723176097ca36654a24d195fc3048531c863e54bf0effeac4592db83be9228d1eaf30f5c9abdbf6bf36afc920c7dd3e1253f59f9caf57a2d91db738d8c9899ac09d82fac70dd4f19840625e3bbf6e54206aa8f41cb7f479366ba1dd4343baa7d657b07d7ccafdd7d2226f24968e63289e8debde206ef6bac52cd3adf4de9e1767987de621618afd6fdfc5488a229a7b41e8d777e2e460ea5df62d652071b7f4aca50cc6b1298c57e98b38e0745009d747aeae5e942d92904940eb29e48faf3c70362ad7b0aac0784a1fa4ed6995768322a6df63307b26dd85bb08204600fde9618962010139d999d9aa1cd28d66da065508a847a8c3a467599575d64f26dd2588318e7f175fa1ace682da7855450c452290867ff262a101d4d2c746e40b6d2e6968f9c7f22d3be789396a5d332e0c34ea0d827151e4b9ad9745480ba3bac92952b8d73ea9938ce97ecbb16a026b3d90535967ef6408df60e7a855184596d5f5bf7b4b73a1a1501d4378af21521bc5232d2d32265fabe624d905e9fd9925530c5929a812b625ca87a452624d967bdc7043d3939130a201ecae67e513f32ceb1ceb8a15a25b0e65fd6c6ed092f983e420e8d8a770bcbefab79fd9eaf4dde23f489a1ca48101101b4aaeb1390212d5d0477c3ecc77c8bb41382638585561cfb3fcef08944f867f2d20d2503dfb2a43b0fd97f16fc320730ba82028bf46e8934d46d1c5b0623eba907fe9b2178aaf8e972b0862f6128c32ac70fbea0cbb70f335b89a62b1c2f4c50b93b45e2f2b8bc70e1eea32ae954620f4c0fa70d25d9266af77142906859f619789c9beb0deb37e4b35a5a7f31660ee6aca39a292c23502b5d4b37ac9ffa99a6e2985b94e51589de9e27bfdd00a82918c24666130eb1a74a8d3c26e230bd22ba2956b78cf0ac5666365604ec934c21dc8a3956b8b3b171016ad1dc6de5a9f1593aa3d10b620c351711b87948e325a5f77ac591e4c13e6b43bba889956244baa86dce9ff0e7183410acdc675fac4eff7dae067725f2dd0b0fd47dffa24fdd943b8a117fb80e287fc3af5d5c6708733f7598b270fc55e6cd2485d92a4b810fcaccaf52359192396e26a94e57014448fd14ad9b0d4ec0c0a4ecb1761234ab6cd5cbae69090c77650f776686f79d5e23e2ba2915ecc8e752c79a07fa85c33bfcf1fcade7b17436fc46c7d048fbc70bf5943d8f12f3f84f0059093c37724271a66128b515d142ae8074147e86549eabc625a9c430c5d00325cb5bc535b65c5c237be89155dd0ce640926b982d154df74e09bc939eaa38472c58e8fb62e378d72d84f07476f56c58da644b079f685a632537e867b4292390bb7a9573086c3082fd3aa6cbb15084f9e2fabd758d7bacfa5c031df6fe2c3fc97a6d64d53f77e98a0faba8f7f32d9bff5a9bd31311b738b659fdb305708fd0f740f6319268ffb68db8599e4c5e9f7a2bee2410321364a2564dff7645acf0e5de705d62b04b19a0115649b1be98af9d6fee1ea9647562d9b13620e84d12ee8f6293604e46560f3c95c615b4c74f18cb7a8c8dd774861081f5422dab7eaf72a6e2bf301b34eca401ebf69e9b3b2b336ba348e9cbb9c266d46a34d1283773b69df9bdb4d09e24b270cef816dfe50912b788bf96ad496860a0b0bf33c7f7386303e50dab89dcdbbe7ea7ee6881592e89b8247e100c4355e215dfe51331930e9f2290a805c2963e4c0755fccc1980c3480e381a9a19bd32e56dd9ac16fced32c45e35a12c88fa9b70ac691c172c73ad8b1deb20e0a4bada2c0b35aceb36e24eabe04d715b05a4ef7f9ce1a8b23856d77cf1dc2d5808e90bb0e2db32b0d464de4360b89731e0b8bba8c6e711f56c44e59dd8fd1281093f18aac6ef11d3f7b835bea17b7afdf2276317b2b64671aaf9cdcafcb7e25710aca2bd17afd53bad67384b6eb148b012b19ed19290c00eddfeb34005df51e6d96a8ceee84ae80a4c374879f32c47359b41cbf711403fff7f9141802d0209351a5695c11193b0b240f4d1d1fa0a505a9da7ce2b9b9da2bbe0aea9ad99002cd47cd2d8a2c9733b2cf7934c27d9b87d874c43b69753bb400dc84765514ea205bd8348ebddf7cd7aa6904945944c3304755f4f738e42905494a852cb3eab9ec70cc5b510", 0x1000)
r1 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000001180)={'ip6tnl0\x00', &(0x7f0000001080)=@ethtool_drvinfo={0x3, "ec7ffa0dad57c2cc10563c33e016d97c85b4623d43b355a66e3467a223ea2fec", "66526b775649b60135d59abacbebe5d1befb164d1004de9bcd0cb4f9771b899d", "13e978ab584acf0973880c06b2775cd658e326154028df8f365489ef981f763d", "832c003f949ac9e5e6e6e8e14af09910a4a4a84761274d9280d0e3c062587c70", "d7a9657a900d9c4c869727ce23b84f21ddca4e3a8f214f8f583148096976da8d", "6722c6b8ca21a249410faa8a", 0x4, 0x6, 0x8, 0x9b13, 0x4}})
stat(&(0x7f0000002940)='./file0\x00', &(0x7f0000002980))
ioctl$TIOCMIWAIT(r0, 0x545c, 0x0)
stat(&(0x7f0000001200)='./file0\x00', &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
sendmsg$netlink(r0, &(0x7f0000002900)={&(0x7f00000011c0), 0xc, &(0x7f00000028c0)=[{&(0x7f00000012c0)={0x274, 0x3f, 0x401, 0x70bd25, 0x25dfdbfe, "", [@typed={0x8, 0x5a, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @typed={0x14, 0x42, @ipv6=@empty}, @typed={0x8, 0x44, @uid=r2}, @generic="873310323175c136e1c1d19c1996c5", @generic="1bf200837a7d75bfec504e987a7aef96b6fdf5298d347d80ddd86650676a0f8eb7119fcedc273ad5fc7a3926c79632f746f3afcf4a1b11128c52ffa4886163df3d17fd28575beeb90b211a5c7d87c51873041e2e7d812c", @nested={0x1d8, 0x3e, [@typed={0x8, 0x68, @u32=0x2}, @typed={0x8, 0x14, @fd=r0}, @generic="8a0c06bbcb41870dfa86bd2b045441712cf06a0def5ca2254e5d6c56076d6667598df34bb1e2bda4ca368e4fcf518dc624c2433d01cc825a877f002e8e", @generic="9403c93c6f72f7143295bf9b9d506a44bd3e7ee9e11a861e7c567282c1379ca7c0f38d39546a749f6592edf6b25feb35f15f2c46db4398e5e2c180c9d953900f16d08378f9f07d207d74d49a80d1ecbac0ff4b673c9605d9d9cf49a528d1b262c754325d6e4b56fc638dc98dab1e64352546077100126ac168eb5d8d1a02a94e90aab00420b6cbdd7738d0628377b0ef41f698f6630fe73027aab71eba35d901ebaf77794d8aa0", @generic="6454d924ec1bd0eead1e2a701841313c86ef9d6c94d62f36c1589eb8109444f596849b2f02f04e2fb1ae032c69d59f7a56a0ec67acbde293c2c1e499c21cb55cfab8dd9f95358a12dd14297c30f734ec861da8009997309b9cd0fc13a3ea7c4d37ca5030d11ab63e8ecbc4fcdb3c5030980aa7f426c5edb89b2ad9c67412b9d853908d8be95b6f7008cc3b188601801b6112affcb1d4d664eebd9c3d37cbbd38978b1a34a4dd40ff83b56145dcad8fca6e1f474145405bb213eb47cac916b80f5d7ccd70423161be18483d655e1caaaea0616b", @typed={0xc, 0x74, @str='ip6tnl0\x00'}]}]}, 0x274}, {&(0x7f0000001540)=ANY=[@ANYBLOB="840200003900020b2abd7000fbdbdf2504003e00d8016f00927a58031d2295b38885ff80dd69b1456393e97df8e77a6d1aee76870c9dbc388aeffbf8de6604dab0dc111044eef8f08ece91d8494c15496ea27f5cbef515247de50413b5fee70b4b2c88fac146c772b29b18081cdca76e5c26bdf9590d4c09d5c20d5b9d5fe86553b657c58ac370262f5bfdf4f242e962bbb9aff9bc50370e6a30633dc3d59619a1ef891f97be4bbe662513f3db38e00a3cf32758590e434f650c6fb186027fda9bf505cee9456c2b911fb36a170325eef76cb2b104c4ae98a494fa56514a13a44a021cc91f0ccedc2754c1a55c29ac037e65d8620205dccba87ec07f9554ff012cadad72fdd507c8664d03bfb3b32b2972abf74cc9cc06cc41e5edc79c0144c210cae7c3c1d57ed8e51e20cbe444323503a194358fbc9b634c0170986aae10876ceb1c85ed6034a719b2144006c660548a5dcf8e95556233e5b16d39311a5c4f9e862e0d5756ba6cf4b12293bd3b81ee575bb7a7329da44cdf98bc8bd86cfc867621a85019ae47050ba648e67919aa244897a1206bde0dfa92297d54c676e436dff1f03dbd2c1330fcd4f37133ea9e032d09140c8288b756e50d92766ed600ef0295aa3edb5a0c00957773ba1a0474bb7ae1a31ec0bb1fab9cc686732dbb338538b284df10aa544f722b61e7dd446567428865829d2930b9e0abb41092d04beaf03605bff106b52674777688b5e4654533be46f114714371af115569747aa62dad01477b14056b9b410511d01c34f946fa6c32a764499e1de8831c9d86ca9953dfdc033b5b74819dd80e18bd6c205ad927040017fddc9e00812b370798099c0248194937ecb92625f7869ca0d2aebe8a1646d61b423a02cc4a4bbfbaefa0252a85000000"], 0x284}, {&(0x7f0000001800)={0x10a4, 0x22, 0x20, 0x70bd26, 0x25dfdbfe, "", [@generic="00cbfdb1856bfa5b5dd6f550732afa3b48017b6cf4316676e0a52d149f655ec441344f70c8e34cf9d858b89979b9f566e92ecb80a48aefa73e52c94d1bb8139edfafe82fe76a2c4288ea924a400d911248c24151f2eb06d813e09cab8b7b35649d63a86523e13905c354e1355759a247083ecba2aa2c4261bcf5e07685f89dd54a170369b023611519180d1ff9ef0452928eb9506eb80a251d9ef85b4d079fc85b5468c704f54b85227a517218135e7258dd97a12e4b4a0beec53586a7dde7b7b443274e49f7cef5040d644b82f00fb54b7bafc9f10dba47711faa94dcaae22a1a4d783da4617fda7b5552ec269a1d89680b0d9ffe018fa61e35b8bdfb0d5551a61dd6e4548c96386a399918ab2264545e5d1b9b38b37951b11743e90195beb877caef5b056e88c22e88d7cab8ec45f780cc0cbc6d4e596ea1287267e17ec59cafcfa7e42bc9d387485ebda75a154b3c1b34765f141d4a1d33c6a7bf5d710a6605baf52bf0f51910ec1f622562e16042f614d27e6613e3ceb001303b4258ef1abac258cf1666a72405dab59c953095635cbe44be9c355b149af928b77348622f7b41901a37ae0c9f036104609dd66d2266858421a8afa95c18f2c63b63d8191d635e92bd15a6c1d3c1d22b7ab96624d9cc268698fe5a4d38697eb492f983378aca50e74a0af71e8a64a518f18f48dc8a8e64eb9525277d1d6045eea5cb029e58e5dc8dab770c1a4c133f8f92e5ff0e6d4f82bbd76680c49dd073d69c61c46c9b4017844092be501a2360d5cd00486cd9fbb1cdbca5512e42b1cead024fd7a5407eb3dff2c5260d5a7f45716a7c2c5e821e08c665eccedeabee7b5772d37d594c0818e6fbcb0e78a7f428161ae958ad53678126ea5c566cf9b51a34028ac1a6a17646849a61b30cbc27689ba9f538bed8488643fd5a060de576ce27d054a8ce751345ee2b28c978e4fe2d4369c5055aabf1bc9282063e861f7f9f0c90dcd33a0b850eeaa802e1b56cb0f9281e950520215b2f003dea58087dc8a249b073573b6ff0cf8f37bc60706750779dae81fdd6c91983a05503151c3b295d0166f92f1138def62cf08a71aca098b2b806b92a75f6367c7ebbf6c218081149c53770ccb7c2b076d105ce3475c8ab35bf588d717ab717efe0754d4c06c139cef4b278e272872773ee711d252ba99803bbd39c6d610d4b8b52def354cd2c8f37036c78d27e059ff5ed1bf1820748e58894029437d1b7aa23b31eaf45602abf371218b0a710241e57dd2b59e5189a828de4eceed0b8266e8302f1e9bb21aee499d07c27bad46da8f06a6ec62e8e5544337682e6a0e5eaa989a4024972e6abaaa6eca1dad06b6065e7e882781f4f733fe2c46e713d15311f588c51bbe6b0656ee0356b76841fdae4b4ff17a3927c0d587d3edee009bb982d348d2c6c18740a60792e11f7e32c510baa9ed8040fb4209d2ebd9f3d675177bd6318d49f34cdc4925eed1cdfd247d955c93a9462b895d9db3cc47f9d94a583e9370fd0601c6ddf4760c8b8dbc4fc4408fe3aeb6d6cd76a6752c083fa546c01eb130914989b438cef86a987d63bc646ead937caea0ea1e06b1ecae86c863fce875bcc539bb61fd8bcbb24f5c601d312ce2e6446ddff5f848a950512601d810cd5eb14827c8728c9692f8f34c3941036d94e76c817f715a0f356044ca9853cf3766f55563da4d97cd19ba649ff3feded028f857010c21adad4c1c1d6f98824d3e18bd145d9e519058d73e54f2f17de8c78a3f3ee04c7a2d7ce0a892aa3355d686127b1591eb077f3db7f4e9386af7ecedd1b60b6f5e5fd7338a4e3f416528f1e0e9e2da5178a2f34bfa9be9a737872d785a80b1bb554a17ebeba7d8221fff3a308560624ed6b365d7b24ec37d6d9049552796ecc30d183bd56e40e49b6b28e16c8a9543d0089a700c769b8b9b30c8d4bf817039485453bdb3ea88d63b14c31fcc268952d8c0316b32a31553ab42349ef4459609b88107ecb0d7b14b16741b8ea01afa4b292e3c198527e487df5d3a4a880c45d31a8a831c0cd24032ca125a15cc22c2c691de523a5d8f6c37c1e288adce9648a47d944ecbe04659e3a81d1f79710b6ae35b571ecda12e6da717d0aac422bbfb72b2af17f9b927260d320e83e4d107a95dcaa267687709e86b1e477a30558cc967787ac06bb26520234336c992758821daa29dc90a81a2446bdc481b2f405f621a6c466fe6f17841830d788a9912f12fac60165ba0f5ef325f30741dad758086eaab66a788edaba02cd40927131cae0a5dbe4a4dce43784f6052de3039ac06781584db5aa442f8509f62004834bae11eba3c8530acd392cc46d35f92587c5fcfdf7e621ddf1efeeb0f3cf5aa732265429c1b7f5efc52bd534ef766386c0e93b9b111e694e29ea130242d262d48fbc89d8f5cceb34204777acda67686b8c35f9f61778bfc58fc4a2df2f025ef61237b6b725fdf91ca87a295b653c55e3c6c574fc8b3414f5767017f93a8fff16822e3f4134b252bbe8cb22a62467311e189c8643add4c0c769dd74eb3036216b1a74ae22d31c6129d857cc9b027421599cb7ddf22e6c43b66469dbfa3f46e855947fd73bfa8bde6b8be3fcd44848b61521352201ff8ea43c881ae81ec92964a93bff09618c5b2e5d540e284d897dbf604f4d2b969bc0e11814891a780c57bd011138ee0d98e37ce96aeeed1f7c6e93dc09f4b92ca1f86ad1c988b6afe66d289d2eddcc21ea621c7f5916dc2687ccd3effaab952059923ab345aa3a1feaa105794f693d789c9ac66a1592a3ccb64f5fadcda7bf1d5e3b07c673c9d5da5e2699642ef5ca27821b8e72f0c01add93534b4d3b6c985140367cc429248edbc3a6f43fe57669278f6ff6ac48f5b895ee0d33a896468b71eadce413890dcf4e4849098de144c9f06192f8659f60a1f10959c1fd547efff5fc17081f2e3ef5071dd36bb96a536612a8a0581ec94b434d784af22b8053360266ec0b79fdfd43d0f4308604269ccaffab25042bad27a0990341cd6a02079581e93961ea84a6105d80f516e7b8d16bd5c077518a3238cfd83d8d0ab107085a95d2ffe1ec01ee071ef70518240c1cee802d06b27a30bcaeaab6274800f5364b77d854dbaa5a1318aa67193d05bada507005fe6e1febcaa0404dcea59f3ab6eb96c551450b999b9c9aedbad2ab5bde9262e6b245d5009f8d4210584c202a2af2c20da4f88062de710dacedfa7d7490965909352642f0ff587d51262cb52921117b45f9bd1f975bf8fb6750e2c364201f803dd511045a00baa9b6b0b496c3db3be16820588729423fd0f36750d3350a3625f3f534b19958995a4372b7327edf50f147bc95cf8ee0447edc77617559bf956bb5b9a8f34420a46738254f9fa0ace078d46bec6e092212d1d024ace7dfb02a689d4a633a41514212d1a24fb39e96c49a42032eb5f30d320f1e26e29f31df445420b06a6ccffdc34f66ad1b3a5a2e1ded0ed1433a9419db77d41bd184ffff98d7d206b12fb88260a22726798c52e571ec30e71782a80543ac980acfb6d829c48479423baff987bb18088097dc9f150b335a50840e5eb74e73b038f67afdf74cdc252a2351963e04f8d97fddf4280ab0f0ec43e96ced2b1f431f57a07b1f6799ad150b64d2b23b27ae4ac7fdb06a243d7ebc459c85cd2fdb18d04f15e38b8e02bdfcf7924848431fd3233fb58b40cd5c765b70b95ed528335c0138b29ca8e806df613e69ddc44776338c0f20f8bce430804799cd3101136fedb041b330e4699d410accd18ccfaa131b2a92220166dea62780a66a9178375860e63d5bb90605a86c3a9b22f701375bab59115163f368e2aa412b29686a12ceb880edb141d6252ec81313fdf16135b3deb9a185d38b9481811134f135d6c9e0e1983e0d325ebebb3163817149bb77de813aa3bcd7be32be96835a2f3c9d01a5b21e20a5a3f88e95383a0dcab4cb0c61059bf839ebb1496e243100d47d65afe96b12168497cf797ab6ee5b63d4378d6b6d11c5f7db320afd5fff5a17fd6e4fd515691d72598ffd872431021b9d255b72eb711d70400d7e501062f477f426b950cbc11ebc2a1cd62765ac82b2aa5e2da685832deddcbdba634bd91e5d0138bd42dd836ed38418dc656e56599e2732bbbd259e65d8760b1f4a06616253face0f7b07837a66570c9c039a1cb55704e912929cd29d6fda9856f7f029cf6ab1d846b53723bb86ab2288d39764e91f6e880f7906ddcf8c52eeb69d0234008207137306830265886484b6fd1fcc746e338619dbb183e7f1acc82358fd3591376457ee86fda71d42edb70287df46edc7fe3a61500c60395b00d2167ca30a7e485ecda78436206c7c38eb4920412be2308d00c55211928ca3d77d4165ab9d06dd0bda7a3a0477e17bd004f68f76a23a0a11852967de9600f9126e9a30e274b511795473ce222467976e37595a763a86460e332bb22a4b9e13e535cdc613a995ee9fd57d71c5dc24a90d43576879573df1103c606b8da4811f3da9565a21b4f2de6c570dd48e75b34863050edd46fdf4aa9b3eede39f463906a62468135f0ad6132d2c1d6f93d5853a18c39f36582e92ad2ff94e79424743b3438f53081a31311a2182f7fc2a48910070bb8bf8a8ce058c51b2278f31162467ef432add7ec53706e66adf79c2eedfa1f8b1718f93985889399cb299e00ff980355599adc90b705632100819d0f9127a312500df90b7086faa9481853dd7a64008cd6ccb32751c180756e0a7ea4f9fbe01953873c92d0e4f9982b8fb75a734b93a03c38c12d1d177a7122adc86ff3ca3f2a104d36bef3f6add86b6796a1a5d5349b7a67e8b770f03abbe1c97c440d036e25faf83b56e0c69262d41ea828ad4ffdc1840b767d46e3b5f5f1275d4aa17dbae3a307a8c23cf8f03c7caf945abe5f456e1551f3f3b75e9d1558fb9a4bd0264227c4bcdc0e1bd80715ad2a2f2c1c361f8d327eb0f768c93e5ec3b2cfcb01ac8cb1ff4c25e74d0594ddd401d9a8f20080c9006925a0a22005a612d2e13ac7c7c738c47c4fa331d3bf0f9fc7c4c5f5eb93a4ea862b863030a617f52eabc9b95a4a3be283112b22bdfde418a0ef7a0866469e8c3031390390f831e9a0488a3600bc4beca8c97a6e44f9f2132922bd1414b8724ee36a95b6573a78709b6a393ea21703d8aa2d30099cfb10962363dbf5a3c76091da8ddea379e37840bec99d696963f92d8e7a96ea79c0471102e2950e4a7b324c55b20bb4c1744a16746626406a403d3a7b759a2de7fc089c7f00cd4a42a4a486b12ef413449e47796ec1dad43542bb03ccb59c582841cfd07b90543d0e899f0435f7656d05c56efcc987f166ad0a44f3ba1424d689cd04557c9d07ed05871227a167651523cb05ab1ce924ed7840d1b6d4d8f4eb5be3e4844cc744db322a0dba0a6ced0474a680d688f51d19a777cd98500904b103303aff89431ff4ed933f7c7436343cd4c62d53eb45688a1f720f5e06bd2191c8ac2aaadcc1bad0b4f4eee9c4952cfaccaba7e9af4810a723afcf9b481cf02e49e105920e9c59d13207709eb53ae4356cce0ba2233304f3a8b6276e8ae5fe659e132b80949c33f169e63ab5e0a5dc686aff3e518fa7dc80fe63dec978e882f0be59afc9dddee961d41a7c65fb9892b198692eb654df0487897cb4e1cd7012fab11d09af001077b008c0bd22ec84269c92e423994cbfad579b3484973f8cd83c0f78a98d94f23531647e8e507a375b188c7fce2bb2c73e8597e93a19d063946e156047b54f77978422e6662", @generic="05378713ce01e88a77b2d69feca960888b51b8a53bb05b501532924aa4c495771ddff51f3edbf5454cc71af828b926b7339c1a29a2f3d9447790ad8726873a76f51a77ecefd8c17997297edc95b3977c700a9cc4b6fbe754dfc3ac88a45b6de4d20c451d6243dc845b41b7df9f3bfd06d922340d6bc819d3b6b4a374267afc3e98f6dcffcdbd92ed", @typed={0xc, 0x6, @u64=0x2}]}, 0x10a4}], 0x3, 0x0, 0x0, 0x5}, 0x40000)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000001040))
ioctl$RTC_WIE_ON(r0, 0x700f)

