: 0000000000008041 R08: 0000000000000001 R09: 000055555570a940 [ 1275.687641][T10413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1275.695609][T10413] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1275.705101][T10413] memory: usage 3816kB, limit 0kB, failcnt 81 [ 1275.711189][T10413] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1275.718065][T10413] Memory cgroup stats for /syz4: [ 1275.718193][T10413] anon 73728 [ 1275.718193][T10413] file 118784 [ 1275.718193][T10413] kernel_stack 0 [ 1275.718193][T10413] slab 3940352 [ 1275.718193][T10413] sock 0 [ 1275.718193][T10413] shmem 77824 [ 1275.718193][T10413] file_mapped 135168 [ 1275.718193][T10413] file_dirty 135168 [ 1275.718193][T10413] file_writeback 0 [ 1275.718193][T10413] anon_thp 0 [ 1275.718193][T10413] inactive_anon 135168 [ 1275.718193][T10413] active_anon 77824 [ 1275.718193][T10413] inactive_file 0 [ 1275.718193][T10413] active_file 0 [ 1275.718193][T10413] unevictable 0 22:55:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x2500000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1275.718193][T10413] slab_reclaimable 1757184 [ 1275.718193][T10413] slab_unreclaimable 2183168 [ 1275.718193][T10413] pgfault 72336 [ 1275.718193][T10413] pgmajfault 0 [ 1275.718193][T10413] workingset_refault 0 [ 1275.718193][T10413] workingset_activate 0 [ 1275.718193][T10413] workingset_nodereclaim 0 [ 1275.718193][T10413] pgrefill 0 [ 1275.718193][T10413] pgscan 0 [ 1275.718193][T10413] pgsteal 0 [ 1275.718193][T10413] pgactivate 0 [ 1275.813032][T10413] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10413,uid=0 [ 1275.828774][T10413] Memory cgroup out of memory: Killed process 10413 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1275.843274][ T1058] oom_reaper: reaped process 10413 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:30 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:30 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:30 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:30 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x42f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:30 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:31 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x10008002) write(r1, &(0x7f0000000180)="b6020000000000003ef0011dcebc9bc2feffffffffffffa07e6124ac1536c273359bffe22c9b160096aa1fae1a00", 0x2e) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000001c0)=0x1) readv(r1, &(0x7f0000000000)=[{&(0x7f0000e94000)=""/62, 0x3e}], 0x1) pipe(&(0x7f0000000000)) tkill(r0, 0x1000000000016) 22:55:31 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x430, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1278.298925][T10489] IPVS: ftp: loaded support on port[0] = 21 [ 1278.373487][T10489] chnl_net:caif_netlink_parms(): no params data found [ 1278.404322][T10489] bridge0: port 1(bridge_slave_0) entered blocking state [ 1278.411456][T10489] bridge0: port 1(bridge_slave_0) entered disabled state [ 1278.419475][T10489] device bridge_slave_0 entered promiscuous mode [ 1278.427347][T10489] bridge0: port 2(bridge_slave_1) entered blocking state [ 1278.434525][T10489] bridge0: port 2(bridge_slave_1) entered disabled state [ 1278.442883][T10489] device bridge_slave_1 entered promiscuous mode [ 1278.464309][T10489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1278.475558][T10489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1278.494275][T10489] team0: Port device team_slave_0 added [ 1278.501698][T10489] team0: Port device team_slave_1 added [ 1278.557313][T10489] device hsr_slave_0 entered promiscuous mode [ 1278.594433][T10489] device hsr_slave_1 entered promiscuous mode [ 1278.654203][T10489] debugfs: Directory 'hsr0' with parent '/' already present! [ 1278.838504][T10489] bridge0: port 2(bridge_slave_1) entered blocking state [ 1278.845655][T10489] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1278.853009][T10489] bridge0: port 1(bridge_slave_0) entered blocking state [ 1278.860191][T10489] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1278.988443][T10489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1279.002367][T32497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1279.010794][T32497] bridge0: port 1(bridge_slave_0) entered disabled state [ 1279.018814][T32497] bridge0: port 2(bridge_slave_1) entered disabled state [ 1279.029143][T32497] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1279.042506][T10489] 8021q: adding VLAN 0 to HW filter on device team0 [ 1279.147625][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1279.158647][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1279.165805][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1279.173640][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1279.182244][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1279.189370][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1279.296619][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1279.305511][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1279.315272][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1279.421090][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1279.435733][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1279.445398][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1279.544046][T10489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1279.566380][T10489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1279.882152][T10497] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1279.892724][T10497] CPU: 0 PID: 10497 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1279.900388][T10497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1279.910483][T10497] Call Trace: [ 1279.913814][T10497] dump_stack+0x16f/0x1f0 [ 1279.918223][T10497] dump_header+0x10b/0x831 [ 1279.922681][T10497] oom_kill_process.cold+0x10/0x15 [ 1279.927843][T10497] out_of_memory+0x79a/0x12d0 [ 1279.932566][T10497] ? retint_kernel+0x10/0x10 [ 1279.937201][T10497] ? oom_killer_disable+0x280/0x280 [ 1279.942446][T10497] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 1279.948242][T10497] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1279.953827][T10497] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1279.959520][T10497] ? cgroup_file_notify+0x140/0x1b0 [ 1279.964743][T10497] memory_max_write+0x262/0x3a0 [ 1279.969617][T10497] ? mem_cgroup_write+0x360/0x360 [ 1279.974651][T10497] ? cgroup_file_write+0x86/0x790 [ 1279.979763][T10497] cgroup_file_write+0x307/0x790 [ 1279.984711][T10497] ? mem_cgroup_write+0x360/0x360 [ 1279.989946][T10497] ? cgroup_show_path+0x590/0x590 [ 1279.994998][T10497] ? cgroup_show_path+0x590/0x590 [ 1280.000072][T10497] kernfs_fop_write+0x2b8/0x480 [ 1280.004930][T10497] __vfs_write+0x8a/0x110 [ 1280.009425][T10497] ? kernfs_fop_open+0xd80/0xd80 [ 1280.014357][T10497] vfs_write+0x268/0x5d0 [ 1280.018698][T10497] ksys_write+0x14f/0x290 [ 1280.023148][T10497] ? __ia32_sys_read+0xb0/0xb0 [ 1280.027952][T10497] ? do_syscall_64+0x26/0x6a0 [ 1280.032623][T10497] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1280.038693][T10497] ? do_syscall_64+0x26/0x6a0 [ 1280.043411][T10497] __x64_sys_write+0x73/0xb0 [ 1280.048013][T10497] do_syscall_64+0xfd/0x6a0 [ 1280.052608][T10497] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1280.058493][T10497] RIP: 0033:0x459829 [ 1280.062378][T10497] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1280.082087][T10497] RSP: 002b:00007f0064bcdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1280.090565][T10497] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1280.098553][T10497] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1280.106666][T10497] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1280.114748][T10497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0064bce6d4 [ 1280.122727][T10497] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1280.131022][T10497] memory: usage 5160kB, limit 0kB, failcnt 598005 [ 1280.137860][T10497] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1280.144821][T10497] Memory cgroup stats for /syz0: [ 1280.145389][T10497] anon 4280320 [ 1280.145389][T10497] file 106496 [ 1280.145389][T10497] kernel_stack 0 [ 1280.145389][T10497] slab 724992 [ 1280.145389][T10497] sock 0 [ 1280.145389][T10497] shmem 0 [ 1280.145389][T10497] file_mapped 0 [ 1280.145389][T10497] file_dirty 0 [ 1280.145389][T10497] file_writeback 0 [ 1280.145389][T10497] anon_thp 4194304 [ 1280.145389][T10497] inactive_anon 0 [ 1280.145389][T10497] active_anon 4280320 [ 1280.145389][T10497] inactive_file 0 [ 1280.145389][T10497] active_file 0 [ 1280.145389][T10497] unevictable 0 [ 1280.145389][T10497] slab_reclaimable 270336 [ 1280.145389][T10497] slab_unreclaimable 454656 [ 1280.145389][T10497] pgfault 74943 [ 1280.145389][T10497] pgmajfault 0 [ 1280.145389][T10497] workingset_refault 0 [ 1280.145389][T10497] workingset_activate 0 [ 1280.145389][T10497] workingset_nodereclaim 0 [ 1280.145389][T10497] pgrefill 46 [ 1280.145389][T10497] pgscan 46 [ 1280.145389][T10497] pgsteal 0 [ 1280.145389][T10497] pgactivate 0 [ 1280.240213][T10497] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10495,uid=0 [ 1280.255793][T10497] Memory cgroup out of memory: Killed process 10495 (syz-executor.0) total-vm:72576kB, anon-rss:4184kB, file-rss:34816kB, shmem-rss:0kB [ 1280.275042][ T1058] oom_reaper: reaped process 10495 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1280.594768][ T936] device bridge_slave_1 left promiscuous mode [ 1280.601022][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1280.649531][ T936] device bridge_slave_0 left promiscuous mode [ 1280.655914][ T936] bridge0: port 1(bridge_slave_0) entered disabled state 22:55:35 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fsetxattr$trusted_overlay_origin(r0, &(0x7f00000001c0)='trusted.overlay.origin\x00', &(0x7f0000000340)='y\x00', 0x2, 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f0000000180)=0xb) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x4000000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x431, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:35 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:35 executing program 4: mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x1000000005c831, 0xffffffffffffffff, 0x0) mremap(&(0x7f00003fb000/0x400000)=nil, 0x400000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil) [ 1280.730968][T10489] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1280.741100][T10489] CPU: 1 PID: 10489 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1280.748744][T10489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1280.759200][T10489] Call Trace: [ 1280.762515][T10489] dump_stack+0x16f/0x1f0 [ 1280.766876][T10489] dump_header+0x10b/0x831 [ 1280.771317][T10489] ? oom_kill_process+0x94/0x3c0 [ 1280.776302][T10489] oom_kill_process.cold+0x10/0x15 [ 1280.781433][T10489] out_of_memory+0x79a/0x12d0 [ 1280.786142][T10489] ? lock_downgrade+0x920/0x920 [ 1280.791102][T10489] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1280.796924][T10489] ? oom_killer_disable+0x280/0x280 [ 1280.802241][T10489] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1280.807807][T10489] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1280.813465][T10489] ? do_raw_spin_unlock+0x57/0x270 [ 1280.818791][T10489] ? _raw_spin_unlock+0x23/0x30 [ 1280.823659][T10489] try_charge+0x1053/0x1430 [ 1280.828183][T10489] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1280.833744][T10489] ? percpu_ref_tryget_live+0x104/0x270 [ 1280.839322][T10489] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1280.844882][T10489] mem_cgroup_try_charge+0x136/0x590 [ 1280.850195][T10489] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1280.855849][T10489] wp_page_copy+0x27c/0x1380 [ 1280.860455][T10489] ? find_held_lock+0x35/0x130 [ 1280.865253][T10489] ? pmd_pfn+0x1d0/0x1d0 [ 1280.869511][T10489] ? lock_downgrade+0x920/0x920 [ 1280.874400][T10489] ? swp_swapcount+0x520/0x520 [ 1280.879181][T10489] ? __kasan_check_read+0x11/0x20 [ 1280.884224][T10489] ? do_raw_spin_unlock+0x57/0x270 [ 1280.889355][T10489] do_wp_page+0x499/0x14d0 [ 1280.893795][T10489] ? finish_mkwrite_fault+0x570/0x570 [ 1280.899204][T10489] __handle_mm_fault+0x2120/0x3ce0 [ 1280.904349][T10489] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1280.909918][T10489] ? handle_mm_fault+0x294/0xa90 [ 1280.914881][T10489] ? handle_mm_fault+0x675/0xa90 [ 1280.919843][T10489] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1280.925158][T10489] handle_mm_fault+0x3bb/0xa90 [ 1280.929939][T10489] __do_page_fault+0x536/0xdd0 [ 1280.934722][T10489] do_page_fault+0x38/0x536 [ 1280.939235][T10489] page_fault+0x39/0x40 [ 1280.943398][T10489] RIP: 0033:0x430906 [ 1280.947303][T10489] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1280.966925][T10489] RSP: 002b:00007ffd8ee5b310 EFLAGS: 00010206 [ 1280.973001][T10489] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1280.980982][T10489] RDX: 0000555556ec9930 RSI: 0000555556ed1970 RDI: 0000000000000003 [ 1280.988972][T10489] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555556ec8940 [ 1280.996956][T10489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1281.004940][T10489] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1281.013344][T10489] memory: usage 776kB, limit 0kB, failcnt 598013 [ 1281.019732][T10489] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1281.026646][T10489] Memory cgroup stats for /syz0: [ 1281.026749][T10489] anon 20480 [ 1281.026749][T10489] file 106496 [ 1281.026749][T10489] kernel_stack 0 [ 1281.026749][T10489] slab 724992 [ 1281.026749][T10489] sock 0 [ 1281.026749][T10489] shmem 0 [ 1281.026749][T10489] file_mapped 0 [ 1281.026749][T10489] file_dirty 0 [ 1281.026749][T10489] file_writeback 0 [ 1281.026749][T10489] anon_thp 0 [ 1281.026749][T10489] inactive_anon 0 [ 1281.026749][T10489] active_anon 20480 [ 1281.026749][T10489] inactive_file 0 [ 1281.026749][T10489] active_file 0 [ 1281.026749][T10489] unevictable 0 [ 1281.026749][T10489] slab_reclaimable 270336 [ 1281.026749][T10489] slab_unreclaimable 454656 [ 1281.026749][T10489] pgfault 74943 [ 1281.026749][T10489] pgmajfault 0 [ 1281.026749][T10489] workingset_refault 0 [ 1281.026749][T10489] workingset_activate 0 [ 1281.026749][T10489] workingset_nodereclaim 0 [ 1281.026749][T10489] pgrefill 46 [ 1281.026749][T10489] pgscan 46 [ 1281.026749][T10489] pgsteal 0 [ 1281.026749][T10489] pgactivate 0 [ 1281.119861][T10489] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10489,uid=0 [ 1281.136424][T10489] Memory cgroup out of memory: Killed process 10489 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1281.151035][ T1058] oom_reaper: reaped process 10489 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x432, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x433, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:36 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x434, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:36 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1283.955640][ T936] device hsr_slave_0 left promiscuous mode [ 1284.004101][ T936] device hsr_slave_1 left promiscuous mode [ 1284.051770][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1284.064725][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1284.080652][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1284.148518][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1284.220029][ T936] bond0 (unregistering): Released all slaves [ 1284.436744][T10557] IPVS: ftp: loaded support on port[0] = 21 [ 1284.640958][T10557] chnl_net:caif_netlink_parms(): no params data found [ 1284.700921][T10557] bridge0: port 1(bridge_slave_0) entered blocking state [ 1284.708355][T10557] bridge0: port 1(bridge_slave_0) entered disabled state [ 1284.716540][T10557] device bridge_slave_0 entered promiscuous mode [ 1284.731768][T10557] bridge0: port 2(bridge_slave_1) entered blocking state [ 1284.739005][T10557] bridge0: port 2(bridge_slave_1) entered disabled state [ 1284.747359][T10557] device bridge_slave_1 entered promiscuous mode [ 1284.785344][T10557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1284.803279][T10557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1284.835251][T10557] team0: Port device team_slave_0 added [ 1284.849359][T10557] team0: Port device team_slave_1 added 22:55:39 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, r0, 0x0, 0x9, &(0x7f0000000080)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30) sched_setattr(r5, &(0x7f00000001c0)={0x30, 0x1, 0x1, 0x401, 0x6, 0x3, 0x5, 0x200}, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:39 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x435, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:39 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x4800000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:39 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) [ 1284.937128][T10557] device hsr_slave_0 entered promiscuous mode [ 1284.973307][T10557] device hsr_slave_1 entered promiscuous mode [ 1285.024365][T10557] debugfs: Directory 'hsr0' with parent '/' already present! [ 1285.153341][T10557] bridge0: port 2(bridge_slave_1) entered blocking state [ 1285.160532][T10557] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1285.167982][T10557] bridge0: port 1(bridge_slave_0) entered blocking state [ 1285.175113][T10557] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1285.477130][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state [ 1285.498632][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state [ 1285.553754][T10557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1285.595072][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1285.602953][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1285.622757][T10557] 8021q: adding VLAN 0 to HW filter on device team0 [ 1285.651519][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1285.660465][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1285.669006][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1285.676118][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1285.749991][T10557] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1285.760618][T10557] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1285.773465][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1285.782451][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1285.791081][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1285.798207][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1285.805934][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1285.814862][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1285.823729][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1285.832516][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1285.841198][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1285.850038][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1285.858815][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1285.867361][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1285.877271][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1285.885846][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1285.932685][T10557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1285.942625][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1285.950853][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 22:55:40 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000001040)={0x2, 0x4e23, @loopback}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4602706a5ce1a2ee467d3bca22f507643a066104010000000000000c02040000000000a6d10000030007000200ffffffff468051e57464030000000300000000000100bc0800000002000000000000000000ffff7f0000000000000600000000000000000800000000000005000092ac0000006f000000000000000000000000000000ea2b000000000000080000000000000003000000000000000800000000000000f8d1cf6bb60a3cc8252c025b5f92a84bb4d5efd7201c0b3858f135eeae37c7f0e87b4c"], 0xc9) shutdown(r0, 0x1) 22:55:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:40 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x436, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x4c00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:40 executing program 1: openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dlm-control\x00', 0x4000, 0x0) r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000005c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000600)='pids.events\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$VIDIOC_G_TUNER(r1, 0xc054561d, &(0x7f0000000180)={0x7f, "5faca9f1faf168283c802215470a6ebd4fefa87219285696d2af282807d39988", 0x2, 0x800, 0x0, 0x3ff, 0x1, 0xc709ec99a01509ca, 0x36fd, 0x6}) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$RTC_PIE_OFF(r1, 0x7006) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:55:40 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x437, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x6000000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:41 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:41 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x9, 0x0, 0x770, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0) 22:55:41 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x438, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1287.385098][T10656] IPVS: ftp: loaded support on port[0] = 21 [ 1287.489631][T10656] chnl_net:caif_netlink_parms(): no params data found [ 1287.532585][T10656] bridge0: port 1(bridge_slave_0) entered blocking state [ 1287.539974][T10656] bridge0: port 1(bridge_slave_0) entered disabled state [ 1287.548319][T10656] device bridge_slave_0 entered promiscuous mode [ 1287.558307][T10656] bridge0: port 2(bridge_slave_1) entered blocking state [ 1287.565488][T10656] bridge0: port 2(bridge_slave_1) entered disabled state [ 1287.573587][T10656] device bridge_slave_1 entered promiscuous mode [ 1287.606317][T10656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1287.618108][T10656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1287.648160][T10656] team0: Port device team_slave_0 added [ 1287.656688][T10656] team0: Port device team_slave_1 added [ 1287.717570][T10656] device hsr_slave_0 entered promiscuous mode [ 1287.764596][T10656] device hsr_slave_1 entered promiscuous mode [ 1287.813991][T10656] debugfs: Directory 'hsr0' with parent '/' already present! [ 1287.834413][T10656] bridge0: port 2(bridge_slave_1) entered blocking state [ 1287.841503][T10656] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1287.848943][T10656] bridge0: port 1(bridge_slave_0) entered blocking state [ 1287.856017][T10656] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1287.908021][T10656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1287.922705][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1287.932196][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 1287.941514][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 1287.951184][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1287.970318][T10656] 8021q: adding VLAN 0 to HW filter on device team0 [ 1287.985828][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1287.994603][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1288.001714][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1288.038824][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1288.047777][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1288.054912][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1288.063425][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1288.072087][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1288.080503][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1288.092565][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1288.100583][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1288.112277][T10656] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1288.152425][T10656] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1288.380037][T10664] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1288.390627][T10664] CPU: 0 PID: 10664 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1288.398277][T10664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1288.408530][T10664] Call Trace: [ 1288.411838][T10664] dump_stack+0x16f/0x1f0 [ 1288.416233][T10664] dump_header+0x10b/0x831 [ 1288.420678][T10664] oom_kill_process.cold+0x10/0x15 [ 1288.425816][T10664] out_of_memory+0x79a/0x12d0 [ 1288.430587][T10664] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1288.436588][T10664] ? cgroup_file_notify+0x140/0x1b0 [ 1288.441806][T10664] ? oom_killer_disable+0x280/0x280 [ 1288.447045][T10664] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1288.452787][T10664] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1288.458481][T10664] ? cgroup_file_notify+0x140/0x1b0 [ 1288.463717][T10664] memory_max_write+0x262/0x3a0 [ 1288.468606][T10664] ? mem_cgroup_write+0x360/0x360 [ 1288.473657][T10664] ? lock_acquire+0x190/0x400 [ 1288.478361][T10664] ? kernfs_fop_write+0x227/0x480 [ 1288.483403][T10664] cgroup_file_write+0x307/0x790 [ 1288.488335][T10664] ? mem_cgroup_write+0x360/0x360 [ 1288.493387][T10664] ? cgroup_show_path+0x590/0x590 [ 1288.498430][T10664] ? cgroup_show_path+0x590/0x590 [ 1288.503466][T10664] kernfs_fop_write+0x2b8/0x480 [ 1288.508319][T10664] __vfs_write+0x8a/0x110 [ 1288.512646][T10664] ? kernfs_fop_open+0xd80/0xd80 [ 1288.517636][T10664] vfs_write+0x268/0x5d0 [ 1288.521915][T10664] ksys_write+0x14f/0x290 [ 1288.526269][T10664] ? __ia32_sys_read+0xb0/0xb0 [ 1288.531024][T10664] ? do_syscall_64+0x26/0x6a0 [ 1288.535709][T10664] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1288.541796][T10664] ? do_syscall_64+0x26/0x6a0 [ 1288.546505][T10664] __x64_sys_write+0x73/0xb0 [ 1288.551090][T10664] do_syscall_64+0xfd/0x6a0 [ 1288.555621][T10664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1288.561539][T10664] RIP: 0033:0x459829 [ 1288.565632][T10664] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1288.585334][T10664] RSP: 002b:00007f78b1c6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1288.593758][T10664] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1288.601842][T10664] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1288.609819][T10664] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1288.617809][T10664] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f78b1c706d4 [ 1288.625803][T10664] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1288.634006][T10664] memory: usage 5164kB, limit 0kB, failcnt 598014 [ 1288.640695][T10664] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1288.647987][T10664] Memory cgroup stats for /syz0: [ 1288.648735][T10664] anon 4255744 [ 1288.648735][T10664] file 106496 [ 1288.648735][T10664] kernel_stack 65536 [ 1288.648735][T10664] slab 724992 [ 1288.648735][T10664] sock 0 [ 1288.648735][T10664] shmem 0 [ 1288.648735][T10664] file_mapped 0 [ 1288.648735][T10664] file_dirty 0 [ 1288.648735][T10664] file_writeback 0 [ 1288.648735][T10664] anon_thp 4194304 [ 1288.648735][T10664] inactive_anon 0 [ 1288.648735][T10664] active_anon 4255744 [ 1288.648735][T10664] inactive_file 0 [ 1288.648735][T10664] active_file 0 [ 1288.648735][T10664] unevictable 0 [ 1288.648735][T10664] slab_reclaimable 270336 [ 1288.648735][T10664] slab_unreclaimable 454656 [ 1288.648735][T10664] pgfault 75009 [ 1288.648735][T10664] pgmajfault 0 [ 1288.648735][T10664] workingset_refault 0 [ 1288.648735][T10664] workingset_activate 0 [ 1288.648735][T10664] workingset_nodereclaim 0 [ 1288.648735][T10664] pgrefill 46 [ 1288.648735][T10664] pgscan 46 [ 1288.648735][T10664] pgsteal 0 [ 1288.648735][T10664] pgactivate 0 [ 1288.743445][T10664] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10663,uid=0 [ 1288.759653][T10664] Memory cgroup out of memory: Killed process 10663 (syz-executor.0) total-vm:72576kB, anon-rss:4232kB, file-rss:35812kB, shmem-rss:0kB [ 1288.779622][ T1058] oom_reaper: reaped process 10663 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1289.198677][T10656] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1289.208816][T10656] CPU: 1 PID: 10656 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1289.216465][T10656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1289.226526][T10656] Call Trace: [ 1289.229836][T10656] dump_stack+0x16f/0x1f0 [ 1289.234186][T10656] dump_header+0x10b/0x831 [ 1289.238632][T10656] ? oom_kill_process+0x94/0x3c0 [ 1289.243600][T10656] oom_kill_process.cold+0x10/0x15 [ 1289.248732][T10656] out_of_memory+0x79a/0x12d0 [ 1289.253669][T10656] ? lock_downgrade+0x920/0x920 [ 1289.258655][T10656] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1289.264502][T10656] ? oom_killer_disable+0x280/0x280 [ 1289.269775][T10656] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1289.275444][T10656] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1289.281090][T10656] ? do_raw_spin_unlock+0x57/0x270 [ 1289.286390][T10656] ? _raw_spin_unlock+0x23/0x30 [ 1289.291347][T10656] try_charge+0x1053/0x1430 [ 1289.295869][T10656] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1289.301420][T10656] ? percpu_ref_tryget_live+0x104/0x270 [ 1289.306995][T10656] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1289.312553][T10656] mem_cgroup_try_charge+0x136/0x590 [ 1289.317871][T10656] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1289.323512][T10656] wp_page_copy+0x27c/0x1380 [ 1289.328124][T10656] ? find_held_lock+0x35/0x130 [ 1289.334051][T10656] ? pmd_pfn+0x1d0/0x1d0 [ 1289.338308][T10656] ? lock_downgrade+0x920/0x920 [ 1289.343157][T10656] ? swp_swapcount+0x520/0x520 [ 1289.347931][T10656] ? __kasan_check_read+0x11/0x20 [ 1289.353003][T10656] ? do_raw_spin_unlock+0x57/0x270 [ 1289.358127][T10656] do_wp_page+0x499/0x14d0 [ 1289.362545][T10656] ? finish_mkwrite_fault+0x570/0x570 [ 1289.367956][T10656] __handle_mm_fault+0x2120/0x3ce0 [ 1289.373080][T10656] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1289.378810][T10656] ? handle_mm_fault+0x294/0xa90 [ 1289.383778][T10656] ? handle_mm_fault+0x675/0xa90 [ 1289.388724][T10656] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1289.394045][T10656] handle_mm_fault+0x3bb/0xa90 [ 1289.398831][T10656] __do_page_fault+0x536/0xdd0 [ 1289.403591][T10656] do_page_fault+0x38/0x536 [ 1289.408109][T10656] page_fault+0x39/0x40 [ 1289.412260][T10656] RIP: 0033:0x430906 [ 1289.416153][T10656] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1289.435776][T10656] RSP: 002b:00007ffe9e89a290 EFLAGS: 00010206 [ 1289.442075][T10656] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1289.450058][T10656] RDX: 00005555572c5930 RSI: 00005555572cd970 RDI: 0000000000000003 [ 1289.458035][T10656] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555572c4940 [ 1289.466011][T10656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1289.473996][T10656] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1289.482135][T10656] memory: usage 780kB, limit 0kB, failcnt 598022 [ 1289.488575][T10656] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1289.495506][T10656] Memory cgroup stats for /syz0: [ 1289.495634][T10656] anon 57344 [ 1289.495634][T10656] file 106496 [ 1289.495634][T10656] kernel_stack 65536 [ 1289.495634][T10656] slab 724992 [ 1289.495634][T10656] sock 0 [ 1289.495634][T10656] shmem 0 [ 1289.495634][T10656] file_mapped 0 [ 1289.495634][T10656] file_dirty 0 [ 1289.495634][T10656] file_writeback 0 [ 1289.495634][T10656] anon_thp 0 [ 1289.495634][T10656] inactive_anon 0 [ 1289.495634][T10656] active_anon 57344 [ 1289.495634][T10656] inactive_file 0 [ 1289.495634][T10656] active_file 0 [ 1289.495634][T10656] unevictable 0 [ 1289.495634][T10656] slab_reclaimable 270336 [ 1289.495634][T10656] slab_unreclaimable 454656 [ 1289.495634][T10656] pgfault 75009 [ 1289.495634][T10656] pgmajfault 0 [ 1289.495634][T10656] workingset_refault 0 [ 1289.495634][T10656] workingset_activate 0 [ 1289.495634][T10656] workingset_nodereclaim 0 [ 1289.495634][T10656] pgrefill 46 [ 1289.495634][T10656] pgscan 46 [ 1289.495634][T10656] pgsteal 0 [ 1289.495634][T10656] pgactivate 0 22:55:43 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:55:43 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:43 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x439, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:43 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x6558000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:43 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000780)={"c0edae9f77a9fb469396128ed709a416fefacfb684e213ff9a4d82c635cf72f152f3096b15a101e08c7b80628aad2cd40bd917c195ea4497099d334dc9b830f7d4bc78b3b9a8e30ff9b19a0a4ea21adeeb8f2485f8e77c54bb348a9d489f10a880baa61613dee4effe31c5bb58c6cf1d08bf8f5635029777f76e706d3f2cba2c24a526e454654dd3c7f62fcdac82df71ba810b05bb70420ad82c81d97cab4ca7e6b7f3aa76fec3c6b864a9b492074c0cd2dc33d2ac30e220336186e242be8cdbb6a3876a98918ffbe381d645d2117df8d18895dab7a8973a7bb8a96f381673dc496816dcdd33b3d1031b50686df735b12a2c77be013b26f2590e20d27899dd3b098f78f99553451e5d8234c5907a8d97e9a7787cf83fc4998a7d5bb6a7a8d587e8cd2d4cb8b8eb3f9f05502ea4eca2635208812ec2250b6774dd0cbaa7bae2b76f54103715288d437973c49152f9f9691d06470615272e01f99d65d55a83bbdc216d11785a8c7744dcc58050a68473b1c86bb00b2362bab63ed54d763ed8b351948078d8f78545f624a05f6b5ea855f7ac47ba6deec3229cc3706848f50219b221e2a913d854f8b731b1e8d73986712a14519255bef519cd821769098b1683e6ea82e0556db9470f052cc3b38c910946877c0cf4929781591f9eac598e9b5faa07489781c69608a0f2ddcc1c971d2866230c9ec647577b71266f0fe45a099ca6c95a9fb1fb0ce83536d304252d0017644ae3c5770a10bb8f009ceaa8e4fd6670abfcff09459501c972ebe385d035a50e4aed4798b901d6e8bef69c5baa0bc267396d27abc042525ff71bd6e7fcd84eaefe425dd4d5b8026ae6477bb41bbc95b956cba6beb0106dc2980c2b3ddefe99b9d7f123955b6e8c12925e8bb51f1876c6a5d1d6c5ac24424732bf37d8246aacbf2aac410dc33c1d4e9457ee29248e9f29b325fa7316d2d31c4d5d7ab7ea0fe104414568a1fb55a9b4ebbb4e3177492ef1e4ba68a534a2e418fe47d2c1cf5b348ca579d9165805303e7d769903e047bd2debad606059df6b484f4e6b58dc6e0d192b134d52f109a0e0cd73b648c7e3c50e1e17b614c50a1d33d5cf24a1eba7156e83fc2d4be1dd2c1c96bcb546e3badbce08d24d5d08990b9e11d7e1bcb961f537f941d7b7b2dccf7c811c5a1c9b4311ef7661c924cb6dd3d9030f5e0a53e0bdec93b12b28e6e734ac6d17ee4e81d914583d763bf3271bd75fed1b0d0b2fa8547e61cf489efe75aaf83ff3c2d3e5b3868187043ddc4e46ad2c17e28d30a2c27cc9ce260099eab78bb7253e79de9206221c143be35735507f97c259e840221df7bd30fa2c109b45d3ccb9b332d43aa6ec037252bec22e729a85796b0bf4b6ebfbf75d94c58b08ef5823ed4cbe119a83acc90c1d51d19c9dfc54dfdde1f7ab363e6a74a61b4f247b7b2eb8b897615bf5212e"}) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) io_setup(0x5, &(0x7f0000000080)=0x0) io_destroy(r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000180)=0x2) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:43 executing program 4: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10) [ 1289.589298][T10656] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10656,uid=0 [ 1289.604839][T10656] Memory cgroup out of memory: Killed process 10656 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1289.619357][ T1058] oom_reaper: reaped process 10656 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:44 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:44 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:44 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000640)='net/unix\x00') sendfile(r0, r1, 0x0, 0x800000bf) 22:55:44 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:44 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3a9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:44 executing program 4: setrlimit(0x400000000000007, &(0x7f0000000000)={0x4, 0x2e}) socketpair$nbd(0x1, 0x1, 0x0, 0x0) 22:55:45 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:55:45 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3aa, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x2d, &(0x7f0000000080), 0x4) 22:55:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x6800000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:45 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000440)="460012f3b914ef86864733622635cf1c6b7f713c1c4e993d5f3bffed4503e2abd7fcd8c4f1089619ff7b61d88d33ff3f1ce323", 0xfffffc73) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x1}, &(0x7f0000000180)=0x8) sendto$x25(r0, &(0x7f00000005c0)="b4205e710fb90f38bb66de3d0e04fdb7d74e88d6b9dd2109076bd9e5f111d2d360c3f496e81930ba842ce304212b0d2db1a0c9335a72b04b378ae22524e27c4643d7754d2a140db9ec90accd0705854b60f1906f193121f797c98c336f82703dfa62746476217a509eac8ce0e7c33afe2bf294c856a117eef8d6e81e00a90becfb337aca7aa99f35676aa8e15d518a9519ec11ab751fbf61d2427aa9160dde65323710cce3b4a8ee9b4a35109600d6ffd1c94db229ed1b9a7ab4c96db3de61295e0983747e430461ebb32835b720d62a6746318960f6df0e81bcafde957d53fe", 0xe0, 0x4000001, 0x0, 0x0) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000001c0)={r1, 0x7}, 0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x3, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:55:45 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ab, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) [ 1291.041771][T10737] kvm: emulating exchange as write 22:55:45 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ac, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x43f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:45 executing program 4: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0) 22:55:46 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ad, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:46 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x440, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000040), 0x3, 0x0, 0x0, &(0x7f0000000100), 0x0) 22:55:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x6c00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmmsg$alg(r0, &(0x7f0000000180)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000005c0)="ec483dac5136381ed174b752cb01475f9cb8d6c55855e7c832723760dee69c0e7134c4ee89f680c7c9cc442a3b025cc95b04b6e99e63571259a460658d50aee9940d29237d0890ecbc7fb477f5c4517cbe07a9285d406cb53227a59414d5171898d59eae35f588865a545e916f12e622a62f9a2cb8b50751cb9c16479c89464889d9", 0x82}, {&(0x7f0000000780)="008e922dfb999b3b908afa110a7202ff932e0c37f28a9e69c02d0181006639e3d9317aba2733cdf43ac5f2a21c6c4eef2a506dd40f836cf193340d98778f0dd78eb25af8695680d23abf7ae04eed965ffb4da304f16646e7c4d60f713079d88150754e594a70af43aa46456e3ad2819e7f99f0c8885388c47b68f6d7de98418d2b74f584df681980be948046dd51d3c651b199f75fa7b792e7e46ad82fc1628729c4b66529505b8f4a09504ca87029183f2d76998aa88141bed557f0d1bb979ebfc1c92113b49820", 0xc8}], 0x2, &(0x7f0000000880)=[@op={0x18, 0x117, 0x3, 0x1}, @iv={0xa8, 0x117, 0x2, 0x91, "67a59aa0be7e609d366dcfda7d882034039e4c57601941b91c3ac3e2cb60d6bebce0cd04a9c8faf50b4689abe16f902b557ce0a9d0332c35144f8f5f55e8ba90fdac5f1d9133041cbd69947baffd62079383596ddb3d164d0de8443a6464d56efad15c3e22c6ca22e4f34c28584922a41be87eafb8d35b3c156bea012527c4a05ecf1828b75214b46891ed2d52c9960c1a"}, @assoc={0x18, 0x117, 0x4, 0x5}, @assoc={0x18, 0x117, 0x4, 0x7}, @assoc={0x18, 0x117, 0x4, 0x40}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x1}], 0x168, 0x4000}], 0x1, 0x4000000) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000680)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000040), 0x3, 0x0, 0x0, &(0x7f0000000100), 0x0) 22:55:46 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ae, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1293.005976][ T936] device bridge_slave_1 left promiscuous mode [ 1293.012265][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.045407][ T936] device bridge_slave_0 left promiscuous mode [ 1293.051654][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1295.184422][ T936] device hsr_slave_0 left promiscuous mode [ 1295.224184][ T936] device hsr_slave_1 left promiscuous mode [ 1295.286575][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1295.309192][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1295.321781][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1295.379418][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1295.453289][ T936] bond0 (unregistering): Released all slaves [ 1295.555693][T10812] IPVS: ftp: loaded support on port[0] = 21 [ 1295.640589][T10812] chnl_net:caif_netlink_parms(): no params data found [ 1295.679504][T10812] bridge0: port 1(bridge_slave_0) entered blocking state [ 1295.686727][T10812] bridge0: port 1(bridge_slave_0) entered disabled state [ 1295.694901][T10812] device bridge_slave_0 entered promiscuous mode [ 1295.755647][T10812] bridge0: port 2(bridge_slave_1) entered blocking state [ 1295.763289][T10812] bridge0: port 2(bridge_slave_1) entered disabled state [ 1295.771697][T10812] device bridge_slave_1 entered promiscuous mode [ 1295.805990][T10812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1295.824833][T10812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1295.857602][T10812] team0: Port device team_slave_0 added [ 1295.866274][T10812] team0: Port device team_slave_1 added [ 1296.017133][T10812] device hsr_slave_0 entered promiscuous mode [ 1296.054407][T10812] device hsr_slave_1 entered promiscuous mode [ 1296.094064][T10812] debugfs: Directory 'hsr0' with parent '/' already present! [ 1296.125828][T10812] bridge0: port 2(bridge_slave_1) entered blocking state [ 1296.132967][T10812] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1296.140462][T10812] bridge0: port 1(bridge_slave_0) entered blocking state [ 1296.147607][T10812] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1296.223328][T10812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1296.242335][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1296.252519][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state [ 1296.260966][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state [ 1296.278781][T10812] 8021q: adding VLAN 0 to HW filter on device team0 [ 1296.294705][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1296.303261][ T5184] bridge0: port 1(bridge_slave_0) entered blocking state [ 1296.310406][ T5184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1296.352508][T10812] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1296.363438][T10812] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1296.377942][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1296.386704][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 1296.393788][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1296.402385][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1296.411710][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1296.420470][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1296.429189][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1296.440792][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1296.448877][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1296.482084][T10812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1296.773329][T10820] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1296.783987][T10820] CPU: 0 PID: 10820 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1296.791834][T10820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1296.801914][T10820] Call Trace: [ 1296.805234][T10820] dump_stack+0x16f/0x1f0 [ 1296.809596][T10820] dump_header+0x10b/0x831 [ 1296.814059][T10820] oom_kill_process.cold+0x10/0x15 [ 1296.819206][T10820] out_of_memory+0x79a/0x12d0 [ 1296.824393][T10820] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1296.830066][T10820] ? cgroup_file_notify+0x140/0x1b0 [ 1296.835407][T10820] ? oom_killer_disable+0x280/0x280 [ 1296.840669][T10820] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1296.846250][T10820] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1296.852035][T10820] ? cgroup_file_notify+0x140/0x1b0 [ 1296.857289][T10820] memory_max_write+0x262/0x3a0 [ 1296.862180][T10820] ? mem_cgroup_write+0x360/0x360 [ 1296.867232][T10820] ? lock_acquire+0x190/0x400 [ 1296.871938][T10820] ? kernfs_fop_write+0x227/0x480 [ 1296.877006][T10820] cgroup_file_write+0x307/0x790 [ 1296.881979][T10820] ? mem_cgroup_write+0x360/0x360 [ 1296.887025][T10820] ? cgroup_show_path+0x590/0x590 [ 1296.892103][T10820] ? cgroup_show_path+0x590/0x590 [ 1296.897157][T10820] kernfs_fop_write+0x2b8/0x480 [ 1296.902038][T10820] __vfs_write+0x8a/0x110 [ 1296.906395][T10820] ? kernfs_fop_open+0xd80/0xd80 [ 1296.911359][T10820] vfs_write+0x268/0x5d0 [ 1296.915725][T10820] ksys_write+0x14f/0x290 [ 1296.920119][T10820] ? __ia32_sys_read+0xb0/0xb0 [ 1296.924918][T10820] ? do_syscall_64+0x26/0x6a0 [ 1296.929618][T10820] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1296.935705][T10820] ? do_syscall_64+0x26/0x6a0 [ 1296.940422][T10820] __x64_sys_write+0x73/0xb0 [ 1296.945063][T10820] do_syscall_64+0xfd/0x6a0 [ 1296.949600][T10820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1296.955524][T10820] RIP: 0033:0x459829 [ 1296.959438][T10820] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1296.979153][T10820] RSP: 002b:00007f21bd94cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1296.987595][T10820] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1296.995592][T10820] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1297.003683][T10820] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1297.011683][T10820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f21bd94d6d4 [ 1297.019712][T10820] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1297.027894][T10820] memory: usage 5192kB, limit 0kB, failcnt 598023 [ 1297.035044][T10820] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1297.042092][T10820] Memory cgroup stats for /syz0: [ 1297.042615][T10820] anon 4300800 [ 1297.042615][T10820] file 106496 [ 1297.042615][T10820] kernel_stack 65536 [ 1297.042615][T10820] slab 724992 [ 1297.042615][T10820] sock 0 [ 1297.042615][T10820] shmem 0 [ 1297.042615][T10820] file_mapped 0 [ 1297.042615][T10820] file_dirty 0 [ 1297.042615][T10820] file_writeback 0 [ 1297.042615][T10820] anon_thp 4194304 [ 1297.042615][T10820] inactive_anon 0 [ 1297.042615][T10820] active_anon 4300800 [ 1297.042615][T10820] inactive_file 0 [ 1297.042615][T10820] active_file 0 [ 1297.042615][T10820] unevictable 0 [ 1297.042615][T10820] slab_reclaimable 270336 [ 1297.042615][T10820] slab_unreclaimable 454656 [ 1297.042615][T10820] pgfault 75075 [ 1297.042615][T10820] pgmajfault 0 [ 1297.042615][T10820] workingset_refault 0 [ 1297.042615][T10820] workingset_activate 0 [ 1297.042615][T10820] workingset_nodereclaim 0 [ 1297.042615][T10820] pgrefill 46 [ 1297.042615][T10820] pgscan 46 [ 1297.042615][T10820] pgsteal 0 [ 1297.042615][T10820] pgactivate 0 [ 1297.138281][T10820] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10818,uid=0 [ 1297.154563][T10820] Memory cgroup out of memory: Killed process 10818 (syz-executor.0) total-vm:72576kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB [ 1297.173466][ T1058] oom_reaper: reaped process 10818 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1297.748945][T10812] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1297.758992][T10812] CPU: 0 PID: 10812 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1297.766641][T10812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1297.776707][T10812] Call Trace: [ 1297.780025][T10812] dump_stack+0x16f/0x1f0 [ 1297.784490][T10812] dump_header+0x10b/0x831 [ 1297.789810][T10812] ? oom_kill_process+0x94/0x3c0 22:55:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:52 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x441, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:52 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3af, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:52 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x7400000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x32, &(0x7f0000000040)={@ipv4={[0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2], [], @multicast2}, 0x500}, 0x20) 22:55:52 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000005c0)=""/219, 0xdb}, {&(0x7f0000000180)=""/91, 0x5b}, {&(0x7f0000000780)=""/205, 0xcd}, {&(0x7f0000000440)=""/89, 0x59}, {&(0x7f0000000880)=""/138, 0x8a}], 0x5, &(0x7f0000000940)=""/105, 0x69}, 0x20) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1297.794762][T10812] oom_kill_process.cold+0x10/0x15 [ 1297.799890][T10812] out_of_memory+0x79a/0x12d0 [ 1297.804591][T10812] ? lock_downgrade+0x920/0x920 [ 1297.809475][T10812] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1297.815391][T10812] ? oom_killer_disable+0x280/0x280 [ 1297.820618][T10812] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1297.826198][T10812] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1297.831850][T10812] ? do_raw_spin_unlock+0x57/0x270 [ 1297.836971][T10812] ? _raw_spin_unlock+0x23/0x30 [ 1297.841856][T10812] try_charge+0x1053/0x1430 [ 1297.846382][T10812] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1297.851950][T10812] ? percpu_ref_tryget_live+0x104/0x270 [ 1297.857526][T10812] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1297.863101][T10812] mem_cgroup_try_charge+0x136/0x590 [ 1297.868419][T10812] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1297.874082][T10812] wp_page_copy+0x27c/0x1380 [ 1297.878716][T10812] ? find_held_lock+0x35/0x130 [ 1297.883502][T10812] ? pmd_pfn+0x1d0/0x1d0 [ 1297.887767][T10812] ? lock_downgrade+0x920/0x920 [ 1297.892626][T10812] ? swp_swapcount+0x520/0x520 [ 1297.897414][T10812] ? __kasan_check_read+0x11/0x20 [ 1297.902467][T10812] ? do_raw_spin_unlock+0x57/0x270 [ 1297.907597][T10812] do_wp_page+0x499/0x14d0 [ 1297.912020][T10812] ? finish_mkwrite_fault+0x570/0x570 [ 1297.917414][T10812] __handle_mm_fault+0x2120/0x3ce0 [ 1297.922540][T10812] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1297.928100][T10812] ? handle_mm_fault+0x294/0xa90 [ 1297.933054][T10812] ? handle_mm_fault+0x675/0xa90 [ 1297.938016][T10812] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1297.943332][T10812] handle_mm_fault+0x3bb/0xa90 [ 1297.948122][T10812] __do_page_fault+0x536/0xdd0 [ 1297.952906][T10812] do_page_fault+0x38/0x536 [ 1297.957420][T10812] page_fault+0x39/0x40 [ 1297.961573][T10812] RIP: 0033:0x430906 [ 1297.965467][T10812] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1297.985168][T10812] RSP: 002b:00007ffe43814830 EFLAGS: 00010206 [ 1297.991245][T10812] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1297.999237][T10812] RDX: 0000555556588930 RSI: 0000555556590970 RDI: 0000000000000003 [ 1298.007234][T10812] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555556587940 [ 1298.015213][T10812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1298.023207][T10812] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1298.032097][T10812] memory: usage 804kB, limit 0kB, failcnt 598031 [ 1298.038490][T10812] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1298.038501][T10812] Memory cgroup stats for /syz0: 22:55:52 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x5) keyctl$join(0x1, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae", 0x1}], 0x1) [ 1298.038602][T10812] anon 40960 [ 1298.038602][T10812] file 106496 [ 1298.038602][T10812] kernel_stack 65536 [ 1298.038602][T10812] slab 724992 [ 1298.038602][T10812] sock 0 [ 1298.038602][T10812] shmem 0 [ 1298.038602][T10812] file_mapped 0 [ 1298.038602][T10812] file_dirty 0 [ 1298.038602][T10812] file_writeback 0 [ 1298.038602][T10812] anon_thp 0 [ 1298.038602][T10812] inactive_anon 0 [ 1298.038602][T10812] active_anon 40960 [ 1298.038602][T10812] inactive_file 0 [ 1298.038602][T10812] active_file 0 [ 1298.038602][T10812] unevictable 0 [ 1298.038602][T10812] slab_reclaimable 270336 [ 1298.038602][T10812] slab_unreclaimable 454656 [ 1298.038602][T10812] pgfault 75075 [ 1298.038602][T10812] pgmajfault 0 [ 1298.038602][T10812] workingset_refault 0 [ 1298.038602][T10812] workingset_activate 0 [ 1298.038602][T10812] workingset_nodereclaim 0 [ 1298.038602][T10812] pgrefill 46 [ 1298.038602][T10812] pgscan 46 [ 1298.038602][T10812] pgsteal 0 [ 1298.038602][T10812] pgactivate 0 [ 1298.138782][T10812] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10812,uid=0 [ 1298.138867][T10812] Memory cgroup out of memory: Killed process 10812 (syz-executor.0) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB [ 1298.140639][ T1058] oom_reaper: reaped process 10812 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:55:52 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:52 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x442, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1298.274877][T10841] sg_write: process 31 (syz-executor.4) changed security contexts after opening file descriptor, this is not allowed. 22:55:52 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x7a00000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:52 executing program 4: 22:55:52 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000780)={{0x7f, 0x45, 0x4c, 0x46, 0xfffffffffffffeff, 0x81, 0x10001, 0xdc9, 0x100000000, 0x2, 0x3e, 0x5, 0x22d, 0x38, 0x2c4, 0xffff, 0x774b, 0x20, 0x2, 0x925, 0x6, 0xffffffff00000001}, [{0x70000007, 0x8, 0xb43, 0x1, 0x8, 0x1a4c, 0xd4f, 0x3}], "f978772ef3554dca5b85b6b3032d77fae668639a785aedb4ed90ed8b269d79ec9519621c1cbf217011bfc1d697b48dcedb2467d3dd63f8bee5aeca4bfe55cdac4cda85bef12617632c4ff2b9fd6d90634ca566c2493cee552426580901508f6eaae469f00804599d70d4c97987fdad25a6c81f53008061dd4005ea24357aa59e4f6ed7716b282afe82811042db54fa0e0da5c9375f8029d6aae441ce7e648b2e47d274c7da86708c83ddb894d21c1dc78afe45da147a922ba49f527eec8944ea12ff57191e4d435364a15f61be1d80", [[]]}, 0x227) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) write$9p(r0, &(0x7f00000005c0)="90555b2e58e89b30c8761b3435465c1732ea62db5ced6bbfc5c039ef449433d270e96675d5ac3646b54f2a51feb26cc2e09d888825f740ac24c4510ffd734a44c7a284fadc453720e216ca2279b2dc5e79a74d7c61d613558481dac513bcd8f06a183aba28ed82b0552ee5e387f2705aed5cc94f2fedae35acecc9138e78e00e517470b7ffc54b421aa4c6ee7472ca25b556cd5969b36347dc0ec67204f02de6f8a3430c115702150f337be70cacea52dbc5584eab155a44efea16d0659b8b263015d61ef3787e49a8853c153e058b52", 0xd0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x8006, 0x0, 0x0, 0x0, 0x1]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:53 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0x0, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:53 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:53 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x443, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:53 executing program 4: 22:55:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x8100000000000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:53 executing program 4: 22:55:53 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:53 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x444, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:53 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:55:53 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:55:53 executing program 4: 22:55:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:54 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x445, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:54 executing program 4: 22:55:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x88a8ffff00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:55:54 executing program 4: 22:55:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:54 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x446, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:55:54 executing program 4: 22:55:55 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) shutdown(r2, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000080)=0xf000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1302.004084][T10965] IPVS: ftp: loaded support on port[0] = 21 [ 1302.082376][T10965] chnl_net:caif_netlink_parms(): no params data found [ 1302.286059][T10965] bridge0: port 1(bridge_slave_0) entered blocking state [ 1302.293326][T10965] bridge0: port 1(bridge_slave_0) entered disabled state [ 1302.301613][T10965] device bridge_slave_0 entered promiscuous mode [ 1302.481643][T10965] bridge0: port 2(bridge_slave_1) entered blocking state [ 1302.489146][T10965] bridge0: port 2(bridge_slave_1) entered disabled state [ 1302.496914][T10965] device bridge_slave_1 entered promiscuous mode [ 1302.517681][T10965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1302.529438][T10965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1302.725725][T10965] team0: Port device team_slave_0 added [ 1302.732577][T10965] team0: Port device team_slave_1 added [ 1302.786808][T10965] device hsr_slave_0 entered promiscuous mode [ 1302.824335][T10965] device hsr_slave_1 entered promiscuous mode [ 1302.864027][T10965] debugfs: Directory 'hsr0' with parent '/' already present! [ 1303.050748][T10965] bridge0: port 2(bridge_slave_1) entered blocking state [ 1303.057896][T10965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1303.065824][T10965] bridge0: port 1(bridge_slave_0) entered blocking state [ 1303.072889][T10965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1303.085023][ T3516] bridge0: port 1(bridge_slave_0) entered disabled state [ 1303.093692][ T3516] bridge0: port 2(bridge_slave_1) entered disabled state [ 1303.108056][ T936] device bridge_slave_1 left promiscuous mode [ 1303.114453][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1303.165817][ T936] device bridge_slave_0 left promiscuous mode [ 1303.171998][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1303.228962][ T936] device bridge_slave_1 left promiscuous mode [ 1303.235374][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1303.285381][ T936] device bridge_slave_0 left promiscuous mode [ 1303.297719][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1307.545128][ T936] device hsr_slave_0 left promiscuous mode [ 1307.584771][ T936] device hsr_slave_1 left promiscuous mode [ 1307.637926][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1307.652999][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1307.666485][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1307.699496][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1307.774327][ T936] bond0 (unregistering): Released all slaves [ 1307.894665][ T936] device hsr_slave_0 left promiscuous mode [ 1307.934073][ T936] device hsr_slave_1 left promiscuous mode [ 1307.984316][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1307.998180][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1308.011999][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1308.051853][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1308.124243][ T936] bond0 (unregistering): Released all slaves [ 1308.237748][T10965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1308.253399][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1308.261727][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1308.275129][T10965] 8021q: adding VLAN 0 to HW filter on device team0 [ 1308.286516][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1308.295386][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1308.303976][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1308.311052][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1308.323504][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1308.324219][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1308.340172][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state [ 1308.347299][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1308.374135][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1308.382787][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1308.391808][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1308.400657][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1308.409332][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1308.418054][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1308.426936][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1308.435575][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1308.445806][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1308.548173][T10965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1308.559800][T10965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1308.567985][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1308.576612][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1308.622904][T10965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1308.954657][T10973] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1308.965395][T10973] CPU: 0 PID: 10973 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1308.973066][T10973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1308.983181][T10973] Call Trace: [ 1308.986524][T10973] dump_stack+0x16f/0x1f0 [ 1308.990908][T10973] dump_header+0x10b/0x831 [ 1308.995367][T10973] oom_kill_process.cold+0x10/0x15 [ 1309.000527][T10973] out_of_memory+0x79a/0x12d0 [ 1309.005235][T10973] ? cgroup_file_notify+0x140/0x1b0 [ 1309.010562][T10973] ? oom_killer_disable+0x280/0x280 [ 1309.015810][T10973] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1309.021387][T10973] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1309.027080][T10973] ? cgroup_file_notify+0x140/0x1b0 [ 1309.032339][T10973] memory_max_write+0x262/0x3a0 [ 1309.037233][T10973] ? mem_cgroup_write+0x360/0x360 [ 1309.042294][T10973] ? lock_acquire+0x190/0x400 [ 1309.047013][T10973] ? kernfs_fop_write+0x227/0x480 [ 1309.052094][T10973] cgroup_file_write+0x307/0x790 [ 1309.057079][T10973] ? mem_cgroup_write+0x360/0x360 [ 1309.062131][T10973] ? cgroup_show_path+0x590/0x590 [ 1309.067194][T10973] ? cgroup_show_path+0x590/0x590 [ 1309.072255][T10973] kernfs_fop_write+0x2b8/0x480 [ 1309.077135][T10973] __vfs_write+0x8a/0x110 [ 1309.081482][T10973] ? kernfs_fop_open+0xd80/0xd80 [ 1309.086453][T10973] vfs_write+0x268/0x5d0 [ 1309.090724][T10973] ksys_write+0x14f/0x290 [ 1309.095085][T10973] ? __ia32_sys_read+0xb0/0xb0 [ 1309.099884][T10973] __x64_sys_write+0x73/0xb0 [ 1309.104496][T10973] ? do_syscall_64+0x5b/0x6a0 [ 1309.109372][T10973] do_syscall_64+0xfd/0x6a0 [ 1309.113906][T10973] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1309.119824][T10973] RIP: 0033:0x459829 [ 1309.123738][T10973] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1309.143370][T10973] RSP: 002b:00007fa1087a1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1309.151813][T10973] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1309.159819][T10973] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1309.167818][T10973] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1309.175837][T10973] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa1087a26d4 [ 1309.183832][T10973] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1309.203242][T10973] memory: usage 5164kB, limit 0kB, failcnt 598032 [ 1309.210307][T10973] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1309.217325][T10973] Memory cgroup stats for /syz0: [ 1309.217452][T10973] anon 4255744 [ 1309.217452][T10973] file 106496 [ 1309.217452][T10973] kernel_stack 65536 [ 1309.217452][T10973] slab 724992 [ 1309.217452][T10973] sock 0 [ 1309.217452][T10973] shmem 0 [ 1309.217452][T10973] file_mapped 0 [ 1309.217452][T10973] file_dirty 0 [ 1309.217452][T10973] file_writeback 0 [ 1309.217452][T10973] anon_thp 4194304 [ 1309.217452][T10973] inactive_anon 0 [ 1309.217452][T10973] active_anon 4255744 [ 1309.217452][T10973] inactive_file 0 [ 1309.217452][T10973] active_file 0 [ 1309.217452][T10973] unevictable 0 [ 1309.217452][T10973] slab_reclaimable 270336 [ 1309.217452][T10973] slab_unreclaimable 454656 [ 1309.217452][T10973] pgfault 75141 [ 1309.217452][T10973] pgmajfault 0 [ 1309.217452][T10973] workingset_refault 0 [ 1309.217452][T10973] workingset_activate 0 [ 1309.217452][T10973] workingset_nodereclaim 0 [ 1309.217452][T10973] pgrefill 46 [ 1309.217452][T10973] pgscan 46 [ 1309.217452][T10973] pgsteal 0 [ 1309.217452][T10973] pgactivate 0 [ 1309.313022][T10973] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10972,uid=0 [ 1309.338792][T10973] Memory cgroup out of memory: Killed process 10972 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1309.357670][ T1058] oom_reaper: reaped process 10972 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:56:04 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:04 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x447, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:04 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:04 executing program 4: 22:56:04 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x9effffff00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000000080)={0x423, 0x2, 0x7f, 0x603}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1310.007336][T10965] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1310.017437][T10965] CPU: 0 PID: 10965 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1310.025547][T10965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1310.035615][T10965] Call Trace: [ 1310.038936][T10965] dump_stack+0x16f/0x1f0 [ 1310.043276][T10965] dump_header+0x10b/0x831 [ 1310.047698][T10965] ? oom_kill_process+0x94/0x3c0 [ 1310.052646][T10965] oom_kill_process.cold+0x10/0x15 [ 1310.057766][T10965] out_of_memory+0x79a/0x12d0 [ 1310.062448][T10965] ? lock_downgrade+0x920/0x920 [ 1310.067304][T10965] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1310.073136][T10965] ? oom_killer_disable+0x280/0x280 [ 1310.078346][T10965] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1310.083893][T10965] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1310.089530][T10965] ? do_raw_spin_unlock+0x57/0x270 [ 1310.094651][T10965] ? _raw_spin_unlock+0x23/0x30 [ 1310.099523][T10965] try_charge+0x1053/0x1430 [ 1310.104036][T10965] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1310.109586][T10965] ? percpu_ref_tryget_live+0x104/0x270 [ 1310.115144][T10965] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1310.120690][T10965] mem_cgroup_try_charge+0x136/0x590 [ 1310.125985][T10965] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1310.131642][T10965] __handle_mm_fault+0x1c63/0x3ce0 [ 1310.136761][T10965] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1310.142306][T10965] ? handle_mm_fault+0x294/0xa90 [ 1310.147266][T10965] ? handle_mm_fault+0x675/0xa90 [ 1310.152218][T10965] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1310.157511][T10965] handle_mm_fault+0x3bb/0xa90 [ 1310.162369][T10965] __do_page_fault+0x536/0xdd0 [ 1310.167146][T10965] do_page_fault+0x38/0x536 [ 1310.171654][T10965] page_fault+0x39/0x40 [ 1310.175806][T10965] RIP: 0033:0x4034f2 [ 1310.179698][T10965] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8d 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 42 05 00 48 [ 1310.199307][T10965] RSP: 002b:00007ffe788daeb0 EFLAGS: 00010246 [ 1310.205377][T10965] RAX: 0000000000000000 RBX: 000000000013f8f2 RCX: 0000000000413430 [ 1310.213350][T10965] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe788dbfe0 [ 1310.221323][T10965] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000555556f52940 [ 1310.229295][T10965] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe788dbfe0 [ 1310.237270][T10965] R13: 00007ffe788dbfd0 R14: 0000000000000000 R15: 00007ffe788dbfe0 [ 1310.245970][T10965] memory: usage 784kB, limit 0kB, failcnt 598040 [ 1310.252338][T10965] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1310.252350][T10965] Memory cgroup stats for /syz0: [ 1310.252451][T10965] anon 0 [ 1310.252451][T10965] file 106496 [ 1310.252451][T10965] kernel_stack 65536 [ 1310.252451][T10965] slab 724992 [ 1310.252451][T10965] sock 0 [ 1310.252451][T10965] shmem 0 [ 1310.252451][T10965] file_mapped 0 [ 1310.252451][T10965] file_dirty 0 [ 1310.252451][T10965] file_writeback 0 [ 1310.252451][T10965] anon_thp 0 [ 1310.252451][T10965] inactive_anon 0 [ 1310.252451][T10965] active_anon 0 [ 1310.252451][T10965] inactive_file 0 [ 1310.252451][T10965] active_file 0 [ 1310.252451][T10965] unevictable 0 [ 1310.252451][T10965] slab_reclaimable 270336 [ 1310.252451][T10965] slab_unreclaimable 454656 [ 1310.252451][T10965] pgfault 75141 [ 1310.252451][T10965] pgmajfault 0 [ 1310.252451][T10965] workingset_refault 0 [ 1310.252451][T10965] workingset_activate 0 [ 1310.252451][T10965] workingset_nodereclaim 0 [ 1310.252451][T10965] pgrefill 46 [ 1310.252451][T10965] pgscan 46 [ 1310.252451][T10965] pgsteal 0 [ 1310.252451][T10965] pgactivate 0 [ 1310.252451][T10965] pgdeactivate 46 22:56:04 executing program 4: [ 1310.264251][T10965] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10965,uid=0 [ 1310.371312][T10965] Memory cgroup out of memory: Killed process 10965 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1310.393517][ T1058] oom_reaper: reaped process 10965 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:56:04 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:04 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x448, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1310.564102][T10977] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 22:56:05 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xc3ffffff00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:05 executing program 4: 22:56:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x449, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:05 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:05 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:05 executing program 4: 22:56:05 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:05 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xf0ffffff00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:05 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000180)={0x5, 0x7, 0x1f}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000005c0), &(0x7f0000000600)=0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setlease(r2, 0x400, 0x2) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) r6 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c14229f324e7f8f41487aa2db550ddae65aa874e8bc0675d18f862", 0x1b, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r6, 