[ 2505.205079] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2505.213985] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2505.222882] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:40 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x8c003)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000000c0)={0x0, 0x4, 0x2})
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00')
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000180)={{0xa, 0x4e23, 0x40, @mcast1, 0x7}, {0xa, 0x4e20, 0x1000, @rand_addr="067574e2c9c1f14b389515a6bbf4ee71", 0x5}, 0xa4, [0x4, 0x4, 0x8, 0x3a, 0x3, 0x8df, 0xb54, 0x40]}, 0x5c)

09:31:40 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00], [], [], [], [], [], [], []]}, 0x905)

09:31:40 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000040)={0x8, 0x7, 0x0, 0x5, "ffb48d476e8fc5cd9b6772a4bdcc6edea22e94720b8954841b87072c5a5f4cc6"})

[ 2505.421851] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2505.421851]    program syz-executor.0 not setting count and/or reply_len properly
09:31:40 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], [], [], [], [], [], []]}, 0x934)

[ 2505.557974] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2505.566857] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2505.572082] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2505.581157] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2505.590063] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2505.598961] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2505.607883] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2505.616776] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2505.625685] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:40 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000002c0)=@assoc_value={r2, 0x97}, 0x8)

09:31:40 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac00000000000000fffff00000", 0x2e}], 0x1}, 0x0)

09:31:40 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x5, 0x2, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, <r2=>0x0}, &(0x7f0000000040)=0x20)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={r2, 0xfffffffffffffffa}, 0x8)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/snapshot\x00', 0x420000, 0x0)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
renameat(r3, &(0x7f0000000140)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
eventfd(0x5)
r5 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x16a, 0x200000)
connect$rds(r4, &(0x7f0000000200)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
fcntl$setlease(r0, 0x400, 0x2)
ioctl$NBD_SET_SIZE(r5, 0xab02, 0x140000000000)
fsetxattr$trusted_overlay_opaque(r1, &(0x7f0000000240)='trusted.overlay.opaque\x00', &(0x7f0000000280)='y\x00', 0x2, 0x2)

09:31:40 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000], [], [], [], [], [], [], []]}, 0x905)

09:31:40 executing program 2:
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000001c0))
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x20000, 0x0)
ioctl$EVIOCGID(r0, 0x80084502, &(0x7f00000000c0)=""/219)
socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x400, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000040)=0x4)

09:31:40 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], [], [], [], [], [], []]}, 0x934)

[ 2505.854245] sd 0:0:1:0: [sg0] tag#4739 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2505.864006] sd 0:0:1:0: [sg0] tag#4739 CDB: Write(10)
[ 2505.869803] sd 0:0:1:0: [sg0] tag#4739 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2505.879248] sd 0:0:1:0: [sg0] tag#4739 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2505.889453] sd 0:0:1:0: [sg0] tag#4739 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
09:31:41 executing program 3:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000040)=0x200, 0x8)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)

09:31:41 executing program 2:
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
socket$isdn_base(0x22, 0x3, 0x0)

[ 2505.896394] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2505.896394]    program syz-executor.0 not setting count and/or reply_len properly
[ 2505.898577] sd 0:0:1:0: [sg0] tag#4739 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2505.923883] sd 0:0:1:0: [sg0] tag#4739 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2505.933227] sd 0:0:1:0: [sg0] tag#4739 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2505.942823] sd 0:0:1:0: [sg0] tag#4739 CDB[60]: d8 9b 15 da 44
[ 2505.970852] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:41 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080), 0x4)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x800, 0x0)
ioctl$EVIOCGBITSW(r1, 0x80404525, &(0x7f0000000100)=""/242)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f0000000000)=""/66)

09:31:41 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000], [], [], [], [], [], [], []]}, 0x905)

09:31:41 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000300), 0x1ff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:41 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000000)=0x5)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x8001, 0x100)
ioctl$IOC_PR_CLEAR(r2, 0x401070cd, &(0x7f00000001c0)={0x2893})
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f00000000c0)=0x14000, 0x4)
modify_ldt$read(0x0, &(0x7f0000000100)=""/192, 0xc0)
r3 = shmget$private(0x0, 0x4000, 0x7c000044, &(0x7f0000ff9000/0x4000)=nil)
shmctl$SHM_STAT(r3, 0xd, &(0x7f0000000200)=""/199)

09:31:41 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40000)
ioctl$NBD_DISCONNECT(r0, 0xab08)

09:31:41 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000100", 0x2e}], 0x1}, 0x0)

09:31:41 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000], [], [], [], [], [], []]}, 0x934)

09:31:41 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x6342c6413b730cb2, 0x84)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYBLOB="649b041fa882541f2fb4006c77411db265ac1ac1f47a54254e2f2a59be975282ed7a806c23cf788f0a84819224943d0e060058bd2b3a05760a993e8b2be55cde890d34f69e79252c2887eb00b53a14ed27650f79d3ecb0d6ba1f0889a96b61"], &(0x7f00000000c0)=0x2)
r2 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x8, &(0x7f00000001c0)=0x100, 0x4)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={<r3=>0x0, 0x6}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0xbc}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r3, 0x4)

09:31:41 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6800], [], [], [], [], [], [], []]}, 0x905)

09:31:41 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000002c0)={0x80000000, 0x200, 0x2, 0x8, <r2=>0x0}, &(0x7f0000000300)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000340)={r2, 0x200, 0x30}, &(0x7f0000000380)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:41 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x28200, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000080)=""/221)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8, 0x80000)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12)

[ 2506.585419] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2506.594439] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2506.599670] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2506.608690] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2506.617605] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2506.626527] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2506.635456] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2506.644363] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2506.653260] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:41 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x20000, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={<r1=>0x0, 0x8}, &(0x7f0000000080)=0x8)
lsetxattr$security_evm(&(0x7f00000012c0)='./file0\x00', &(0x7f0000001480)='security.evm\x00', &(0x7f00000014c0)=ANY=[@ANYBLOB="07000d0000000008005143f2157abeebe6c885de93dddd85bfb54792707b407c8dba5151933ecf33fb47eb6981548b5df415094c7249e8f3df42a0521ab404cf356a507548c03c02119963097cb19594d2dd5a1ff9df12914ffaf0"], 0x5b, 0x2000001)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000001380)={0x3000, 0x2000})
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x101, 0x0, 0x2, 0xffff, r1}, &(0x7f0000000100)=0x10)
add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="11c30f7aafddf2e3d6b6bcf3806060be9d6feda549d8400c6b71fd3c3acb8e19e682dca50da7953adb18a37650724081c1f8838802cebce929bbb96ba7b692f6a37c95ce9438dbda787875596075c9c9d2ebfe6a4a610003a1fc1bc0b3c727c11946c3c10259b604dcc40eb97c60af5a879762eb80a0e44aa31c0998ea254ed10c3cc1a4ee2c9d68cd9bd2dded4f27fd256397332235fb208e084130d20fa85f6f12706977502f7d91f3facff9d087a0526ed811ec82b5eb2d93c44f13a9164f6911d41f3bd9cfd3688cf09945fc464eccfb09a6ec4a0ddf85d6eed6f71acc5a32126f14ca9ba224739e58b3e36a1f2bfd1aa59bc2d0e73cb0861a67716cd8b4753fa58b5febd14aad0348862b6bb857591f0e946850c7e8dd97ef89d6163ce748740dffe568bbfae4a25c030ada1ef6d803615ad3e4b53ace8f323e7ae8641fbd75227ba21c5d594a6e0feab4f87a65bea494a7725c378f67c0e6051f2e11303b77a8cbd828042f981408a51537e3afc845a1230dc93c0125931df66224d2838af95347c36226295186fcc347269c567e805266dd2b9fdc9745a5422b622a99834c7f92d0ec2a6f371733f589923f64ac7e3f2a33d2cc6bfffab7b543a4fccded0a5d2e5272905bd8e688ca5e09bf0dc545e50994ea80b372a95f161e5049666e6f70b87b859f9f2c9b31128e7ec76633720be3ae949519ae38fc648388d539234b599eac538f962ef354a61a7df9652d53c39fbbf856566224143762b01ee0a94b67e47cced95e3ebeb20a8973b6613212634a74d1e5a9118160f6fcbe936cdc5f2e2615ed535267924e32737b1d34eb91468f1a8396a77ed6ceebaee9af8b29ce1e448564400d4523b467667fedaea0291df1a3193570a195504270a451c931a5ebaecba303171ac90a6e69a2a5947b0e8255157f4c4fe50af1a479da1d40d2134ee79eb80518550d9f06b8f42bfd8482b7caf4d1efcc6c53d8e6bdb05459ab6f3f4284e9d6a92f0db33416f2fe84654ff6ddcf37bc3478e17e73efacdacc4986e9d33532534e4e44874c66464d6ec905a293ed77a52ea76dcc042136de3779a3db8233dd11270da908f6340a2928a8fb5d4521613fbc29f242684f31cd62770172ff788bcbbee253bd5934a8ffebdbb3f2532f89ae5e352d94aa2556cde874a1262de517f55848693544611ce9908681faf1f6fd2904d982fac09e4b309373911da67aebce44aac65df957674108aa376387944c4d1ea535ad8b7da2673523ad29025a5f131912fd985b1d8f9a29cc92ffbe9380ddd1a74d078556cec163099e89247273d896bef4f5a69cf43fdce467bac043d5476dd93b13be35c92567752c4d8ff2f90087e075f8ee1ea0601d9e4c924d0bc0ebfb3c4d041559e876897eb897b940f6610eba74a5c5998b02594c9cedc7fed50feb94f387b3af91dfd1bb4997727f18e7dc45db625597619b8ab5b8ce0e54ff481021c55e4b9a31d81633052aafb8b2bc17a3b1bca1710f3e92a85c0a07eaf83e3e674269dca97d0e6d5a4c6b6ed8ce28dafa663f2229edbc005a7f84d4c17b31a39144ceb8cc36550cdbdf20a645859358f72e28153e97b15de73730d89ed1423068bffebfaa7547ea54111cdf566dab8cdc584036fe3304994886f89dd43f08259b73f39519b0fb7788fbb814abe7d34564f57f7b017402adf54f2ea4a7091a576c8ce0a4904b7f69aa03ab402584e28d918da3793e2277c691921ef1a92769a21d31b869926f6991c289fb5ef00ed805c447bb6db8ff7df297000eac398d454619ac181f9fb7cbd56c9b838b7f04ed64f833fa3fa8db8f645372138c446ee5542f1ec11f06ebba46faf5fb52f82ba8771dd5fa743e98b53d6629e3f9e675e635f92125ac4d4cdc88199230403a3d478c82ef8ed023f7ebd872fcdf59e67dfcd047c76b6159082436a43602b7b1d3a33e4c993a03c3f65efe08382541088442bc4b3a9678460bfa285f5a37a9636a8f258326183268a960239e47654b6904cce0b97003658ccc1c793a6eb4deb4c998508fd0b754b1024181f883edae12d5ecacc75eb61ec73107753f12f6a990754dc51eca86370bd1542aa10e8b408d72a288c33e18201ca5589a73ba957850bd417c9fb58cd5f82d983624c1478fdfcee08052cccc123b7a628691212480201223043b0e52b513df93b03c275cc661c771c7a00cf22f08ce420490a102068645f6c5c9280de0bf660859938d420613e327e5c422eb535db42133f6fde324f04883a1a99ee7bf3750a5282406592e164928db7f0aa23e6103c9a721096f5e72cd5a42abaa1d02c2f492d9ef734457b6fae3c504abe5d4349b0c920433e8ddf3c59be56e08db0888849ea2846a6122a2a2a8f767ed03c2af7616bb6f09b53d1a92dec747f9932d5249cd76f8bf437659e56d29945e89848b070f1d6118293334a52ee3dbef74f4b6788fefad6fea957ad2a6b6841c8930ad52bca93bbdede1ad38fe7fe003751754203ea0216c5869b859e2dcef934aa585f3a42132dcd6f377b2134476d247cd863d2858d5bfc5cc8a3a6a90911bb2e30193493db3e867814b43550254438530528094d397af92ab2df0e713f68191a05029f8cae28feb3314ece9ec2c808fa352daa6b93404aa1db1368e9c4dc2be8776032512c4a792d93303ad210e7a494a19f0671d193596b3cd572289616dca23ed7d3b8dcfeac63d825f71019afe20236dead972bbe82ccf52dafa950793b42955640db835b5aa9b60e92e2be6f6bd26ba9b4f88b74e639bba1662268eb25aed35778071acfb76f549fd24bac3cf614d7aea051856865a31b77662791e7268ba00b0a0ee49e5194eff0af829dd9d4ef1d90e755af0a00957e67a19b8efe36902e37099790fd64a0c3350a972ada7e8fba8c7759da4208be8c9635fdaa32cf10fff8eb3676acc685642d800885a1753beb456bdea4c3f28f4f3edcc18416d63a1d6ab1b088e2d27e3686e6c86c9825789cee8601c8c2a1eca01f46d3cb8f892cb1eb56037da5885ca2fd53ac9aba078d26709b36239206ef3a1a4cb4d2d00a952185bf5f8be1b3b1cf8c41debb16e4d8a8af5d6cf1a11f0d921aa44362386527ed88e1ecf709f0c1d17d67ba434ee53ec79fb8d31bf8ee3c0e589c4ae3589341f298342719226acd56915590dd1abb41de1c85070e5f1522def2dc22965a8a396e9867c0a4b3e644ef7535cd181fa7bf03f9e532558ab07bbf0a8015f16e05ffe68efc9e464a5de24e9c54160b18311bb4cb1e79238534da4f2a07a3ed0362b7403b8e4d6b6ce53bf8ef7473bca1720a7878e7d61d65561e228e88f84a5e447011071fff8a83920d62df16dad1cb685b7c2154c3d74e697df3c4b4b5c1a1428dd7d720a93f9631e967d1539e30e00c61809460d36f6a0250f059966cbe55e837965b047674aa1a1b937f6a71f90b331fbd2ac2f8ca751c7690ce0d8136d420e9db383c0b95e064505c60a9670b7b32aa4587e4852d41bbcbe53a673c867f275c9ef9f0d51d9516716c492aad2287ed34d0f91a05ca628d97a2d8b9eba7a9bcfa19b1d55205aab2fd58c612e5c2885cc1080c2f938f2780eb628f1e863643623d0544c5788da034767a41fd3e856d407199ab8778033c841993b4bebd0120c704632cc23948daf4896a1175a3d0d3184a55f08d03a5d10ff0b36f07165ad33d22057287cc646efa361ec20116c21f4d5200f86cbef99b290065046aa5d9185b869285c8e5b13bff3ca30e6bdf8030210d0a4f210aeb4844ce7f9ddf0dc0fff10c5a7bdad77035ff667e80522c1e3391c38cf229b93a6739694a7030fe88df45507a7edb5beb9cf342fd77967a196c5ccdd86149f4de47dd047fa33474f69497e4859b9b622ab59e6ec948d701f69dfc4dcd3a2024771474509bb8fe0d8d3d2d1eca905895f77e145d23e4a775029c8265a9772ec70324b85507fd09752e27a03a49f9f926ad7ff95268da3951c52b8229dcce27e1617bec42cf068ce09728bf3319ddc290aa7df9eaaae9459bd7bc629520e833c0885e0dc38c46341bfe6b1c76d2cdb131c79c15ef65e93c1f35f282312bfab4ed5724eab9409ee80284c81f23e10d96a309577d67acb92a65be0a241041a0feec7af6163e66aab248e2f2f76138888c9c67c0743dade4118bbf430a79854241e84cc64411f4f778ac7a52a3a2da9cf1b44cdc749c38614b12b9e12ac171cf32b29a451ae717b23d581b6bfa2495090a798b102134e5d331656502f62878e67f0adc2d069eb86fa59557dec582a8d1b0a4ce813017cff63af708b05cea399d99230b03f4a51b3165ee5933865d9dd582b4a7677514b5b15404e050c1e5c23e7f2668594bde8cc006cfc0ec781113dd93357687fd588be9b3bf68845d903c23d38cf32805acb354c4fd3594b68c56f64a397b3b5b56999f3c06945b2c2483026140594877787e846f6262983f9785e163329d8b9b54fb4ddd7d7fc539a8df6885a9df9d61012c5b762b96751e874d03da37c76f8f805fec5e832bfb3d4d51c59c326d77c127acb50a6c5eec750ffc0d1eb657470c62e4061e3acbb7b4b4ab375bfb5f75ece9909307142b1567cd474ab4f3fe8981bdf57381bd983c68f463c603f5c1dfde90d2b4d10265560f509453cdef40cb93751f1a8bb3c8e9a25284c28afb1c07ea7a8800f4b3d65e10c75914e974bffe56e22ca1ab8f5aa6015ecee7da60fc747bf4b7fa265aa9884557816d90a9dc06b8052763c1fd6dbd3a455b43f20a59ead8891189e740ec8593282084b9cb0b178539816ac9d789b7fa500375bd4d5e3380634393145a3e3495661e8c291ec042aad052b7d6248df4b21c55add2c4ae89ce5a6b882e74962f08537691f92017d9781bfa61f75dd8091a3f7f70d45295d5330bc683f84cee3872101b12f753ce73673710d8d4306ee11d910aa0fa65db31f04d01dc08a302daeb95b241da6542dcdd89a2bb08c52e4f25b96e46373fea04c7e858a7cc64b08fad918cf0527bc6360d8c84e43090556fdf8492d63c0ab584ed887c97c706167c9c7cff7686d7d7809422ebc313aea5011f92968bc773c9cae56e946a09b6eb44ca9657c96165712db951c7f96f9b5d9fa0ce4df0786cd6e2957064ccf929dc334fd3270bf8c09b89f2a87f4c80f001496fdcb5c9a7c4df0fcc906af749131b00159835963a64a4d3584614a7a804bb002a67949da291680c2137a05987a7110605d5e9f8d3494c9be25a442f3786f8f3bf34775a2efc582d762b60bf5f3ce28e957135b9ba5f9df12bcc9af28a8ca81a5d05128c63409c35fbd5bb703b46c8ae78a3826de397f16696eb9adf5988684c73bb0e47ebb9f2b3edf9e518d69f4a3cc662cd488e0eaf698517c4a73ae86ffddcff671922cfe3976daa418f409f7cca7fcb91b19c8351b1f7d18e9ac282cdcb2137a44b71d64db47a34c5f2e73eb41cce66dd5b7fb60d4b88eae22627a1f344493e6c5bcf23354fbe8c0698fbc4f15cf035120befb9386a57b49af080c2137e85d4a5b20704c886048aa97400575e1200b8e19f4e67c325e1f942167693c91c6ed4800ff736e910c810304af2418cf057abd535478e982011489b6246e5645b5b6129ec032d342524f3e43b70241c9c1befc931253a13dd6707963a96e8e4ecee98e6f2f718931e547f6faf4cc8b14d707b814b9b239347164e9d9194c93b8abace4155329211cfc10263b953ffa7709ffa5d076803936acfd86bec76be98647c45e3919b23d3d2654b9bbcf42920d20df8025e7ce13", 0x1000, 0xfffffffffffffffa)
r2 = add_key$keyring(&(0x7f00000013c0)='keyring\x00', &(0x7f0000001400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9)
r3 = add_key$keyring(&(0x7f0000001240)='keyring\x00', &(0x7f0000001280)={'syz', 0x3}, 0x0, 0x0, r2)
setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000001440)=0x1f000000000, 0x4)
keyctl$search(0xa, r3, &(0x7f00000011c0)='.req\xf0est_key_auth\x00', &(0x7f0000001300)={'syz', 0x3}, r2)