0xfff) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:56:05 executing program 4: 22:56:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3b9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:06 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:06 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6}, 0x10) creat(0x0, 0x0) 22:56:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfcffffff00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ba, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1312.030402][T11066] device veth0_to_hsr entered promiscuous mode [ 1312.114258][T11062] device veth0_to_hsr left promiscuous mode [ 1312.141390][T11066] device veth0_to_hsr entered promiscuous mode 22:56:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) recvfrom$llc(r0, &(0x7f0000001900)=""/4096, 0x1000, 0x40, &(0x7f0000002900)={0x1a, 0x30f, 0x7ff, 0xff, 0xfffffffffffffffb, 0x5, @remote}, 0x10) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) sendmmsg$nfc_llcp(r0, &(0x7f0000000700)=[{&(0x7f0000000440)={0x27, 0x1, 0x0, 0x3, 0x4, 0xc323, "58e42d414484a6dbc44a07dd138c63cc1491669672a1fa30f4674094aaed8a61085c0ec32d8622021aac29a7f0398f003cabe5d634a4f985c203b12231d755", 0x19}, 0x60, &(0x7f0000000840)=[{&(0x7f00000005c0)="cebc191610d53ffe6db6e53b9e0e59054396abd33aeb9a31262aa754e7b8ffe07aa261285406d62106413e0b749bbcce824e746b8a1240b6937e06fa01d21af5fedf9c3b3c74b4aaf65828b1b958a97216ec038d97649d8e6ea1d8de8e5ef89a790a2bdaa06e0427504b255307e75d39e990af4d3870486e0dfad72afab034c5308277a4f74d1cc5ea21756fe2e7297a711cfef6d69be72c64abab", 0x9b}, {&(0x7f0000000340)="3995686b7123c2d5", 0x8}, {&(0x7f0000000680)="6fd10c28d38112a054a8ebe29ea64fd29c1f174cf80b3abd84d9bdad0d253252a809744aaf90745ec67edf23fbbcf01fa8e7", 0x32}, {&(0x7f00000006c0)="58c99445c40ff114b073454c23ba9de8a7725551ec3ec58c9d26f32dd5d7578c50c01f3b48", 0x25}, {&(0x7f0000000780)="04763e0251fb75f7f237be0abf173228c4a67db8634bd47f973bac03a912f42e96c3e6535ff58104f41baa16b875d0e7899039ea1952bdb78b0868a417a77d927dd668caa26d16efd68b11bf21c52f605cad9e0adfd2de6fa886217b968bdb222505ec869a3bb9478091fa52cfc307dd0b565d5766249f009f3226576c9ce626e47274879acc05eac4ee2cf1194c0933", 0x90}], 0x5, &(0x7f00000008c0)={0x1010, 0x85, 0x5, "5486bf4051a5c20f342f05417541df7fb2e016b1e8beff052be784037defd16f51a85167c6128204a5a772d60fc5d7373dc773a02c8974479d3922c14bb3371dcf2120befc9abd4f65a55ff9717e0d3211944a13f39a1e3522d7faa77137b4004316574ba583a31e9bce5d653368795bc197d27531b78286f7d73a41fa15d19622e446ba2a3cef5a5e7bc9e7d8d056f03373fc8aa48713da81f89cb01dc29a5048750d926f666d8f13d87fba3c2b9a7c6ca86cbf4e40f864c091178aa5472bd6319b6e5fc96383457de03875eb1ccd4fd07675544c2f93db81f4b828fb345c7a23c9defe11979b62dabf5ccf21819bc2f7af26dd78f17a819c9f20e0c2cdc82d56c0bddd625baa246a263f4603bfa53750b8244eaff37da09d9227a0ba806cba1f20e53e0234e3530c1345beed0d9e1ea7c1f0c074c1e9adfe56db3807913c7c2f8be4398a4efee42984629c3367b22df46a094d23a8469e9f6edff462dcf031f4e7f8bd45626b2b5ef6590c47c5df9fe3e2bca61e42a2ba6b93d99722b7413708cfbd04c7dac1f7d1a767aea0c094b1ba1ea137d9d323cd0483d4937b1d9465e1472470d0f1aacd786a9f0f066faed915d41234869d3c45e69f2840da777392f5fdace3fd5192f4dab7844f49af0742085a5f15dc82c7cf1afd787421eec5e043ff0c393a9f8f885d85e8d3d212edd14b0b536e37fcb1ee1f914b6437c6984240892cfc454294e7978b76abf181ef8d5cb61c6b7c6c3a7c02dacfc6687f55301273dd293a368db959e513b99a0d502fc2fd2c3b9c599a07f30db278e5447a3b04cea66334fb5bb6b3e81ac964f9ab898562f7e7bafdffcd7afd71353edd2006b4b3ab5bf2e5b87acea4af5536415ca2120b99e17b45679712e3f9d7fc19343147354983b9a0474862de6ae85cfaee7ffe7c6fea8d3c215e30f469b262d7de63d3dbdc9dd297238973637c4511894fa6fa2b5a170aef27cda572111147ba70f2ef6d1fb8b729bcd71343045ba854d3352ac873de9b7fd889cb14f87e641b4629274f148a52cbdc254ae3e4504477dff9534089b1c04d791181fa3606956d623546589dc3d5a48bc4c69f4c878fd14205eaad487b3d3ea65479af161cf31c582128cb16e6cfffb1b85d3b4fbbe235ce26a788c72959cd120fad110e0eeef78874f9a1fb3ed337bc75c74fdcd4f9800772eb2bab1e54ae7cf755d3c8dd972c26014a4340594365226af3ba4375f4e31570bed8025b4e7086560cf6446ad6a2fc7cc3f7499b155f9974aa58a1e7e59b37dcf238f5bd44a24e459e3d17727a99761d0ae2b5fa388c204ae393919c191405d2cedc28ff461836c2f75357df2202ba438df3e9a079751a85c3ff7f59d6275954d4ab143dfb59e4276beddb2613ea8bdb04e7cc3ab95c77aa3132c2993ef9cc0047c886ee5e7699e0a91f76606dd9ddc14178b05aa36a1bf17b21093c764446780a598c236011ea7263eedf27ff03633802969046cdcf32810bfdfe5fcbfa5f607c88e0f26896cfcbb5d5af71aaa8151225b4c101c9e8566f9595e5e120dbc8d37f4c10333b8425dc0612b4149b91c248fc1828f060e9961483cc7fba5f86ba83b867aebcc67de22444c380acf5491428e39c013c91db29e03b1fafdf7726d2be79ef33e6f4b0678c815dd0872b60d63caa999b29b9a058012eb9077b6b2522fb8001ca70f837599b4855c8d07a3a1ab9867a371ae5fe920466a7a88d217ea4cc4e26d464e6e10d2d68bdd77b720b58a1891d2fcdde42a24606d5d5372001698a5873d15a77dabba79f9ae524701d5da0db2466588581ff0c44266588e9bd7fd8ed9c8fba49ca38c1648c3251f7e73635e52a12434d1ce8fdb5674a877cd2388d0076752bc5a559fe95047c637a122486af911233bd45bc1aaf9926f4e989a16952af65824f43f9d76acb9b7b4e83100f2b1d10e5d8c649eb7b539a44e5dd97acf54593652f073d10c399e873d7b7a8e34fce4d7dbc78353f60947e63e2c470bbb0aac65a0aa3ebd6f1492e9dd6ff9bcb5f752e061db0252edc5d31c90732d2c26855b7f0d83698aed5f7969ea892276d3ec05b0dd51aa24d568bcabcb48faad99288d5868a6b549ffaab117f301dfa68c498c2eac37f55b8850aa4bc16aae74bd97edb736f2c8840831d484fd1971f746d0d6e09e697259e3b3036ff3876ef2b7c0324ac71bb43f75f9c05878ba4010dcbd63c09306450fbc0e3e60978503b0ae1f9680d9d314453ea908e5d7207ae3d75cdb02e873c4f8a31589ebb5c47126c4f367f70a95626653926f994cdc64be2e2030909ed6a3574f9740811bf94fc1b69b84170f6c238acda5a7b9a4849169a43858b60356288490ec2f9b46d3717246b2fc1b6138b44eb151005290bf8d6957072ac8f426013806bd72b4f799fd21a186fa8698b438c2c419171cc5bc97aceda904618da6e4a1b7a54b1f5256216e0d4ed7c228bb73fe710d638c006c8b78e7594c56661b44b90beaa8b88a502db7458f77eb69a2b0cd6155691cf1cede692e475a79513c72eb7f98a98b375f4929f75377e66413f336df30301b039533076a6b41e0aaa03c0a99e082a260630714f349f3b22ea3e91b9b8975f5814d0f1c42810c746503f774a29c0c8af5fdb9206b14628270943e4ee24167c0ed8bae7ee91b58f05f1a8636a8b9eafe3514d9f387e71bd53d3252b99012bc5fff9f6cae1457bfb8e8ddfbfee1424e2f76c80d71610b9b050068e601e4e8a2573c692bec7b57d637efcd0a5f3853b04eeb2ad612945d5f4fbd23c387d4c075279d289aefe3728548030d42f0780dcd657aaf2766f136df67520177f0eb562c789acce4565af226a389ac1f79f7b8f391a84768468393befcf0a4d8a3ddaed47618841ce3be986fe9c67bf59e93446209802efb04fe79b657fcbac7603af902941469d61d160d1455480e48c89f9bec0b540e42cc2fe7b3aa976ffa2ba55af875a43019835e8f689ffa240f617c35c547602fc1bcb4203843673d980fb6871109a467e4fff141f500ebf2ee11f1f5b16b585c7e564f2b56100c134a0c30691263a87525a6a0fbb7beeb72320ec7de7343d503401abdbad8999bfd233aa7fa28254ff1bbd4ce4c0e7388d56199176ec4582bbd9fe0dfd35ee0cd52235de1a7fd0d2b5fe90432c4edfe16607b031f15419120ecfa517b678994b4269800962fb761ea1c08cbaf59ece2bd8a9618dd0ae1635c0c4f2b19570d97ec3deac0db081b845125b0cf4dae5cb32301dcdf614053cc0005b5be6ab91ef89dff3ec9b7aa6137b627dbd8adf2eb43fee16c7f05861854fa45d7e36bedcf4d00cc0cb9d60317ec77ef872a257c3e29c5dc28f6164e0382d5d1f75f02d67ad242aae170b6d552c7164e98eff40ea9898fea19079860125868ed91ec5379385914ef39cd523200c4f09b53d8b1911bf0c0481de3ecc30b72c6af8a28e094bde662c49dcd884dd40490d41f829bca2f4dad8371d5c6b4851e13091226e930ce8f07b72453da8f3fb1d3ca2c78fc28d3bdfb5398cc17dc962221f54370fb5eaa2b20692a0b15cb6541208d8b1ea93b207262a0257942e45f2e39f78d79c73a5efd5ba38c7b018f622dcc87e8ba82ef8efd54e69d23149b5706bf3748551cacfe19d6e689a19fd677e0f4aaf59930fff121f5d0efb6c7850fdbd6ed9edd1f8d6a4d4576e247c5220ea321deac22d5829158e92035f472c994c033e0260acde4693ece9e7ff694fac42c16f2b5a5e762b0414e484974b518dee2f601438769ba66a644474a5400ab0426c23efab7e977ce70676db7c9593e4d64c3336783c0754ba350ca63c34ee548bfb2d022e8b85934a80a62260a035d8534345290d3b2d41d967b3593385ce7be297608090368ee31ba81f5d926498bea880e52207ba45248efd1455fc9352a303ea7479be46ca30d85ad6277f1e9991f4a44609848c971d4bc7f95dadd737b09af1fe5dc5bb5d5bde7c2bd3ca3d9c5e79ddb5c78b89de1c04c5f78447edb01987266983b8b2a0a9b048a41e9a8c6e16798ddef0c7100ca84b5489de185e67ee6e9e7dfb93e270c7017c7eb9fcf52a6856aaf70f9b579e31a7d86d3e1110c8e4df5e5f4af73a92a978c309b7dd146f8b6d431ccb1205f066b4e308d01f12f1650951ac1e9e18a550e6597a0c64fda18fffe6c9a225695b8b4df3c64179dcc712ab5444a6d8cf00e9f118f79b08a1152682e81aa2f35bf332b8752fbd2dcef66149b72dd4294d26c5dad80944d2ba86f40170707e46c8c91475699cbb32b585a50eb13523ae20cb0531927ff393c9c30ad06ee21708c892a89605a3b3ff03fbd9da02e63f33412f8bf724ff16ba181f8991cb8220cb58c8464b5aef70117330987cb6807d574e1719fcb9fe8446c5b6133ba67aa0926d9c425cb7da45d0f743c22981668fda5bc214cf7557e07346a459d20e17559807885f9cbcb5456914eb4d451e2982b8ca508e07f54240705ac5394fd3d2e49bc1097347e62ca4d0db7bee9bb8f2755e2105028612f2043c9762ee22782a9aef96ee49243ec79f88b71d8bc21cd18bcf7e93701adff72688a5761316e956a453b71594d5da00f705574e57e8f11475016987f7479cf9c7097f5ce490aacb664bc4f390291f4cae84dd6ac96025601cfddd44b11beb451851c69a5cf142e7ae60b674863b3d39bb28811d4e05fe7011a28d5cdc293d27045335dc4e1d1f2bf37a608309f3aa7d329b88940220f14b13575a3ce3ef6ab781d5a931d91861d887379c72a517110efb179869bafdb02039e75d9e759c32de59646a883767708beb1c72780ddbc8d305b8aaf63e4bd06bdc10f66267dcc78f7f830672642afbe5b40c96e75553fe7a8a2d21734c5fb9568b963c6bbabcec05c6303ef2f57b7aa8ba866bc951560ff00a62a386d18da074be7c5f5ef0c5a2f7c395b3207336b92c6ce36eb03a49881e0837518a567275344ddfe5618d57df92dd0c74e3bc9b04bc267bf1d03cda4f6c19d9fae466353dc86a7ef014daeaa42cb1ac256d69b029c78685586992a4e22cbef519d845b036e9c07d619f659e33d8415d3da89f371fa0646d95c0155259fa55d3499726064af45441a1265ee1fdef50ec227d9572917092db216eb14d8b26e9375b4f408b4e8587a703a2a3379605a2c4dba33929e0c829027906357b40e5de5d5f4463394dafbf2d4cfe6f31dadf8e1dd7338809cdf13735d83daec1cb37a0f2b49eee1aaa793d0323b0e30f5283c04fe434aff3da59e9f9337fc7719631d6be73011b76e10a8315487f99c6aef0635106fd58e0a4f50cc605bffaac7be860d8800065925f3ce43634fcb7308bc88f62fc8bda294559d00fe959a874848462b988627e758e7a1b4780f3574fcd53a9b13ce907de60d7b7016d393918b244b469c9b12f8581b5970419c983729b08b5646c2def2f07db3c7892f575409e2ade99ac9590904b95a2cef48d07b14b2003d52f2e28d0d2b03f193531507e2eab732d56ebddbbd3ad6e7020d2899c92a477afd1b7408273fce53d1b89dde070522d24e22aa8379af16ab75f562f73a244391339ae618365412a1fb055f11aae0d7b17b1d9547a55e1489171bc2c19784d0c4a248eb650f331b0d975c9c7f51e4d9b59b89f325f1413414697a91cfa50ef964046ab688b02cc26f58d555b629ab3a80e484548294b810503286c9bc13bfa6b674ae52b617714497b1d894fb6aa15f6b0d649ea9380d0f00c7aa31594794ab4a1ab7dddf91e48008611d14a663fd8b64d380e77a7531e54175f"}, 0x1010, 0x4000}], 0x1, 0x404c001) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$VIDIOC_DBG_S_REGISTER(r5, 0x4038564f, &(0x7f0000000080)={{0x0, @addr=0x2}, 0x8, 0x0, 0xfffffffffffffff7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r6 = semget$private(0x0, 0x4, 0x4a6) dup(r3) semctl$GETNCNT(r6, 0x2, 0xe, &(0x7f0000000180)=""/77) 22:56:06 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xffffff7f00000000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1312.244098][T11062] device veth0_to_hsr left promiscuous mode 22:56:06 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6}, 0x10) 22:56:06 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:06 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3bb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1312.535914][T11098] device veth0_to_hsr entered promiscuous mode 22:56:07 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:07 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3bc, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1312.628965][T11089] device veth0_to_hsr left promiscuous mode [ 1312.855385][T11086] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1312.894400][T11120] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1314.404307][T11127] IPVS: ftp: loaded support on port[0] = 21 [ 1314.562296][T11127] chnl_net:caif_netlink_parms(): no params data found [ 1314.593075][T11127] bridge0: port 1(bridge_slave_0) entered blocking state [ 1314.601110][T11127] bridge0: port 1(bridge_slave_0) entered disabled state [ 1314.609406][T11127] device bridge_slave_0 entered promiscuous mode [ 1314.701279][T11127] bridge0: port 2(bridge_slave_1) entered blocking state [ 1314.708512][T11127] bridge0: port 2(bridge_slave_1) entered disabled state [ 1314.716722][T11127] device bridge_slave_1 entered promiscuous mode [ 1314.735146][T11127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1314.746989][T11127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1314.852304][T11127] team0: Port device team_slave_0 added [ 1314.859507][T11127] team0: Port device team_slave_1 added [ 1314.917460][T11127] device hsr_slave_0 entered promiscuous mode [ 1314.954262][T11127] device hsr_slave_1 entered promiscuous mode [ 1315.004240][T11127] debugfs: Directory 'hsr0' with parent '/' already present! [ 1315.100476][T11127] bridge0: port 2(bridge_slave_1) entered blocking state [ 1315.107613][T11127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1315.115037][T11127] bridge0: port 1(bridge_slave_0) entered blocking state [ 1315.122153][T11127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1315.147727][ T936] device bridge_slave_1 left promiscuous mode [ 1315.154157][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1315.185041][ T936] device bridge_slave_0 left promiscuous mode [ 1315.191342][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1317.415012][ T936] device hsr_slave_0 left promiscuous mode [ 1317.454764][ T936] device hsr_slave_1 left promiscuous mode [ 1317.506586][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1317.520584][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1317.532447][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1317.570803][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1317.635406][ T936] bond0 (unregistering): Released all slaves [ 1317.765748][ T9832] bridge0: port 1(bridge_slave_0) entered disabled state [ 1317.773739][ T9832] bridge0: port 2(bridge_slave_1) entered disabled state [ 1317.801736][T11127] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1317.816231][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1317.824828][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1317.835482][T11127] 8021q: adding VLAN 0 to HW filter on device team0 [ 1317.846373][T32497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1317.856186][T32497] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1317.864803][T32497] bridge0: port 1(bridge_slave_0) entered blocking state [ 1317.871877][T32497] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1317.931118][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1317.940044][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1317.949335][ T3516] bridge0: port 2(bridge_slave_1) entered blocking state [ 1317.956459][ T3516] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1317.985941][T11127] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1317.996678][T11127] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1318.016288][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1318.025433][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1318.034428][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1318.043252][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1318.051973][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1318.060931][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1318.069653][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1318.078265][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1318.087021][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1318.095658][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1318.106695][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1318.114913][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1318.149191][T11127] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1318.446953][T11135] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1318.457353][T11135] CPU: 1 PID: 11135 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1318.464996][T11135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1318.475069][T11135] Call Trace: [ 1318.478379][T11135] dump_stack+0x16f/0x1f0 [ 1318.482724][T11135] dump_header+0x10b/0x831 [ 1318.487153][T11135] oom_kill_process.cold+0x10/0x15 [ 1318.492279][T11135] out_of_memory+0x79a/0x12d0 [ 1318.496972][T11135] ? retint_kernel+0x10/0x10 [ 1318.501582][T11135] ? oom_killer_disable+0x280/0x280 [ 1318.506793][T11135] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 1318.512568][T11135] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1318.518131][T11135] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1318.523781][T11135] ? retint_kernel+0x10/0x10 [ 1318.528410][T11135] memory_max_write+0x262/0x3a0 [ 1318.533289][T11135] ? mem_cgroup_write+0x360/0x360 [ 1318.538331][T11135] ? lock_acquire+0x20b/0x400 [ 1318.543052][T11135] cgroup_file_write+0x307/0x790 [ 1318.548011][T11135] ? mem_cgroup_write+0x360/0x360 [ 1318.553185][T11135] ? cgroup_show_path+0x590/0x590 [ 1318.558233][T11135] ? cgroup_show_path+0x590/0x590 [ 1318.563269][T11135] kernfs_fop_write+0x2b8/0x480 [ 1318.568172][T11135] __vfs_write+0x8a/0x110 [ 1318.572511][T11135] ? kernfs_fop_open+0xd80/0xd80 [ 1318.577473][T11135] vfs_write+0x268/0x5d0 [ 1318.581756][T11135] ksys_write+0x14f/0x290 [ 1318.586116][T11135] ? __ia32_sys_read+0xb0/0xb0 [ 1318.590920][T11135] ? do_syscall_64+0x26/0x6a0 [ 1318.595635][T11135] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1318.601720][T11135] ? do_syscall_64+0x26/0x6a0 [ 1318.606427][T11135] __x64_sys_write+0x73/0xb0 [ 1318.611036][T11135] do_syscall_64+0xfd/0x6a0 [ 1318.615564][T11135] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1318.621465][T11135] RIP: 0033:0x459829 [ 1318.625373][T11135] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1318.644996][T11135] RSP: 002b:00007feb0a45fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1318.653425][T11135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1318.661411][T11135] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1318.669401][T11135] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1318.677397][T11135] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feb0a4606d4 [ 1318.685392][T11135] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1318.693804][T11135] memory: usage 5148kB, limit 0kB, failcnt 598041 [ 1318.700615][T11135] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1318.707675][T11135] Memory cgroup stats for /syz0: [ 1318.709223][T11135] anon 4374528 [ 1318.709223][T11135] file 106496 [ 1318.709223][T11135] kernel_stack 65536 [ 1318.709223][T11135] slab 724992 [ 1318.709223][T11135] sock 0 [ 1318.709223][T11135] shmem 0 [ 1318.709223][T11135] file_mapped 0 [ 1318.709223][T11135] file_dirty 0 [ 1318.709223][T11135] file_writeback 0 [ 1318.709223][T11135] anon_thp 4194304 [ 1318.709223][T11135] inactive_anon 0 [ 1318.709223][T11135] active_anon 4374528 [ 1318.709223][T11135] inactive_file 0 [ 1318.709223][T11135] active_file 0 [ 1318.709223][T11135] unevictable 0 [ 1318.709223][T11135] slab_reclaimable 270336 [ 1318.709223][T11135] slab_unreclaimable 454656 [ 1318.709223][T11135] pgfault 75207 [ 1318.709223][T11135] pgmajfault 0 [ 1318.709223][T11135] workingset_refault 0 [ 1318.709223][T11135] workingset_activate 0 [ 1318.709223][T11135] workingset_nodereclaim 0 [ 1318.709223][T11135] pgrefill 46 [ 1318.709223][T11135] pgscan 46 [ 1318.709223][T11135] pgsteal 0 [ 1318.709223][T11135] pgactivate 0 [ 1318.803864][T11135] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11133,uid=0 [ 1318.820413][T11135] Memory cgroup out of memory: Killed process 11133 (syz-executor.0) total-vm:72576kB, anon-rss:4228kB, file-rss:35808kB, shmem-rss:0kB [ 1318.837560][ T1058] oom_reaper: reaped process 11133 (syz-executor.0), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 22:56:13 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:13 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xfffffffffffff000}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:13 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000380)) 22:56:13 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x44f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:13 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 1319.243573][T11127] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1319.253626][T11127] CPU: 1 PID: 11127 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1319.261265][T11127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1319.271333][T11127] Call Trace: [ 1319.274642][T11127] dump_stack+0x16f/0x1f0 [ 1319.278991][T11127] dump_header+0x10b/0x831 [ 1319.283422][T11127] ? oom_kill_process+0x94/0x3c0 [ 1319.288381][T11127] oom_kill_process.cold+0x10/0x15 bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3bd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:13 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1319.293509][T11127] out_of_memory+0x79a/0x12d0 [ 1319.298313][T11127] ? lock_downgrade+0x920/0x920 [ 1319.303188][T11127] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1319.309006][T11127] ? oom_killer_disable+0x280/0x280 [ 1319.314203][T11127] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1319.319761][T11127] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1319.325410][T11127] ? do_raw_spin_unlock+0x57/0x270 [ 1319.331696][T11127] ? _raw_spin_unlock+0x23/0x30 [ 1319.336574][T11127] try_charge+0x1053/0x1430 [ 1319.341105][T11127] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1319.347092][T11127] ? percpu_ref_tryget_live+0x104/0x270 [ 1319.352660][T11127] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1319.358222][T11127] mem_cgroup_try_charge+0x136/0x590 [ 1319.363513][T11127] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1319.369145][T11127] wp_page_copy+0x27c/0x1380 [ 1319.373753][T11127] ? find_held_lock+0x35/0x130 [ 1319.378525][T11127] ? pmd_pfn+0x1d0/0x1d0 [ 1319.382790][T11127] ? lock_downgrade+0x920/0x920 [ 1319.387636][T11127] ? swp_swapcount+0x520/0x520 [ 1319.392393][T11127] ? __kasan_check_read+0x11/0x20 [ 1319.397436][T11127] ? do_raw_spin_unlock+0x57/0x270 [ 1319.402567][T11127] do_wp_page+0x499/0x14d0 [ 1319.407001][T11127] ? finish_mkwrite_fault+0x570/0x570 [ 1319.412390][T11127] __handle_mm_fault+0x2120/0x3ce0 [ 1319.417506][T11127] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1319.423052][T11127] ? handle_mm_fault+0x294/0xa90 [ 1319.427995][T11127] ? handle_mm_fault+0x675/0xa90 [ 1319.432941][T11127] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1319.438237][T11127] handle_mm_fault+0x3bb/0xa90 [ 1319.443014][T11127] __do_page_fault+0x536/0xdd0 [ 1319.447791][T11127] do_page_fault+0x38/0x536 [ 1319.452280][T11127] page_fault+0x39/0x40 [ 1319.456425][T11127] RIP: 0033:0x430906 [ 1319.460324][T11127] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1319.479940][T11127] RSP: 002b:00007ffc5b4cd120 EFLAGS: 00010206 [ 1319.486006][T11127] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1319.493986][T11127] RDX: 00005555567b9930 RSI: 00005555567c1970 RDI: 0000000000000003 [ 1319.501969][T11127] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555567b8940 [ 1319.509953][T11127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1319.517924][T11127] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1319.526440][T11127] memory: usage 768kB, limit 0kB, failcnt 598049 [ 1319.532794][T11127] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1319.539725][T11127] Memory cgroup stats for /syz0: [ 1319.539841][T11127] anon 57344 [ 1319.539841][T11127] file 106496 [ 1319.539841][T11127] kernel_stack 0 [ 1319.539841][T11127] slab 724992 [ 1319.539841][T11127] sock 0 [ 1319.539841][T11127] shmem 0 [ 1319.539841][T11127] file_mapped 0 [ 1319.539841][T11127] file_dirty 0 [ 1319.539841][T11127] file_writeback 0 [ 1319.539841][T11127] anon_thp 0 [ 1319.539841][T11127] inactive_anon 0 [ 1319.539841][T11127] active_anon 57344 [ 1319.539841][T11127] inactive_file 0 [ 1319.539841][T11127] active_file 0 [ 1319.539841][T11127] unevictable 0 [ 1319.539841][T11127] slab_reclaimable 270336 [ 1319.539841][T11127] slab_unreclaimable 454656 [ 1319.539841][T11127] pgfault 75207 [ 1319.539841][T11127] pgmajfault 0 [ 1319.539841][T11127] workingset_refault 0 [ 1319.539841][T11127] workingset_activate 0 [ 1319.539841][T11127] workingset_nodereclaim 0 [ 1319.539841][T11127] pgrefill 46 [ 1319.539841][T11127] pgscan 46 [ 1319.539841][T11127] pgsteal 0 [ 1319.539841][T11127] pgactivate 0 [ 1319.632913][T11127] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11127,uid=0 [ 1319.648439][T11127] Memory cgroup out of memory: Killed process 11127 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1319.662964][ T1058] oom_reaper: reaped process 11127 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:56:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3be, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x450, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:14 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x1) pwrite64(r1, &(0x7f0000000300)="1ecd7507dcb40a971ee04c23b36100a873050223d353e91f42c427d0b386b884516fc374df341aaa8e58b3606b9a4ae510a2e3117b7731abc2c40ebb63613e8992eed7149395029d26b579945a8e621b0cf135524777b3b0d400c0f7e3cd0a366a3a2243835badc0bfd90ae81d506799a8057e98fe6708e1fa791dfcb22cfefa414b009193ef6d5a4048548e724b56c525d7b8", 0x93, 0x0) 22:56:14 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x2}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3bf, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x451, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x452, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCGSND(r1, 0x8040451a, 0x0) 22:56:15 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) write$vnet(r4, &(0x7f00000005c0)={0x1, {&(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000440)=""/116, 0x1, 0x5}}, 0x68) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:56:15 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x3}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:15 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x453, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r5, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r4, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r7 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x40) gettid() openat$cgroup_ro(r3, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r8 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r8, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r7, &(0x7f00000003c0)=0x100, 0x12) 22:56:15 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:15 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x454, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:15 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x4}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1321.712511][T11229] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1321.722976][T11229] CPU: 0 PID: 11229 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1321.730911][T11229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1321.740986][T11229] Call Trace: [ 1321.741022][T11229] dump_stack+0x16f/0x1f0 [ 1321.741057][T11229] dump_header+0x10b/0x831 [ 1321.741087][T11229] oom_kill_process.cold+0x10/0x15 [ 1321.741112][T11229] out_of_memory+0x79a/0x12d0 [ 1321.741139][T11229] ? retint_kernel+0x10/0x10 [ 1321.767968][T11229] ? oom_killer_disable+0x280/0x280 [ 1321.773242][T11229] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1321.778925][T11229] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1321.784605][T11229] ? cgroup_file_notify+0x140/0x1b0 [ 1321.789854][T11229] memory_max_write+0x262/0x3a0 [ 1321.794745][T11229] ? mem_cgroup_write+0x360/0x360 [ 1321.799803][T11229] ? lock_acquire+0x20b/0x400 [ 1321.804524][T11229] cgroup_file_write+0x307/0x790 [ 1321.809517][T11229] ? mem_cgroup_write+0x360/0x360 [ 1321.814568][T11229] ? cgroup_show_path+0x590/0x590 [ 1321.819633][T11229] ? cgroup_show_path+0x590/0x590 [ 1321.824679][T11229] kernfs_fop_write+0x2b8/0x480 [ 1321.829586][T11229] __vfs_write+0x8a/0x110 [ 1321.833930][T11229] ? kernfs_fop_open+0xd80/0xd80 [ 1321.838900][T11229] vfs_write+0x268/0x5d0 [ 1321.843172][T11229] ksys_write+0x14f/0x290 [ 1321.847525][T11229] ? __ia32_sys_read+0xb0/0xb0 [ 1321.852320][T11229] ? do_syscall_64+0x26/0x6a0 [ 1321.857050][T11229] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1321.863145][T11229] ? do_syscall_64+0x26/0x6a0 [ 1321.867859][T11229] __x64_sys_write+0x73/0xb0 [ 1321.872478][T11229] do_syscall_64+0xfd/0x6a0 [ 1321.877022][T11229] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1321.882944][T11229] RIP: 0033:0x459829 [ 1321.886853][T11229] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1321.906477][T11229] RSP: 002b:00007f40bc97ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1321.914913][T11229] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1321.922914][T11229] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1321.930911][T11229] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1321.938910][T11229] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f40bc97f6d4 [ 1321.946919][T11229] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1321.956211][T11229] memory: usage 12224kB, limit 0kB, failcnt 82 [ 1321.962700][T11229] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1321.970881][T11229] Memory cgroup stats for /syz4: [ 1321.971505][T11229] anon 8671232 [ 1321.971505][T11229] file 118784 [ 1321.971505][T11229] kernel_stack 131072 [ 1321.971505][T11229] slab 2990080 [ 1321.971505][T11229] sock 0 [ 1321.971505][T11229] shmem 77824 [ 1321.971505][T11229] file_mapped 135168 [ 1321.971505][T11229] file_dirty 0 [ 1321.971505][T11229] file_writeback 0 [ 1321.971505][T11229] anon_thp 8388608 [ 1321.971505][T11229] inactive_anon 135168 [ 1321.971505][T11229] active_anon 8671232 [ 1321.971505][T11229] inactive_file 0 [ 1321.971505][T11229] active_file 0 [ 1321.971505][T11229] unevictable 0 [ 1321.971505][T11229] slab_reclaimable 1216512 [ 1321.971505][T11229] slab_unreclaimable 1773568 [ 1321.971505][T11229] pgfault 73986 [ 1321.971505][T11229] pgmajfault 0 [ 1321.971505][T11229] workingset_refault 0 [ 1321.971505][T11229] workingset_activate 0 [ 1321.971505][T11229] workingset_nodereclaim 0 [ 1321.971505][T11229] pgrefill 0 [ 1321.971505][T11229] pgscan 0 22:56:16 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:16 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x455, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1321.971505][T11229] pgsteal 0 [ 1321.971505][T11229] pgactivate 0 [ 1322.067790][T11229] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11227,uid=0 [ 1322.083827][T11229] Memory cgroup out of memory: Killed process 11227 (syz-executor.4) total-vm:72704kB, anon-rss:4248kB, file-rss:35836kB, shmem-rss:0kB [ 1322.103495][ T1058] oom_reaper: reaped process 11227 (syz-executor.4), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB 22:56:16 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x456, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:17 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:17 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x457, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:17 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x5}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:17 executing program 1: vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000003980)={@rand_addr, 0x0}, &(0x7f00000039c0)=0x14) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000003a00)={@dev={0xac, 0x14, 0x14, 0x1e}, @multicast2, r4}, 0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1323.424512][T10557] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1323.435839][T10557] CPU: 0 PID: 10557 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1323.443489][T10557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1323.453560][T10557] Call Trace: [ 1323.456873][T10557] dump_stack+0x16f/0x1f0 [ 1323.461222][T10557] dump_header+0x10b/0x831 [ 1323.465641][T10557] ? oom_kill_process+0x94/0x3c0 [ 1323.470591][T10557] oom_kill_process.cold+0x10/0x15 [ 1323.475712][T10557] out_of_memory+0x79a/0x12d0 [ 1323.480392][T10557] ? lock_downgrade+0x920/0x920 [ 1323.485254][T10557] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1323.491073][T10557] ? oom_killer_disable+0x280/0x280 [ 1323.496280][T10557] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1323.496296][T10557] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1323.496315][T10557] ? do_raw_spin_unlock+0x57/0x270 [ 1323.496332][T10557] ? _raw_spin_unlock+0x23/0x30 [ 1323.496349][T10557] try_charge+0x1053/0x1430 [ 1323.496367][T10557] ? __lock_acquire+0x7b0/0x4c30 [ 1323.496385][T10557] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1323.496401][T10557] ? cache_grow_begin+0x124/0xc90 [ 1323.496417][T10557] ? find_held_lock+0x35/0x130 [ 1323.496435][T10557] ? cache_grow_begin+0x124/0xc90 [ 1323.547513][T10557] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1323.552980][T10557] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1323.558365][T10557] cache_grow_begin+0x601/0xc90 [ 1323.563220][T10557] ? write_comp_data+0x31/0x70 [ 1323.567988][T10557] ? mempolicy_slab_node+0x139/0x390 [ 1323.573286][T10557] fallback_alloc+0x1fd/0x2d0 [ 1323.577976][T10557] ____cache_alloc_node+0x1bc/0x1d0 [ 1323.583179][T10557] ? trace_hardirqs_off+0x62/0x210 [ 1323.588302][T10557] kmem_cache_alloc+0x1e8/0x700 [ 1323.593226][T10557] ? inet_create+0x2f4/0xe00 [ 1323.597829][T10557] ? __sock_create+0x386/0x740 [ 1323.602616][T10557] sk_prot_alloc+0x67/0x310 [ 1323.607135][T10557] sk_alloc+0x39/0xf60 [ 1323.611218][T10557] inet_create+0x36c/0xe00 [ 1323.615654][T10557] __sock_create+0x3de/0x740 [ 1323.620255][T10557] ? _raw_spin_unlock_irq+0x28/0x70 [ 1323.625471][T10557] __sys_socket+0x103/0x220 [ 1323.629981][T10557] ? move_addr_to_kernel+0x80/0x80 [ 1323.635128][T10557] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1323.640596][T10557] ? do_syscall_64+0x26/0x6a0 [ 1323.645277][T10557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1323.651342][T10557] ? do_syscall_64+0x26/0x6a0 [ 1323.651364][T10557] __x64_sys_socket+0x73/0xb0 [ 1323.660709][T10557] do_syscall_64+0xfd/0x6a0 [ 1323.665226][T10557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1323.671119][T10557] RIP: 0033:0x45c377 [ 1323.675020][T10557] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1323.694738][T10557] RSP: 002b:00007ffeac0863c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1323.703155][T10557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c377 [ 1323.711131][T10557] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 1323.719106][T10557] RBP: 000000000000003f R08: 0000000000000000 R09: 000000000000000a [ 1323.727079][T10557] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 1323.735059][T10557] R13: 00007ffeac086ae0 R14: 000000000014292d R15: 00007ffeac086af0 [ 1323.743136][T10557] memory: usage 7776kB, limit 0kB, failcnt 98 [ 1323.749262][T10557] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1323.756185][T10557] Memory cgroup stats for /syz4: [ 1323.756306][T10557] anon 4403200 [ 