09:31:41 executing program 3:
syz_open_dev$sndmidi(&(0x7f0000000600)='/dev/snd/midiC#D#\x00', 0x1dd, 0x8007fff)
r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x0, 0x2)
ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000200)={"133eb4732b2a2df641c2419c46c450be920219e6caa5d7fa93747071f46812c6c5684dbde69937bb2baa42b11ab9db3d71679dde3099f1a2626f4699948a1042e6ba63b34b921cdd69414c7feff609e664d70521b429f4d0427feddb6bf4a3b1bf84bc4af84da571665df6bf0911f87212166c841a15d48d484c8ca51f06c87457d184bfc0b8abf71202f570494dea2dc53a7631fdabf3b73731d8a545544805526e9f8c53189d79b3f1d3e67a80dff6655e0e87533c12d07cac27dc30cd19ede128edcb73ef1ecf4c4ca639dd4724ca52c87dc508a7333055a93c921c23a76558de50747ba8b3555b41c9bd1a3e8babe7edf3d6b83fdf9b8878c930847d183618eb9c241aa47f307746919e5ff0eec9dd3254d755a1cafb1bd8cf9b5063c1a42484655ad56bf3ecf0468fe8f305608430c603b1be00ac86ffe0ded2234302518654dafb0a7f78f9dee3a4035a7c94de906c5d601c4dba0c155ddb3bc06d09dd04fb155a50b9acd41ea39a8ddfb9ee15d549e940a6c507cf205be0e470e660087fb3d0213e8c90dc6f98a66b396088169aa3425777b6abda8a01637261d479d08a63c48466f34a6cdd635a03b26747541837cddee47fed5711cfdfe8b5f20fea7be7f133881853d850b36e804ec9dad8237bc57a3abed1fc8387c2f5b2d5afea45f90366a73b48b673044db1268f8fc7f47fcd2fc525725e74414fd25bf4f1830e547f3c6d32963d931a50d810dd2132922b06ce17afeb55cb17e651d72a8c7c33b51396fb0b228788d73ad23970ab78d9b85beed2a50f08f894021674497fd0d4d8f008a47a5ccd3e9dd2a2c3dc0e0911c0bdb7aab52850d667f23db38414a81d44df888b4944fbce57f921ff112b9be01ee1df0027b440488e148ff6f280b47e2306cfd9de813379630dfa9e4b23d1701c9101ba2f2ef24bb5313bf64aa36ed0fe578eea9493151bd78153696bbbdea7908578ae5ac38cecca3ec5f7551907d8d582c52b89f153b4078fe8f9ad652200e76b0b495da59c24dc598e86163e32a9a73b8633e6b6e3fe78f70b439d027424bc2a00119af27fe74caa93056f95e236940b2047639f254f4727ca523aeb56e21ddbd378800213eabaf781a529ca025b7ff77abd367f38a17251c498fbf5df44b17a1c3e2f3b7830c56a57f6e1d604562a2dd69685fa6b4ac2511c54fff566bdc8aea8488316e54507ce5720db1227f4ade4d75b29e59f976705512da14df2da711b3529554560d49df24a84c1b550204579b74bf314a487d77608945676b07b82d4c5d0856580145836303da09da9264a189c8132290dd5f0b88bb88b2833db2d5e73dba4a0a972f61242c17249c0d9bcead6325a2ee12f86571e7fe56bee50c215298b335812ae94ecffce5ab6e4d5d108aa98d9391534cb4893ef0f2cd9d5ecffb33cdec040e562eb59e0bc6d8d"})
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x240, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000)=0x200, 0x4)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000180)=@gcm_256={{0x304}, "e5ae7d7e7690e786", "2359f3fb09e36eac9994ad11468303bb3d041cdbdfc1aaff96e0de34410ea552", "87467fb0", "dc7bba1e81a7ed08"}, 0x38)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x2)

09:31:41 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00], [], [], [], [], [], [], []]}, 0x905)

[ 2506.696393] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:41 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000740)=0xc0, 0x4)
getresuid(&(0x7f0000000780), &(0x7f00000007c0), &(0x7f0000000800))
writev(r0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="b9bb583296ac343a3bbf7414588e9009844c79d0be5f6fe1f84b02bb2c687e34f27ea477f96480f8505c722a4ea0b0364953614306da701cd08410a3b4d4d3c0a41d6a01f56021584485640d9241c6fe7be69117276ff26355574d1e62eb870156e9e8d54388ce29c9ea075a3781f70a7a2e464e6698ee375b4a3a8d8de53de4d4bab39a2a0c6f3a963b11688d59de6f44fae628b863e5cff8741a01d6126f0f6938aa44641a48a7b98f", 0xaa}, {&(0x7f0000000380)="2f06c0d4c516459d42f6659a4defcf6d2fa7c1acc9565fb29ff261", 0x1b}, {&(0x7f00000003c0)="edecfad4bc0de2fcfb18b6dafe7b733bd650a8d63b5214538debfc2714343d269eb1f1b3a0683a9f737a83f70580008430d8def1ba149e5993cc1b025868ca16", 0x40}, {&(0x7f0000000400)="81d3fb16516e62ead8dce9a07845f9875c129ff6c9953c3987d1948256a8281b3a455bbe54fe6d54914254e4ea81d452bc49c488e7764af24ad2f80fea432f9e3d80f14a30f7e33d598d3bcac3dc6c258371c948dfa81385e23541507817019f44fb1b60db0ca547f13ae6314ffb6a67f8178e0f1e5a93b8734b1893716efc539926fa985fd3ae06e60fc34368253127e768e23d43796e8c3a", 0x99}, {&(0x7f00000004c0)="08f0281004b6034962c36f0b4f90067f2176691de2ff3eaf1a7aeac371c5e31da03102bbd7cdb3c5cab74a2f58a5bfac19a80fe7a749b5134e2089a54463981a3d400a5b9e410c9d9f8bf17d9f93e0777f59a8ec53111de72591b08d34beb7fa0fcebf6d367d4e954fb15c156c213b0ffb6237d6672d74070a6bf5567df74a0549d1d5300c58463cafce75b7a3011be1400fca7fbb1359efde503fa46fb0e7ac1ea9d847f59e4dbaa168ec3c0cce2131f04efcf948f73b4a7cc7a41777954dafdf1c6bfd2f07be42189e078266db81440ba5807fd3377abfd8d571253f4197595b9d9b1b9e416aef52243403d5", 0xed}, {&(0x7f00000005c0)="372542d0133d43649a5534cf5f2b942851fa66f826624e74556be960ef8fc3480b6bdbb0125aa0ec", 0x28}, {&(0x7f0000000600)="3e34187b0dda58f860285c2e85fe8013d9facc101eab2d16409fac876760f4c3b96aeee0d014a601ee57eb449b3c07836f743cd7b31c1352796a0779b7e203a53a245822c4379b89aead28", 0x4b}, {&(0x7f0000000680)="c2d4a6f2ce0ca7c97dfd662fe347a5f502504f779c9b7cfde75d0c92750f71032222d054f86a86dc9a79ac6c5f", 0x2d}], 0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:42 executing program 2:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x0, 0x0)
connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x1, @dev={[], 0x22}, 'sit0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'lo\x00'}})
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000080)=@generic={0x0, 0x5f})

09:31:42 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
r2 = accept(r1, &(0x7f00000002c0)=@x25={0x9, @remote}, &(0x7f0000000340)=0x80)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:42 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100100", 0x2e}], 0x1}, 0x0)

09:31:42 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080), 0x4)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x42000, 0x0)
ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f0000000040))

09:31:42 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400], [], [], [], [], [], [], []]}, 0x905)

09:31:42 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000080)=""/228, 0xe4}, {&(0x7f0000000180)=""/81, 0x51}, {&(0x7f0000000200)=""/132, 0x84}, {&(0x7f00000002c0)=""/64, 0x40}, {&(0x7f0000000300)=""/65, 0x41}, {&(0x7f0000000380)}], 0x6, &(0x7f0000000440)=""/164, 0xa4}, 0x1)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000540)={<r2=>0x0, 0x3, 0x10}, &(0x7f0000000580)=0xc)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000940))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000009c0))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000a00)=<r3=>0x0)
r4 = syz_open_procfs(r3, &(0x7f0000000980)='cg\x00\x00\x00\x00\x00')
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000900)='/dev/dlm-control\x00', 0x20100, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5)
r6 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0x0, 0x50000)
write$rfkill(r6, &(0x7f0000000640)={0x8, 0x3, 0x2, 0x0, 0x1}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000005c0)=@assoc_id=r2, &(0x7f0000000600)=0x4)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000800)={&(0x7f0000000700)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r7, @ANYBLOB="00032bbd7000ffdbdf2516000000d0000500540002006f08170a3e39ae5e08000300ff07000008000200000000000800030404000000080004000700000008000400c20000000800020008000000080001001d0000000800040002000000080002000400000044000200080003007f0000000800030006000000080003000200000008000100ff0f000008000400ab050000080004000500001e00000034000200080001000b00000008000100140000000800020063020000080003008000000008000400050000000800040005000000"], 0xe4}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

09:31:42 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000000000000], [], [], [], [], [], []]}, 0x934)

09:31:42 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000003000)={<r2=>0x0, 0x1000, "bbb24f3b1b7e8927dec542191077760f8df0d44922ebd851cfb25d90e836d3a11d18822ef333958964bb1c3bb37d7aee32596bd93e416e98e631df86f1e52e52841908e4ec7d8a6b58713fad1937cb1ef0b10a19a3b3405204ee6320a19c520e4ef6aada7a6c52c0a5924fd557fcc3c2fc350c5a87936cdc1fafa7fe6c4fc898751d5b5dcffd3cf4ccb65a416546a7e4f6d3cae7e4caa0b52ddb174256a0a1646e4d52356f04095f571140f75e247a9732285068ab49159372fd803f5a9e7373c7a3841900cbc1cac81efca32a0f51621a22f86ffad2d7accdea4575e07191cf7045ab301fbfc1689b98ab271290857755572151bca426afc3ade181770d35764ba052d3c150ee30d560718e4bfd7af24d1944dc0382b2773b868c290f2866ef0c99158f618c1c84a08d4d856f3dc511ad91a39514fb28f67325f5b8a072c6ca8dbeb1155d2f523f1d79ccf89e40906f9f9d12b6191cf1c9d1d8090ab7ca5721299e0859261d44b02fa3d51bd41e6b712d2316a6c51320a200eabd024d3cf376e068f05f34abe164db64b9105f79c555e87a585bf2da21e83fa12ccafdb538d017ba9feed33c71b72b1abcf8cf35f9c851029ebd209c8319d4fd79e556be575e3ef09964feba140bcf0ba54fb7ee8b1c72a7e0f4f85aa11f204c6358e11f5bf6109816f67a7d1f76630236c56a17236229e1c772c064cd08a04e36df29f45761e82ccae3423db6a3a35a87cf8e508ff0c055a672cc5de7c33733bc988972ee14d5117f58d84026bc186a42a58a7047ce20eaa9df859f5070f526e7725cfbbb2b83e7c8024feed229ff27642dba331455c0224d5a0e58bcfe8b9ef5c51c48054b22eed82e35a343d08f14f119822dd9e412fde82b44fe6f13628c33be51a8c08889af510ad95a9c845d1d257180c82b25cf4b412fa1a344c795bbeaaaf58dcc4a6ff05e45d97c457a597f4e4501c9d3298122d342a2138f76a58f3a5e94214347befbdd192a725c29ab23d3d0e21a8053944a4b21f86a9734bb7709119f8087013acd04b0f2344e6dd67a8ec89e890351cadb80fbc01a334d517b458d660b7c92af7c163777c9c32519e0459503a48c8a8a3995762d58d129a0249ae16e01c45793456ea63d8e28b0e233d6e6a8dad40937cd81792ab0ecf3a75ddf22161c3fb813cc1ac99f4607ec09a04efa03e2731183a43885a6759e95d6e0a9dc3befaa60f612f60eabfd88915ffd2d40c3973a526567cbdcb1e71a7e571b3e0142e81de57e278c4ab861830fa0b012a3fc17b96d1a2c456606025110aa53d6c5e44693b8e481609f5ef3e2614062b389eb86fc6be881a77861ca4617526289060f59ebfcc78a7bfa60e6c3be197bab0f7cff92716bd4a2a32c4a155d136926210dd59161bc84a97fccd9cf72987487688b64d6707c9229f78a131c8e0e02458b7dd65a1a0b69c9533732d25f670e7414c260d3ce954d3937d3fbe2982292c69c535a03ca7a249e93304163a135467451d0f91e36ff73396600dfae48fc468bb80503d1e5a24ec4fbf74a2750f5de234a393a7e6899db3fda2d6c4ea73a3f7f78ee5a435b3e4d887ac35d1842f05db0372dcadf6bb59c85c36c93c1c0c51c96b6b3b2ac0f64e5bfa31cd7a432e999c1c97289b63dd0270612e908d1783687236f9eb7433d54e32f9455d82b51370f8190f9f89c53db32dc6ff71af26e003627d0d1f0d21f5ac0b0dc1ba59bd52b447c0c33e93efdfab0b5bff9d0f9254b4d39fdb73c881c21bcdf7cfec9ce737b39daa6e938fa60acfeb44b2210a0652e831f7df557af4560dad70273cf8d760d5d47465551ffdb3ddfac6b67c6a877eea26c093506a792ca726663aa30248ebbf663a8b7d4ae9714c54596fec7751e193e5713d258fb580403232c9b4f4c84c38a0e2a4109549cc0224984162a9879cb3a6b8a55b6cc2de4b012b6a4f19268887fd5831c7ae5ce94d3c4b5d39587b9668a3f1e38f12273b02343c3519443a4f39c023e9188bbe3dde55fea5308ca4c90c9bcd7e5b241ca09eaf1a659f0f4da198481265111c8c7e28d69d60af36e0132e1ebbc80a4599266d140876c80ac526b2d76eb680c433886259d61c43624f2f06946bef451cfbc2487fa6d207cdf9ad65ef1351471aaa2496622e57e50d979c651ffbeed7cf0dfe20d9d133f0471e1c8e20c0a04f2c397c7085339cdbae7e0d99763579f404dc766b8da0c522b85c2f39ab1e809c87813676d1693adbf8d38f7e117707d48356a1bbe45126fce3a0e93a1a7e378a8c977ea2dfbae3fb8dd5b8608168b019b2460058a7681b7e88a0087404e2eea2984617b1ee7e6b18689b5fb4e1b28dd1f4460f23367f4f73637bc00dbdc1018562721e6ea8944a2ffdd40ea7f540841636d5d32a1e056347a58bf2bb313f512631bdba548c51e13a7972e1a99fc7081956d07156a072c3423355f5ee31818875f0f0e2fec94ad1a2e40716e02e42a9d141ca71d46c9b93869680e8cb132b848ab8e9fe42b99e375f2f51622f9cd8fed58aeff8678fb78beaaa1118848e2f8b789d0cb11be7c942e31737217f0b2defbd6121e5877e56ede688f122456a39740dd3d48781c77d3dd4b51d1102c97692591e499cf46e9145c7c320971d18801a878a9e168d009682310346891b21f9d3b28ee2952c2306f7ecd2eebb8cd4f6bdc01776140b2f6de48606078a2f349843592bc4ed4e1819116d61444ab5ef6d3fc8cb6592638c966bc6d5550fb57efae6813af2c250a162594ef84a1cbf8aa961196ff2e807b26f681ccf324fa973e69acde91008bb8ff690fa51020aef01d19ea666302dad920dac2bbdd9ce99e015109aad2c03272afe6425ed2340e714076b259f8f98d7c301cc202b6f9d74889186b8a76988ad5d1f2d36acd0f9ba41f1fa1b61f908cef4e056b2dabd4f27405629c101b379d5245e915da84df9f8edb1aeb3f0f9944f5d9a9a5035b807c6a1598e80f9a61cf72899850bde6272f0162acdad0342e00f22b686435f5f95b7090757e99578bee06e3486d95f1fc4a9dbd2390fec0b631a5fbfd2965ad08821c24efac2ac9de191abf4809cd23531254dc524daea523bbea752e50a40e0c26c3cf741b32f6d2186b4a3934f67be8f2a33a6757318a995a20b956dd724a0aa9e184ab3235f605b9f7fcdddf0bcd7a6549c6289330400c1e739eb0f0995a0c6fca18fa392fc7563542cd1811f978dd77c5ae1aa831cbb9aabcb652e5209ebcb4627982da20b62a9b6dd365971bc2e1adeb3e9b7b86661be04ff4e49a6b98e8a99714a1b40ebd34fb941b8229a08c0ab70a8d8dc2ac1f4a2331006017554cf3e184b8792f07e62cdf0daf11130d11e832af235d4477ae7e8c6955ff8b45d30820fc91500488cfbaa7fb6aea1306467e413e6947ff4e6569496b9a117ae00709ecfd7cb9faa21d182d1614da66b878d25e26b365cde97341fa91ed9c945a9e3380aabe02e432487469a5ffd1ab82ad80ddafc477ecc4145fa222d46e49685f0c9b11407590465bdd5b8a8f37230c5d02d8f94d61adaa9637b7b0d5443e3f846f6eaecefbba4f7e14ee9f04b48605de066a659d1587f089ed8efea88985664a74356674172d575df1c4c1e14a4169c169b55ef98a18da4e36a5c16455328b3fbd78eb55ea7a0c86f2d3dfb8048aab8c47d8c6b1ff081711980d1c6fdd3e063d75a8b85c9737956c51bdd31742beea8a5a6422fb6bd2270174a9102a7114c907e830bcc78ee8ba0f38535e5c296958556eac401c320623195ba9f501d517beda38f347a006581b8502bc8f55afecffbfa797c81867f8093c610e07c0b9ddc139f53c73be9c74674a43b384293d597a81cd35e25698d218604867950e6407a17c09f06e254211444f0265866b41033b65aaaa5935d07450fc8d825787b89dd114e01efde8f98c7688b05177f8de12619297c44a011ba95f7239ff63ce5558941104c93adab8477dc3a259d938dd80004f3c1770cecc48b8f1b7117d17bebc8c746b4b3a0a2bc00fe0082da29f4460ff06a5063e13e81aba19a4657190a89de5b7fb11f1c1ea2fcf6d46dadb3480d7b7e3b43b56d204c8034e160d7325fd625ca63ebddda4d58b89519de27c75c28cd6aab4d46e5843154ed6ef884843f7950240fe06c1e2d041c35714efc5782a76a3c8914380d463b27766a933bcef6c0538f2a02b5041476fdf361c6fbe18d4c7eea96ba460d1031323e5d7ac0983b4832c82a2cac6325a21a1d30744d17f216a4d1fbd475ab5249176ae996e0097e6210a4451a826122f7392692aa49632ee7115a37306d262b5e3ffb883413f138d38b1941241824ce64df1d4dcdfff3579d80614efb48eb1c67c5bdd66c42d478246e00deb4e57e65e12a4954d42a1b43bcb1a8e4c64999bb8d5574698b803e7dd83e56f7454d43ace3899cf07446a2616ad7beb2261ae0648dbb8bdfc458265b9e7212c191bb06d005c26f412d8efbe676723c65c9db668bdafd9c0f75e46d2a84dcc93239f2959d2509b40a9cf404ccda2214918c4b8c0eae8525b65315ea3b730b319714a9f180cf81ec9237c4bfeae578f9357c226bb146f7153df2c9a2f2d9dced7da286cefbabd225c39360932ed0dd89b2fe3e6f9387e3bfc7cfd45a796df44861305e8600e3f16786a28c3af84e5e1b2dc1ac08e0b39aff4783165500fafaa0adfe7c56ed61c2e426b076b7d6c07ba7ecaf5971b1efead3a3b71ed633c1a5410055dd9d0c20bcc5e42ec306f4bbdab8ab74483285bae0e3118a4ca5a510ce0faad494c93282f5e07980fb0e1fa3e167c33be55efe42eabd3cf6a12c07fabbf80b55c3b674ec69e5b17d57d60e5ba375e4389e97cb6b84dde068fefae7bf3db8e1196a8e229cd8fe2ee9afe8b33a754719a62b312748d6940a61b5fe9eab35a1c5a0985a2f0ba5599354065df7a6f146855c81da4e10f4635d797a248610afdce513567fc469dc10e355ca25dbc034882ab4980b004099312e4817900c7ef4dd7a1f0c5b73afcd550eb4176701e39a8d6c994d94b1285a6c0ac261830b5bdd882dd2d5c08feea70cb64364a3917fe5916af40b9c882fa0206ef748a2001998a5c499028f23cbfd1b57e0df00ecd893a12576012fe6239b965cd428416915602fd32de56b39bed1838d6aed7b8cb67af530080ab017628e7e149d7223e1aabd328beb60b3c3dd50287b2ce9f8c9886c0ae35440e02e4aaa30420451dffa6c5c822ac9b6f488f5b4e9a21a8442b79958227f3aa3260b88114289af182db0e1816c8c56f9c814a0d5d708410417697669f7c7d0910cd7ea87752dfb8a51fc69b9b2e8405351d000804590dc65609af84d05a6b089e24ac205eb86d7c2e4aaa89976c22d4a35200a04a3de125ce47a3e939669b59b1b09f8d583b814ae42ea0d2531a2169ace543314fc93cf725c68744502f4404e870776f3e4ff8fe6677d7e5d5343e1c2f7385a4573b3cf9a7782dd934b9403089617078bc4eb3c4b587ee12104e1740c0213e79b2238e91f208fc7208de17f26d61ed4ae1906a3bffe66876718f3bc5ef821ea46b53e8b4558f45d42a9d1e55d1293bea103ef9a031dca7ed96c60b0e14d00db009e6f150b469bd525080662fc3cbf79d8d663feb029537598f30713f3d5b8f1689ac374bd27c1a25954a871b5e80b0f6e12cdb97d1c12256e655d8b8705f941c048e285c198bdafdf9deb76d82ecd64ee60be8fd74d1fd8b13e2f114eac7f23c024c536b0861f1fefa32ced5e717e069e0f058410eb9fbfd05946f21fca16af5278e7b"}, &(0x7f0000002e40)=0x1008)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000004040)={r2, @in={{0x2, 0x4e23, @loopback}}, 0x1, 0xffffffffffffffff, 0x1, 0xea26, 0x44}, &(0x7f0000002e80)=0x98)
recvmmsg(r1, &(0x7f0000002c40)=[{{&(0x7f00000002c0)=@pppol2tp={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000340)}], 0x1, &(0x7f00000003c0)=""/41, 0x29}, 0x1}, {{&(0x7f0000000400)=@un=@abs, 0x80, &(0x7f0000000740)=[{&(0x7f0000000480)=""/82, 0x52}, {&(0x7f0000000500)=""/22, 0x16}, {&(0x7f0000000540)=""/205, 0xcd}, {&(0x7f0000000640)=""/107, 0x6b}, {&(0x7f00000006c0)=""/127, 0x7f}], 0x5, &(0x7f00000007c0)=""/115, 0x73}, 0x1}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000840)=""/234, 0xea}], 0x1, &(0x7f0000000980)}, 0x9}, {{&(0x7f00000009c0)=@ipx, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000a40)=""/187, 0xbb}, {&(0x7f0000000b00)=""/196, 0xc4}, {&(0x7f0000000c00)=""/121, 0x79}, {&(0x7f0000000c80)=""/202, 0xca}, {&(0x7f0000000d80)=""/192, 0xc0}], 0x5, &(0x7f0000000ec0)=""/107, 0x6b}, 0x3ff}, {{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000f40)=""/128, 0x80}, {&(0x7f0000000fc0)=""/154, 0x9a}, {&(0x7f0000001080)=""/58, 0x3a}, {&(0x7f00000010c0)=""/170, 0xaa}, {&(0x7f0000001180)=""/49, 0x31}, {&(0x7f00000011c0)=""/69, 0x45}, {&(0x7f0000001240)=""/86, 0x56}, {&(0x7f00000012c0)=""/136, 0x88}, {&(0x7f0000001380)=""/147, 0x93}, {&(0x7f0000001440)=""/111, 0x6f}], 0xa, &(0x7f0000001580)=""/69, 0x45}, 0xffff}, {{&(0x7f0000001600)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000002b80)=[{&(0x7f0000001680)=""/185, 0xb9}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000002740)=""/175, 0xaf}, {&(0x7f0000002800)=""/69, 0x45}, {&(0x7f0000002880)=""/236, 0xec}, {&(0x7f0000002980)=""/204, 0xcc}, {&(0x7f0000002a80)=""/51, 0x33}, {&(0x7f0000002ac0)=""/17, 0x11}, {&(0x7f0000002b00)=""/50, 0x32}, {&(0x7f0000002b40)=""/54, 0x36}], 0xa}, 0x20}], 0x6, 0x40000000, &(0x7f0000002dc0))
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000002e00)=0x3, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000980)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_SERVICE(r3, &(0x7f0000002f00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000002ec0)={&(0x7f0000002f40)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000228bd7000fddbdf254300cc223b88040070a72678e3e3ee2a26efff0c000283f1fc0198a7cf7894eda9ffdf3d6f00080005000800000014000100080006007368000008000200060000000c0003000800efff02000000085583445c3df44ba5ae7ef3fe0a834d9fb7354b63f537b2d05a7082c790440d4638b29d3302e1c7dc71d672c2f080127cf497d9ee0cd83a7a49090520f89c96d5065d5b26fa27f09ae3c46614fc3ca30aa1"], 0x58}, 0x1, 0x0, 0x0, 0x400d0}, 0x40000)
r6 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r6, 0x0)

[ 2507.431020] sctp_setsockopt_maxseg: 20 callbacks suppressed
[ 2507.431030] sctp: [Deprecated]: syz-executor.4 (pid 2676) Use of int in maxseg socket option.
[ 2507.431030] Use struct sctp_assoc_value instead
[ 2507.438459] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2507.458285] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2507.459298] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2507.473049] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2507.473070] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2507.473090] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2507.473113] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2507.473134] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2507.490875] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:31:42 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00], [], [], [], [], [], [], []]}, 0x905)