1323.756306][T10557] file 118784 [ 1323.756306][T10557] kernel_stack 131072 [ 1323.756306][T10557] slab 2990080 [ 1323.756306][T10557] sock 0 [ 1323.756306][T10557] shmem 77824 [ 1323.756306][T10557] file_mapped 135168 [ 1323.756306][T10557] file_dirty 0 [ 1323.756306][T10557] file_writeback 0 [ 1323.756306][T10557] anon_thp 4194304 [ 1323.756306][T10557] inactive_anon 135168 [ 1323.756306][T10557] active_anon 4403200 [ 1323.756306][T10557] inactive_file 0 [ 1323.756306][T10557] active_file 0 [ 1323.756306][T10557] unevictable 0 [ 1323.756306][T10557] slab_reclaimable 1216512 [ 1323.756306][T10557] slab_unreclaimable 1773568 [ 1323.756306][T10557] pgfault 73986 [ 1323.756306][T10557] pgmajfault 0 [ 1323.756306][T10557] workingset_refault 0 [ 1323.756306][T10557] workingset_activate 0 [ 1323.756306][T10557] workingset_nodereclaim 0 [ 1323.756306][T10557] pgrefill 0 [ 1323.756306][T10557] pgscan 0 [ 1323.756306][T10557] pgsteal 0 [ 1323.756306][T10557] pgactivate 0 [ 1323.852200][T10557] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11155,uid=0 [ 1323.867740][T10557] Memory cgroup out of memory: Killed process 11155 (syz-executor.4) total-vm:72704kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB [ 1323.883278][T10557] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1323.894390][T10557] CPU: 0 PID: 10557 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1323.902024][T10557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1323.912125][T10557] Call Trace: [ 1323.915428][T10557] dump_stack+0x16f/0x1f0 [ 1323.919772][T10557] dump_header+0x10b/0x831 [ 1323.924199][T10557] ? oom_kill_process+0x94/0x3c0 [ 1323.929147][T10557] oom_kill_process.cold+0x10/0x15 [ 1323.934265][T10557] out_of_memory+0x79a/0x12d0 [ 1323.938947][T10557] ? lock_downgrade+0x920/0x920 [ 1323.943832][T10557] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1323.949654][T10557] ? oom_killer_disable+0x280/0x280 [ 1323.954868][T10557] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1323.960420][T10557] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1323.966073][T10557] ? do_raw_spin_unlock+0x57/0x270 [ 1323.971193][T10557] ? _raw_spin_unlock+0x23/0x30 [ 1323.976063][T10557] try_charge+0x1053/0x1430 [ 1323.980567][T10557] ? __lock_acquire+0x7b0/0x4c30 [ 1323.985509][T10557] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1323.991055][T10557] ? cache_grow_begin+0x124/0xc90 [ 1323.996064][T10557] ? find_held_lock+0x35/0x130 [ 1324.000811][T10557] ? cache_grow_begin+0x124/0xc90 [ 1324.006098][T10557] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1324.011552][T10557] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1324.016911][T10557] cache_grow_begin+0x601/0xc90 [ 1324.021741][T10557] ? write_comp_data+0x31/0x70 [ 1324.026502][T10557] ? mempolicy_slab_node+0x139/0x390 [ 1324.031781][T10557] fallback_alloc+0x1fd/0x2d0 [ 1324.036443][T10557] ____cache_alloc_node+0x1bc/0x1d0 [ 1324.041621][T10557] ? trace_hardirqs_off+0x62/0x210 [ 1324.046730][T10557] kmem_cache_alloc+0x1e8/0x700 [ 1324.051590][T10557] ? inet_create+0x2f4/0xe00 [ 1324.056184][T10557] ? __sock_create+0x386/0x740 [ 1324.060947][T10557] sk_prot_alloc+0x67/0x310 [ 1324.065462][T10557] sk_alloc+0x39/0xf60 [ 1324.069529][T10557] inet_create+0x36c/0xe00 [ 1324.074348][T10557] __sock_create+0x3de/0x740 [ 1324.078949][T10557] ? _raw_spin_unlock_irq+0x28/0x70 [ 1324.084146][T10557] __sys_socket+0x103/0x220 [ 1324.088662][T10557] ? move_addr_to_kernel+0x80/0x80 [ 1324.093777][T10557] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1324.099394][T10557] ? do_syscall_64+0x26/0x6a0 [ 1324.104078][T10557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1324.110137][T10557] ? do_syscall_64+0x26/0x6a0 [ 1324.114817][T10557] __x64_sys_socket+0x73/0xb0 [ 1324.119506][T10557] do_syscall_64+0xfd/0x6a0 [ 1324.124020][T10557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1324.129910][T10557] RIP: 0033:0x45c377 [ 1324.133785][T10557] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1324.153378][T10557] RSP: 002b:00007ffeac0863c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1324.161777][T10557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c377 [ 1324.169738][T10557] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 1324.177699][T10557] RBP: 000000000000003f R08: 0000000000000000 R09: 000000000000000a [ 1324.185669][T10557] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 1324.193663][T10557] R13: 00007ffeac086ae0 R14: 000000000014292d R15: 00007ffeac086af0 [ 1324.201704][T10557] memory: usage 5468kB, limit 0kB, failcnt 104 [ 1324.207910][T10557] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1324.214816][T10557] Memory cgroup stats for /syz4: [ 1324.214939][T10557] anon 2322432 [ 1324.214939][T10557] file 118784 [ 1324.214939][T10557] kernel_stack 65536 [ 1324.214939][T10557] slab 2990080 [ 1324.214939][T10557] sock 0 [ 1324.214939][T10557] shmem 77824 [ 1324.214939][T10557] file_mapped 135168 [ 1324.214939][T10557] file_dirty 0 [ 1324.214939][T10557] file_writeback 0 [ 1324.214939][T10557] anon_thp 2097152 [ 1324.214939][T10557] inactive_anon 135168 [ 1324.214939][T10557] active_anon 2322432 [ 1324.214939][T10557] inactive_file 0 [ 1324.214939][T10557] active_file 0 [ 1324.214939][T10557] unevictable 0 [ 1324.214939][T10557] slab_reclaimable 1216512 [ 1324.214939][T10557] slab_unreclaimable 1773568 [ 1324.214939][T10557] pgfault 73986 [ 1324.214939][T10557] pgmajfault 0 [ 1324.214939][T10557] workingset_refault 0 [ 1324.214939][T10557] workingset_activate 0 [ 1324.214939][T10557] workingset_nodereclaim 0 [ 1324.214939][T10557] pgrefill 0 [ 1324.214939][T10557] pgscan 0 [ 1324.214939][T10557] pgsteal 0 [ 1324.214939][T10557] pgactivate 0 [ 1324.310578][T10557] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11147,uid=0 [ 1324.331546][T10557] Memory cgroup out of memory: Killed process 11147 (syz-executor.4) total-vm:72572kB, anon-rss:2192kB, file-rss:34816kB, shmem-rss:0kB [ 1324.346926][ T1058] oom_reaper: reaped process 11147 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1324.347005][T10557] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1324.369144][T10557] CPU: 0 PID: 10557 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1324.376783][T10557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1324.386933][T10557] Call Trace: [ 1324.390230][T10557] dump_stack+0x16f/0x1f0 [ 1324.394561][T10557] dump_header+0x10b/0x831 [ 1324.398994][T10557] ? oom_kill_process+0x94/0x3c0 [ 1324.403924][T10557] oom_kill_process.cold+0x10/0x15 [ 1324.409037][T10557] out_of_memory+0x79a/0x12d0 [ 1324.413715][T10557] ? lock_downgrade+0x920/0x920 [ 1324.418554][T10557] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1324.424372][T10557] ? oom_killer_disable+0x280/0x280 [ 1324.430425][T10557] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1324.435971][T10557] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1324.442131][T10557] ? do_raw_spin_unlock+0x57/0x270 [ 1324.447239][T10557] ? _raw_spin_unlock+0x23/0x30 [ 1324.452080][T10557] try_charge+0x1053/0x1430 [ 1324.456583][T10557] ? __lock_acquire+0x7b0/0x4c30 [ 1324.461524][T10557] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1324.467081][T10557] ? cache_grow_begin+0x124/0xc90 [ 1324.472104][T10557] ? find_held_lock+0x35/0x130 [ 1324.476850][T10557] ? cache_grow_begin+0x124/0xc90 [ 1324.481859][T10557] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1324.487298][T10557] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1324.492654][T10557] cache_grow_begin+0x601/0xc90 [ 1324.497497][T10557] ? write_comp_data+0x31/0x70 [ 1324.502242][T10557] ? mempolicy_slab_node+0x139/0x390 [ 1324.507519][T10557] fallback_alloc+0x1fd/0x2d0 [ 1324.512182][T10557] ____cache_alloc_node+0x1bc/0x1d0 [ 1324.517364][T10557] ? trace_hardirqs_off+0x62/0x210 [ 1324.522459][T10557] kmem_cache_alloc+0x1e8/0x700 [ 1324.527292][T10557] ? inet_create+0x2f4/0xe00 [ 1324.531863][T10557] ? __sock_create+0x386/0x740 [ 1324.536624][T10557] sk_prot_alloc+0x67/0x310 [ 1324.541121][T10557] sk_alloc+0x39/0xf60 [ 1324.545185][T10557] inet_create+0x36c/0xe00 [ 1324.549600][T10557] __sock_create+0x3de/0x740 [ 1324.554182][T10557] ? _raw_spin_unlock_irq+0x28/0x70 [ 1324.559379][T10557] __sys_socket+0x103/0x220 [ 1324.563865][T10557] ? move_addr_to_kernel+0x80/0x80 [ 1324.568981][T10557] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1324.574466][T10557] ? do_syscall_64+0x26/0x6a0 [ 1324.579150][T10557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1324.585220][T10557] ? do_syscall_64+0x26/0x6a0 [ 1324.589902][T10557] __x64_sys_socket+0x73/0xb0 [ 1324.594578][T10557] do_syscall_64+0xfd/0x6a0 [ 1324.599082][T10557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1324.604961][T10557] RIP: 0033:0x45c377 [ 1324.608865][T10557] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1324.628463][T10557] RSP: 002b:00007ffeac0863c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1324.636860][T10557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c377 [ 1324.644825][T10557] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 1324.652792][T10557] RBP: 000000000000003f R08: 0000000000000000 R09: 000000000000000a [ 1324.660746][T10557] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 1324.668715][T10557] R13: 00007ffeac086ae0 R14: 000000000014292d R15: 00007ffeac086af0 [ 1324.676755][T10557] memory: usage 3144kB, limit 0kB, failcnt 110 [ 1324.682911][T10557] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1324.689792][T10557] Memory cgroup stats for /syz4: [ 1324.689907][T10557] anon 110592 [ 1324.689907][T10557] file 118784 [ 1324.689907][T10557] kernel_stack 65536 [ 1324.689907][T10557] slab 2990080 [ 1324.689907][T10557] sock 0 [ 1324.689907][T10557] shmem 77824 [ 1324.689907][T10557] file_mapped 135168 [ 1324.689907][T10557] file_dirty 0 [ 1324.689907][T10557] file_writeback 0 [ 1324.689907][T10557] anon_thp 0 [ 1324.689907][T10557] inactive_anon 135168 [ 1324.689907][T10557] active_anon 110592 [ 1324.689907][T10557] inactive_file 0 [ 1324.689907][T10557] active_file 0 [ 1324.689907][T10557] unevictable 0 [ 1324.689907][T10557] slab_reclaimable 1216512 [ 1324.689907][T10557] slab_unreclaimable 1773568 [ 1324.689907][T10557] pgfault 73986 [ 1324.689907][T10557] pgmajfault 0 [ 1324.689907][T10557] workingset_refault 0 [ 1324.689907][T10557] workingset_activate 0 [ 1324.689907][T10557] workingset_nodereclaim 0 [ 1324.689907][T10557] pgrefill 0 [ 1324.689907][T10557] pgscan 0 [ 1324.689907][T10557] pgsteal 0 [ 1324.689907][T10557] pgactivate 0 [ 1324.784780][T10557] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10557,uid=0 [ 1324.800374][T10557] Memory cgroup out of memory: Killed process 10557 (syz-executor.4) total-vm:72440kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB [ 1324.815618][ T1058] oom_reaper: reaped process 10557 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 1324.843351][T11300] IPVS: ftp: loaded support on port[0] = 21 [ 1325.400871][T11300] chnl_net:caif_netlink_parms(): no params data found [ 1325.432100][T11300] bridge0: port 1(bridge_slave_0) entered blocking state [ 1325.439418][T11300] bridge0: port 1(bridge_slave_0) entered disabled state [ 1325.447155][T11300] device bridge_slave_0 entered promiscuous mode [ 1325.541500][T11300] bridge0: port 2(bridge_slave_1) entered blocking state [ 1325.548720][T11300] bridge0: port 2(bridge_slave_1) entered disabled state [ 1325.556477][T11300] device bridge_slave_1 entered promiscuous mode [ 1325.579055][T11300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1325.590192][T11300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1325.613114][T11300] team0: Port device team_slave_0 added [ 1325.620575][T11300] team0: Port device team_slave_1 added [ 1325.777301][T11300] device hsr_slave_0 entered promiscuous mode [ 1325.824715][T11300] device hsr_slave_1 entered promiscuous mode [ 1325.863993][T11300] debugfs: Directory 'hsr0' with parent '/' already present! [ 1325.971632][T11300] bridge0: port 2(bridge_slave_1) entered blocking state [ 1325.978787][T11300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1325.986184][T11300] bridge0: port 1(bridge_slave_0) entered blocking state [ 1325.993250][T11300] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1326.015883][ T936] device bridge_slave_1 left promiscuous mode [ 1326.022079][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1326.065145][ T936] device bridge_slave_0 left promiscuous mode [ 1326.071323][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1328.164318][ T936] device hsr_slave_0 left promiscuous mode [ 1328.204080][ T936] device hsr_slave_1 left promiscuous mode [ 1328.271592][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1328.284582][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1328.302522][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1328.329596][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1328.404915][ T936] bond0 (unregistering): Released all slaves [ 1328.515462][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state [ 1328.523372][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 1328.544899][T11300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1328.562312][T11300] 8021q: adding VLAN 0 to HW filter on device team0 [ 1328.569392][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1328.577891][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1328.595430][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1328.604160][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1328.612434][ T2624] bridge0: port 1(bridge_slave_0) entered blocking state [ 1328.619543][ T2624] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1328.627732][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1328.636444][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1328.644880][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state [ 1328.651922][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1328.659607][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1328.668250][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1328.684160][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1328.692911][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1328.701573][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1328.710314][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1328.726929][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1328.735004][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1328.743382][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1328.751745][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1328.760130][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1328.769977][T11300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1328.850901][T11300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1329.128928][T11308] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1329.139580][T11308] CPU: 0 PID: 11308 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1329.147244][T11308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1329.157336][T11308] Call Trace: [ 1329.160659][T11308] dump_stack+0x16f/0x1f0 [ 1329.165022][T11308] dump_header+0x10b/0x831 [ 1329.169482][T11308] oom_kill_process.cold+0x10/0x15 [ 1329.174651][T11308] out_of_memory+0x79a/0x12d0 [ 1329.179361][T11308] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1329.185021][T11308] ? cgroup_file_notify+0x140/0x1b0 [ 1329.190271][T11308] ? oom_killer_disable+0x280/0x280 [ 1329.195535][T11308] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1329.201239][T11308] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1329.206927][T11308] ? cgroup_file_notify+0x140/0x1b0 [ 1329.212169][T11308] memory_max_write+0x262/0x3a0 [ 1329.217074][T11308] ? mem_cgroup_write+0x360/0x360 [ 1329.222144][T11308] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1329.227641][T11308] cgroup_file_write+0x307/0x790 [ 1329.232604][T11308] ? mem_cgroup_write+0x360/0x360 [ 1329.237664][T11308] ? cgroup_show_path+0x590/0x590 [ 1329.242723][T11308] ? cgroup_show_path+0x590/0x590 [ 1329.247770][T11308] kernfs_fop_write+0x2b8/0x480 [ 1329.252653][T11308] __vfs_write+0x8a/0x110 [ 1329.257024][T11308] ? kernfs_fop_open+0xd80/0xd80 [ 1329.262040][T11308] vfs_write+0x268/0x5d0 [ 1329.266333][T11308] ksys_write+0x14f/0x290 [ 1329.270700][T11308] ? __ia32_sys_read+0xb0/0xb0 [ 1329.275502][T11308] ? do_syscall_64+0x26/0x6a0 [ 1329.280211][T11308] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1329.286314][T11308] ? do_syscall_64+0x26/0x6a0 [ 1329.291030][T11308] __x64_sys_write+0x73/0xb0 [ 1329.295663][T11308] do_syscall_64+0xfd/0x6a0 [ 1329.300207][T11308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1329.306124][T11308] RIP: 0033:0x459829 [ 1329.310051][T11308] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1329.331187][T11308] RSP: 002b:00007feace0c7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1329.339636][T11308] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1329.347635][T11308] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1329.355654][T11308] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1329.363660][T11308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feace0c86d4 [ 1329.371658][T11308] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1329.380057][T11308] memory: usage 5148kB, limit 0kB, failcnt 598050 [ 1329.386642][T11308] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1329.393782][T11308] Memory cgroup stats for /syz0: [ 1329.394704][T11308] anon 4259840 [ 1329.394704][T11308] file 106496 [ 1329.394704][T11308] kernel_stack 65536 [ 1329.394704][T11308] slab 724992 [ 1329.394704][T11308] sock 0 [ 1329.394704][T11308] shmem 0 [ 1329.394704][T11308] file_mapped 0 [ 1329.394704][T11308] file_dirty 0 [ 1329.394704][T11308] file_writeback 0 [ 1329.394704][T11308] anon_thp 4194304 [ 1329.394704][T11308] inactive_anon 0 [ 1329.394704][T11308] active_anon 4259840 [ 1329.394704][T11308] inactive_file 0 [ 1329.394704][T11308] active_file 0 [ 1329.394704][T11308] unevictable 0 [ 1329.394704][T11308] slab_reclaimable 270336 [ 1329.394704][T11308] slab_unreclaimable 454656 [ 1329.394704][T11308] pgfault 75306 [ 1329.394704][T11308] pgmajfault 0 [ 1329.394704][T11308] workingset_refault 0 [ 1329.394704][T11308] workingset_activate 0 [ 1329.394704][T11308] workingset_nodereclaim 0 [ 1329.394704][T11308] pgrefill 46 [ 1329.394704][T11308] pgscan 46 [ 1329.394704][T11308] pgsteal 0 [ 1329.394704][T11308] pgactivate 0 [ 1329.489588][T11308] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11307,uid=0 [ 1329.505922][T11308] Memory cgroup out of memory: Killed process 11307 (syz-executor.0) total-vm:72576kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB [ 1329.523843][ T1058] oom_reaper: reaped process 11307 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1330.176305][T11300] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1330.186376][T11300] CPU: 1 PID: 11300 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1330.194008][T11300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1330.204064][T11300] Call Trace: [ 1330.207365][T11300] dump_stack+0x16f/0x1f0 [ 1330.211698][T11300] dump_header+0x10b/0x831 [ 1330.216114][T11300] ? oom_kill_process+0x94/0x3c0 [ 1330.221055][T11300] oom_kill_process.cold+0x10/0x15 22:56:24 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r5, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r4, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r7 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x40) gettid() openat$cgroup_ro(r3, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r8 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r8, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r7, &(0x7f00000003c0)=0x100, 0x12) 22:56:24 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:24 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x458, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:24 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:24 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x6}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:24 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f00000005c0)="0f72cd47b2d342d4b8fd968d669a7d2c508971021f945957de3c89c09c5db712561fdae88d01bbb9f43d59fa71af27e5f4a0a429620392f575117c40c7a1194287a4e62d4bf765e113299b6df0a6b4", 0xfffffffffffffff4) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1330.226177][T11300] out_of_memory+0x79a/0x12d0 [ 1330.230863][T11300] ? lock_downgrade+0x920/0x920 [ 1330.235721][T11300] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1330.241528][T11300] ? oom_killer_disable+0x280/0x280 [ 1330.246749][T11300] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1330.252318][T11300] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1330.257962][T11300] ? do_raw_spin_unlock+0x57/0x270 [ 1330.263081][T11300] ? _raw_spin_unlock+0x23/0x30 [ 1330.267943][T11300] try_charge+0x1053/0x1430 [ 1330.272460][T11300] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1330.278012][T11300] ? percpu_ref_tryget_live+0x104/0x270 [ 1330.283586][T11300] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1330.289141][T11300] mem_cgroup_try_charge+0x136/0x590 [ 1330.294446][T11300] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1330.300088][T11300] wp_page_copy+0x27c/0x1380 [ 1330.304687][T11300] ? find_held_lock+0x35/0x130 [ 1330.309458][T11300] ? pmd_pfn+0x1d0/0x1d0 [ 1330.313705][T11300] ? lock_downgrade+0x920/0x920 [ 1330.318573][T11300] ? swp_swapcount+0x520/0x520 [ 1330.323353][T11300] ? __kasan_check_read+0x11/0x20 [ 1330.328386][T11300] ? do_raw_spin_unlock+0x57/0x270 [ 1330.333516][T11300] do_wp_page+0x499/0x14d0 [ 1330.337975][T11300] ? finish_mkwrite_fault+0x570/0x570 [ 1330.343372][T11300] __handle_mm_fault+0x2120/0x3ce0 [ 1330.348522][T11300] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1330.354091][T11300] ? handle_mm_fault+0x294/0xa90 [ 1330.359062][T11300] ? handle_mm_fault+0x675/0xa90 [ 1330.364101][T11300] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1330.369402][T11300] handle_mm_fault+0x3bb/0xa90 [ 1330.374181][T11300] __do_page_fault+0x536/0xdd0 [ 1330.378992][T11300] do_page_fault+0x38/0x536 [ 1330.383512][T11300] page_fault+0x39/0x40 [ 1330.387681][T11300] RIP: 0033:0x430906 [ 1330.391637][T11300] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1330.411254][T11300] RSP: 002b:00007ffe853c37d0 EFLAGS: 00010206 [ 1330.417434][T11300] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1330.425441][T11300] RDX: 000055555666a930 RSI: 0000555556672970 RDI: 0000000000000003 [ 1330.433412][T11300] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555556669940 [ 1330.442765][T11300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1330.450736][T11300] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1330.459430][T11300] memory: usage 764kB, limit 0kB, failcnt 598058 [ 1330.465811][T11300] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1330.472659][T11300] Memory cgroup stats for /syz0: [ 1330.472759][T11300] anon 0 [ 1330.472759][T11300] file 106496 [ 1330.472759][T11300] kernel_stack 0 [ 1330.472759][T11300] slab 724992 [ 1330.472759][T11300] sock 0 [ 1330.472759][T11300] shmem 0 [ 1330.472759][T11300] file_mapped 0 [ 1330.472759][T11300] file_dirty 0 [ 1330.472759][T11300] file_writeback 0 [ 1330.472759][T11300] anon_thp 0 [ 1330.472759][T11300] inactive_anon 0 [ 1330.472759][T11300] active_anon 0 [ 1330.472759][T11300] inactive_file 0 [ 1330.472759][T11300] active_file 0 [ 1330.472759][T11300] unevictable 0 [ 1330.472759][T11300] slab_reclaimable 270336 [ 1330.472759][T11300] slab_unreclaimable 454656 [ 1330.472759][T11300] pgfault 75306 [ 1330.472759][T11300] pgmajfault 0 [ 1330.472759][T11300] workingset_refault 0 [ 1330.472759][T11300] workingset_activate 0 [ 1330.472759][T11300] workingset_nodereclaim 0 [ 1330.472759][T11300] pgrefill 46 [ 1330.472759][T11300] pgscan 46 [ 1330.472759][T11300] pgsteal 0 [ 1330.472759][T11300] pgactivate 0 [ 1330.472759][T11300] pgdeactivate 46 [ 1330.569020][T11300] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11300,uid=0 [ 1330.584534][T11300] Memory cgroup out of memory: Killed process 11300 (syz-executor.0) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB [ 1330.600561][ T1058] oom_reaper: reaped process 11300 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:56:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x459, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:25 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x7}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:25 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:26 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:26 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r5, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r4, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r7 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x40) gettid() openat$cgroup_ro(r3, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r8 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r8, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r7, &(0x7f00000003c0)=0x100, 0x12) 22:56:26 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1333.205603][T11382] IPVS: ftp: loaded support on port[0] = 21 [ 1333.446460][T11382] chnl_net:caif_netlink_parms(): no params data found [ 1333.481699][T11382] bridge0: port 1(bridge_slave_0) entered blocking state [ 1333.489007][T11382] bridge0: port 1(bridge_slave_0) entered disabled state [ 1333.497171][T11382] device bridge_slave_0 entered promiscuous mode [ 1333.505669][T11382] bridge0: port 2(bridge_slave_1) entered blocking state [ 1333.512741][T11382] bridge0: port 2(bridge_slave_1) entered disabled state [ 1333.520501][T11382] device bridge_slave_1 entered promiscuous mode [ 1333.705495][T11382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1333.716777][T11382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1333.738534][T11382] team0: Port device team_slave_0 added [ 1333.745566][T11382] team0: Port device team_slave_1 added [ 1333.806615][T11382] device hsr_slave_0 entered promiscuous mode [ 1333.854419][T11382] device hsr_slave_1 entered promiscuous mode [ 1333.894024][T11382] debugfs: Directory 'hsr0' with parent '/' already present! [ 1334.078154][T11382] bridge0: port 2(bridge_slave_1) entered blocking state [ 1334.085276][T11382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1334.092650][T11382] bridge0: port 1(bridge_slave_0) entered blocking state [ 1334.099788][T11382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1334.306320][ T5294] bridge0: port 1(bridge_slave_0) entered disabled state [ 1334.315945][ T5294] bridge0: port 2(bridge_slave_1) entered disabled state [ 1334.331456][T11382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1334.518816][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1334.526741][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1334.540356][T11382] 8021q: adding VLAN 0 to HW filter on device team0 [ 1334.550570][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1334.561010][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1334.569515][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1334.576654][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1334.774262][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1334.782903][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1334.791553][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 1334.798676][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1334.806470][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1334.815322][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1334.824165][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1334.832651][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1334.841606][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1334.850172][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1334.859369][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1334.874781][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1334.883193][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1334.891668][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1334.899996][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1335.079489][T11382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1335.096115][ T936] device bridge_slave_1 left promiscuous mode [ 1335.102692][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1335.156634][ T936] device bridge_slave_0 left promiscuous mode [ 1335.162949][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1335.207141][ T936] device bridge_slave_1 left promiscuous mode [ 1335.213469][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1335.265332][ T936] device bridge_slave_0 left promiscuous mode [ 1335.271645][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1339.284388][ T936] device hsr_slave_0 left promiscuous mode [ 1339.364144][ T936] device hsr_slave_1 left promiscuous mode [ 1339.411673][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1339.426272][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1339.439348][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1339.489617][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1339.563113][ T936] bond0 (unregistering): Released all slaves [ 1339.745951][ T936] device hsr_slave_0 left promiscuous mode [ 1339.824205][ T936] device hsr_slave_1 left promiscuous mode [ 1339.872894][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1339.886657][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1339.898498][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1339.949141][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1340.032398][ T936] bond0 (unregistering): Released all slaves [ 1340.136009][T11382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1340.347519][T11390] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1340.357794][T11390] CPU: 1 PID: 11390 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1340.365427][T11390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1340.375491][T11390] Call Trace: [ 1340.378799][T11390] dump_stack+0x16f/0x1f0 [ 1340.383144][T11390] dump_header+0x10b/0x831 [ 1340.387590][T11390] oom_kill_process.cold+0x10/0x15 [ 1340.392721][T11390] out_of_memory+0x79a/0x12d0 [ 1340.397397][T11390] ? retint_kernel+0x10/0x10 [ 1340.401981][T11390] ? oom_killer_disable+0x280/0x280 [ 1340.407199][T11390] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 1340.412917][T11390] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1340.418458][T11390] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1340.424096][T11390] ? cgroup_file_notify+0x140/0x1b0 [ 1340.429292][T11390] memory_max_write+0x262/0x3a0 [ 1340.434170][T11390] ? mem_cgroup_write+0x360/0x360 [ 1340.439211][T11390] ? cgroup_file_write+0x188/0x790 [ 1340.444327][T11390] cgroup_file_write+0x307/0x790 [ 1340.449288][T11390] ? mem_cgroup_write+0x360/0x360 [ 1340.454325][T11390] ? cgroup_show_path+0x590/0x590 [ 1340.459505][T11390] ? cgroup_show_path+0x590/0x590 [ 1340.464728][T11390] kernfs_fop_write+0x2b8/0x480 [ 1340.469589][T11390] __vfs_write+0x8a/0x110 [ 1340.473922][T11390] ? kernfs_fop_open+0xd80/0xd80 [ 1340.478883][T11390] vfs_write+0x268/0x5d0 [ 1340.483312][T11390] ksys_write+0x14f/0x290 [ 1340.487656][T11390] ? __ia32_sys_read+0xb0/0xb0 [ 1340.492414][T11390] ? do_syscall_64+0x26/0x6a0 [ 1340.497083][T11390] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1340.503141][T11390] ? do_syscall_64+0x26/0x6a0 [ 1340.507818][T11390] __x64_sys_write+0x73/0xb0 [ 1340.512418][T11390] do_syscall_64+0xfd/0x6a0 [ 1340.516917][T11390] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1340.522795][T11390] RIP: 0033:0x459829 [ 1340.526674][T11390] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1340.546270][T11390] RSP: 002b:00007fdb4db7cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1340.554693][T11390] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1340.562654][T11390] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1340.570621][T11390] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1340.578614][T11390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdb4db7d6d4 [ 1340.586600][T11390] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1340.594788][T11390] memory: usage 7068kB, limit 0kB, failcnt 111 [ 1340.601118][T11390] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1340.608126][T11390] Memory cgroup stats for /syz4: [ 1340.608432][T11390] anon 4345856 [ 1340.608432][T11390] file 118784 [ 1340.608432][T11390] kernel_stack 65536 [ 1340.608432][T11390] slab 2850816 [ 1340.608432][T11390] sock 0 [ 1340.608432][T11390] shmem 77824 [ 1340.608432][T11390] file_mapped 135168 [ 1340.608432][T11390] file_dirty 0 [ 1340.608432][T11390] file_writeback 0 [ 1340.608432][T11390] anon_thp 4194304 [ 1340.608432][T11390] inactive_anon 135168 [ 1340.608432][T11390] active_anon 4345856 [ 1340.608432][T11390] inactive_file 0 [ 1340.608432][T11390] active_file 0 [ 1340.608432][T11390] unevictable 0 [ 1340.608432][T11390] slab_reclaimable 1216512 [ 1340.608432][T11390] slab_unreclaimable 1634304 [ 1340.608432][T11390] pgfault 74052 [ 1340.608432][T11390] pgmajfault 0 [ 1340.608432][T11390] workingset_refault 0 [ 1340.608432][T11390] workingset_activate 0 [ 1340.608432][T11390] workingset_nodereclaim 0 [ 1340.608432][T11390] pgrefill 0 [ 1340.608432][T11390] pgscan 0 [ 1340.608432][T11390] pgsteal 0 [ 1340.608432][T11390] pgactivate 0 [ 1340.704151][T11390] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11388,uid=0 [ 1340.720296][T11390] Memory cgroup out of memory: Killed process 11388 (syz-executor.4) total-vm:72576kB, anon-rss:4232kB, file-rss:35868kB, shmem-rss:0kB [ 1340.737445][ T1058] oom_reaper: reaped process 11388 (syz-executor.4), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB 22:56:35 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000180)={0x5, 0x7, 0x1f}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000005c0), &(0x7f0000000600)=0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setlease(r2, 0x400, 0x2) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) r6 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c14229f324e7f8f41487aa2db550ddae65aa874e8bc0675d18f862", 0x1b, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r6, 0xfff) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:56:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x9}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:35 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000080)={0x8, 0x1, 0x8, 0x200}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:56:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3c9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:35 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) [ 1341.178144][T11382] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1341.188259][T11382] CPU: 1 PID: 11382 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1341.195907][T11382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1341.205993][T11382] Call