[ 2507.508578] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2507.539400] sctp: [Deprecated]: syz-executor.3 (pid 2677) Use of int in maxseg socket option.
[ 2507.539400] Use struct sctp_assoc_value instead
09:31:42 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0x2, 0x8000)
fcntl$getown(r1, 0x9)
write$P9_RLERRORu(r2, &(0x7f0000000300)={0xd, 0x7, 0x1, {{}, 0x7}}, 0xd)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in={{0x2, 0x4e20, @multicast1}}}, 0x84)
r4 = msgget(0x2, 0x80)
sendmsg$kcm(r2, &(0x7f0000001580)={&(0x7f0000000340)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000500)=[{&(0x7f00000003c0)="a08f4ceaaeff66e200ee261e", 0xc}, {&(0x7f0000000400)="c616d629756746bfbf4f", 0xa}, {&(0x7f0000000440)="e35fb80fd6631516a3cdfce7ad90b11c41b48377f8d2845989ed28ee4e530092579b56b37e94fb7b246a47e2041b99e6ba5409372124d4465cbf50a220a67a27b6114725e908b32c28ed6780b3068d2475a24806649d3ed647167a08c7c0a16b5732253dd965019ab8a61f9a7a839d80ef7b4ae24706462006effa38e3beae185c0f96fae374edb7e8f00ba2e07eaa03d1ac506cf1ecf1dbe506ab138c8a562111ccd4c65699618cfe9d58a1e14c305bb68652b58149f27457d5a514b1", 0xbd}], 0x3, &(0x7f0000000540)=[{0x1010, 0x13b, 0x4, "39eaf4e472db8bad0e452c2c4bfcbbf6cb3dff681316d45ce7546feb02305d8971a4b8a7b886a55b535301719d117630182ee73f4bf0bceaa5681b7e63b9c79e6775cc1fd0a99aa0409e14fd0b436e76e855a09f5f59efcae187dae9cec1528c6ca9d2bc928666f177342d57cc57dda90f2aaeb7c805131e127488af1a11a02286d53ef2aeafd48c28f3b5c26047f6b12446cb7f04b9d2b39be81153613c0f524edb00eb0728066ab4fdd25cdafc05ef523c0edf83974e716f6360ace0edf4179b2c3004335d7d05cc726188e67b1f84d19395cbc3e953b94457f93cd705a6455a603d38f135b5b7afda7045f99a5d35516d2cfc207b7943fc301bd3f58be0bc9348511dcd5a6c1d0e5497f53fcf00b96ae6eb24f2aa5a0059a8a14fa76b643c74890933e52dcd0f1a9d4ede537ee13333778b7c05fe4f4eeb7c88d53234fa50130ababae62f291b344c2ac34339aeadaada70386c2dc0e067f5132be2cdd08f46dde3111c80044a92555c30119ef2c6bab3f1e1a69f27f63e61e22cbdae58cccf2d3725c18e1bea4787dbce6ed961238144b99dabbd8638a13f9683bf48f4866241877f037cb2a438f571fe7b4f8a6252e1339c42baa79a652f223ca3bd00218839f762e9bbb97245b6bf1ffc830e9b91c2e3424c594685b8f99b4fef672f2611f6083814ca4df0f71b9f10b6dfcd66e6c5b8705d2f0f1bb84a9216649314e1d3d15ca74703c37f8a1d370bce2d6e9e6aaca560b3c73de10ac63d8801e1b07f636eb798755f9b46f1348ea8fbbbf7ef92959bd507ac836670a69ceb36f55f2d638f2d12ceba7f98405fd45e7b47e50494a3e189c0dcdd9e72a3b974b05a3ee8989ebfe214f7dace2594215f279dc39bcd4645f728f0dceb9e01415f606f28646a725aaa674cfa7a4a40d3803e33df70fab66d82157e79c05263063f883677c8994e638947465ec7d7b63ca2c62ebfdcdc03e0e7d8f246932c12de3fbfcddcf60c259dc522a9ac1ece9287ee948166104c36f1bf68fdd9cbe7ce65da319da69571cfb591f121e56f786ebcfc96e619536cdc750df1e67de8d8086e004cc6311b41e6b1c0986499c4188ba66d126a83671de1b1e03f957433e2eac918f9c2440acb9bb1d8be30cc09536c4e240320658112f8397b81c819e09eeb7165aea100524fd0ce8c0bbc643341e1ec9586942bb09b908c4e8d48fe7cc95b33c9e95b03794de6c0aee32cf9ecf30999f843b113a9ce83c3b18d6ef73376c6e3c9ca8bda3825d6792b24f500f689ece095dd41a25cdbf5ef5fa8b79ae6f7d31505b43984f27bb47153b13e99ad0d7c264a7936e421a30986cfb60727c5bcebe11f6f96be05b9c014fc67dd3cd8e98942f0deb29396a9fd064465499feb80b1bf449cec4d353e835bb34e83e72153c29dd4b392c128d92a6d614f775a87ae0ff17b448a6d7c94f45c7989a48bb6de4906e950d62884fd7482f37b3ffefef43ac74a2a138c0ca114449b9bf807b9e9a20ac69b075dd6cdaeddfd3105b58503eebb3e8b324677781a304d45ceb910fb3dfc27447b07e71707402cbb1ad71c7ed4f751299b75ff82f838d35151c7899a006701f758fa6e25f2467476210d03b230919adaf3307717861b381128b4e968046ede84c27a6dcdc0ac81d8a85c719d25d8178a3d6f06eb0908be1a284fda45cc31904c9a3e18955c3e312f8fdd0b51c6f0d7a4b81e7dc062ec9bc790d54d59de4a09bd32328b4cffb73dec44c9dbda2ae9a3600616fd0904a86e9060c4e92b5331fe787b5d48ecab057031c7443a845902250b2b5b5a763db3b4a7ad3e313deab1b8aa0367497f74dc356bd038b7c8bd89c6b62ccd35a99b3aa59d275ecd917b295ccb9024d84292d3ac9875c4ef874e7c3c64419dcea5823fcf1f17742ef3bfea5225a586b254ee272233c3b79219693e48ed769749cec9c8d99055dff0a824410abbac0292e034d87768c684aa74641860c43b62c50ad7cb05a4422b616f015595bb4075427050019d012a0852d5d96a1c808514ca3d9c4db73e3cdc9d5289bb5eabb6ee0a967758960619a5193678951aec50138bfe560b215e297bd015ebbf3488b861ec0083147909bfc44c133da71595976b5762c52bdb32ed3b52c7babfc7e50263f2f3f86451252b46bbbc4159e537fd6ed8fc5efeb7aecb7451b6aba37b5bf04cfe64fd0c69bbce72fb1c1f0a204e6809200994714412a8a821400bad68794ac37733b0df9fef3c13df7f51bfc64819c6625b9e462130809617b2242330cf256976f913e48e47799e233de53a2edc92211aa7b167b1c7be7995dc20528e1f16fb94be51bd43198f54d32b6f6f6c1e47b8a4a725d07470707f6d4c7e2ab46822122f73e7d4fd0a5ac82e4f2b40e1c801b7ed5da19e476bbb3b048fd101ae98886c2cd27ec808d215585a7149dae4f921b57102ce4baae7cea240199d798d73e6bf397e45ca81436c2d2d01a7859928b93079731cbc25a2bea82c51821c2bd8100439170e4603848e5ed8789fd24a0454094efcfcb77e7a75058c88eed1a680751504353a902e468cd6c518a7824834796d0d615198d3fa911bccd96729c75381f35520c1d15e88db83834b2aaf0d6f9048cc7bdb1e7000b4263e32b04f3841a661b20d610f77e875ba1a71b4492e5b2a80e0b3acc78c3b85aadc0dee9de43244dca08f83e6d381ff76425266e709bbed4ca52ff8f65a6b785ce54e54cb3bfc4220fb377ad169e9345f07bcc9ba8ff605f1b8b2b3b6f4147f88bced3a7d65864fb40cdb84c4d10b224d556dce1aef242fd13bf59a57585db106007fb3549691fcb495a5db46b3706c7816a432fe3ec9d5abc9114a4b6ec46ecd9d2f563c40d99efba0ca75b9be50ab117e06bb9f9cb1ecda42d564c6853f602cb06133fe7e00f35f9fc65592bd981f8e3c041e09bdf79401145a415cee57c25cecb1d8dc0b0096666e9175cba292bedd2f09807cbe5ebed8551b4b9d034bc32e4b3e0bf19410d2833cc5df2c449b4670e37f8c968635b07f5d110c19be435dc771c51430a51ea829e5ddc015835aae81c7fb180fec4d3b65e63401c8f97b2a20b74e00ce60547f657f550f98e6977e57db370e1a1454c2a47c997d9b02e9804c112cdff989b5607ceacb9641fd6db3a2c6a128695af8a7695bbd43368b9085b82975c05c3a0620c48f8cb2dd71e7b1853270ee1f72de49a05bbb754fb624f0d9c595cfe76660db041fb1e54755c98d9c1cc86f370542918c584268bc25798cafa14f076a38241d18adc19d6d999a98ba9dfa3c18f79fb564626e11ff798c3b5fa8d97eab7ca3b6ce7f5a24c3a05b85f05e93367205c4300fd98a4e9b6d603beb2fb225ac54ce63f7f064614f2192a99ba7eb1055f5e91a217f387c5ea6b9a1d2f8d1513216fc4bb4b498a13a5f4a1923e019485c641e8bb58a3776941014767b5a2e24df636d409085a7065f50d4ffad6ce1fd0e3df09c4be15a747f989abdbc8a8c86475cbbb575b2dda9f58477a49abdc6760d54b43640309692227d83188fb0b43e0d9b9ed448f9dfa416b78a06c70a8f5cca182852c5f488830d48e94497d3863c291bb4fe45d8d68dde39eb84f8968e4f5edd6c5193b7d268da5cd55249895746d5be54f69e68dd063ac847c7e11c6f6af68f68f6580e4719f6cb4ba1993a514ed2a9f4544b093eb5c570e5045104dad8bd74514f80dfc9a693880e28221fb5d0774ca3c0d1da4f440ceb1871b9f1ea52c25d41a9a6cd552ae68e81be59fddbe98e55e949bae8d5ca3af7c647ddd716da0f2aaafd600ef5f5909221a706d4b8f6545dfa85f94700021826cff2a684dbabe33d214596abd1440aab14034aec77d2921f1074d911c186b81bdf0aa13c16220d7c0d3a1386bff66738e13e1560d2f71b2cfcdd1b1ef0ac167d2c04e08bc8c42a5ad704ba7cfba89d92e1abbd150b5ebd1e988dd11a032169a4c74020cfe2a1517ede597adf55728fc8b93795247687d9133ee83b5e4d1365470f7718eab1c0a1cd65be525bab1392cb4dfff156ddcca4fcaf2c86e5c1258ade7dd0d30a2970c0b0f395b0067f8d6ce961bfcae7d3c13f1d4f566e31c511fc5c15aa44ea8fedd5bade2f1814430c698677c71209f9548be77b5a56676ac2c381273c5c5439f3e12e0a4dab28f9d544c63226efb756c157b3e1787dbb33b995eb171205990b2bfb188e0a5f84959b707862ba2159aa8700b1a11936fa0d20659c54b0aa35fcccc87b3931f3118d1f2d71bcb202728d49390ac7c1eeac28f956b152041e2fa82f5c39b7b268529584bc2bf4a75f0fb0a727979a678962825af871918f179e13199cadbbe46e2b8e83ba046284cbac5629fe0c33540b57884af6076c54f55c9a83dc8d497f18d1f17091e9609f27cd28be5c40a2adb73200c2ca1cd1150a81b3a7e4cc4e74200e68ce6e732215a45a46528c75ae386d86935ec7576d5a555837319fab6ee20e409a9f6dd1ae5e349c3164ab29b07c98f61a7ed4b14e59e48173efe3f3ddd4699e80618e0e23c077aea20c9cd5835557e9debe4629cb842aca8f1335a80261584661c641a3133931bb6982779ed960e5aec9a28788ea1cac0cac6ce5415b47e78b24f4afe75baead851e8b22b1c4f319c9dcc816f3b9998a194d9d73e40728d0e4a2b88c785858d8d725fd8c57bfb1f96855adab8b1d9b2c3aba93e549dd31135ba68d050d75db7b8f71a538ac2294f52fb2469e9a0f03c0e1cf63a60c4747daca4eef82d74582b4c754b5b0d96b659d097d07eebdee402af091531933445d2ab3da9d54acc88f2a15df70c67d5a1f8e2430d27335b442e486fc98d06bce2918c2f92227808f037ecce01045dd94a9415c5400e67d48c748e65cd33210e703d8440aad4921b13fb0c24d18ec921f63b92ac40a3f0cdff7caa01e62bc906a335bd6774aa8a7e9956bfd8cce3184ff70931d585d23564e5824c1a83e3c55cef27428ba3228ff50fc25a6613753609cb1ae514ee876d624b802e77900ba2cfe701c139e208e4919a951e1daa450545d84e3039d37a3a48a5ef2e30220161b611e358f04c5260d463ff5d6c2bb458663132b217c0b295abd1f11785b392072de15a6834fdfb85a4c11764e2b086e6ece36f303c4a4a1d4dc64b15df6b0ef678cd3b8338e3a32e2654d4fdb97b9eab39bcebfad0dd30ee53bdf2d3d2f7b1e8161c84b1da7ead6d5b97fef3ab0fba504bfda81a10def2993d58460194fbc9e8f5cac7b32cce5e9471d709471a5b913d5be9f35d806d5c91a37bcc0636932e43b06407222f9327e6121835111f3abd76bc9d7baef353ea116013feea22f2b7a9f670db12dbcc52ed2b482f456265368edd267e88fa68fe47658357e9996442b313405502eb2dcf79a979b66a4f416d53d825559fad2e44a5acd4374e0f40f4d53b6b5cb44cadfdbb7ddbc195b667abfef7b46cdfe318b4e102af34ca143a7fda0cd4a9e50162cf385086ba530037deae465f8df824b66d372f4d62bc3eb9fec75969e1a95bb511cfa2db43cd75a8307ae19853c0de039c5507e91880a6f7c02c8e4ae29653a13e084c0b66e9fe26728401556f7fd634585e5d87a61be9e5607ec4b9aa4cf908fc76f16894cb4cf009609f4fab6f93abba3d887486025c4beec5732e85210755a8192aa61d1a0d32faf3e5b9564a2f46c6833a406094ea9c317a695e19ab3125cbf3119800bceb374090e49a869052da2437799fd69512958644ff0ababf23cefb196b608f7ccb182d74a94ee2f1439f2e8d691613c8507b0a64070de2cd0"}], 0x1010}, 0x800)
ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f00000015c0))
msgctl$IPC_RMID(r4, 0x0)

09:31:42 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700000000000000], [], [], [], [], [], []]}, 0x934)

09:31:42 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d00], [], [], [], [], [], [], []]}, 0x905)

[ 2507.668245] sctp: [Deprecated]: syz-executor.4 (pid 3043) Use of int in maxseg socket option.
[ 2507.668245] Use struct sctp_assoc_value instead
09:31:42 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x88000, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)

[ 2507.750323] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2507.759249] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2507.764528] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2507.773416] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2507.782321] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2507.791378] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2507.800289] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2507.809211] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2507.818100] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:43 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000580)='/dev/vcs\x00', 0x121401, 0x0)
connect$vsock_dgram(r3, &(0x7f00000005c0)={0x28, 0x0, 0x0, @hyper}, 0x10)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vga_arbiter\x00', 0x400, 0x0)
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)
r6 = accept$packet(r3, 0x0, &(0x7f00000006c0))
sendmsg$netlink(r3, &(0x7f0000000740)={&(0x7f0000000680)=@kern={0x10, 0x0, 0x0, 0x80400001}, 0xc, 0xfffffffffffffffd, 0x0, &(0x7f0000000700)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x28, 0x1, 0x1, [r6, r1, r0, r1, r0, r0]}}], 0x40}, 0x5)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f0000000480)=<r7=>0x0)
ioctl$VIDIOC_S_STD(r3, 0x40085618, &(0x7f0000000640)=r7)
ioctl$TIOCLINUX7(r4, 0x541c, &(0x7f0000000400)={0x7, 0x10001})
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000600)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NETID(r4, &(0x7f0000000540)={&(0x7f0000000440), 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r8, 0x410, 0x70bd2b, 0x25dfdbfd, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x2}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000001)
ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f0000000780)=""/63)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f00000007c0)=0xffffffffffffff9c)
r9 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm_plock\x00', 0x1, 0x0)
getsockname$netrom(r9, &(0x7f0000000300)={{0x3, @default}, [@default, @default, @rose, @rose, @netrom, @default, @remote, @rose]}, &(0x7f0000000380)=0x48)

[ 2507.841418] sctp: [Deprecated]: syz-executor.3 (pid 3121) Use of int in maxseg socket option.
[ 2507.841418] Use struct sctp_assoc_value instead
[ 2508.076242] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:43 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000200", 0x2e}], 0x1}, 0x0)

09:31:43 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [], [], [], [], [], [], []]}, 0x905)

09:31:43 executing program 3:

09:31:43 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff00000000], [], [], [], [], [], []]}, 0x934)

09:31:43 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1, 0x40)
bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbff, 0x800}, 0xc)
socket$isdn_base(0x22, 0x3, 0x0)

09:31:43 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$vcsn(&(0x7f00000006c0)='/dev/vcs#\x00', 0x9, 0x0)
getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000700)=0x8, &(0x7f0000000740)=0x2)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
r3 = accept4$ax25(0xffffffffffffff9c, &(0x7f00000004c0)={{}, [@bcast, @rose, @default, @remote, @remote, @rose, @bcast, @default]}, &(0x7f0000000540)=0x48, 0x800)
sendto$ax25(r3, &(0x7f0000000580)="299b42a8d15185c310affffd572c573070a8da643bf7ff9b94bc619b6e1f5a97154a5e97d8cd8ea6ea7c940190e3bcff98a65dc96e5ed2301cb6802b2e844818332c390c8b343896703a94b1aac97df40935fa4af69a31c99b6f31cc31a59d38ea1febeb3de914d034d9ce39ff0d3e3180ccfd4393838d4ccf829bf62bf0084e128184d51d0324ae2c37062ba5abe96a9c48f6cdc7edc82e1d576ef6d4d5f3136e824cbec267f431c1868dcb7b1acece6e319b9b296849eb722e67916e470d", 0xbf, 0x8001, &(0x7f0000000640)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast]}, 0x48)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = msgget(0x2, 0x80)
socketpair(0xb4c7e2a4b281f45f, 0x4, 0x5, &(0x7f00000002c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
prctl$PR_GET_SECUREBITS(0x1b)
ioctl$SIOCX25SFACILITIES(r6, 0x89e3, &(0x7f0000000300)={0x72, 0x60000000000, 0xb, 0x6, 0x1, 0x81})
msgctl$IPC_RMID(r5, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000440)={r4, 0xc8, &(0x7f0000000340)=[@in6={0xa, 0x4e20, 0x0, @mcast1, 0x9}, @in6={0xa, 0x4e21, 0x4, @remote, 0x100000001}, @in6={0xa, 0x4e20, 0x5, @local, 0xf9d}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e24, 0x5, @mcast2, 0x7fffffff}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e22, 0x200, @dev={0xfe, 0x80, [], 0x19}, 0x2}, @in6={0xa, 0x4e22, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x401}]}, &(0x7f0000000480)=0x10)
prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b)