Trace: [ 1341.209321][T11382] dump_stack+0x16f/0x1f0 [ 1341.213668][T11382] dump_header+0x10b/0x831 [ 1341.218096][T11382] ? oom_kill_process+0x94/0x3c0 [ 1341.223045][T11382] oom_kill_process.cold+0x10/0x15 [ 1341.228184][T11382] out_of_memory+0x79a/0x12d0 [ 1341.232879][T11382] ? lock_downgrade+0x920/0x920 [ 1341.237751][T11382] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1341.243578][T11382] ? oom_killer_disable+0x280/0x280 [ 1341.248792][T11382] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1341.254352][T11382] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1341.260000][T11382] ? do_raw_spin_unlock+0x57/0x270 [ 1341.265123][T11382] ? _raw_spin_unlock+0x23/0x30 [ 1341.269990][T11382] try_charge+0x1053/0x1430 [ 1341.274509][T11382] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1341.280076][T11382] ? percpu_ref_tryget_live+0x104/0x270 [ 1341.285649][T11382] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1341.291212][T11382] mem_cgroup_try_charge+0x136/0x590 [ 1341.296514][T11382] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1341.302167][T11382] wp_page_copy+0x27c/0x1380 [ 1341.306776][T11382] ? find_held_lock+0x35/0x130 [ 1341.311566][T11382] ? pmd_pfn+0x1d0/0x1d0 [ 1341.315821][T11382] ? lock_downgrade+0x920/0x920 [ 1341.320680][T11382] ? swp_swapcount+0x520/0x520 [ 1341.325455][T11382] ? __kasan_check_read+0x11/0x20 [ 1341.331291][T11382] ? do_raw_spin_unlock+0x57/0x270 [ 1341.336417][T11382] do_wp_page+0x499/0x14d0 [ 1341.340845][T11382] ? finish_mkwrite_fault+0x570/0x570 [ 1341.346230][T11382] __handle_mm_fault+0x2120/0x3ce0 [ 1341.351352][T11382] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1341.356905][T11382] ? handle_mm_fault+0x294/0xa90 [ 1341.361858][T11382] ? handle_mm_fault+0x675/0xa90 [ 1341.366808][T11382] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1341.372111][T11382] handle_mm_fault+0x3bb/0xa90 [ 1341.376894][T11382] __do_page_fault+0x536/0xdd0 [ 1341.381682][T11382] do_page_fault+0x38/0x536 [ 1341.386200][T11382] page_fault+0x39/0x40 [ 1341.390356][T11382] RIP: 0033:0x4034f2 [ 1341.394253][T11382] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8d 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 42 05 00 48 [ 1341.413871][T11382] RSP: 002b:00007ffc764c8c50 EFLAGS: 00010246 [ 1341.419949][T11382] RAX: 0000000000000000 RBX: 0000000000147393 RCX: 0000000000413430 [ 1341.427940][T11382] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffc764c9d80 [ 1341.435919][T11382] RBP: 0000000000000002 R08: 0000000000000001 R09: 00005555570d9940 [ 1341.444384][T11382] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc764c9d80 [ 1341.452363][T11382] R13: 00007ffc764c9d70 R14: 0000000000000000 R15: 00007ffc764c9d80 [ 1341.460459][T11382] memory: usage 2692kB, limit 0kB, failcnt 119 [ 1341.466670][T11382] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1341.473516][T11382] Memory cgroup stats for /syz4: [ 1341.473643][T11382] anon 53248 [ 1341.473643][T11382] file 118784 [ 1341.473643][T11382] kernel_stack 0 [ 1341.473643][T11382] slab 2850816 [ 1341.473643][T11382] sock 0 [ 1341.473643][T11382] shmem 77824 [ 1341.473643][T11382] file_mapped 135168 [ 1341.473643][T11382] file_dirty 0 [ 1341.473643][T11382] file_writeback 0 [ 1341.473643][T11382] anon_thp 0 [ 1341.473643][T11382] inactive_anon 135168 [ 1341.473643][T11382] active_anon 53248 [ 1341.473643][T11382] inactive_file 0 [ 1341.473643][T11382] active_file 0 [ 1341.473643][T11382] unevictable 0 [ 1341.473643][T11382] slab_reclaimable 1216512 [ 1341.473643][T11382] slab_unreclaimable 1634304 [ 1341.473643][T11382] pgfault 74085 [ 1341.473643][T11382] pgmajfault 0 [ 1341.473643][T11382] workingset_refault 0 [ 1341.473643][T11382] workingset_activate 0 [ 1341.473643][T11382] workingset_nodereclaim 0 [ 1341.473643][T11382] pgrefill 0 [ 1341.473643][T11382] pgscan 0 [ 1341.473643][T11382] pgsteal 0 [ 1341.473643][T11382] pgactivate 0 [ 1341.568122][T11382] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11382,uid=0 [ 1341.583649][T11382] Memory cgroup out of memory: Killed process 11382 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1341.598185][ T1058] oom_reaper: reaped process 11382 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:56:36 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:36 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ca, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:36 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x45f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:36 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3cb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:36 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x460, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:36 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x461, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:37 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000180)={0x5, 0x7, 0x1f}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000005c0), &(0x7f0000000600)=0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setlease(r2, 0x400, 0x2) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) r6 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c14229f324e7f8f41487aa2db550ddae65aa874e8bc0675d18f862", 0x1b, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r6, 0xfff) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:56:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xa}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:37 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x462, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:37 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000180)=""/117) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6, 0x3f, 0x5, 0x8, 0x9, 0x6d6, 0x0, 0x5e, 0x100000000, 0xdb}, 0xb) 22:56:37 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3cc, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1344.277295][T11471] IPVS: ftp: loaded support on port[0] = 21 [ 1344.366252][T11471] chnl_net:caif_netlink_parms(): no params data found [ 1344.398141][T11471] bridge0: port 1(bridge_slave_0) entered blocking state [ 1344.405298][T11471] bridge0: port 1(bridge_slave_0) entered disabled state [ 1344.413015][T11471] device bridge_slave_0 entered promiscuous mode [ 1344.420738][T11471] bridge0: port 2(bridge_slave_1) entered blocking state [ 1344.427888][T11471] bridge0: port 2(bridge_slave_1) entered disabled state [ 1344.435900][T11471] device bridge_slave_1 entered promiscuous mode [ 1344.457351][T11471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1344.468193][T11471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1344.489146][T11471] team0: Port device team_slave_0 added [ 1344.497229][T11471] team0: Port device team_slave_1 added [ 1344.556252][T11471] device hsr_slave_0 entered promiscuous mode [ 1344.594471][T11471] device hsr_slave_1 entered promiscuous mode [ 1344.634003][T11471] debugfs: Directory 'hsr0' with parent '/' already present! [ 1344.660709][T11471] bridge0: port 2(bridge_slave_1) entered blocking state [ 1344.667881][T11471] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1344.675339][T11471] bridge0: port 1(bridge_slave_0) entered blocking state [ 1344.682441][T11471] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1344.732591][T11471] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1344.749844][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1344.759150][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state [ 1344.767372][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 1344.777363][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1344.790774][T11471] 8021q: adding VLAN 0 to HW filter on device team0 [ 1344.804685][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1344.813312][ T5294] bridge0: port 1(bridge_slave_0) entered blocking state [ 1344.820460][ T5294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1344.832575][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1344.842235][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 1344.849370][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1344.869289][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1344.878387][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1344.894791][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1344.908140][ T9832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1344.921040][T11471] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1344.932201][T11471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1344.940674][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1344.961864][T11471] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1345.165436][T11479] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1345.176173][T11479] CPU: 0 PID: 11479 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1345.183843][T11479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1345.193941][T11479] Call Trace: [ 1345.197267][T11479] dump_stack+0x16f/0x1f0 [ 1345.201640][T11479] dump_header+0x10b/0x831 [ 1345.206110][T11479] oom_kill_process.cold+0x10/0x15 [ 1345.211271][T11479] out_of_memory+0x79a/0x12d0 [ 1345.215994][T11479] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1345.221679][T11479] ? cgroup_file_notify+0x140/0x1b0 [ 1345.226961][T11479] ? oom_killer_disable+0x280/0x280 [ 1345.232234][T11479] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1345.237839][T11479] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1345.243540][T11479] ? cgroup_file_notify+0x140/0x1b0 [ 1345.248785][T11479] memory_max_write+0x262/0x3a0 [ 1345.253688][T11479] ? mem_cgroup_write+0x360/0x360 [ 1345.258753][T11479] ? lock_acquire+0x190/0x400 [ 1345.263461][T11479] ? kernfs_fop_write+0x227/0x480 [ 1345.268532][T11479] cgroup_file_write+0x307/0x790 [ 1345.273512][T11479] ? mem_cgroup_write+0x360/0x360 [ 1345.278586][T11479] ? cgroup_show_path+0x590/0x590 [ 1345.283663][T11479] ? cgroup_show_path+0x590/0x590 [ 1345.288739][T11479] kernfs_fop_write+0x2b8/0x480 [ 1345.293628][T11479] __vfs_write+0x8a/0x110 [ 1345.297976][T11479] ? kernfs_fop_open+0xd80/0xd80 [ 1345.302967][T11479] vfs_write+0x268/0x5d0 [ 1345.307256][T11479] ksys_write+0x14f/0x290 [ 1345.311626][T11479] ? __ia32_sys_read+0xb0/0xb0 [ 1345.316426][T11479] ? do_syscall_64+0x26/0x6a0 [ 1345.321135][T11479] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1345.327228][T11479] ? do_syscall_64+0x26/0x6a0 [ 1345.332945][T11479] __x64_sys_write+0x73/0xb0 [ 1345.337565][T11479] do_syscall_64+0xfd/0x6a0 [ 1345.342108][T11479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1345.348024][T11479] RIP: 0033:0x459829 [ 1345.351973][T11479] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1345.371607][T11479] RSP: 002b:00007f0215429c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1345.380058][T11479] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1345.388093][T11479] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1345.396099][T11479] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1345.404124][T11479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f021542a6d4 [ 1345.412124][T11479] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1345.420294][T11479] memory: usage 5192kB, limit 0kB, failcnt 598059 [ 1345.426970][T11479] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1345.433942][T11479] Memory cgroup stats for /syz0: [ 1345.434814][T11479] anon 4317184 [ 1345.434814][T11479] file 106496 [ 1345.434814][T11479] kernel_stack 65536 [ 1345.434814][T11479] slab 724992 [ 1345.434814][T11479] sock 0 [ 1345.434814][T11479] shmem 0 [ 1345.434814][T11479] file_mapped 0 [ 1345.434814][T11479] file_dirty 0 [ 1345.434814][T11479] file_writeback 0 [ 1345.434814][T11479] anon_thp 4194304 [ 1345.434814][T11479] inactive_anon 0 [ 1345.434814][T11479] active_anon 4317184 [ 1345.434814][T11479] inactive_file 0 [ 1345.434814][T11479] active_file 0 [ 1345.434814][T11479] unevictable 0 [ 1345.434814][T11479] slab_reclaimable 270336 [ 1345.434814][T11479] slab_unreclaimable 454656 [ 1345.434814][T11479] pgfault 75339 [ 1345.434814][T11479] pgmajfault 0 [ 1345.434814][T11479] workingset_refault 0 [ 1345.434814][T11479] workingset_activate 0 [ 1345.434814][T11479] workingset_nodereclaim 0 [ 1345.434814][T11479] pgrefill 46 [ 1345.434814][T11479] pgscan 46 [ 1345.434814][T11479] pgsteal 0 [ 1345.434814][T11479] pgactivate 0 [ 1345.530535][T11479] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11477,uid=0 [ 1345.546469][T11479] Memory cgroup out of memory: Killed process 11477 (syz-executor.0) total-vm:72576kB, anon-rss:4228kB, file-rss:35812kB, shmem-rss:0kB [ 1345.566752][ T1058] oom_reaper: reaped process 11477 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:56:40 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:56:40 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000180)={0x5, 0x7, 0x1f}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000005c0), &(0x7f0000000600)=0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setlease(r2, 0x400, 0x2) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) r6 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c14229f324e7f8f41487aa2db550ddae65aa874e8bc0675d18f862", 0x1b, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r6, 0xfff) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:56:40 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x463, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3cd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xc}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:40 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1346.147639][T11471] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1346.157799][T11471] CPU: 0 PID: 11471 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1346.165438][T11471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1346.175531][T11471] Call Trace: [ 1346.178843][T11471] dump_stack+0x16f/0x1f0 [ 1346.183302][T11471] dump_header+0x10b/0x831 [ 1346.187732][T11471] ? oom_kill_process+0x94/0x3c0 [ 1346.192779][T11471] oom_kill_process.cold+0x10/0x15 [ 1346.197960][T11471] out_of_memory+0x79a/0x12d0 [ 1346.202687][T11471] ? lock_downgrade+0x920/0x920 [ 1346.207561][T11471] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1346.213471][T11471] ? oom_killer_disable+0x280/0x280 [ 1346.218694][T11471] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1346.224257][T11471] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1346.229904][T11471] ? do_raw_spin_unlock+0x57/0x270 [ 1346.235050][T11471] ? _raw_spin_unlock+0x23/0x30 [ 1346.239917][T11471] try_charge+0x1053/0x1430 [ 1346.244440][T11471] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1346.250017][T11471] ? percpu_ref_tryget_live+0x104/0x270 [ 1346.255589][T11471] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1346.261142][T11471] mem_cgroup_try_charge+0x136/0x590 [ 1346.266438][T11471] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1346.272093][T11471] __handle_mm_fault+0x1c63/0x3ce0 [ 1346.277223][T11471] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1346.282785][T11471] ? handle_mm_fault+0x294/0xa90 [ 1346.287737][T11471] ? handle_mm_fault+0x675/0xa90 [ 1346.292676][T11471] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1346.297974][T11471] handle_mm_fault+0x3bb/0xa90 [ 1346.302768][T11471] __do_page_fault+0x536/0xdd0 [ 1346.307550][T11471] do_page_fault+0x38/0x536 [ 1346.312082][T11471] page_fault+0x39/0x40 [ 1346.316242][T11471] RIP: 0033:0x42fd7c [ 1346.320228][T11471] Code: 83 c0 17 41 55 41 54 55 53 48 89 c5 48 83 e5 f0 48 89 fb 48 81 ec 98 00 00 00 48 83 f8 20 b8 20 00 00 00 48 0f 42 e8 48 85 ff <48> 89 74 24 08 0f 84 3a 08 00 00 48 3b 2d ea 51 64 00 77 70 89 ef [ 1346.344151][T11471] RSP: 002b:00007fffc2ab1fd0 EFLAGS: 00010202 [ 1346.350229][T11471] RAX: 0000000000000020 RBX: 0000000000715640 RCX: 0000000000458b94 [ 1346.358213][T11471] RDX: 00007fffc2ab20c0 RSI: 0000000000008030 RDI: 0000000000715640 [ 1346.366197][T11471] RBP: 0000000000008040 R08: 0000000000000001 R09: 00005555558b9940 [ 1346.374175][T11471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc2ab32a0 [ 1346.382161][T11471] R13: 00007fffc2ab3290 R14: 0000000000000000 R15: 00007fffc2ab32a0 [ 1346.390319][T11471] memory: usage 804kB, limit 0kB, failcnt 598067 [ 1346.396730][T11471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1346.403591][T11471] Memory cgroup stats for /syz0: [ 1346.403708][T11471] anon 57344 [ 1346.403708][T11471] file 106496 [ 1346.403708][T11471] kernel_stack 65536 [ 1346.403708][T11471] slab 724992 [ 1346.403708][T11471] sock 0 [ 1346.403708][T11471] shmem 0 [ 1346.403708][T11471] file_mapped 0 [ 1346.403708][T11471] file_dirty 0 [ 1346.403708][T11471] file_writeback 0 [ 1346.403708][T11471] anon_thp 0 [ 1346.403708][T11471] inactive_anon 0 [ 1346.403708][T11471] active_anon 57344 [ 1346.403708][T11471] inactive_file 0 [ 1346.403708][T11471] active_file 0 [ 1346.403708][T11471] unevictable 0 [ 1346.403708][T11471] slab_reclaimable 270336 [ 1346.403708][T11471] slab_unreclaimable 454656 [ 1346.403708][T11471] pgfault 75372 [ 1346.403708][T11471] pgmajfault 0 [ 1346.403708][T11471] workingset_refault 0 [ 1346.403708][T11471] workingset_activate 0 [ 1346.403708][T11471] workingset_nodereclaim 0 [ 1346.403708][T11471] pgrefill 46 [ 1346.403708][T11471] pgscan 46 [ 1346.403708][T11471] pgsteal 0 [ 1346.403708][T11471] pgactivate 0 [ 1346.498865][T11471] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11471,uid=0 [ 1346.514390][T11471] Memory cgroup out of memory: Killed process 11471 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1346.529533][ T1058] oom_reaper: reaped process 11471 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:56:40 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ce, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:41 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x464, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:41 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3cf, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xe}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:41 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x465, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:41 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:42 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r3}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) [ 1348.385266][ T936] device bridge_slave_1 left promiscuous mode [ 1348.391471][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1348.455347][ T936] device bridge_slave_0 left promiscuous mode [ 1348.461552][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1350.504830][ T936] device hsr_slave_0 left promiscuous mode [ 1350.554119][ T936] device hsr_slave_1 left promiscuous mode [ 1350.621775][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1350.636760][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1350.650463][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1350.691134][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1350.775625][ T936] bond0 (unregistering): Released all slaves [ 1350.861531][T11539] IPVS: ftp: loaded support on port[0] = 21 [ 1350.942103][T11539] chnl_net:caif_netlink_parms(): no params data found [ 1350.984261][T11539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1350.991350][T11539] bridge0: port 1(bridge_slave_0) entered disabled state [ 1350.999373][T11539] device bridge_slave_0 entered promiscuous mode [ 1351.007884][T11539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1351.015142][T11539] bridge0: port 2(bridge_slave_1) entered disabled state [ 1351.022849][T11539] device bridge_slave_1 entered promiscuous mode [ 1351.094146][T11539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1351.111887][T11539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1351.142403][T11539] team0: Port device team_slave_0 added [ 1351.156537][T11539] team0: Port device team_slave_1 added [ 1351.227372][T11539] device hsr_slave_0 entered promiscuous mode [ 1351.264838][T11539] device hsr_slave_1 entered promiscuous mode [ 1351.303999][T11539] debugfs: Directory 'hsr0' with parent '/' already present! [ 1351.342167][T11539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1351.349365][T11539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1351.356861][T11539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1351.364022][T11539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1351.428418][T11539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1351.446548][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1351.456854][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state [ 1351.465163][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 1351.498796][T11539] 8021q: adding VLAN 0 to HW filter on device team0 [ 1351.511926][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1351.520825][ T5184] bridge0: port 1(bridge_slave_0) entered blocking state [ 1351.528490][ T5184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1351.576209][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1351.584961][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 1351.592061][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1351.600605][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1351.609490][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1351.618132][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1351.631621][T11539] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1351.643235][T11539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1351.664954][T11539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1351.675640][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1351.683674][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 22:56:46 executing program 4: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x39f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:46 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x466, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) setsockopt(r0, 0x0, 0x0, &(0x7f0000000080)="f25f1e6d0e6a85f5d64459a47088dd1639cac48be602c7198b3746f316c61025788579c8203191b3f58aedf7499a6e8651", 0x31) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) fsopen(&(0x7f0000000180)='dax\x00', 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8000014001fc) ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f00000001c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000340), &(0x7f0000000440)=0x40) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:56:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xf}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:46 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:46 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, 0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:46 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x467, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:46 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:46 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x10}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x468, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:47 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:47 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getegid() fchownat(r0, &(0x7f0000000080)='./file0\x00', r5, r6, 0x0) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) openat$cgroup(r0, &(0x7f00000006c0)='syz1\x00', 0x200002, 0x0) r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r7, &(0x7f0000000680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x6}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x50, r8, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xe5f}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x20048800) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1352.773665][T11572] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1352.784114][T11572] CPU: 0 PID: 11572 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1352.791782][T11572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1352.801853][T11572] Call Trace: [ 1352.805167][T11572] dump_stack+0x16f/0x1f0 [ 1352.809542][T11572] dump_header+0x10b/0x831 [ 1352.813989][T11572] oom_kill_process.cold+0x10/0x15 [ 1352.819130][T11572] out_of_memory+0x79a/0x12d0 [ 1352.823839][T11572] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1352.829498][T11572] ? cgroup_file_notify+0x140/0x1b0 [ 1352.834728][T11572] ? oom_killer_disable+0x280/0x280 [ 1352.839979][T11572] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1352.845560][T11572] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1352.851247][T11572] ? cgroup_file_notify+0x140/0x1b0 [ 1352.856483][T11572] memory_max_write+0x262/0x3a0 [ 1352.861368][T11572] ? mem_cgroup_write+0x360/0x360 [ 1352.866421][T11572] ? lock_acquire+0x190/0x400 [ 1352.871217][T11572] ? kernfs_fop_write+0x227/0x480 [ 1352.876272][T11572] cgroup_file_write+0x307/0x790 [ 1352.881250][T11572] ? mem_cgroup_write+0x360/0x360 [ 1352.886292][T11572] ? cgroup_show_path+0x590/0x590 [ 1352.891349][T11572] ? cgroup_show_path+0x590/0x590 [ 1352.896408][T11572] kernfs_fop_write+0x2b8/0x480 [ 1352.901290][T11572] __vfs_write+0x8a/0x110 [ 1352.905657][T11572] ? kernfs_fop_open+0xd80/0xd80 [ 1352.910840][T11572] vfs_write+0x268/0x5d0 [ 1352.915117][T11572] ksys_write+0x14f/0x290 [ 1352.919503][T11572] ? __ia32_sys_read+0xb0/0xb0 [ 1352.924339][T11572] __x64_sys_write+0x73/0xb0 [ 1352.928956][T11572] ? do_syscall_64+0x5b/0x6a0 [ 1352.933656][T11572] do_syscall_64+0xfd/0x6a0 [ 1352.938185][T11572] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1352.944090][T11572] RIP: 0033:0x459829 [ 1352.948024][T11572] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1352.967687][T11572] RSP: 002b:00007f6fd36cbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1352.976119][T11572] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1352.984129][T11572] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1352.992133][T11572] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1353.000124][T11572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6fd36cc6d4 [ 1353.008114][T11572] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1353.016343][T11572] memory: usage 9576kB, limit 0kB, failcnt 120 22:56:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x25}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1353.022894][T11572] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1353.029997][T11572] Memory cgroup stats for /syz4: [ 1353.030427][T11572] anon 6549504 [ 1353.030427][T11572] file 118784 [ 1353.030427][T11572] kernel_stack 65536 [ 1353.030427][T11572] slab 2658304 [ 1353.030427][T11572] sock 0 [ 1353.030427][T11572] shmem 77824 [ 1353.030427][T11572] file_mapped 135168 [ 1353.030427][T11572] file_dirty 0 [ 1353.030427][T11572] file_writeback 0 [ 1353.030427][T11572] anon_thp 6291456 [ 1353.030427][T11572] inactive_anon 135168 [ 1353.030427][T11572] active_anon 6549504 [ 1353.030427][T11572] inactive_file 0 [ 1353.030427][T11572] active_file 0 [ 1353.030427][T11572] unevictable 0 [ 1353.030427][T11572] slab_reclaimable 811008 [ 1353.030427][T11572] slab_unreclaimable 1847296 [ 1353.030427][T11572] pgfault 74316 [ 1353.030427][T11572] pgmajfault 0 [ 1353.030427][T11572] workingset_refault 0 [ 1353.030427][T11572] workingset_activate 0 [ 1353.030427][T11572] workingset_nodereclaim 0 [ 1353.030427][T11572] pgrefill 0 [ 1353.030427][T11572] pgscan 0 [ 1353.030427][T11572] pgsteal 0 22:56:47 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1353.030427][T11572] pgactivate 0 [ 1353.126760][T11572] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11571,uid=0 [ 1353.143207][T11572] Memory cgroup out of memory: Killed process 11571 (syz-executor.4) total-vm:72704kB, anon-rss:4248kB, file-rss:35836kB, shmem-rss:0kB [ 1353.165274][ T1058] oom_reaper: reaped process 11571 (syz-executor.4), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB 22:56:47 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x469, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1354.008346][T11539] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1354.019570][T11539] CPU: 1 PID: 11539 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1354.027234][T11539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1354.037316][T11539] Call Trace: [ 1354.040621][T11539] dump_stack+0x16f/0x1f0 [ 1354.045168][T11539] dump_header+0x10b/0x831 [ 1354.049594][T11539] ? oom_kill_process+0x94/0x3c0 [ 1354.054579][T11539] oom_kill_process.cold+0x10/0x15 [ 1354.059700][T11539] out_of_memory+0x79a/0x12d0 [ 1354.064389][T11539] ? lock_downgrade+0x920/0x920 [ 1354.069249][T11539] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1354.075073][T11539] ? oom_killer_disable+0x280/0x280 [ 1354.080291][T11539] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1354.086563][T11539] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1354.092246][T11539] ? do_raw_spin_unlock+0x57/0x270 [ 1354.097371][T11539] ? _raw_spin_unlock+0x23/0x30 [ 1354.102233][T11539] try_charge+0x1053/0x1430 [ 1354.106749][T11539] ? __lock_acquire+0x7b0/0x4c30 [ 1354.111700][T11539] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1354.117257][T11539] ? cache_grow_begin+0x124/0xc90 [ 1354.122293][T11539] ? find_held_lock+0x35/0x130 [ 1354.127063][T11539] ? cache_grow_begin+0x124/0xc90 [ 1354.132105][T11539] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1354.137588][T11539] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1354.142992][T11539] cache_grow_begin+0x601/0xc90 [ 1354.147853][T11539] ? write_comp_data+0x31/0x70 [ 1354.152621][T11539] ? mempolicy_slab_node+0x139/0x390 [ 1354.157917][T11539] fallback_alloc+0x1fd/0x2d0 [ 1354.162609][T11539] ____cache_alloc_node+0x1bc/0x1d0 [ 1354.167824][T11539] ? trace_hardirqs_off+0x62/0x210 [ 1354.172946][T11539] kmem_cache_alloc+0x1e8/0x700 [ 1354.177800][T11539] ? inet_create+0x2f4/0xe00 [ 1354.182438][T11539] ? __sock_create+0x386/0x740 [ 1354.187215][T11539] sk_prot_alloc+0x67/0x310 [ 1354.191723][T11539] sk_alloc+0x39/0xf60 [ 1354.195793][T11539] inet_create+0x36c/0xe00 [ 1354.200247][T11539] __sock_create+0x3de/0x740 [ 1354.204839][T11539] ? _raw_spin_unlock_irq+0x28/0x70 [ 1354.210045][T11539] __sys_socket+0x103/0x220 [ 1354.214564][T11539] ? move_addr_to_kernel+0x80/0x80 [ 1354.219688][T11539] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1354.225150][T11539] ? do_syscall_64+0x26/0x6a0 [ 1354.229832][T11539] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1354.235991][T11539] ? do_syscall_64+0x26/0x6a0 [ 1354.240697][T11539] __x64_sys_socket+0x73/0xb0 [ 1354.245392][T11539] do_syscall_64+0xfd/0x6a0 [ 1354.249919][T11539] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1354.255813][T11539] RIP: 0033:0x45c377 [ 1354.259708][T11539] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1354.279319][T11539] RSP: 002b:00007ffdfb9d2f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1354.287746][T11539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c377 [ 1354.295727][T11539] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 1354.303706][T11539] RBP: 0000000000000007 R08: 0000000000000000 R09: 000000000000000a [ 1354.311700][T11539] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 1354.319696][T11539] R13: 00007ffdfb9d3690 R14: 000000000014a227 R15: 00007ffdfb9d36a0 [ 1354.329429][T11539] memory: usage 5136kB, limit 0kB, failcnt 140 [ 1354.335651][T11539] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1354.342531][T11539] Memory cgroup stats for /syz4: [ 1354.342655][T11539] anon 2281472 [ 1354.342655][T11539] file 118784 [ 1354.342655][T11539] kernel_stack 0 [ 1354.342655][T11539] slab 2658304 [ 1354.342655][T11539] sock 0 [ 1354.342655][T11539] shmem 77824 [ 1354.342655][T11539] file_mapped 135168 [ 1354.342655][T11539] file_dirty 0 [ 1354.342655][T11539] file_writeback 0 [ 1354.342655][T11539] anon_thp 2097152 [ 1354.342655][T11539] inactive_anon 135168 [ 1354.342655][T11539] active_anon 2281472 [ 1354.342655][T11539] inactive_file 0 [ 1354.342655][T11539] active_file 0 [ 1354.342655][T11539] unevictable 0 [ 1354.342655][T11539] slab_reclaimable 811008 [ 1354.342655][T11539] slab_unreclaimable 1847296 [ 1354.342655][T11539] pgfault 74316 [ 1354.342655][T11539] pgmajfault 0 [ 1354.342655][T11539] workingset_refault 0 [ 1354.342655][T11539] workingset_activate 0 [ 1354.342655][T11539] workingset_nodereclaim 0 [ 1354.342655][T11539] pgrefill 0 [ 1354.342655][T11539] pgscan 0 [ 1354.342655][T11539] pgsteal 0 [ 1354.342655][T11539] pgactivate 0 [ 1354.439862][T11539] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11567,uid=0 [ 1354.455997][T11539] Memory cgroup out of memory: Killed process 11567 (syz-executor.4) total-vm:72572kB, anon-rss:2192kB, file-rss:35788kB, shmem-rss:0kB [ 1354.471887][ T1058] oom_reaper: reaped process 11567 (syz-executor.4), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 1354.484964][T11539] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1354.496087][T11539] CPU: 1 PID: 11539 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1354.503725][T11539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1354.514103][T11539] Call Trace: [ 1354.517407][T11539] dump_stack+0x16f/0x1f0 [ 1354.521745][T11539] dump_header+0x10b/0x831 [ 1354.526266][T11539] ? oom_kill_process+0x94/0x3c0 [ 1354.531308][T11539] oom_kill_process.cold+0x10/0x15 [ 1354.536404][T11539] out_of_memory+0x79a/0x12d0 [ 1354.541069][T11539] ? lock_downgrade+0x920/0x920 [ 1354.545910][T11539] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1354.552182][T11539] ? oom_killer_disable+0x280/0x280 [ 1354.557374][T11539] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1354.562934][T11539] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1354.568581][T11539] ? do_raw_spin_unlock+0x57/0x270 [ 1354.573693][T11539] ? _raw_spin_unlock+0x23/0x30 [ 1354.578527][T11539] try_charge+0x1053/0x1430 [ 1354.583119][T11539] ? __lock_acquire+0x7b0/0x4c30 [ 1354.588040][T11539] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1354.593578][T11539] ? cache_grow_begin+0x124/0xc90 [ 1354.598672][T11539] ? find_held_lock+0x35/0x130 [ 1354.603584][T11539] ? cache_grow_begin+0x124/0xc90 [ 1354.608647][T11539] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1354.614532][T11539] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1354.619984][T11539] cache_grow_begin+0x601/0xc90 [ 1354.624940][T11539] ? write_comp_data+0x31/0x70 [ 1354.629780][T11539] ? mempolicy_slab_node+0x139/0x390 [ 1354.635068][T11539] fallback_alloc+0x1fd/0x2d0 [ 1354.639731][T11539] ____cache_alloc_node+0x1bc/0x1d0 [ 1354.644913][T11539] ? trace_hardirqs_off+0x62/0x210 [ 1354.650008][T11539] kmem_cache_alloc+0x1e8/0x700 [ 1354.654844][T11539] ? inet_create+0x2f4/0xe00 [ 1354.659421][T11539] ? __sock_create+0x386/0x740 [ 1354.664176][T11539] sk_prot_alloc+0x67/0x310 [ 1354.668669][T11539] sk_alloc+0x39/0xf60 [ 1354.672724][T11539] inet_create+0x36c/0xe00 [ 1354.677127][T11539] __sock_create+0x3de/0x740 [ 1354.681745][T11539] ? _raw_spin_unlock_irq+0x28/0x70 [ 1354.686955][T11539] __sys_socket+0x103/0x220 [ 1354.691446][T11539] ? move_addr_to_kernel+0x80/0x80 [ 1354.696561][T11539] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1354.702020][T11539] ? do_syscall_64+0x26/0x6a0 [ 1354.706705][T11539] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1354.712761][T11539] ? do_syscall_64+0x26/0x6a0 [ 1354.717434][T11539] __x64_sys_socket+0x73/0xb0 [ 1354.722116][T11539] do_syscall_64+0xfd/0x6a0 [ 1354.726612][T11539] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1354.732491][T11539] RIP: 0033:0x45c377 [ 1354.736395][T11539] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1354.755989][T11539] RSP: 002b:00007ffdfb9d2f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1354.764394][T11539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045c377 [ 1354.772361][T11539] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 1354.780325][T11539] RBP: 0000000000000007 R08: 0000000000000000 R09: 000000000000000a [ 1354.788286][T11539] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 1354.796347][T11539] R13: 00007ffdfb9d3690 R14: 000000000014a227 R15: 00007ffdfb9d36a0 [ 1354.804407][T11539] memory: usage 2800kB, limit 0kB, failcnt 188 [ 1354.810570][T11539] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1354.817488][T11539] Memory cgroup stats for /syz4: [ 1354.817617][T11539] anon 65536 [ 1354.817617][T11539] file 118784 [ 1354.817617][T11539] kernel_stack 0 [ 1354.817617][T11539] slab 2658304 [ 1354.817617][T11539] sock 0 [ 1354.817617][T11539] shmem 77824 [ 1354.817617][T11539] file_mapped 135168 [ 1354.817617][T11539] file_dirty 0 [ 1354.817617][T11539] file_writeback 0 [ 1354.817617][T11539] anon_thp 0 [ 1354.817617][T11539] inactive_anon 135168 [ 1354.817617][T11539] active_anon 65536 [ 1354.817617][T11539] inactive_file 0 [ 1354.817617][T11539] active_file 0 [ 1354.817617][T11539] unevictable 0 [ 1354.817617][T11539] slab_reclaimable 811008 [ 1354.817617][T11539] slab_unreclaimable 1847296 [ 1354.817617][T11539] pgfault 74316 [ 1354.817617][T11539] pgmajfault 0 [ 1354.817617][T11539] workingset_refault 0 [ 1354.817617][T11539] workingset_activate 0 [ 1354.817617][T11539] workingset_nodereclaim 0 [ 1354.817617][T11539] pgrefill 0 [ 1354.817617][T11539] pgscan 0 [ 1354.817617][T11539] pgsteal 0 [ 1354.817617][T11539] pgactivate 0 [ 1354.912215][T11539] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11539,uid=0 [ 1354.927890][T11539] Memory cgroup out of memory: Killed process 11539 (syz-executor.4) total-vm:72440kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB [ 1354.942455][ T1058] oom_reaper: reaped process 11539 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 1355.545757][T11833] IPVS: ftp: loaded support on port[0] = 21 [ 1355.652194][T11833] chnl_net:caif_netlink_parms(): no params data found [ 1355.693722][T11833] bridge0: port 1(bridge_slave_0) entered blocking state [ 1355.700942][T11833] bridge0: port 1(bridge_slave_0) entered disabled state [ 1355.709114][T11833] device bridge_slave_0 entered promiscuous mode [ 1355.718298][T11833] bridge0: port 2(bridge_slave_1) entered blocking state [ 1355.725454][T11833] bridge0: port 2(bridge_slave_1) entered disabled state [ 1355.733215][T11833] device bridge_slave_1 entered promiscuous mode [ 1355.756261][T11833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1355.767657][T11833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1355.789683][T11833] team0: Port device team_slave_0 added [ 1355.797325][T11833] team0: Port device team_slave_1 added [ 1355.846597][T11833] device hsr_slave_0 entered promiscuous mode [ 1355.886665][T11833] device hsr_slave_1 entered promiscuous mode [ 1355.934732][T11833] debugfs: Directory 'hsr0' with parent '/' already present! [ 1355.952692][T11833] bridge0: port 2(bridge_slave_1) entered blocking state [ 1355.959853][T11833] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1355.967341][T11833] bridge0: port 1(bridge_slave_0) entered blocking state [ 1355.974566][T11833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1356.365355][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1356.373163][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1356.582082][T11833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1356.594443][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1356.602237][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1356.780300][T11833] 8021q: adding VLAN 0 to HW filter on device team0 [ 1356.791552][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1356.800340][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1356.808675][ T1788] bridge0: port 1(bridge_slave_0) entered blocking state [ 1356.815784][ T1788] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1356.834631][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1356.843381][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1356.852225][ T1788] bridge0: port 2(bridge_slave_1) entered blocking state [ 1356.859323][ T1788] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1356.867177][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1356.876137][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1357.064378][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1357.073002][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1357.082649][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1357.095434][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1357.105091][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1357.290155][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1357.298944][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1357.312392][T11833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1357.323691][T11833] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1357.333298][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1357.341772][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1357.545947][T11833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1357.937625][T11842] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1357.948412][T11842] CPU: 1 PID: 11842 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1357.956056][T11842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1357.966122][T11842] Call Trace: [ 1357.969433][T11842] dump_stack+0x16f/0x1f0 [ 1357.973781][T11842] dump_header+0x10b/0x831 [ 1357.978215][T11842] oom_kill_process.cold+0x10/0x15 [ 1357.983347][T11842] out_of_memory+0x79a/0x12d0 [ 1357.988046][T11842] ? retint_kernel+0x10/0x10 [ 1357.992647][T11842] ? oom_killer_disable+0x280/0x280 [ 1357.997869][T11842] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1358.003429][T11842] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1358.009091][T11842] ? cgroup_file_notify+0x140/0x1b0 [ 1358.014307][T11842] memory_max_write+0x262/0x3a0 [ 1358.019176][T11842] ? mem_cgroup_write+0x360/0x360 [ 1358.024210][T11842] ? lock_acquire+0x190/0x400 [ 1358.028896][T11842] ? kernfs_fop_write+0x227/0x480 [ 1358.033957][T11842] cgroup_file_write+0x307/0x790 [ 1358.038910][T11842] ? mem_cgroup_write+0x360/0x360 [ 1358.043962][T11842] ? cgroup_show_path+0x590/0x590 [ 1358.048999][T11842] ? cgroup_show_path+0x590/0x590 [ 1358.054049][T11842] kernfs_fop_write+0x2b8/0x480 [ 1358.058919][T11842] __vfs_write+0x8a/0x110 [ 1358.063254][T11842] ? kernfs_fop_open+0xd80/0xd80 [ 1358.068203][T11842] vfs_write+0x268/0x5d0 [ 1358.072459][T11842] ksys_write+0x14f/0x290 [ 1358.076798][T11842] ? __ia32_sys_read+0xb0/0xb0 [ 1358.081581][T11842] ? do_syscall_64+0x26/0x6a0 [ 1358.086259][T11842] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1358.092312][T11842] ? do_syscall_64+0x26/0x6a0 [ 1358.096976][T11842] __x64_sys_write+0x73/0xb0 [ 1358.101561][T11842] do_syscall_64+0xfd/0x6a0 [ 1358.106083][T11842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1358.111980][T11842] RIP: 0033:0x459829 [ 1358.115859][T11842] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1358.135473][T11842] RSP: 002b:00007f83b0025c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1358.143881][T11842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1358.151879][T11842] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1358.159840][T11842] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1358.167802][T11842] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f83b00266d4 [ 1358.175765][T11842] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1358.187274][T11842] memory: usage 5128kB, limit 0kB, failcnt 598068 [ 1358.193788][T11842] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1358.200786][T11842] Memory cgroup stats for /syz0: [ 1358.202034][T11842] anon 4255744 [ 1358.202034][T11842] file 106496 [ 1358.202034][T11842] kernel_stack 65536 [ 1358.202034][T11842] slab 724992 [ 1358.202034][T11842] sock 0 [ 1358.202034][T11842] shmem 0 [ 1358.202034][T11842] file_mapped 0 [ 1358.202034][T11842] file_dirty 0 [ 1358.202034][T11842] file_writeback 0 [ 1358.202034][T11842] anon_thp 4194304 [ 1358.202034][T11842] inactive_anon 0 [ 1358.202034][T11842] active_anon 4255744 [ 1358.202034][T11842] inactive_file 0 [ 1358.202034][T11842] active_file 0 [ 1358.202034][T11842] unevictable 0 [ 1358.202034][T11842] slab_reclaimable 270336 [ 1358.202034][T11842] slab_unreclaimable 454656 [ 1358.202034][T11842] pgfault 75438 [ 1358.202034][T11842] pgmajfault 0 [ 1358.202034][T11842] workingset_refault 0 [ 1358.202034][T11842] workingset_activate 0 [ 1358.202034][T11842] workingset_nodereclaim 0 [ 1358.202034][T11842] pgrefill 46 [ 1358.202034][T11842] pgscan 46 [ 1358.202034][T11842] pgsteal 0 [ 1358.202034][T11842] pgactivate 0 [ 1358.302939][T11842] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11841,uid=0 [ 1358.318850][T11842] Memory cgroup out of memory: Killed process 11841 (syz-executor.0) total-vm:72576kB, anon-rss:4232kB, file-rss:35812kB, shmem-rss:0kB [ 1358.336830][ T1058] oom_reaper: reaped process 11841 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:56:53 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, 0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:53 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:53 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) semget(0x0, 0x3, 0x42c) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:56:53 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x48}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:56:53 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) [ 1358.955382][ T936] device bridge_slave_1 left promiscuous mode [ 1358.961709][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1359.013694][T11833] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1359.023768][T11833] CPU: 1 PID: 11833 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1359.031410][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1359.041475][T11833] Call Trace: [ 1359.044790][T11833] dump_stack+0x16f/0x1f0 [ 1359.049128][T11833] dump_header+0x10b/0x831 [ 1359.053535][T11833] ? oom_kill_process+0x94/0x3c0 [ 1359.058485][T11833] oom_kill_process.cold+0x10/0x15 [ 1359.063782][T11833] out_of_memory+0x79a/0x12d0 [ 1359.068465][T11833] ? lock_downgrade+0x920/0x920 [ 1359.073351][T11833] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1359.079149][T11833] ? oom_killer_disable+0x280/0x280 [ 1359.084358][T11833] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1359.089894][T11833] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1359.095518][T11833] ? do_raw_spin_unlock+0x57/0x270 [ 1359.100622][T11833] ? _raw_spin_unlock+0x23/0x30 [ 1359.105504][T11833] try_charge+0x1053/0x1430 [ 1359.109998][T11833] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1359.115528][T11833] ? percpu_ref_tryget_live+0x104/0x270 [ 1359.121078][T11833] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1359.126631][T11833] mem_cgroup_try_charge+0x136/0x590 [ 1359.131937][T11833] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1359.137570][T11833] wp_page_copy+0x27c/0x1380 [ 1359.142149][T11833] ? find_held_lock+0x35/0x130 [ 1359.146901][T11833] ? pmd_pfn+0x1d0/0x1d0 [ 1359.151131][T11833] ? lock_downgrade+0x920/0x920 [ 1359.155980][T11833] ? swp_swapcount+0x520/0x520 [ 1359.160749][T11833] ? __kasan_check_read+0x11/0x20 [ 1359.165765][T11833] ? do_raw_spin_unlock+0x57/0x270 [ 1359.170893][T11833] do_wp_page+0x499/0x14d0 [ 1359.175320][T11833] ? finish_mkwrite_fault+0x570/0x570 [ 1359.180707][T11833] __handle_mm_fault+0x2120/0x3ce0 [ 1359.185817][T11833] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1359.191381][T11833] ? handle_mm_fault+0x294/0xa90 [ 1359.196319][T11833] ? handle_mm_fault+0x675/0xa90 [ 1359.201254][T11833] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1359.206563][T11833] handle_mm_fault+0x3bb/0xa90 [ 1359.211329][T11833] __do_page_fault+0x536/0xdd0 [ 1359.216107][T11833] do_page_fault+0x38/0x536 [ 1359.220684][T11833] page_fault+0x39/0x40 [ 1359.224828][T11833] RIP: 0033:0x430906 [ 1359.228707][T11833] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1359.248322][T11833] RSP: 002b:00007ffcf0193360 EFLAGS: 00010206 [ 1359.254395][T11833] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1359.262387][T11833] RDX: 0000555555586930 RSI: 000055555558e970 RDI: 0000000000000003 [ 1359.270382][T11833] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555555585940 [ 1359.278356][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1359.286319][T11833] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1359.294403][T11833] memory: usage 748kB, limit 0kB, failcnt 598076 [ 1359.300773][T11833] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1359.307697][T11833] Memory cgroup stats for /syz0: [ 1359.307810][T11833] anon 57344 [ 1359.307810][T11833] file 106496 [ 1359.307810][T11833] kernel_stack 65536 [ 1359.307810][T11833] slab 724992 [ 1359.307810][T11833] sock 0 [ 1359.307810][T11833] shmem 0 [ 1359.307810][T11833] file_mapped 0 [ 1359.307810][T11833] file_dirty 0 [ 1359.307810][T11833] file_writeback 0 [ 1359.307810][T11833] anon_thp 0 [ 1359.307810][T11833] inactive_anon 0 [ 1359.307810][T11833] active_anon 57344 [ 1359.307810][T11833] inactive_file 0 [ 1359.307810][T11833] active_file 0 [ 1359.307810][T11833] unevictable 0 [ 1359.307810][T11833] slab_reclaimable 270336 [ 1359.307810][T11833] slab_unreclaimable 454656 [ 1359.307810][T11833] pgfault 75438 [ 1359.307810][T11833] pgmajfault 0 [ 1359.307810][T11833] workingset_refault 0 [ 1359.307810][T11833] workingset_activate 0 [ 1359.307810][T11833] workingset_nodereclaim 0 [ 1359.307810][T11833] pgrefill 46 [ 1359.307810][T11833] pgscan 46 [ 1359.307810][T11833] pgsteal 0 [ 1359.307810][T11833] pgactivate 0 [ 1359.401177][T11833] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11833,uid=0 [ 1359.416693][T11833] Memory cgroup out of memory: Killed process 11833 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1359.431637][ T1058] oom_reaper: reaped process 11833 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 1359.454373][ T936] device bridge_slave_0 left promiscuous mode [ 1359.460621][ T936] bridge0: port 1(bridge_slave_0) entered disabled state 22:56:53 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1359.515473][ T936] device bridge_slave_1 left promiscuous mode [ 1359.521745][ T936] bridge0: port 2(bridge_slave_1) entered disabled state 22:56:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1359.598401][ T936] device bridge_slave_0 left promiscuous mode [ 1359.604861][ T936] bridge0: port 1(bridge_slave_0) entered disabled state 22:56:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:54 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:54 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:54 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1364.535085][ T936] device hsr_slave_0 left promiscuous mode [ 1364.604095][ T936] device hsr_slave_1 left promiscuous mode [ 1364.665142][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1364.678519][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1364.690088][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1364.729106][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1364.801606][ T936] bond0 (unregistering): Released all slaves [ 1364.954606][ T936] device hsr_slave_0 left promiscuous mode [ 1365.014051][ T936] device hsr_slave_1 left promiscuous mode [ 1365.077727][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1365.089590][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1365.104575][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1365.148733][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1365.224514][ T936] bond0 (unregistering): Released all slaves [ 1365.422336][T11900] IPVS: ftp: loaded support on port[0] = 21 22:56:59 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, 0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:56:59 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3d9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000180)}], 0x1, 0xf) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x400000000003, 0x1, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000005c0)={0x0, 0x10000, 0xff, 0x0, 0x80000000, 0x8, 0x775, 0x3ff, {0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x27}}}, 0x100000001, 0x3, 0x0, 0x1, 0x4}}, &(0x7f00000001c0)=0xb0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000680)={r4, @in6={{0xa, 0x4e21, 0x1, @rand_addr="e8cb388b973c16c45308539116df66fa", 0x4}}, 0x1ff, 0x5c}, 0x90) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000180)=ANY=[@ANYBLOB="030000000000000003000000000000000400000000000000ff7f00000092972e"]) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:56:59 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:56:59 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x4c}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1365.823714][T11900] chnl_net:caif_netlink_parms(): no params data found [ 1365.927573][T11900] bridge0: port 1(bridge_slave_0) entered blocking state [ 1365.934827][T11900] bridge0: port 1(bridge_slave_0) entered disabled state [ 1365.942969][T11900] device bridge_slave_0 entered promiscuous mode [ 1365.994600][T11900] bridge0: port 2(bridge_slave_1) entered blocking state [ 1366.001786][T11900] bridge0: port 2(bridge_slave_1) entered disabled state [ 1366.010068][T11900] device bridge_slave_1 entered promiscuous mode [ 1366.117988][T11900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1366.144253][T11900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1366.174257][T11900] team0: Port device team_slave_0 added [ 1366.182262][T11900] team0: Port device team_slave_1 added [ 1366.287239][T11900] device hsr_slave_0 entered promiscuous mode [ 1366.374432][T11900] device hsr_slave_1 entered promiscuous mode [ 1366.453984][T11900] debugfs: Directory 'hsr0' with parent '/' already present! [ 1366.542979][T11900] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1366.563399][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1366.572004][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1366.590464][T11900] 8021q: adding VLAN 0 to HW filter on device team0 [ 1366.608452][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1366.617366][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1366.626426][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1366.633504][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1366.680228][T11900] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1366.690929][T11900] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1366.708779][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1366.717080][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1366.726058][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1366.735065][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1366.742140][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1366.749899][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1366.758858][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1366.767823][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1366.776739][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1366.785486][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1366.794527][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1366.803185][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1366.811832][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1366.820541][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1366.829131][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1366.845905][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1366.854106][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1366.873663][T11900] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1367.186493][T11934] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1367.197167][T11934] CPU: 0 PID: 11934 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1367.204826][T11934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1367.214908][T11934] Call Trace: [ 1367.218228][T11934] dump_stack+0x16f/0x1f0 [ 1367.222600][T11934] dump_header+0x10b/0x831 [ 1367.227064][T11934] oom_kill_process.cold+0x10/0x15 [ 1367.232228][T11934] out_of_memory+0x79a/0x12d0 [ 1367.236944][T11934] ? trace_hardirqs_on_caller+0x6a/0x210 [ 1367.242617][T11934] ? cgroup_file_notify+0x140/0x1b0 [ 1367.247866][T11934] ? oom_killer_disable+0x280/0x280 [ 1367.253126][T11934] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1367.258731][T11934] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1367.264424][T11934] ? cgroup_file_notify+0x140/0x1b0 [ 1367.269665][T11934] memory_max_write+0x262/0x3a0 [ 1367.274645][T11934] ? mem_cgroup_write+0x360/0x360 [ 1367.279715][T11934] ? lock_acquire+0x190/0x400 [ 1367.284441][T11934] ? kernfs_fop_write+0x227/0x480 [ 1367.289537][T11934] cgroup_file_write+0x307/0x790 [ 1367.294513][T11934] ? mem_cgroup_write+0x360/0x360 [ 1367.299569][T11934] ? cgroup_show_path+0x590/0x590 [ 1367.304633][T11934] ? cgroup_show_path+0x590/0x590 [ 1367.309685][T11934] kernfs_fop_write+0x2b8/0x480 [ 1367.314571][T11934] __vfs_write+0x8a/0x110 [ 1367.318948][T11934] ? kernfs_fop_open+0xd80/0xd80 [ 1367.323901][T11934] vfs_write+0x268/0x5d0 [ 1367.328174][T11934] ksys_write+0x14f/0x290 [ 1367.334777][T11934] ? __ia32_sys_read+0xb0/0xb0 [ 1367.339573][T11934] ? do_syscall_64+0x26/0x6a0 [ 1367.344279][T11934] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1367.350364][T11934] ? do_syscall_64+0x26/0x6a0 [ 1367.355074][T11934] __x64_sys_write+0x73/0xb0 [ 1367.359687][T11934] do_syscall_64+0xfd/0x6a0 [ 1367.364231][T11934] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1367.370230][T11934] RIP: 0033:0x459829 [ 1367.374139][T11934] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1367.393787][T11934] RSP: 002b:00007f831e11fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1367.402229][T11934] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1367.410316][T11934] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1367.418312][T11934] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1367.426323][T11934] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f831e1206d4 [ 1367.434313][T11934] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1367.451322][T11934] memory: usage 6844kB, limit 0kB, failcnt 189 [ 1367.457812][T11934] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1367.464803][T11934] Memory cgroup stats for /syz4: [ 1367.465188][T11934] anon 4268032 [ 1367.465188][T11934] file 118784 [ 1367.465188][T11934] kernel_stack 0 [ 1367.465188][T11934] slab 2658304 [ 1367.465188][T11934] sock 0 [ 1367.465188][T11934] shmem 77824 [ 1367.465188][T11934] file_mapped 135168 [ 1367.465188][T11934] file_dirty 0 [ 1367.465188][T11934] file_writeback 0 [ 1367.465188][T11934] anon_thp 4194304 [ 1367.465188][T11934] inactive_anon 135168 [ 1367.465188][T11934] active_anon 4268032 [ 1367.465188][T11934] inactive_file 0 [ 1367.465188][T11934] active_file 0 [ 1367.465188][T11934] unevictable 0 [ 1367.465188][T11934] slab_reclaimable 811008 [ 1367.465188][T11934] slab_unreclaimable 1847296 [ 1367.465188][T11934] pgfault 74415 [ 1367.465188][T11934] pgmajfault 0 [ 1367.465188][T11934] workingset_refault 0 [ 1367.465188][T11934] workingset_activate 0 [ 1367.465188][T11934] workingset_nodereclaim 0 [ 1367.465188][T11934] pgrefill 0 [ 1367.465188][T11934] pgscan 0 [ 1367.465188][T11934] pgsteal 0 [ 1367.465188][T11934] pgactivate 0 [ 1367.561119][T11934] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11933,uid=0 [ 1367.577264][T11934] Memory cgroup out of memory: Killed process 11933 (syz-executor.4) total-vm:72576kB, anon-rss:4228kB, file-rss:35844kB, shmem-rss:0kB [ 1367.596364][ T1058] oom_reaper: reaped process 11933 (syz-executor.4), now anon-rss:0kB, file-rss:34904kB, shmem-rss:0kB 22:57:02 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]}) symlink(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00') 22:57:02 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0x0, 0x0, r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:02 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3da, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:02 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x46f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:02 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x60}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:02 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1367.950355][T11900] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1367.960907][T11900] CPU: 0 PID: 11900 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1367.968543][T11900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1367.978605][T11900] Call Trace: [ 1367.982086][T11900] dump_stack+0x16f/0x1f0 [ 1367.986427][T11900] dump_header+0x10b/0x831 [ 1367.990873][T11900] ? oom_kill_process+0x94/0x3c0 [ 1367.995850][T11900] oom_kill_process.cold+0x10/0x15 [ 1368.000969][T11900] out_of_memory+0x79a/0x12d0 [ 1368.005691][T11900] ? lock_downgrade+0x920/0x920 [ 1368.010558][T11900] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1368.016392][T11900] ? oom_killer_disable+0x280/0x280 [ 1368.021605][T11900] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1368.027260][T11900] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1368.032911][T11900] ? do_raw_spin_unlock+0x57/0x270 [ 1368.038055][T11900] ? _raw_spin_unlock+0x23/0x30 [ 1368.042918][T11900] try_charge+0x1053/0x1430 [ 1368.047438][T11900] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1368.052991][T11900] ? percpu_ref_tryget_live+0x104/0x270 [ 1368.058558][T11900] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1368.064113][T11900] mem_cgroup_try_charge+0x136/0x590 [ 1368.069410][T11900] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1368.075067][T11900] __handle_mm_fault+0x1c63/0x3ce0 [ 1368.080195][T11900] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1368.085752][T11900] ? handle_mm_fault+0x294/0xa90 [ 1368.090711][T11900] ? handle_mm_fault+0x675/0xa90 [ 1368.095667][T11900] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1368.100966][T11900] handle_mm_fault+0x3bb/0xa90 [ 1368.105746][T11900] __do_page_fault+0x536/0xdd0 [ 1368.110533][T11900] do_page_fault+0x38/0x536 [ 1368.115050][T11900] page_fault+0x39/0x40 [ 1368.119205][T11900] RIP: 0033:0x42fd57 [ 1368.123106][T11900] Code: 00 be 28 31 4e 00 bf d0 38 4e 00 e8 e3 b8 ff ff 0f 1f 00 48 83 fe bf 0f 87 63 08 00 00 48 89 f0 41 57 41 56 48 83 c0 17 41 55 <41> 54 55 53 48 89 c5 48 83 e5 f0 48 89 fb 48 81 ec 98 00 00 00 48 [ 1368.142718][T11900] RSP: 002b:00007fffb6a38000 EFLAGS: 00010206 [ 1368.148797][T11900] RAX: 0000000000008047 RBX: 0000000000715640 RCX: 0000000000458b94 [ 1368.156779][T11900] RDX: 00007fffb6a38040 RSI: 0000000000008030 RDI: 0000000000715640 [ 1368.164757][T11900] RBP: 0000000000008030 R08: 0000000000000001 R09: 00005555558dd940 [ 1368.172741][T11900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffb6a39220 [ 1368.180750][T11900] R13: 00007fffb6a39210 R14: 0000000000000000 R15: 00007fffb6a39220 [ 1368.189472][T11900] memory: usage 2392kB, limit 0kB, failcnt 197 [ 1368.195686][T11900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1368.202637][T11900] Memory cgroup stats for /syz4: [ 1368.202742][T11900] anon 4096 [ 1368.202742][T11900] file 118784 [ 1368.202742][T11900] kernel_stack 0 [ 1368.202742][T11900] slab 2658304 [ 1368.202742][T11900] sock 0 [ 1368.202742][T11900] shmem 77824 [ 1368.202742][T11900] file_mapped 135168 [ 1368.202742][T11900] file_dirty 0 [ 1368.202742][T11900] file_writeback 0 [ 1368.202742][T11900] anon_thp 0 [ 1368.202742][T11900] inactive_anon 135168 [ 1368.202742][T11900] active_anon 4096 [ 1368.202742][T11900] inactive_file 0 [ 1368.202742][T11900] active_file 0 [ 1368.202742][T11900] unevictable 0 [ 1368.202742][T11900] slab_reclaimable 811008 [ 1368.202742][T11900] slab_unreclaimable 1847296 [ 1368.202742][T11900] pgfault 74448 [ 1368.202742][T11900] pgmajfault 0 [ 1368.202742][T11900] workingset_refault 0 [ 1368.202742][T11900] workingset_activate 0 [ 1368.202742][T11900] workingset_nodereclaim 0 [ 1368.202742][T11900] pgrefill 0 [ 1368.202742][T11900] pgscan 0 [ 1368.202742][T11900] pgsteal 0 [ 1368.202742][T11900] pgactivate 0 [ 1368.301027][T11900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11900,uid=0 [ 1368.316599][T11900] Memory cgroup out of memory: Killed process 11900 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1368.336667][ T1058] oom_reaper: reaped process 11900 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:57:02 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x68}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:02 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x470, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:02 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3db, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:03 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3dc, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:03 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x471, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:03 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x6c}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:04 executing program 4: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) bind$ax25(r0, &(0x7f0000000080)={{0x3, @null, 0x1}, [@null, @bcast, @netrom, @null, @null, @null, @default]}, 0x48) [ 1370.616658][T12094] IPVS: ftp: loaded support on port[0] = 21 [ 1371.036433][T12094] chnl_net:caif_netlink_parms(): no params data found [ 1371.069659][T12094] bridge0: port 1(bridge_slave_0) entered blocking state [ 1371.077195][T12094] bridge0: port 1(bridge_slave_0) entered disabled state [ 1371.085366][T12094] device bridge_slave_0 entered promiscuous mode [ 1371.265891][T12094] bridge0: port 2(bridge_slave_1) entered blocking state [ 1371.273135][T12094] bridge0: port 2(bridge_slave_1) entered disabled state [ 1371.281526][T12094] device bridge_slave_1 entered promiscuous mode [ 1371.301361][T12094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1371.312959][T12094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1371.336817][T12094] team0: Port device team_slave_0 added [ 1371.515971][T12094] team0: Port device team_slave_1 added [ 1371.567231][T12094] device hsr_slave_0 entered promiscuous mode [ 1371.604373][T12094] device hsr_slave_1 entered promiscuous mode [ 1371.644026][T12094] debugfs: Directory 'hsr0' with parent '/' already present! [ 1371.834774][T12094] bridge0: port 2(bridge_slave_1) entered blocking state [ 1371.841881][T12094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1371.849292][T12094] bridge0: port 1(bridge_slave_0) entered blocking state [ 1371.856390][T12094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1372.075910][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state [ 1372.088675][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state [ 1372.299834][T12094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1372.312523][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1372.321068][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1372.494201][T12094] 8021q: adding VLAN 0 to HW filter on device team0 [ 1372.504927][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1372.513568][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1372.522110][ T5184] bridge0: port 1(bridge_slave_0) entered blocking state [ 1372.529229][ T5184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1372.555829][ T936] device bridge_slave_1 left promiscuous mode [ 1372.562066][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1372.615169][ T936] device bridge_slave_0 left promiscuous mode [ 1372.621340][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1372.686375][ T936] device bridge_slave_1 left promiscuous mode [ 1372.692724][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1372.734956][ T936] device bridge_slave_0 left promiscuous mode [ 1372.741168][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1376.764879][ T936] device hsr_slave_0 left promiscuous mode [ 1376.804726][ T936] device hsr_slave_1 left promiscuous mode [ 1376.852470][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1376.866202][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1376.882118][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1376.929464][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1377.012280][ T936] bond0 (unregistering): Released all slaves [ 1377.135819][ T936] device hsr_slave_0 left promiscuous mode [ 1377.174887][ T936] device hsr_slave_1 left promiscuous mode [ 1377.227503][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1377.241694][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1377.253065][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1377.299529][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1377.383501][ T936] bond0 (unregistering): Released all slaves [ 1377.514120][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1377.522837][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1377.531372][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1377.538495][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1377.547186][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1377.555997][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1377.564747][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1377.573238][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1377.582063][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1377.590835][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1377.599435][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1377.607951][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1377.616584][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1377.624990][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1377.635783][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1377.644960][T12094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1377.673252][T12094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1377.930513][T12102] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1377.941046][T12102] CPU: 0 PID: 12102 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1377.948706][T12102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1377.958785][T12102] Call Trace: [ 1377.962107][T12102] dump_stack+0x16f/0x1f0 [ 1377.966484][T12102] dump_header+0x10b/0x831 [ 1377.970945][T12102] oom_kill_process.cold+0x10/0x15 [ 1377.976099][T12102] out_of_memory+0x79a/0x12d0 [ 1377.980814][T12102] ? cgroup_file_notify+0x140/0x1b0 [ 1377.986068][T12102] ? oom_killer_disable+0x280/0x280 [ 1377.991319][T12102] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1377.996900][T12102] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1378.002590][T12102] ? cgroup_file_notify+0x140/0x1b0 [ 1378.007830][T12102] memory_max_write+0x262/0x3a0 [ 1378.012721][T12102] ? mem_cgroup_write+0x360/0x360 [ 1378.017773][T12102] ? lock_acquire+0x190/0x400 [ 1378.022478][T12102] ? kernfs_fop_write+0x227/0x480 [ 1378.027537][T12102] cgroup_file_write+0x307/0x790 [ 1378.032510][T12102] ? mem_cgroup_write+0x360/0x360 [ 1378.037558][T12102] ? cgroup_show_path+0x590/0x590 [ 1378.042620][T12102] ? cgroup_show_path+0x590/0x590 [ 1378.047668][T12102] kernfs_fop_write+0x2b8/0x480 [ 1378.052548][T12102] __vfs_write+0x8a/0x110 [ 1378.056896][T12102] ? kernfs_fop_open+0xd80/0xd80 [ 1378.061858][T12102] vfs_write+0x268/0x5d0 [ 1378.066141][T12102] ksys_write+0x14f/0x290 [ 1378.070499][T12102] ? __ia32_sys_read+0xb0/0xb0 [ 1378.075303][T12102] ? do_syscall_64+0x26/0x6a0 [ 1378.080005][T12102] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1378.086103][T12102] ? do_syscall_64+0x26/0x6a0 [ 1378.090809][T12102] __x64_sys_write+0x73/0xb0 [ 1378.095428][T12102] do_syscall_64+0xfd/0x6a0 [ 1378.099973][T12102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1378.105908][T12102] RIP: 0033:0x459829 [ 1378.109817][T12102] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1378.129557][T12102] RSP: 002b:00007fdfddde8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1378.138003][T12102] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1378.146016][T12102] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1378.154016][T12102] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1378.162021][T12102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdfddde96d4 [ 1378.170026][T12102] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1378.178310][T12102] memory: usage 5060kB, limit 0kB, failcnt 598077 [ 1378.185001][T12102] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1378.191994][T12102] Memory cgroup stats for /syz0: [ 1378.192952][T12102] anon 4255744 [ 1378.192952][T12102] file 106496 [ 1378.192952][T12102] kernel_stack 65536 [ 1378.192952][T12102] slab 724992 [ 1378.192952][T12102] sock 0 [ 1378.192952][T12102] shmem 0 [ 1378.192952][T12102] file_mapped 0 [ 1378.192952][T12102] file_dirty 0 [ 1378.192952][T12102] file_writeback 0 [ 1378.192952][T12102] anon_thp 4194304 [ 1378.192952][T12102] inactive_anon 0 [ 1378.192952][T12102] active_anon 4255744 [ 1378.192952][T12102] inactive_file 0 [ 1378.192952][T12102] active_file 0 [ 1378.192952][T12102] unevictable 0 [ 1378.192952][T12102] slab_reclaimable 270336 [ 1378.192952][T12102] slab_unreclaimable 454656 [ 1378.192952][T12102] pgfault 75504 [ 1378.192952][T12102] pgmajfault 0 [ 1378.192952][T12102] workingset_refault 0 [ 1378.192952][T12102] workingset_activate 0 [ 1378.192952][T12102] workingset_nodereclaim 0 [ 1378.192952][T12102] pgrefill 46 [ 1378.192952][T12102] pgscan 46 [ 1378.192952][T12102] pgsteal 0 [ 1378.192952][T12102] pgactivate 0 [ 1378.287532][T12102] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12101,uid=0 [ 1378.307595][T12102] Memory cgroup out of memory: Killed process 12101 (syz-executor.0) total-vm:72576kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB [ 1378.326023][ T1058] oom_reaper: reaped process 12101 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 1379.087685][T12094] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1379.098057][T12094] CPU: 0 PID: 12094 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1379.105687][T12094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1379.115741][T12094] Call Trace: [ 1379.119035][T12094] dump_stack+0x16f/0x1f0 [ 1379.123376][T12094] dump_header+0x10b/0x831 [ 1379.127793][T12094] ? oom_kill_process+0x94/0x3c0 [ 1379.132733][T12094] oom_kill_process.cold+0x10/0x15 22:57:13 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0x0, 0x0, r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:13 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x472, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:13 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x74}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:13 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3dd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:13 executing program 1: r0 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x4, 0x200041) r1 = openat$cgroup_ro(r0, &(0x7f00000005c0)='ho\xcc\x82\b\xc1\x84\x18\x05\x8d\xcc\n4#\xc3\xa3\x00\xac\x00etlb.2OB.usage_i\xf4\x96\xa4J\x84,\x1f\xe4~\x1aCe\xf9T\xa3\tc\x86\x0f\x91y{U\xc3\x8d\x03oDF\x87\xe2e\xbf\xbf9\x1c\xee\xd2\x8b\xf53\n\xeat\x9cn)m)-\xb9\xa9\x8c&l\xbc\x8b]\xfc\xed/=tD%\xdf\xb8ie\x03\xe8\n\xb0_\xfa8\xda\x15\x16\xff.\x9b\xc7\x17\x00\xa1\x84\xb3u#\x13\x92\xe7I\xd4\x00\"\xb5\x04\xaf\xa38 <\\h\xaa\x19^1p)p\x01\x80\x9eS3\xb7B\x83\xf6\xc3\x97%\x9b\xb8\xcf\xbeC\x8e%\xa5\n\x1c\xdb\x7f\xac\xe0l\xd8\x936E9\x0e\xab\xb5\x82\xa9\x88?', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={0x0}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r6, 0xfff}, &(0x7f0000000340)=0x8) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000480)=0x2004) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000080)={@loopback, @loopback, 0x1, 0x8, [@dev={0xac, 0x14, 0x14, 0x26}, @local, @remote, @multicast2, @remote, @loopback, @loopback, @rand_addr=0x5]}, 0x30) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000440)='/dev/hwrng\x00', 0x2000, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r8 = syz_open_dev$sndpcmp(&(0x7f0000000680)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffff7, 0x8800) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r8, 0x28, 0x0, &(0x7f00000006c0)=0x1, 0x8) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:57:13 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x100020000004, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) [ 1379.137864][T12094] out_of_memory+0x79a/0x12d0 [ 1379.142563][T12094] ? lock_downgrade+0x920/0x920 [ 1379.147450][T12094] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1379.153257][T12094] ? oom_killer_disable+0x280/0x280 [ 1379.158484][T12094] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1379.164047][T12094] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1379.169693][T12094] ? do_raw_spin_unlock+0x57/0x270 [ 1379.174811][T12094] ? _raw_spin_unlock+0x23/0x30 [ 1379.179701][T12094] try_charge+0x1053/0x1430 [ 1379.184218][T12094] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1379.189779][T12094] ? percpu_ref_tryget_live+0x104/0x270 [ 1379.195347][T12094] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1379.200903][T12094] mem_cgroup_try_charge+0x136/0x590 [ 1379.206202][T12094] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1379.211855][T12094] __handle_mm_fault+0x1c63/0x3ce0 [ 1379.216983][T12094] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1379.222548][T12094] ? handle_mm_fault+0x294/0xa90 [ 1379.227507][T12094] ? handle_mm_fault+0x675/0xa90 [ 1379.232457][T12094] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1379.237760][T12094] handle_mm_fault+0x3bb/0xa90 [ 1379.242540][T12094] __do_page_fault+0x536/0xdd0 [ 1379.247330][T12094] do_page_fault+0x38/0x536 [ 1379.251847][T12094] page_fault+0x39/0x40 [ 1379.256031][T12094] RIP: 0033:0x4034f2 [ 1379.259939][T12094] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8d 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 42 05 00 48 [ 1379.279553][T12094] RSP: 002b:00007ffff94b8f50 EFLAGS: 00010246 [ 1379.285628][T12094] RAX: 0000000000000000 RBX: 0000000000150660 RCX: 0000000000413430 [ 1379.293625][T12094] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffff94ba080 [ 1379.301596][T12094] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000555556bbb940 [ 1379.309583][T12094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffff94ba080 [ 1379.317567][T12094] R13: 00007ffff94ba070 R14: 0000000000000000 R15: 00007ffff94ba080 [ 1379.325674][T12094] memory: usage 684kB, limit 0kB, failcnt 598085 [ 1379.333495][T12094] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1379.340377][T12094] Memory cgroup stats for /syz0: [ 1379.340480][T12094] anon 0 [ 1379.340480][T12094] file 106496 [ 1379.340480][T12094] kernel_stack 65536 [ 1379.340480][T12094] slab 724992 [ 1379.340480][T12094] sock 0 [ 1379.340480][T12094] shmem 0 [ 1379.340480][T12094] file_mapped 0 [ 1379.340480][T12094] file_dirty 0 [ 1379.340480][T12094] file_writeback 0 [ 1379.340480][T12094] anon_thp 0 [ 1379.340480][T12094] inactive_anon 0 [ 1379.340480][T12094] active_anon 0 [ 1379.340480][T12094] inactive_file 0 [ 1379.340480][T12094] active_file 0 [ 1379.340480][T12094] unevictable 0 [ 1379.340480][T12094] slab_reclaimable 270336 [ 1379.340480][T12094] slab_unreclaimable 454656 [ 1379.340480][T12094] pgfault 75504 [ 1379.340480][T12094] pgmajfault 0 [ 1379.340480][T12094] workingset_refault 0 [ 1379.340480][T12094] workingset_activate 0 [ 1379.340480][T12094] workingset_nodereclaim 0 [ 1379.340480][T12094] pgrefill 46 [ 1379.340480][T12094] pgscan 46 [ 1379.340480][T12094] pgsteal 0 [ 1379.340480][T12094] pgactivate 0 [ 1379.340480][T12094] pgdeactivate 46 [ 1379.345457][T12094] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12094,uid=0 [ 1379.345539][T12094] Memory cgroup out of memory: Killed process 12094 (syz-executor.0) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 1379.456789][ T1058] oom_reaper: reaped process 12094 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:57:13 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f00000005c0)={0xdfa, 0x0, 0x10, "2980384ea2114cfc7a8347c349f6105be571a1eda8fc429a7bb203a3b29d4bff1a3219449eb713c342787b7a253b497d8ad3799c0322df66d442cb84", 0x38, "7e54d4f569c06199ccae7c15761d435071ed89f3fe8013cc136f2f331f7656299102345df38d6f54c898c0e8ef8c495751b713b8281cbb15809ec381", 0xb0}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) inotify_init1(0x80000) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:57:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3de, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:14 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x7a}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x473, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:14 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3df, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:14 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x474, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:15 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0x0, 0x0, r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:15 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:15 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x475, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:15 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xf0}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:15 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) accept$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000180)=0x1c) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1382.061184][T12283] IPVS: ftp: loaded support on port[0] = 21 [ 1382.135834][T12283] chnl_net:caif_netlink_parms(): no params data found [ 1382.331686][T12283] bridge0: port 1(bridge_slave_0) entered blocking state [ 1382.338894][T12283] bridge0: port 1(bridge_slave_0) entered disabled state [ 1382.347113][T12283] device bridge_slave_0 entered promiscuous mode [ 1382.355396][T12283] bridge0: port 2(bridge_slave_1) entered blocking state [ 1382.362574][T12283] bridge0: port 2(bridge_slave_1) entered disabled state [ 1382.370377][T12283] device bridge_slave_1 entered promiscuous mode [ 1382.480283][T12283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1382.493973][T12283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1382.515174][T12283] team0: Port device team_slave_0 added [ 1382.616268][T12283] team0: Port device team_slave_1 added [ 1382.667267][T12283] device hsr_slave_0 entered promiscuous mode [ 1382.704246][T12283] device hsr_slave_1 entered promiscuous mode [ 1382.744066][T12283] debugfs: Directory 'hsr0' with parent '/' already present! [ 1382.850331][T12283] bridge0: port 2(bridge_slave_1) entered blocking state [ 1382.857436][T12283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1382.864819][T12283] bridge0: port 1(bridge_slave_0) entered blocking state [ 1382.871862][T12283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1383.004820][T12283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1383.017527][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1383.029900][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state [ 1383.038035][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state [ 1383.047478][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1383.153144][T12283] 8021q: adding VLAN 0 to HW filter on device team0 [ 1383.165109][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1383.174188][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1383.182671][ T3516] bridge0: port 1(bridge_slave_0) entered blocking state [ 1383.189796][ T3516] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1383.304450][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1383.313006][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1383.321804][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 1383.329794][ T5184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1383.337527][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1383.346318][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1383.355090][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1383.365021][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1383.373387][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1383.382102][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1383.390467][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1383.398856][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1383.407180][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1383.415627][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1383.424510][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1383.433871][T12283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1383.539804][T12283] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1383.705513][ T936] device bridge_slave_1 left promiscuous mode [ 1383.711767][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1383.719606][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 22:57:18 executing program 4: r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f553e5) 22:57:18 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x476, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:57:18 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x11d}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:18 executing program 1: openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x40, 0x0) openat$cgroup_ro(r0, &(0x7f00000005c0)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1383.747387][ T936] device bridge_slave_0 left promiscuous mode [ 1383.755101][ T936] bridge0: port 1(bridge_slave_0) entered disabled state 22:57:18 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x477, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x478, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:18 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x479, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000001280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe6}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYRES64], 0x325) fsetxattr(r1, &(0x7f0000000080)=@known='trusted.overlay.impure\x00', &(0x7f0000000100)='/.md5sum!proceth0%\x00', 0x13, 0x1) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil, 0x1000}, &(0x7f00000001c0)=0x10) recvfrom$inet(r1, &(0x7f0000000280)=""/239, 0xef, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000100)={'bridge_slave_0\x00\x04'}) r4 = socket$inet6(0xa, 0x3, 0x7f) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={@dev, 0x2, r5}) write$binfmt_elf64(r1, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x8002) 22:57:19 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:19 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1385.634008][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 1385.639900][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 1385.645781][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 1385.651549][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 1385.953975][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 1385.959854][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 1386.594006][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 1386.599884][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 1386.605746][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 1387.155231][ T936] device hsr_slave_0 left promiscuous mode [ 1387.224050][ T936] device hsr_slave_1 left promiscuous mode [ 1387.291943][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1387.305707][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1387.318902][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1387.361103][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1387.442197][ T936] bond0 (unregistering): Released all slaves [ 1387.700530][T12365] bridge0: port 1(bridge_slave_0) entered disabled state [ 1387.793715][T12372] IPVS: ftp: loaded support on port[0] = 21 [ 1387.948935][T12372] chnl_net:caif_netlink_parms(): no params data found [ 1387.996588][T12372] bridge0: port 1(bridge_slave_0) entered blocking state [ 1388.003684][T12372] bridge0: port 1(bridge_slave_0) entered disabled state [ 1388.011933][T12372] device bridge_slave_0 entered promiscuous mode [ 1388.026402][T12372] bridge0: port 2(bridge_slave_1) entered blocking state [ 1388.033518][T12372] bridge0: port 2(bridge_slave_1) entered disabled state [ 1388.041755][T12372] device bridge_slave_1 entered promiscuous mode [ 1388.065218][T12372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1388.076620][T12372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1388.100599][T12372] team0: Port device team_slave_0 added [ 1388.108172][T12372] team0: Port device team_slave_1 added [ 1388.237176][T12372] device hsr_slave_0 entered promiscuous mode [ 1388.304395][T12372] device hsr_slave_1 entered promiscuous mode [ 1388.464089][T12372] debugfs: Directory 'hsr0' with parent '/' already present! [ 1388.500663][T12372] bridge0: port 2(bridge_slave_1) entered blocking state [ 1388.507803][T12372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1388.515231][T12372] bridge0: port 1(bridge_slave_0) entered blocking state [ 1388.522304][T12372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1388.595994][T12372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1388.609093][ T1788] bridge0: port 1(bridge_slave_0) entered disabled state [ 1388.617518][ T1788] bridge0: port 2(bridge_slave_1) entered disabled state [ 1388.653716][T12372] 8021q: adding VLAN 0 to HW filter on device team0 [ 1388.667103][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1388.675591][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1388.694453][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1388.703129][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1388.711805][ T2624] bridge0: port 1(bridge_slave_0) entered blocking state [ 1388.719207][ T2624] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1388.762928][T12372] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1388.773579][T12372] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1388.786328][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1388.795233][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1388.803714][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state [ 1388.810857][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1388.818605][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1388.827509][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1388.836348][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1388.845183][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1388.853752][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1388.862617][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1388.871235][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1388.879803][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1388.888502][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1388.897052][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1388.921779][T12372] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1388.929810][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1388.937933][ T2624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1389.221097][T12383] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1389.231746][T12383] CPU: 0 PID: 12383 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1389.239401][T12383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1389.249469][T12383] Call Trace: [ 1389.252782][T12383] dump_stack+0x16f/0x1f0 [ 1389.257139][T12383] dump_header+0x10b/0x831 [ 1389.261593][T12383] oom_kill_process.cold+0x10/0x15 [ 1389.266731][T12383] out_of_memory+0x79a/0x12d0 [ 1389.271425][T12383] ? cgroup_file_notify+0x140/0x1b0 [ 1389.276658][T12383] ? oom_killer_disable+0x280/0x280 [ 1389.281906][T12383] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1389.287447][T12383] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1389.293087][T12383] ? cgroup_file_notify+0x140/0x1b0 [ 1389.298288][T12383] memory_max_write+0x262/0x3a0 [ 1389.303139][T12383] ? mem_cgroup_write+0x360/0x360 [ 1389.308181][T12383] ? cgroup_file_write+0x86/0x790 [ 1389.313228][T12383] cgroup_file_write+0x307/0x790 [ 1389.318180][T12383] ? mem_cgroup_write+0x360/0x360 [ 1389.323207][T12383] ? cgroup_show_path+0x590/0x590 [ 1389.328257][T12383] ? cgroup_show_path+0x590/0x590 [ 1389.334263][T12383] kernfs_fop_write+0x2b8/0x480 [ 1389.339178][T12383] __vfs_write+0x8a/0x110 [ 1389.343529][T12383] ? kernfs_fop_open+0xd80/0xd80 [ 1389.348499][T12383] vfs_write+0x268/0x5d0 [ 1389.352771][T12383] ksys_write+0x14f/0x290 [ 1389.357116][T12383] ? __ia32_sys_read+0xb0/0xb0 [ 1389.361894][T12383] ? do_syscall_64+0x26/0x6a0 [ 1389.366570][T12383] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1389.372644][T12383] ? do_syscall_64+0x26/0x6a0 [ 1389.377364][T12383] __x64_sys_write+0x73/0xb0 [ 1389.381983][T12383] do_syscall_64+0xfd/0x6a0 [ 1389.386522][T12383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1389.392550][T12383] RIP: 0033:0x459829 [ 1389.396456][T12383] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1389.416091][T12383] RSP: 002b:00007feea0bcdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1389.424700][T12383] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1389.432682][T12383] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1389.440698][T12383] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1389.448679][T12383] R10: 0000000000000000 R11: 0000000000000246 R12: 00007feea0bce6d4 [ 1389.456641][T12383] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1389.464930][T12383] memory: usage 5032kB, limit 0kB, failcnt 598086 [ 1389.471473][T12383] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1389.478608][T12383] Memory cgroup stats for /syz0: [ 1389.479193][T12383] anon 4255744 [ 1389.479193][T12383] file 106496 [ 1389.479193][T12383] kernel_stack 65536 [ 1389.479193][T12383] slab 724992 [ 1389.479193][T12383] sock 0 [ 1389.479193][T12383] shmem 0 [ 1389.479193][T12383] file_mapped 0 [ 1389.479193][T12383] file_dirty 0 [ 1389.479193][T12383] file_writeback 0 [ 1389.479193][T12383] anon_thp 4194304 [ 1389.479193][T12383] inactive_anon 0 [ 1389.479193][T12383] active_anon 4255744 [ 1389.479193][T12383] inactive_file 0 [ 1389.479193][T12383] active_file 0 [ 1389.479193][T12383] unevictable 0 [ 1389.479193][T12383] slab_reclaimable 270336 [ 1389.479193][T12383] slab_unreclaimable 454656 [ 1389.479193][T12383] pgfault 75570 [ 1389.479193][T12383] pgmajfault 0 [ 1389.479193][T12383] workingset_refault 0 [ 1389.479193][T12383] workingset_activate 0 [ 1389.479193][T12383] workingset_nodereclaim 0 [ 1389.479193][T12383] pgrefill 46 [ 1389.479193][T12383] pgscan 46 [ 1389.479193][T12383] pgsteal 0 [ 1389.479193][T12383] pgactivate 0 [ 1389.574615][T12383] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12381,uid=0 [ 1389.590577][T12383] Memory cgroup out of memory: Killed process 12381 (syz-executor.0) total-vm:72576kB, anon-rss:4184kB, file-rss:34816kB, shmem-rss:0kB [ 1389.613183][ T1058] oom_reaper: reaped process 12381 (syz-executor.0), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB [ 1390.066645][T12372] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1390.076649][T12372] CPU: 1 PID: 12372 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1390.084312][T12372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1390.094372][T12372] Call Trace: [ 1390.098142][T12372] dump_stack+0x16f/0x1f0 [ 1390.102485][T12372] dump_header+0x10b/0x831 [ 1390.106901][T12372] ? oom_kill_process+0x94/0x3c0 [ 1390.111840][T12372] oom_kill_process.cold+0x10/0x15 [ 1390.116959][T12372] out_of_memory+0x79a/0x12d0 [ 1390.121645][T12372] ? lock_downgrade+0x920/0x920 [ 1390.126501][T12372] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1390.132312][T12372] ? oom_killer_disable+0x280/0x280 [ 1390.137522][T12372] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1390.143078][T12372] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1390.148721][T12372] ? do_raw_spin_unlock+0x57/0x270 [ 1390.153840][T12372] ? _raw_spin_unlock+0x23/0x30 [ 1390.158703][T12372] try_charge+0x1053/0x1430 [ 1390.163252][T12372] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1390.168806][T12372] ? percpu_ref_tryget_live+0x104/0x270 [ 1390.174373][T12372] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1390.179929][T12372] mem_cgroup_try_charge+0x136/0x590 [ 1390.185231][T12372] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1390.190876][T12372] wp_page_copy+0x27c/0x1380 [ 1390.195487][T12372] ? find_held_lock+0x35/0x130 [ 1390.200266][T12372] ? pmd_pfn+0x1d0/0x1d0 [ 1390.204524][T12372] ? lock_downgrade+0x920/0x920 [ 1390.209392][T12372] ? swp_swapcount+0x520/0x520 [ 1390.214169][T12372] ? __kasan_check_read+0x11/0x20 [ 1390.219201][T12372] ? do_raw_spin_unlock+0x57/0x270 [ 1390.224322][T12372] do_wp_page+0x499/0x14d0 [ 1390.236485][T12372] ? finish_mkwrite_fault+0x570/0x570 [ 1390.241878][T12372] __handle_mm_fault+0x2120/0x3ce0 [ 1390.247094][T12372] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1390.252643][T12372] ? handle_mm_fault+0x294/0xa90 [ 1390.257601][T12372] ? handle_mm_fault+0x675/0xa90 [ 1390.262556][T12372] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1390.267853][T12372] handle_mm_fault+0x3bb/0xa90 [ 1390.272790][T12372] __do_page_fault+0x536/0xdd0 [ 1390.277563][T12372] do_page_fault+0x38/0x536 [ 1390.282064][T12372] page_fault+0x39/0x40 [ 1390.286221][T12372] RIP: 0033:0x430906 [ 1390.290130][T12372] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1390.310082][T12372] RSP: 002b:00007ffdeb4100f0 EFLAGS: 00010206 [ 1390.316147][T12372] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1390.324144][T12372] RDX: 0000555555698930 RSI: 00005555556a0970 RDI: 0000000000000003 [ 1390.332115][T12372] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000555555697940 [ 1390.340087][T12372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1390.348075][T12372] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1390.356181][T12372] memory: usage 652kB, limit 0kB, failcnt 598094 [ 1390.362510][T12372] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1390.369412][T12372] Memory cgroup stats for /syz0: [ 1390.369518][T12372] anon 0 [ 1390.369518][T12372] file 106496 [ 1390.369518][T12372] kernel_stack 0 [ 1390.369518][T12372] slab 724992 [ 1390.369518][T12372] sock 0 [ 1390.369518][T12372] shmem 0 [ 1390.369518][T12372] file_mapped 0 [ 1390.369518][T12372] file_dirty 0 [ 1390.369518][T12372] file_writeback 0 [ 1390.369518][T12372] anon_thp 0 [ 1390.369518][T12372] inactive_anon 0 [ 1390.369518][T12372] active_anon 0 [ 1390.369518][T12372] inactive_file 0 [ 1390.369518][T12372] active_file 0 [ 1390.369518][T12372] unevictable 0 [ 1390.369518][T12372] slab_reclaimable 270336 [ 1390.369518][T12372] slab_unreclaimable 454656 [ 1390.369518][T12372] pgfault 75603 [ 1390.369518][T12372] pgmajfault 0 [ 1390.369518][T12372] workingset_refault 0 [ 1390.369518][T12372] workingset_activate 0 [ 1390.369518][T12372] workingset_nodereclaim 0 [ 1390.369518][T12372] pgrefill 46 [ 1390.369518][T12372] pgscan 46 [ 1390.369518][T12372] pgsteal 0 [ 1390.369518][T12372] pgactivate 0 [ 1390.369518][T12372] pgdeactivate 46 22:57:24 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:57:24 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:24 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47b, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:24 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:24 executing program 1: r0 = dup(0xffffffffffffffff) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000004c0)={0xffffffffffffffff}, 0x106, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000600)={0x6, 0x118, 0xfa00, {{0x6, 0x80000001, "3222b3b9235036ef633b36ff052eab40f2ed6e47007dfd1779afdfcae3aa72fc03078a389cefc2b15a281c0085894a5edab7895b84bb5d8f082c84ac3cdd646e7071e89518598f2d751e63ac061fdeff434f8a186d510de797fbb696e74c1e17e0e3fb295fba6120f4ba4d409566de7b034f4ee2a5ce38a29a1d1190e30ba43d0125689066c26d9e9ffe4a56cfc17c0d0913242c71a7ac9fc5ef5a91473de43c26ef446fb6dd11fd87614871034e74106322285cd91bbc8858daa230021a54ffaf907d9a0d4de581a6cc137e0aad204f6eea10b291ff6f9a36e3730ca48ead3580653df250a7ea77ce28148f1e00608ec0c86ad7c25b44fd5c25c1345c7a34d2", 0xa, 0xfffffffffffffff7, 0x1, 0x80000001, 0xffffffff, 0x3f, 0x9}, r1}}, 0x120) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000780)={0xba3, 0x28, [0x8, 0x50d, 0x2, 0x7, 0x5, 0xf50, 0x101, 0x6, 0x6, 0x81]}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f00000001c0)={0x17, 0x41, &(0x7f0000000440)="5b8b6efe097e0f5ff9b82432ea2b00d7a2d6c98f807147dee9e5aee0192900c792b2181e1a27926f7c46d3903828ddcec6483f53a6a4877af0494fdb64d4a77abf"}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000180), 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) epoll_wait(r2, &(0x7f0000000340)=[{}, {}, {}, {}], 0x4, 0x3ff) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_NMI(r5, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 22:57:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfe47bf070") r1 = syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0}) [ 1390.465849][T12372] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12372,uid=0 [ 1390.481354][T12372] Memory cgroup out of memory: Killed process 12372 (syz-executor.0) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 1390.495794][ T1058] oom_reaper: reaped process 12372 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:57:25 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47c, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") clock_adjtime(0x0, &(0x7f0000000400)={0xff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80000001}) 22:57:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x500}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:25 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47d, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:57:25 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3e9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47e, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) accept4$packet(r0, &(0x7f0000000080), &(0x7f0000000180)=0x14, 0x80800) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:57:25 executing program 4: 22:57:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x600}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:25 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x47f, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:25 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:26 executing program 4: 22:57:26 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ea, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:26 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x480, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:26 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3eb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") connect$inet(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000440)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000500)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x42}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="1d0000000000810000", @ANYRES16=r2, @ANYBLOB="280025bd7000fddbdf25010000000000000001410000001800170000001f000000007564703a73797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x200400c4}, 0x0) unshare(0x14000000) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r4, 0xc0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=0x9, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x2}, 0x0, 0x0, &(0x7f0000000140)={0x1, 0x9, 0x5, 0xffffffffffff8001}, &(0x7f0000000180)=0x10000, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=0x54db}}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x3ffd}) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$FS_IOC_SETFSLABEL(r4, 0x41009432, &(0x7f0000000640)="9303133930b6b5e0b44b0090563874ca8c5939a08186c7545a981fed9890942601a26d82ceb50988b0d1a08ec9a70a7e63d2ccdb5a71eaabf274b33f1fd05b7620a5d80acf09a3038e100da0bfe4cd5da025b2aebf66e39521ece221c985b94ffe9f362b4288bf226ff5932f174c986a319690b734d23b273bd91dbc14437e1cc93c85970b15aa792d4866a2786f18b3bfe8a942318913400a66a5e41a51a6f2b7b08ce050f3be0ab937c4daaa22ee01e0504d3901842509e59af426dfa8ba5ec38abf7537caf4c12206708522706424bd29f9d537140896a14fd2af3a26c689faeddf04499b7258ab5eac75f5e97ca39d0c294bad06c9dfa46b8574d4c86c2f") ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000100)={'lo\x00', {0x2, 0x0, @local}}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) setsockopt$inet_opts(r5, 0x0, 0xd, &(0x7f0000000740)="5422380f99334c4cb1048c5474ab2880557013b89d8b9b3f651884d3fad8d6741d356bbcc0fd94cc4778b1065cc6334aa3fd1bfb9c109f4e58b1cb39a42462586ae050891f36062ae9b3d8e731696e753954408aa1b07bfad368", 0x5a) ioctl(0xffffffffffffffff, 