09:31:43 executing program 3:

[ 2508.297367] sg_write: 9 callbacks suppressed
[ 2508.297395] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2508.297395]    program syz-executor.0 not setting count and/or reply_len properly
[ 2508.311637] sctp: [Deprecated]: syz-executor.4 (pid 3375) Use of int in maxseg socket option.
[ 2508.311637] Use struct sctp_assoc_value instead
[ 2508.335482] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2508.344251] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2508.349481] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2508.358411] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2508.367322] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2508.376363] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2508.385293] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:31:43 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x0, &(0x7f0000000340)=ANY=[], 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, 0x0, 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x20000000, 0x8002)
setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000040), 0x4)
socket$isdn_base(0x22, 0x3, 0x0)

[ 2508.394190] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2508.403082] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2508.432777] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:43 executing program 3:

[ 2508.487265] audit: type=1804 audit(1561282303.607:94): pid=3499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir187601015/syzkaller.AfVt5B/5748/file0" dev="sda1" ino=16770 res=1
09:31:43 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [], [], [], [], [], [], []]}, 0x905)

09:31:43 executing program 3:

09:31:43 executing program 4:
setrlimit(0x9, &(0x7f00000003c0)={0x81, 0xb})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x1, 0x80000000001080)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000640)={{{@in=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000740)=0xfffffffffffffe21)
r5 = getuid()
nanosleep(&(0x7f00000002c0), &(0x7f0000000300))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f0000000500)=0xe8)
setresuid(r4, r5, r6)
msgctl$IPC_RMID(r3, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000280)={0x2, 'tunl0\x00', 0x4}, 0x18)

[ 2508.666973] sctp: [Deprecated]: syz-executor.4 (pid 3687) Use of int in maxseg socket option.
[ 2508.666973] Use struct sctp_assoc_value instead
[ 2508.693802] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2508.693802]    program syz-executor.0 not setting count and/or reply_len properly
09:31:44 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100200", 0x2e}], 0x1}, 0x0)

09:31:44 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], [], [], [], [], [], []]}, 0x934)

09:31:44 executing program 3:

09:31:44 executing program 2:
r0 = socket$caif_seqpacket(0x25, 0x5, 0x4)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0x6, 0xc20c})
r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x80, 0x200000)
ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x400000, 0x0)

09:31:44 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], [], [], [], [], [], [], []]}, 0x905)

09:31:44 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
r4 = dup2(r0, r1)
setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f00000002c0)=0x7, 0x4)
msgctl$IPC_RMID(r3, 0x0)

09:31:44 executing program 3:

[ 2509.012442] sctp: [Deprecated]: syz-executor.4 (pid 3916) Use of int in maxseg socket option.
[ 2509.012442] Use struct sctp_assoc_value instead
[ 2509.042248] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2509.042248]    program syz-executor.0 not setting count and/or reply_len properly
[ 2509.069467] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:44 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0xfffffffffffffe71)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
r4 = syz_open_dev$cec(&(0x7f00000002c0)='/dev/cec#\x00', 0x1, 0x2)
ioctl$GIO_FONTX(r4, 0x4b6b, &(0x7f0000006700)=""/4096)
set_mempolicy(0x3, &(0x7f0000000600), 0x9dad)
r5 = request_key(&(0x7f0000000380)='blacklist\x00', &(0x7f00000003c0)={'syz', 0x0}, &(0x7f0000000400)='/dev/cec#\x00', 0xfffffffffffffffa)
r6 = request_key(&(0x7f0000000540)='big_key\x00', &(0x7f0000000580)={'syz', 0x1}, &(0x7f00000005c0)='/dev/cec#\x00', 0x0)
keyctl$instantiate_iov(0x14, r5, &(0x7f0000000500)=[{&(0x7f0000000440)="fba61c998ca0164fa23b55151487e7ae5424598fde6b27d0b9b9df8280259093f3a0ae74f7c606888728c63747e70e984dcd42d1b536a7af5c1dee53dc7f7c34c366d982444cfe895356a015a8804785504c9cf588e8a092f98bb349a4408e04e8656d0a736730c8cd4b5f3caf54751e570ce933e8b51c662b93aa3df1d2b08d8cb86a23689f4137cb2dccadd01dfd1672dc7bb213ae36cdce218571cc894d65f7d1d4e7e9732650a9ab0087ce9401b6856647dda14393e472c92f07f3b9d1dd", 0xc0}], 0x1, r6)
setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000300)=0x8, 0x2)
r7 = semget$private(0x0, 0x5, 0x0)
getsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000640), &(0x7f00000016c0)=0x5b6a16a2c79c49eb)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000007c0)={'team0\x00', <r8=>0x0})
sendto$packet(r4, &(0x7f0000000680)="223e14a47e43edc6e2988d403be1ab285b40594da16cc1c35c826d3425f4b706f93d2d6de6d2d6bc87d3a74a1d9a1a708020c1fa76fa955088f71ed59c25e44d4cc300dc9724f92501bc40f68802235d2cf049218d10344f89d68b3e7cfa70e60c1dbfa43c5eb3d9d08ee61baa56b19bfa3a44dfd8a0169f47b3ece0205273f624b02b177169bf1318bb97d45df3774f58524f80301747cdf77acfea149656b0cafae7434d495c3e89fa60f4821d444a3806e8f17028a6f7741ee90d7850808869308156e2c6afac1d736cc8314d36c7445db498", 0xd4, 0x8080, &(0x7f0000000800)={0x11, 0xc, r8, 0x1, 0x80000001, 0x6, @random="fba5fe67c380"}, 0x14)
semctl$SETVAL(r7, 0x3, 0x10, &(0x7f0000000340)=0x6d)
msgctl$IPC_RMID(r3, 0x0)

09:31:44 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [], [], [], [], [], []]}, 0x934)

09:31:44 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], [], [], [], [], [], [], []]}, 0x905)

[ 2509.256953] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2509.265788] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2509.271095] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2509.280016] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2509.288956] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2509.297864] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:31:44 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f00000002c0), 0x4)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e20, @multicast2}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="c0dc00025e0b01047be070")
r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0)
fadvise64(r1, 0x0, 0xd538, 0x4)
socket$isdn_base(0x22, 0x3, 0x0)

[ 2509.306759] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2509.315649] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2509.324533] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2509.354700] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2509.354700]    program syz-executor.0 not setting count and/or reply_len properly
[ 2509.390309] sctp: [Deprecated]: syz-executor.4 (pid 4341) Use of int in maxseg socket option.
[ 2509.390309] Use struct sctp_assoc_value instead
09:31:44 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000300", 0x2e}], 0x1}, 0x0)

09:31:44 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x400000, 0x0)
setsockopt$inet6_dccp_int(r0, 0x21, 0x1, &(0x7f0000000080)=0x7f, 0x4)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000040)={0x31, 0x6, 0x0, {0x5, 0x2, 0x8, 0x0, 'eth0ppp0'}}, 0x31)

09:31:44 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [], [], [], [], []]}, 0x934)

09:31:44 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], [], [], [], [], [], [], []]}, 0x905)

09:31:44 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$swradio(&(0x7f00000002c0)='/dev/swradio#\x00', 0x1, 0x2)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000300)='lp\x00', 0x3)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:44 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
ioctl$VIDIOC_G_SELECTION(r1, 0xc040565e, &(0x7f00000002c0)={0x3, 0x102, 0x3, {0xda77, 0x3f, 0x5, 0x100000000}})
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2509.615519] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2509.624341] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2509.629559] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2509.634322] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2509.634322]    program syz-executor.0 not setting count and/or reply_len properly
[ 2509.638673] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2509.663467] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2509.672325] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2509.681228] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2509.690116] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2509.699026] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2509.713930] sctp: [Deprecated]: syz-executor.3 (pid 4456) Use of int in maxseg socket option.
[ 2509.713930] Use struct sctp_assoc_value instead
[ 2509.716976] sctp: [Deprecated]: syz-executor.4 (pid 4462) Use of int in maxseg socket option.
[ 2509.716976] Use struct sctp_assoc_value instead
[ 2509.791055] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2509.794325] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2509.794325]    program syz-executor.1 not setting count and/or reply_len properly
09:31:44 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], [], [], [], [], [], [], []]}, 0x905)

09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='trusted.overlay.origin\x00', &(0x7f0000000340)='y\x00', 0x2, 0x2)
modify_ldt$write2(0x11, &(0x7f0000000380)={0x5bce79f5, 0x20100800, 0x4000, 0x2, 0x5, 0x80, 0x6, 0x4, 0x0, 0x1}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x0, 0x10)
msgctl$IPC_RMID(r3, 0x0)

09:31:45 executing program 2:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x88200, 0x180)
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
ioctl$TUNSETGROUP(r0, 0x400454ce, r1)
r2 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f0000000000))
seccomp(0x0, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x1c2, 0x9, 0x798, 0x6}]})

[ 2509.990205] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2509.990205]    program syz-executor.0 not setting count and/or reply_len properly
09:31:45 executing program 4:
r0 = syz_open_dev$audion(&(0x7f00000002c0)='/dev/audio#\x00', 0x8, 0x80000)
bind$rds(r0, &(0x7f0000000300)={0x2, 0x4e22, @local}, 0x10)
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x80000, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000640)={{{@in=@local, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@loopback}}, &(0x7f0000000740)=0xe8)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000780)={@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7e, r3})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000e8a000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000e26000/0x3000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000e02000/0x1000)=nil, &(0x7f0000ece000/0x1000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab90e14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000340)={0xe, {0x20000000, 0x5, 0x8000}})
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)

09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/btrfs-control\x00', 0x4100, 0x0)
write$rfkill(r3, &(0x7f0000000300)={0x7453d276, 0x5, 0x1}, 0x8)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:45 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys//ipv4\xab\xf6s/snat_reroute\x00\x00\x00\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000001040)={0x1000, &(0x7f0000000040)=""/4096})
syz_open_dev$sndpcmp(&(0x7f0000001080)='/dev/snd/pcmC#D#p\x00', 0xf1b, 0x2)

09:31:45 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100300", 0x2e}], 0x1}, 0x0)

09:31:45 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [], [], [], [], [], []]}, 0x934)

09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000002c0)={<r2=>0x0, 0xf4, "8f5475fd1a0b061745973dba9ef07fe5d242c2dfce8777ef60acc0cc77de440fb3f5be75896d72a94856a02971a62a53421e001c3f1426fc70ea483165187877c76eaeb23bb803b909e7c977d387fddfc1a3820cd5fbaeff2465e01714d47ffd58d31d2c8ee47e1b2fc5f9b314a6e84716a2ad6d9dc35c1fe1ca03880708a55d1c19118891bd5041232713d1deadb00b7686108514d0af58ca2c85069d1685cd109213d5c3ea9cd6e4f3440cbf98dfdd4db9c701c86fc2f4888c91dfbbe79a69acf1b1e5224b4046c3e354d4b7f51adabf2aa0051c35c5b1be67a4a55b74dd7b2df82bf1c9e42cd85352145a69e4de2170725484"}, &(0x7f00000003c0)=0xfc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000400)={r2, @in6={{0xa, 0x4e21, 0x0, @rand_addr="9a863f97333645fa86def6bb5c1cda9d", 0x7}}, 0x200, 0x1, 0x8, 0x800, 0x40}, 0x98)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:45 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], [], [], [], [], [], [], []]}, 0x905)

09:31:45 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x1, 0xa, [0x7, 0x10000, 0x3, 0x0, 0x800, 0x5, 0xfffffffffffffff9, 0x0, 0x2, 0xfffffffffffffffe]}, &(0x7f0000000380)=0x1c)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000400), &(0x7f0000000440)=0x4)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0, 0x1}, &(0x7f0000000500)=0x8)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000580)={<r2=>0x0, 0x2}, &(0x7f00000005c0)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000540)=@assoc_id=r2, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r3, 0x890b, &(0x7f0000000600)={@null='               \x00', 0x7, 'bcsf0\x00'})
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)

09:31:45 executing program 2:
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
pwritev(r0, &(0x7f0000000a00)=[{&(0x7f0000000800)="0bc01fb3712df777262defa44fbf469e2e1ef9caeb8ef2fd18fde4985a67e4ed71e5457147a43b9a2fea358ee2bf79871d5b76ed27b3cf080db2b3c25f82ba7df2c684a1a8f6e365c5bba3ef70844a6b9926c9fda903bbdbc6d3fb03fd7d3811fa64985e610699", 0x67}, {&(0x7f0000000880)="5f0ceecd67feb6dda8f1", 0xa}, {&(0x7f00000008c0)="dc797efee5d4c37c0b8a8f8f7128a1baa9eac4cf6e05e8a77b67ff48e9201f1c3026707bb0ea34ed5d4e8c641afa6ba6f25d92eef6d46bac38c8de05f3fee3fc318895a03d426dbf3f8114c1bc127c02f7bb7ae9c5b5c6f6227d7b21d5d1fa27dc55d769b30f0621e5eca9a753797c394774dc879a6167b8efd6fb2cfc6bddaaec5411713f1e6e2c6317f22a9e4b566eb4fa8bf91e59450bce189a1926fe193cccd3d5b23884f1eb2891f427a3e2b7e868ec610b5ffddb45546e48666827dc7d11", 0xc1}, {&(0x7f00000009c0)="91bbda58f68059ed99e25ae8f812a1f2a08d82c77201c4d3195ab45884", 0x1d}], 0x4, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x2)

[ 2510.457903] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2510.466701] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2510.471920] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2510.480985] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2510.489894] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2510.498816] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2510.507728] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2510.516626] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2510.516645] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2510.528710] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2510.528710]    program syz-executor.0 not setting count and/or reply_len properly
09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x2f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000df5000/0x2000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000c7a000/0x2000)=nil, &(0x7f0000c1d000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000c4d000/0x1000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000100)=0x6)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e21, @empty}}}, 0xfffffffffffffe6d)
r3 = msgget(0x1, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2510.563684] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:45 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
ioctl$NBD_SET_BLKSIZE(r1, 0xab01, 0x1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vga_arbiter\x00', 0x800, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)