0x8, &(0x7f0000000300)="488735d1ccce893a1c7eb427b2feff40149315e7a011fdd31deee527f2be1fdbc5d317640594e5ec99ab880437d535f72ba78143d82734642f3ebf646f3030baa53e31a51f2361141aaec7dd7dc707987241095f4190e2a0874433cf59ea3a5684e11d70bcf4717319da88f4b9c47f5e5e7e74d2f518ca5ff77ce334c57781384d") getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000003c0)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000000000000000000005000000066e433467d0b0479fefa6b82d6d1087c804e9c47dc089dceab85fab0d71eb5951d6140f3b51c6fb58c345c29a17e209055ca9cd54deaf7a4a4fb357052f166b408000e2dcf20cac7aae5a160eaea"], 0x0) ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f0000000480)={0x200, 0x3ff, 0x6, 0x9, 0x8a4, 0xfa59}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000540)={'yam0\x00', 0x4000}) 22:57:26 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x481, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:26 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ec, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) [ 1392.601959][T12485] device lo entered promiscuous mode 22:57:27 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = getpgid(0xffffffffffffffff) process_vm_readv(r5, &(0x7f0000000440)=[{&(0x7f00000005c0)=""/151, 0x97}, {&(0x7f0000000180)=""/82, 0x52}, {&(0x7f0000000680)=""/184, 0xb8}, {&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000001780)=""/179, 0xb3}, {&(0x7f0000001840)=""/4096, 0x1000}, {&(0x7f0000002840)=""/4096, 0x1000}], 0x7, &(0x7f0000003c80)=[{&(0x7f0000003840)=""/235, 0xeb}, {&(0x7f0000003940)=""/99, 0x63}, {&(0x7f00000039c0)=""/214, 0xd6}, {&(0x7f0000003ac0)=""/141, 0x8d}, {&(0x7f0000003b80)=""/227, 0xe3}], 0x5, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x3, 0x4, 0x2, 0x1f, 0x5, 0x2, 0xfffffffffffffff7, 0x3, 0x800, 0x100000000, 0x81, 0x5}) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:57:27 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x482, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:27 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ed, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x700}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 1393.877724][T12539] IPVS: ftp: loaded support on port[0] = 21 [ 1394.044634][T12539] chnl_net:caif_netlink_parms(): no params data found [ 1394.076867][T12539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1394.084021][T12539] bridge0: port 1(bridge_slave_0) entered disabled state [ 1394.091879][T12539] device bridge_slave_0 entered promiscuous mode [ 1394.099664][T12539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1394.106891][T12539] bridge0: port 2(bridge_slave_1) entered disabled state [ 1394.115191][T12539] device bridge_slave_1 entered promiscuous mode [ 1394.133424][T12539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1394.233566][T12539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1394.255556][T12539] team0: Port device team_slave_0 added [ 1394.262353][T12539] team0: Port device team_slave_1 added [ 1394.317310][T12539] device hsr_slave_0 entered promiscuous mode [ 1394.374417][T12539] device hsr_slave_1 entered promiscuous mode [ 1394.443970][T12539] debugfs: Directory 'hsr0' with parent '/' already present! [ 1394.451932][ T936] device bridge_slave_1 left promiscuous mode [ 1394.458353][ T936] bridge0: port 2(bridge_slave_1) entered disabled state [ 1394.505295][ T936] device bridge_slave_0 left promiscuous mode [ 1394.511472][ T936] bridge0: port 1(bridge_slave_0) entered disabled state [ 1396.635054][ T936] device hsr_slave_0 left promiscuous mode [ 1396.674287][ T936] device hsr_slave_1 left promiscuous mode [ 1396.751555][ T936] team0 (unregistering): Port device team_slave_1 removed [ 1396.766296][ T936] team0 (unregistering): Port device team_slave_0 removed [ 1396.780473][ T936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1396.818423][ T936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1396.891773][ T936] bond0 (unregistering): Released all slaves [ 1397.020985][T12539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1397.078762][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1397.086869][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1397.098661][T12539] 8021q: adding VLAN 0 to HW filter on device team0 [ 1397.124290][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1397.133246][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1397.141901][ T1788] bridge0: port 1(bridge_slave_0) entered blocking state [ 1397.149010][ T1788] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1397.156739][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1397.165493][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1397.174007][ T1788] bridge0: port 2(bridge_slave_1) entered blocking state [ 1397.181069][ T1788] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1397.188804][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1397.213396][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1397.221822][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1397.230647][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1397.239399][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1397.259210][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1397.267612][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1397.276579][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1397.285151][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1397.293611][ T1788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1397.305770][T12539] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1397.317152][T12539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1397.325622][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1397.335212][ T3516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1397.386177][T12539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1397.699105][T12547] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1397.709923][T12547] CPU: 0 PID: 12547 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1397.717578][T12547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1397.727683][T12547] Call Trace: [ 1397.731000][T12547] dump_stack+0x16f/0x1f0 [ 1397.735461][T12547] dump_header+0x10b/0x831 [ 1397.739915][T12547] oom_kill_process.cold+0x10/0x15 [ 1397.745072][T12547] out_of_memory+0x79a/0x12d0 [ 1397.749777][T12547] ? cgroup_file_notify+0x140/0x1b0 [ 1397.755014][T12547] ? oom_killer_disable+0x280/0x280 [ 1397.760278][T12547] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1397.765856][T12547] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1397.771537][T12547] ? cgroup_file_notify+0x140/0x1b0 [ 1397.776778][T12547] memory_max_write+0x262/0x3a0 [ 1397.781700][T12547] ? mem_cgroup_write+0x360/0x360 [ 1397.786769][T12547] ? lock_acquire+0x190/0x400 [ 1397.791472][T12547] ? kernfs_fop_write+0x227/0x480 [ 1397.796528][T12547] cgroup_file_write+0x307/0x790 [ 1397.801492][T12547] ? mem_cgroup_write+0x360/0x360 [ 1397.806548][T12547] ? cgroup_show_path+0x590/0x590 [ 1397.811633][T12547] ? cgroup_show_path+0x590/0x590 [ 1397.816681][T12547] kernfs_fop_write+0x2b8/0x480 [ 1397.821557][T12547] __vfs_write+0x8a/0x110 [ 1397.825909][T12547] ? kernfs_fop_open+0xd80/0xd80 [ 1397.830877][T12547] vfs_write+0x268/0x5d0 [ 1397.835147][T12547] ksys_write+0x14f/0x290 [ 1397.839503][T12547] ? __ia32_sys_read+0xb0/0xb0 [ 1397.844309][T12547] __x64_sys_write+0x73/0xb0 [ 1397.848953][T12547] ? do_syscall_64+0x5b/0x6a0 [ 1397.853648][T12547] do_syscall_64+0xfd/0x6a0 [ 1397.858188][T12547] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1397.864097][T12547] RIP: 0033:0x459829 [ 1397.868011][T12547] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1397.887914][T12547] RSP: 002b:00007f4805952c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1397.896364][T12547] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1397.904364][T12547] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1397.912364][T12547] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1397.920365][T12547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f48059536d4 [ 1397.928384][T12547] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1397.937966][T12547] memory: usage 5068kB, limit 0kB, failcnt 598095 [ 1397.944525][T12547] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1397.951806][T12547] Memory cgroup stats for /syz0: [ 1397.952721][T12547] anon 4239360 [ 1397.952721][T12547] file 106496 [ 1397.952721][T12547] kernel_stack 65536 [ 1397.952721][T12547] slab 724992 [ 1397.952721][T12547] sock 0 [ 1397.952721][T12547] shmem 0 [ 1397.952721][T12547] file_mapped 0 [ 1397.952721][T12547] file_dirty 0 [ 1397.952721][T12547] file_writeback 0 [ 1397.952721][T12547] anon_thp 4194304 [ 1397.952721][T12547] inactive_anon 0 [ 1397.952721][T12547] active_anon 4239360 [ 1397.952721][T12547] inactive_file 0 [ 1397.952721][T12547] active_file 0 [ 1397.952721][T12547] unevictable 0 [ 1397.952721][T12547] slab_reclaimable 270336 [ 1397.952721][T12547] slab_unreclaimable 454656 [ 1397.952721][T12547] pgfault 75636 [ 1397.952721][T12547] pgmajfault 0 [ 1397.952721][T12547] workingset_refault 0 [ 1397.952721][T12547] workingset_activate 0 [ 1397.952721][T12547] workingset_nodereclaim 0 [ 1397.952721][T12547] pgrefill 46 [ 1397.952721][T12547] pgscan 46 [ 1397.952721][T12547] pgsteal 0 [ 1397.952721][T12547] pgactivate 0 [ 1398.047796][T12547] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12546,uid=0 [ 1398.064120][T12547] Memory cgroup out of memory: Killed process 12546 (syz-executor.0) total-vm:72576kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB [ 1398.081737][ T1058] oom_reaper: reaped process 12546 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 22:57:33 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:33 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ee, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:33 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x483, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = socket(0x10, 0x80803, 0x0) write(r1, &(0x7f0000000000)="120000001a002517fc85bc04fef6000d0a0d", 0x12) [ 1398.699748][T12539] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1398.710109][T12539] CPU: 1 PID: 12539 Comm: syz-executor.0 Not tainted 5.2.0+ #64 [ 1398.717747][T12539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1398.727838][T12539] Call Trace: [ 1398.731140][T12539] dump_stack+0x16f/0x1f0 [ 1398.735479][T12539] dump_header+0x10b/0x831 [ 1398.739900][T12539] ? oom_kill_process+0x94/0x3c0 [ 1398.744846][T12539] oom_kill_process.cold+0x10/0x15 22:57:33 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x900}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:33 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000180)={0x2, "2d058ce60188d8800e380dfc629c3917255ff12d58771193fc360c82e48f691c", 0x4, 0x1, 0x9, 0x4, 0x6, 0x2, 0xe0, 0x3f75c458}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1398.749969][T12539] out_of_memory+0x79a/0x12d0 [ 1398.754657][T12539] ? lock_downgrade+0x920/0x920 [ 1398.759523][T12539] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1398.765353][T12539] ? oom_killer_disable+0x280/0x280 [ 1398.770578][T12539] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1398.776164][T12539] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1398.781812][T12539] ? do_raw_spin_unlock+0x57/0x270 [ 1398.786938][T12539] ? _raw_spin_unlock+0x23/0x30 [ 1398.791808][T12539] try_charge+0x1053/0x1430 [ 1398.796340][T12539] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1398.801892][T12539] ? percpu_ref_tryget_live+0x104/0x270 [ 1398.807460][T12539] ? get_mem_cgroup_from_mm+0x15a/0x320 [ 1398.812992][T12539] mem_cgroup_try_charge+0x136/0x590 [ 1398.818276][T12539] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1398.823923][T12539] wp_page_copy+0x27c/0x1380 [ 1398.828516][T12539] ? find_held_lock+0x35/0x130 [ 1398.833288][T12539] ? pmd_pfn+0x1d0/0x1d0 [ 1398.837526][T12539] ? lock_downgrade+0x920/0x920 [ 1398.842376][T12539] ? swp_swapcount+0x520/0x520 [ 1398.847136][T12539] ? __kasan_check_read+0x11/0x20 [ 1398.852434][T12539] ? do_raw_spin_unlock+0x57/0x270 [ 1398.857546][T12539] do_wp_page+0x499/0x14d0 [ 1398.861960][T12539] ? finish_mkwrite_fault+0x570/0x570 [ 1398.867423][T12539] __handle_mm_fault+0x2120/0x3ce0 [ 1398.872543][T12539] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1398.878090][T12539] ? handle_mm_fault+0x294/0xa90 [ 1398.883025][T12539] ? handle_mm_fault+0x675/0xa90 [ 1398.887949][T12539] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1398.893219][T12539] handle_mm_fault+0x3bb/0xa90 [ 1398.897991][T12539] __do_page_fault+0x536/0xdd0 [ 1398.902847][T12539] do_page_fault+0x38/0x536 [ 1398.907366][T12539] page_fault+0x39/0x40 [ 1398.911519][T12539] RIP: 0033:0x430906 [ 1398.915410][T12539] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 56 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 46 64 00 85 c0 0f 84 [ 1398.935027][T12539] RSP: 002b:00007ffc597077c0 EFLAGS: 00010206 [ 1398.941095][T12539] RAX: 0000000000019691 RBX: 0000000000715640 RCX: 0000000000008041 [ 1398.949057][T12539] RDX: 00005555561a8930 RSI: 00005555561b0970 RDI: 0000000000000003 [ 1398.957023][T12539] RBP: 0000000000008041 R08: 0000000000000001 R09: 00005555561a7940 [ 1398.965001][T12539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000715698 [ 1398.972974][T12539] R13: 0000000000715698 R14: 0000000000000000 R15: 0000000000002710 [ 1398.981068][T12539] memory: usage 680kB, limit 0kB, failcnt 598103 [ 1398.987434][T12539] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1398.994347][T12539] Memory cgroup stats for /syz0: [ 1398.994458][T12539] anon 0 [ 1398.994458][T12539] file 106496 [ 1398.994458][T12539] kernel_stack 0 [ 1398.994458][T12539] slab 724992 [ 1398.994458][T12539] sock 0 [ 1398.994458][T12539] shmem 0 [ 1398.994458][T12539] file_mapped 0 [ 1398.994458][T12539] file_dirty 0 [ 1398.994458][T12539] file_writeback 0 [ 1398.994458][T12539] anon_thp 0 [ 1398.994458][T12539] inactive_anon 0 [ 1398.994458][T12539] active_anon 0 [ 1398.994458][T12539] inactive_file 0 [ 1398.994458][T12539] active_file 0 [ 1398.994458][T12539] unevictable 0 [ 1398.994458][T12539] slab_reclaimable 270336 [ 1398.994458][T12539] slab_unreclaimable 454656 [ 1398.994458][T12539] pgfault 75636 [ 1398.994458][T12539] pgmajfault 0 [ 1398.994458][T12539] workingset_refault 0 [ 1398.994458][T12539] workingset_activate 0 [ 1398.994458][T12539] workingset_nodereclaim 0 [ 1398.994458][T12539] pgrefill 46 [ 1398.994458][T12539] pgscan 46 [ 1398.994458][T12539] pgsteal 0 [ 1398.994458][T12539] pgactivate 0 [ 1398.994458][T12539] pgdeactivate 46 [ 1399.090486][T12539] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12539,uid=0 [ 1399.105984][T12539] Memory cgroup out of memory: Killed process 12539 (syz-executor.0) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB [ 1399.120977][ T1058] oom_reaper: reaped process 12539 (syz-executor.0), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:57:33 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]}) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0) 22:57:33 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x484, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:33 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3ef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:33 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]}) munlockall() 22:57:34 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x485, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f0, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x486, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 4: seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]}) syslog(0xa, 0x0, 0x0) 22:57:34 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x800, 0x0) getsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000340), &(0x7f0000000440)=0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000340)}], 0x1, 0x0) openat$capi20(0xffffffffffffff9c, &(0x7f0000000180)='/dev/capi20\x00', 0x100, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) readv(r2, &(0x7f0000000080)=[{&(0x7f0000000640)=""/149, 0x95}, {&(0x7f0000000780)=""/4096, 0x1000}], 0x2) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000600)=0xbdb, 0xffffffc3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000004c0), &(0x7f0000000500)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = geteuid() ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000480)={0x3, @default, r6}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r7, 0xae80, 0x0) 22:57:34 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:34 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f1, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xa00}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:34 executing program 4: clone(0x41bc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000001c0)) syz_open_dev$rtc(&(0x7f0000000080)='/dev/rtc#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) ptrace(0x4206, r0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000000)) ptrace$setregs(0xf, r0, 0x0, &(0x7f0000000140)="19495ff17d") ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000000)={0x0}) 22:57:34 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x487, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00', r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, 0x0) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) 22:57:34 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x488, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xc00}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x25d, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000005c0)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) getpeername$unix(0xffffffffffffffff, 0x0, 0x0) 22:57:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x489, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xe00}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) 22:57:35 executing program 3: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x8, 0x4, 0x4, 0x48a, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:35 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0xb, &(0x7f0000000480)='memory.max\x00'}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r6 = socket$kcm(0x11, 0x3, 0x0) r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r6, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r8 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x40) gettid() openat$cgroup_ro(r4, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r9 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r9, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r8, &(0x7f00000003c0)=0x100, 0x12) 22:57:35 executing program 2: clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x3f5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x0, 0x6000000]}, 0x3c) 22:57:35 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce1e, 0xfffffffffffffffd, 0x3fffffffffffff, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x3, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x2, @perf_config_ext, 0x1024}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r2, 0x0, 0x1, &(0x7f0000000300)='\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={r1, r2, 0x0, 0x5, &(0x7f00000004c0)='syz1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r3, r2, 0x0, 0x0, 0x0, r4}, 0x30) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000380)) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cser\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/E\xdbh\x03\xfb\xa1\x90\xd60[\xdc\xcaQ,\xc3\xd0\xd4\xa0\xf8\x18\x18$^\x1f\x9c\xfd\xa4\x94 n\ve\xe3\xa3\xa0\x96\x93\x05\x9b\x81\xa5b\x01\xc2\xbbD\x93\xce2c\xb5>\x1f\x7f\x12z5\x87\xed|P>9hU\x1f\xacxtg\xc9Q\xd41\xb6\xfeb\xc7=\xff\xc2U]\xf1J\xbb\xe3_\x8f\x9a<\xe8\xdd\xb02,\xc6\xf7\xe5%\x96\r\xf27\xf0\x03A\xfa\x0e\xe8\xd0\x96B\xaaZl', 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000580)=@llc={0x1a, 0x33e, 0x0, 0x101, 0x5, 0x4}, 0x80, 0x0}, 0x40) r7 = socket$kcm(0x11, 0x3, 0x0) r8 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) sendmsg(r7, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) openat$cgroup_ro(r6, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) r9 = openat$cgroup_int(r6, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x2400, 0x40) gettid() openat$cgroup_ro(r5, &(0x7f0000000140)='cpuset.effective_cpus\x00', 0x0, 0x0) r10 = socket$kcm(0xa, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x1e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @ipv4}, 0x80, 0x0}, 0x24000001) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='memory.current\x00', 0x0, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x100, 0x12) [ 1401.747145][T12697] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1401.757656][T12697] CPU: 1 PID: 12697 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1401.765309][T12697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1401.775393][T12697] Call Trace: [ 1401.778733][T12697] dump_stack+0x16f/0x1f0 [ 1401.783115][T12697] dump_header+0x10b/0x831 [ 1401.787648][T12697] oom_kill_process.cold+0x10/0x15 [ 1401.792786][T12697] out_of_memory+0x79a/0x12d0 [ 1401.797522][T12697] ? retint_kernel+0x10/0x10 [ 1401.802156][T12697] ? oom_killer_disable+0x280/0x280 [ 1401.807392][T12697] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1401.812954][T12697] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1401.818611][T12697] ? cgroup_file_notify+0x140/0x1b0 [ 1401.823836][T12697] memory_max_write+0x262/0x3a0 [ 1401.828705][T12697] ? mem_cgroup_write+0x360/0x360 [ 1401.833750][T12697] ? lock_acquire+0x190/0x400 [ 1401.838445][T12697] ? kernfs_fop_write+0x227/0x480 [ 1401.843496][T12697] cgroup_file_write+0x307/0x790 [ 1401.848461][T12697] ? mem_cgroup_write+0x360/0x360 [ 1401.853505][T12697] ? cgroup_show_path+0x590/0x590 [ 1401.858576][T12697] ? cgroup_show_path+0x590/0x590 [ 1401.863621][T12697] kernfs_fop_write+0x2b8/0x480 [ 1401.868670][T12697] __vfs_write+0x8a/0x110 [ 1401.873016][T12697] ? kernfs_fop_open+0xd80/0xd80 [ 1401.877979][T12697] vfs_write+0x268/0x5d0 [ 1401.882250][T12697] ksys_write+0x14f/0x290 [ 1401.886607][T12697] ? __ia32_sys_read+0xb0/0xb0 [ 1401.891391][T12697] ? do_syscall_64+0x26/0x6a0 [ 1401.896086][T12697] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1401.902172][T12697] ? do_syscall_64+0x26/0x6a0 [ 1401.906875][T12697] __x64_sys_write+0x73/0xb0 [ 1401.911489][T12697] do_syscall_64+0xfd/0x6a0 [ 1401.916019][T12697] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1401.921931][T12697] RIP: 0033:0x459829 [ 1401.925842][T12697] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1401.945458][T12697] RSP: 002b:00007f1d036c5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1401.953888][T12697] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1401.961880][T12697] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1401.969870][T12697] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1401.977855][T12697] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1d036c66d4 [ 1401.985845][T12697] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1401.993994][T12697] memory: usage 9168kB, limit 0kB, failcnt 198 [ 1402.000294][T12697] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1402.007325][T12697] Memory cgroup stats for /syz4: [ 1402.010194][T12697] anon 6594560 [ 1402.010194][T12697] file 167936 [ 1402.010194][T12697] kernel_stack 65536 [ 1402.010194][T12697] slab 2035712 [ 1402.010194][T12697] sock 102400 [ 1402.010194][T12697] shmem 77824 [ 1402.010194][T12697] file_mapped 135168 [ 1402.010194][T12697] file_dirty 0 [ 1402.010194][T12697] file_writeback 0 [ 1402.010194][T12697] anon_thp 6291456 [ 1402.010194][T12697] inactive_anon 135168 [ 1402.010194][T12697] active_anon 6516736 [ 1402.010194][T12697] inactive_file 0 [ 1402.010194][T12697] active_file 0 [ 1402.010194][T12697] unevictable 0 [ 1402.010194][T12697] slab_reclaimable 811008 [ 1402.010194][T12697] slab_unreclaimable 1224704 [ 1402.010194][T12697] pgfault 75405 [ 1402.010194][T12697] pgmajfault 0 [ 1402.010194][T12697] workingset_refault 0 [ 1402.010194][T12697] workingset_activate 0 [ 1402.010194][T12697] workingset_nodereclaim 0 [ 1402.010194][T12697] pgrefill 0 [ 1402.010194][T12697] pgscan 0 [ 1402.010194][T12697] pgsteal 0 [ 1402.010194][T12697] pgactivate 0 [ 1402.106426][T12697] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=12690,uid=0 [ 1402.122710][T12697] Memory cgroup out of memory: Killed process 12690 (syz-executor.4) total-vm:72572kB, anon-rss:4240kB, file-rss:35844kB, shmem-rss:0kB [ 1402.140343][ T1058] oom_reaper: reaped process 12690 (syz-executor.4), now anon-rss:0kB, file-rss:34888kB, shmem-rss:0kB [ 1402.149893][T12692] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1402.163193][T12692] CPU: 1 PID: 12692 Comm: syz-executor.1 Not tainted 5.2.0+ #64 [ 1402.170836][T12692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1402.180910][T12692] Call Trace: [ 1402.184231][T12692] dump_stack+0x16f/0x1f0 [ 1402.188587][T12692] dump_header+0x10b/0x831 [ 1402.193020][T12692] oom_kill_process.cold+0x10/0x15 [ 1402.198152][T12692] out_of_memory+0x79a/0x12d0 [ 1402.202847][T12692] ? cgroup_file_notify+0x140/0x1b0 [ 1402.208064][T12692] ? oom_killer_disable+0x280/0x280 [ 1402.213289][T12692] mem_cgroup_out_of_memory+0x1d8/0x240 [ 1402.218856][T12692] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 1402.224523][T12692] ? cgroup_file_notify+0x140/0x1b0 [ 1402.229754][T12692] memory_max_write+0x262/0x3a0 [ 1402.234629][T12692] ? mem_cgroup_write+0x360/0x360 [ 1402.239675][T12692] ? lock_acquire+0x190/0x400 [ 1402.244369][T12692] ? kernfs_fop_write+0x227/0x480 [ 1402.249416][T12692] cgroup_file_write+0x307/0x790 [ 1402.254381][T12692] ? mem_cgroup_write+0x360/0x360 [ 1402.259425][T12692] ? cgroup_show_path+0x590/0x590 [ 1402.264479][T12692] ? cgroup_show_path+0x590/0x590 [ 1402.269522][T12692] kernfs_fop_write+0x2b8/0x480 [ 1402.274404][T12692] __vfs_write+0x8a/0x110 [ 1402.278750][T12692] ? kernfs_fop_open+0xd80/0xd80 [ 1402.283708][T12692] vfs_write+0x268/0x5d0 [ 1402.287974][T12692] ksys_write+0x14f/0x290 [ 1402.292326][T12692] ? __ia32_sys_read+0xb0/0xb0 [ 1402.297123][T12692] __x64_sys_write+0x73/0xb0 [ 1402.301731][T12692] ? do_syscall_64+0x5b/0x6a0 [ 1402.306427][T12692] do_syscall_64+0xfd/0x6a0 [ 1402.310954][T12692] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1402.316863][T12692] RIP: 0033:0x459829 [ 1402.320794][T12692] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1402.340414][T12692] RSP: 002b:00007f5305947c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1402.348876][T12692] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 1402.356870][T12692] RDX: 0000000000000012 RSI: 00000000200003c0 RDI: 0000000000000007 [ 1402.364897][T12692] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1402.372889][T12692] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53059486d4 [ 1402.380883][T12692] R13: 00000000004c9774 R14: 00000000004e0b70 R15: 00000000ffffffff [ 1402.389075][T12692] memory: usage 21320kB, limit 0kB, failcnt 0 [ 1402.395325][T12692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1402.402336][T12692] Memory cgroup stats for /syz1: [ 1402.403334][T12692] anon 4464640 [ 1402.403334][T12692] file 110592 [ 1402.403334][T12692] kernel_stack 65536 [ 1402.403334][T12692] slab 16949248 [ 1402.403334][T12692] sock 36864 [ 1402.403334][T12692] shmem 0 [ 1402.403334][T12692] file_mapped 0 [ 1402.403334][T12692] file_dirty 0 [ 1402.403334][T12692] file_writeback 0 [ 1402.403334][T12692] anon_thp 4194304 [ 1402.403334][T12692] inactive_anon 0 [ 1402.403334][T12692] active_anon 4390912 [ 1402.403334][T12692] inactive_file 0 [ 1402.403334][T12692] active_file 0 [ 1402.403334][T12692] unevictable 0 [ 1402.403334][T12692] slab_reclaimable 2433024 [ 1402.403334][T12692] slab_unreclaimable 14516224 [ 1402.403334][T12692] pgfault 65307 [ 1402.403334][T12692] pgmajfault 0 [ 1402.403334][T12692] workingset_refault 0 [ 1402.403334][T12692] workingset_activate 0 [ 1402.403334][T12692] workingset_nodereclaim 0 [ 1402.403334][T12692] pgrefill 0 [ 1402.403334][T12692] pgscan 0 [ 1402.403334][T12692] pgsteal 0 [ 1402.403334][T12692] pgactivate 0 [ 1402.498984][T12692] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=12683,uid=0 [ 1402.515696][T12692] Memory cgroup out of memory: Killed process 12683 (syz-executor.1) total-vm:72572kB, anon-rss:4240kB, file-rss:35844kB, shmem-rss:0kB [ 1402.534867][ T1058] oom_reaper: reaped process 12683 (syz-executor.1), now anon-rss:0kB, file-rss:34884kB, shmem-rss:0kB [ 1507.653891][ C0] rcu: INFO: rcu_sched self-detected stall on CPU [ 1507.660451][ C0] rcu: 0-....: (10499 ticks this GP) idle=406/1/0x4000000000000002 softirq=111223/111223 fqs=5241 [ 1507.671408][ C0] (t=10500 jiffies g=178261 q=328) [ 1507.676586][ C0] NMI backtrace for cpu 0 [ 1507.680893][ C0] CPU: 0 PID: 12283 Comm: syz-executor.4 Not tainted 5.2.0+ #64 [ 1507.688499][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1507.698549][ C0] Call Trace: [ 1507.701811][ C0] [ 1507.704648][ C0] dump_stack+0x16f/0x1f0 [ 1507.708959][ C0] ? lapic_can_unplug_cpu.cold+0x36/0x45 [ 1507.714574][ C0] nmi_cpu_backtrace.cold+0x70/0xb2 [ 1507.719768][ C0] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 1507.725383][ C0] nmi_trigger_cpumask_backtrace+0x22d/0x25c [ 1507.731349][ C0] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1507.737225][ C0] rcu_dump_cpu_stacks+0x183/0x1cf [ 1507.742332][ C0] ? find_next_bit+0x107/0x130 [ 1507.747079][ C0] rcu_sched_clock_irq.cold+0x491/0x8c0 [ 1507.752625][ C0] ? raise_softirq+0x163/0x370 [ 1507.757373][ C0] update_process_times+0x32/0x80 [ 1507.762381][ C0] tick_sched_handle+0xa2/0x190 [ 1507.767237][ C0] tick_sched_timer+0x47/0x130 [ 1507.771990][ C0] __hrtimer_run_queues+0x364/0xd90 [ 1507.777180][ C0] ? tick_sched_do_timer+0x1b0/0x1b0 [ 1507.782450][ C0] ? hrtimer_start_range_ns+0xbc0/0xbc0 [ 1507.787980][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1507.793696][ C0] ? ktime_get_update_offsets_now+0x2d3/0x440 [ 1507.799749][ C0] hrtimer_interrupt+0x2ea/0x730 [ 1507.804673][ C0] smp_apic_timer_interrupt+0x10b/0x550 [ 1507.810210][ C0] apic_timer_interrupt+0xf/0x20 [ 1507.815122][ C0] [ 1507.818044][ C0] RIP: 0010:lock_release+0x4e0/0x950 [ 1507.823308][ C0] Code: 00 48 8b bd 48 ff ff ff 57 9d 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 c7 43 08 00 00 00 00 <48> 8b 45 d0 65 48 33 04 25 28 00 00 00 0f 85 3d 03 00 00 48 81 c4 [ 1507.842897][ C0] RSP: 0018:ffff8880952f7070 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 1507.851303][ C0] RAX: dffffc0000000000 RBX: ffffed1012a5ee13 RCX: 1ffff11012ee2108 [ 1507.859264][ C0] RDX: dffffc0000000000 RSI: 1ffff11012ee2119 RDI: 0000000000000282 [ 1507.867213][ C0] RBP: ffff8880952f7140 R08: 0000000000000004 R09: ffff888097710848 [ 1507.875162][ C0] R10: fffffbfff13494e7 R11: ffffffff89a4a73f R12: ffff888097710000 [ 1507.883122][ C0] R13: ffffffff819a265f R14: ffff8880952f7118 R15: ffff888097710000 [ 1507.891110][ C0] ? list_lru_count_one+0x1cf/0x380 [ 1507.896305][ C0] ? lock_downgrade+0x920/0x920 [ 1507.901140][ C0] list_lru_count_one+0x1f8/0x380 [ 1507.906146][ C0] super_cache_count+0x14c/0x2e0 [ 1507.911064][ C0] do_shrink_slab+0x109/0x9c0 [ 1507.915722][ C0] ? radix_tree_lookup+0x22/0x30 [ 1507.920655][ C0] shrink_slab+0x36a/0x620 [ 1507.925058][ C0] ? do_shrink_slab+0x9c0/0x9c0 [ 1507.929887][ C0] ? __delayacct_freepages_start+0x41/0x80 [ 1507.935694][ C0] shrink_node+0x63f/0x1710 [ 1507.940187][ C0] ? ktime_get+0x37/0x2f0 [ 1507.944497][ C0] ? shrink_node_memcg+0x1430/0x1430 [ 1507.949775][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1507.955474][ C0] ? ktime_get+0x202/0x2f0 [ 1507.959892][ C0] do_try_to_free_pages+0x3cb/0x11e0 [ 1507.965181][ C0] ? shrink_node+0x1710/0x1710 [ 1507.969952][ C0] ? _raw_spin_unlock_irq+0x28/0x70 [ 1507.975135][ C0] try_to_free_mem_cgroup_pages+0x314/0xa00 [ 1507.981041][ C0] ? try_to_free_pages+0x900/0x900 [ 1507.986151][ C0] ? _raw_spin_unlock_irqrestore+0x67/0xd0 [ 1507.991936][ C0] ? cgroup_file_notify+0x140/0x1b0 [ 1507.997133][ C0] ? _raw_spin_unlock_irqrestore+0x67/0xd0 [ 1508.002936][ C0] ? cgroup_file_notify+0x140/0x1b0 [ 1508.008122][ C0] try_charge+0x648/0x1430 [ 1508.012517][ C0] ? perf_trace_lock+0xb1/0x480 [ 1508.017363][ C0] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1508.022887][ C0] ? cache_grow_begin+0x124/0xc90 [ 1508.027892][ C0] ? find_held_lock+0x35/0x130 [ 1508.032633][ C0] ? cache_grow_begin+0x124/0xc90 [ 1508.037638][ C0] __memcg_kmem_charge_memcg+0x71/0xf0 [ 1508.043073][ C0] ? memcg_kmem_put_cache+0x1b0/0x1b0 [ 1508.048442][ C0] cache_grow_begin+0x601/0xc90 [ 1508.053273][ C0] ? write_comp_data+0x31/0x70 [ 1508.058042][ C0] ? mempolicy_slab_node+0x139/0x390 [ 1508.063320][ C0] fallback_alloc+0x1fd/0x2d0 [ 1508.067983][ C0] ____cache_alloc_node+0x1bc/0x1d0 [ 1508.073180][ C0] ? trace_hardirqs_off+0x62/0x210 [ 1508.078275][ C0] kmem_cache_alloc+0x1e8/0x700 [ 1508.083105][ C0] ? avc_has_perm+0x378/0x600 [ 1508.087769][ C0] ? ratelimit_state_init+0xb0/0xb0 [ 1508.092962][ C0] ext4_alloc_inode+0x1f/0x640 [ 1508.097709][ C0] ? ratelimit_state_init+0xb0/0xb0 [ 1508.102888][ C0] alloc_inode+0x68/0x1e0 [ 1508.107287][ C0] new_inode_pseudo+0x19/0xf0 [ 1508.111941][ C0] new_inode+0x1f/0x40 [ 1508.115990][ C0] __ext4_new_inode+0x3d5/0x4da0 [ 1508.120912][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1508.127133][ C0] ? __dquot_initialize+0x525/0xd80 [ 1508.132313][ C0] ? ext4_free_inode+0x1450/0x1450 [ 1508.137403][ C0] ? dqget+0x10d0/0x10d0 [ 1508.141640][ C0] ? security_transition_sid+0xf1/0x190 [ 1508.147169][ C0] ? selinux_determine_inode_label+0x1b1/0x390 [ 1508.153306][ C0] ext4_mkdir+0x3df/0xe20 [ 1508.157644][ C0] ? ext4_init_dot_dotdot+0x520/0x520 [ 1508.163012][ C0] ? selinux_inode_mkdir+0x23/0x30 [ 1508.168112][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1508.174331][ C0] ? security_inode_mkdir+0xe4/0x120 [ 1508.179615][ C0] vfs_mkdir+0x42e/0x670 [ 1508.183840][ C0] do_mkdirat+0x234/0x2a0 [ 1508.188162][ C0] ? __ia32_sys_mknod+0xb0/0xb0 [ 1508.192989][ C0] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 1508.198431][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1508.204478][ C0] ? do_syscall_64+0x26/0x6a0 [ 1508.209150][ C0] ? lockdep_hardirqs_on+0x418/0x5d0 [ 1508.214418][ C0] __x64_sys_mkdir+0x5c/0x80 [ 1508.218996][ C0] do_syscall_64+0xfd/0x6a0 [ 1508.223485][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1508.229359][ C0] RIP: 0033:0x458c47 [ 1508.233236][ C0] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1508.252828][ C0] RSP: 002b:00007ffda6f402e8 EFLAGS: 00000206 ORIG_RAX: 0000000000000053 [ 1508.261219][ C0] RAX: ffffffffffffffda RBX: 000000000015635f RCX: 0000000000458c47 [ 1508.269168][ C0] RDX: 00007ffda6f40334 RSI: 00000000000001ff RDI: 00007ffda6f40330 [ 1508.277126][ C0] RBP: 0000000000000031 R08: 0000000000000000 R09: 0000000000000004 [ 1508.285345][ C0] R10: 0000000000000064 R11: 0000000000000206 R12: 000000000000001c [ 1508.296613][ C0] R13: 00007ffda6f40320 R14: 0000000000156217 R15: 00007ffda6f40330