09:31:45 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x2, 0x100)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000040)={<r1=>0x0, 0xfffffffffffffff7, 0x30, 0x3, 0x40}, &(0x7f0000000080)=0x18)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={<r2=>r1, 0x5}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000140)={r1, 0x100, 0x2, 0x8001, 0x3ff, 0x1, 0x7fffffff, 0x3, {r2, @in6={{0xa, 0x4e21, 0x0, @local, 0x4}}, 0x80000000, 0x8, 0xfffffffffffffffb, 0x8, 0xc}}, &(0x7f0000000200)=0xb0)

09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x2f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000df5000/0x2000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000c7a000/0x2000)=nil, &(0x7f0000c1d000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000c4d000/0x1000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000100)=0x6)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e21, @empty}}}, 0xfffffffffffffe6d)
r3 = msgget(0x1, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:45 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000], [], [], [], [], [], [], []]}, 0x905)

[ 2510.767163] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2510.767163]    program syz-executor.0 not setting count and/or reply_len properly
09:31:45 executing program 3:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x2f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000df5000/0x2000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000c7a000/0x2000)=nil, &(0x7f0000c1d000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000c4d000/0x1000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000100)=0x6)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e21, @empty}}}, 0xfffffffffffffe6d)
r3 = msgget(0x1, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2510.818899] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2510.818899]    program syz-executor.1 not setting count and/or reply_len properly
09:31:46 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000400", 0x2e}], 0x1}, 0x0)

09:31:46 executing program 2:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/vcs\x00', 0x14000, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000001400)={0x81}, 0x1)
socket$isdn_base(0x22, 0x3, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)

09:31:46 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000], [], [], [], [], [], [], []]}, 0x905)

09:31:46 executing program 3 (fault-call:1 fault-nth:0):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:46 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r3 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x6e5, 0x80)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000300)={r1})
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)
getgid()

09:31:46 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [], [], [], [], [], []]}, 0x934)

[ 2511.267972] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2511.277040] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2511.282258] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2511.291158] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2511.300060] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2511.308964] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:31:46 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:46 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000], [], [], [], [], [], [], []]}, 0x905)

[ 2511.317855] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2511.326769] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2511.335739] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:46 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50], [], [], [], [], [], []]}, 0x934)

[ 2511.458398] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:46 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
write$binfmt_elf32(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0xffffffff, 0x6, 0x7a30, 0x8, 0x0, 0x2, 0x3e, 0x1, 0x2b2, 0x38, 0x105, 0x8, 0x3, 0x20, 0x1, 0x6, 0x800, 0x6}, [{0x3, 0x80, 0x7, 0x80000001, 0x6, 0x1ad, 0x0, 0xa6}, {0x6474e557, 0x401, 0x9, 0x5, 0x1, 0x6, 0x8, 0x7ff}], "b9f34a96490afa0d3a238c43bb6d959ad355555f6e0638f904ccade5c80b294f09aba299eb94ff97142e254321b8db84120e53191b6bd0c1b07f0524f40fd6ea17ffbc081146255b4028e0594c85", [[], []]}, 0x2c6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:46 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x4000)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000100)={'TPROXY\x00'}, &(0x7f0000000140)=0x1e)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x5, 0x80000)
ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000040)=0xfffffffffffffff9)
write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000080)={0xe, 0x2, 0x0, 0x0, 0x28, "4cbd91f568e56fca4c49af9ebfe4f7fd29bbbeec1df6e21d83822a8defd94d860243ec2156032d90"}, 0x34)

09:31:46 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2511.860238] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2511.869042] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2511.874351] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2511.883256] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2511.892213] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2511.892256] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2511.910526] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2511.910547] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2511.910564] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2511.984238] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:47 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100400", 0x2e}], 0x1}, 0x0)

09:31:47 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000], [], [], [], [], [], [], []]}, 0x905)

09:31:47 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:47 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000c8c000/0x4000)=nil, &(0x7f0000feb000/0x13000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000c0f000/0x4000)=nil, &(0x7f0000f46000/0x2000)=nil, &(0x7f0000e58000/0x1000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bad797f2f3935b0fb56910aa3552576782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:47 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = shmget(0x1, 0x4000, 0x78000004, &(0x7f0000ffa000/0x4000)=nil)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f0000000040)={{0x2, @name="3b103c0db29bc63bd97d3bbff3f4fe34a918ef563bd6ccf4a3b10a1ca1322a81"}, "b02b0d8ac53325b30f2394e96a47d12f13b6b25838e181afcb19844045353997", 0x2})
r2 = shmget$private(0x0, 0x3000, 0xa, &(0x7f0000ffa000/0x3000)=nil)
shmctl$IPC_RMID(r2, 0x0)

09:31:47 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87], [], [], [], [], [], []]}, 0x934)

[ 2512.205069] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2512.214847] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2512.220643] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2512.230410] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2512.235271] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:47 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:47 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], [], [], [], [], [], [], []]}, 0x905)

[ 2512.239549] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2512.257461] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2512.266640] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2512.275918] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2512.285395] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
09:31:47 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070")
msgctl$IPC_RMID(r3, 0x0)

09:31:47 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x6, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:47 executing program 2:
rt_sigaction(0x2d, &(0x7f0000000080)={&(0x7f0000000000)="c4c1f85a670e660f1b4900360fc07e0a8f0978e2bce30400000047dbf43e1cccc482b90b6f000f56cb660f7c06f3a4", {0x7}, 0x0, &(0x7f00000001c0)="c4437905abfcffffff4743c3c4625197f526410faeecc4a1445e9174000000c4c17852b282ffffffc4e3ad78ec01d93e0fbfeac441797e62e7"}, &(0x7f0000000140)={&(0x7f00000000c0)="c44219bab6ca000000660f383173fe66f247a7c403fd012d7000000078c48279df54398e47ee66f3abccc42278f2f4f30f5843be", {}, 0x0, &(0x7f0000000100)="46decbf042fe00dc12c40231460c04c4a16572f7002e3e26f3f0418361000ac4c2fd2a058690000042dbd2c46259aa4d00c441496010"}, 0x8, &(0x7f0000000180))
socket$isdn_base(0x22, 0x3, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x100, 0x0)

09:31:47 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], [], [], [], [], [], []]}, 0x934)

[ 2512.467426] sctp_setsockopt_maxseg: 12 callbacks suppressed
[ 2512.467435] sctp: [Deprecated]: syz-executor.4 (pid 6384) Use of int in maxseg socket option.
[ 2512.467435] Use struct sctp_assoc_value instead
[ 2512.575615] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2512.586453] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2512.592099] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2512.602219] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2512.611697] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2512.622541] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2512.631868] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2512.641144] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2512.650433] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2512.834321] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:31:48 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000500", 0x2e}], 0x1}, 0x0)

09:31:48 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000], [], [], [], [], [], [], []]}, 0x905)

09:31:48 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:48 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/checkreqprot\x00', 0x2000, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x22, &(0x7f0000000340)=""/100, &(0x7f00000003c0)=0x64)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
r3 = dup3(r2, r1, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x16})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)

09:31:48 executing program 2:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x101000, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)

09:31:48 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], [], [], [], [], [], []]}, 0x934)

[ 2513.043337] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2513.052075] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2513.057526] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2513.066436] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2513.066461] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2513.066485] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2513.066505] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2513.102017] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2513.102038] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:31:48 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c000000], [], [], [], [], [], [], []]}, 0x905)

09:31:48 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7f, 0x10000)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=<r1=>0x0)
r2 = gettid()
write$P9_RREAD(r0, &(0x7f0000000140)={0xa6, 0x75, 0x1, {0x9b, "d6ffaf8a05d50137f9dcfe708d6ba7c386110181927ed8d35518b939309ab3dcd0784a9d4dd0dda4c1585e99681e0c52e51c1d63c24f3ceee69b875a32c638d056b88c4012fb53df5e987f59601c0fdfcd0aa5a7b8596bdcaf0be078e3cbdae99fa94093dbbe924c4b4fef0e26127f606a03e4a45331bf5841472405baad1864b4806eda5e41791508a647f6121a67a681a0c2f1117de7d13bb4f6"}}, 0xa6)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f00000000c0)={r0, r0, 0x2})
ioctl$PPPIOCGFLAGS(r0, 0x8004745a, &(0x7f0000000240))
fdatasync(r0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0)

09:31:48 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2513.135949] sctp: [Deprecated]: syz-executor.4 (pid 6707) Use of int in maxseg socket option.
[ 2513.135949] Use struct sctp_assoc_value instead
[ 2513.187371] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
09:31:48 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000], [], [], [], [], [], [], []]}, 0x905)

09:31:48 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x9, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2513.298588] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2513.319059] CPU: 1 PID: 6704 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2513.325998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2513.335370] Call Trace:
[ 2513.337970]  dump_stack+0x172/0x1f0
[ 2513.341651]  dump_header+0x15e/0x929
[ 2513.345377]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2513.350491]  ? ___ratelimit+0x60/0x595
[ 2513.354387]  ? do_raw_spin_unlock+0x57/0x270
[ 2513.358809]  oom_kill_process.cold+0x10/0x6ef
[ 2513.363327]  ? task_will_free_mem+0x139/0x6e0
[ 2513.367842]  out_of_memory+0x936/0x12d0
[ 2513.371829]  ? lock_downgrade+0x810/0x810
[ 2513.375991]  ? oom_killer_disable+0x280/0x280
[ 2513.380493]  ? find_held_lock+0x35/0x130
[ 2513.384575]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2513.389422]  ? memcg_event_wake+0x230/0x230
[ 2513.393755]  ? do_raw_spin_unlock+0x57/0x270
[ 2513.398173]  ? _raw_spin_unlock+0x2d/0x50
[ 2513.402327]  try_charge+0x1028/0x15b0
[ 2513.406133]  ? find_held_lock+0x35/0x130
[ 2513.410209]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2513.415066]  ? kasan_check_read+0x11/0x20
[ 2513.419225]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2513.424093]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2513.428687]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2513.433642]  __handle_mm_fault+0x1e50/0x3f80
[ 2513.433648] sg_write: 7 callbacks suppressed
[ 2513.433679] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2513.433679]    program syz-executor.0 not setting count and/or reply_len properly
[ 2513.438060]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2513.463390]  ? find_held_lock+0x35/0x130
[ 2513.467464]  ? handle_mm_fault+0x322/0xb30
[ 2513.471729]  ? kasan_check_read+0x11/0x20
[ 2513.475887]  handle_mm_fault+0x43f/0xb30
[ 2513.480026]  __do_page_fault+0x62a/0xe90
[ 2513.484106]  ? vmalloc_fault+0x740/0x740
[ 2513.488174]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2513.493197]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2513.498173]  ? page_fault+0x8/0x30
[ 2513.501728]  do_page_fault+0x71/0x57d
[ 2513.505533]  ? page_fault+0x8/0x30
[ 2513.509081]  page_fault+0x1e/0x30
[ 2513.512539] RIP: 0033:0x400610
[ 2513.515757] Code: 01 e9 c9 00 00 00 48 8b 44 24 10 48 0b 44 24 28 be 08 00 00 00 48 8b 14 24 75 17 48 8b 7c 24 20 e8 75 56 00 00 48 8b 4c 24 08 <48> 89 01 e9 9d 00 00 00 48 8b 44 24 08 48 8b 38 e8 5b 56 00 00 8a
[ 2513.534661] RSP: 002b:00007fff8354f770 EFLAGS: 00010202
[ 2513.540027] RAX: 0000000000000000 RBX: 0000000000760060 RCX: 0000000020000000
[ 2513.547306] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000
[ 2513.554578] RBP: fffffffffffffffe R08: 0000000000000000 R09: 0000000000000000
09:31:48 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={'\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x20}}})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x40000, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000080)={r0})

[ 2513.561848] R10: 00007fff8354f880 R11: 0000000000000007 R12: 0000000000760068
[ 2513.569121] R13: 00000000004c565a R14: 0000000000265922 R15: 0000000000000000
[ 2513.619341] Task in /syz5 killed as a result of limit of /syz5
[ 2513.633172] memory: usage 307200kB, limit 307200kB, failcnt 57
[ 2513.639470] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2513.648429] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2513.659254] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2513.679927] Memory cgroup out of memory: Kill process 6704 (syz-executor.5) score 1103 or sacrifice child
[ 2513.698339] Killed process 6704 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:31:48 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100500", 0x2e}], 0x1}, 0x0)

09:31:48 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000], [], [], [], [], [], []]}, 0x934)

09:31:48 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:48 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:48 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000], [], [], [], [], [], [], []]}, 0x905)

09:31:48 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
r2 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0x0)
r3 = add_key(&(0x7f00000002c0)='i\xd4>ac\xe1\x00\x00\x00\x00?\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000003340)="1116998d7f5ac475914a984501472959febb2167659ae186ccc2a39e810daa3435c6d84a1884c455fd84068f24dc079f24cad0b853330adf06d51aa020d9ca3fa0211d442cd67b4ce09fb4369021d8fb8dca6d8ce22aebcf354de08546299ca98ca83a2b89f16d5a8a9c5a241036826ced9aa2374a0db019a9590a9193805f820fa4916451d5ab39754a10404b19a9aa3605d85abc63a1296a3c30222c454dc2777db813f070f538efb7afc5db497dd34061c3e7149a2d029d3832af4caebab6dce20383b2bb24fa859099bb51e0c8f09b64e61b0887179ae18a9833ed3632795a15dc56a590b6c22d038d994bf8c817b00b63d28797d9850d9b1a81ee8abdfb149509b76a15fdb30932a3d1f43faf1bed1f38718c946265f42c9f662263ca1e09dfb8621a463b835fbff322f60fd212015ae193e4538a3059c5e6393e3a12ac184f7871e7e1edd239f311b568954051a040d064211094114766f6f3d16721878692a06fc3db07ea3fc2b88849cc3a9e2a1e2612ffde0a2694bb370e00e1afcd0a3a6b7fdc0b650fb3117817e3789c7de5d2f4cd5237703393a7114811a1d136eb49002c391afb2183cb594002fa4ff36a2fd624ef9f7bd5b1d3828aae7af2bd671b2056335fe91d11c44bb110b6b29e5a3014c2dcf40348003f3eb11f066036caf9a55f30112e5e91f4a400d96ed6f56b6b92c327e044ad6ba5a1e72ef928c4c8c0a5dda0dc7dd5eaf2cfaf460236ec0727372c78d129e19945aac920d63d3d37718d41702f99663969e518923d03bead5c0bfa1746a62b9c30df9b2aed86b208b60e3d210d13e61dfb1f5f92b96646fb5d2f38de474bff5b6bf86b6cef60516839ce50bfe586265cdfabf73bfbc12043a7fa0509a562d4ace2613a96f301706503683e96c33307ab9a4a5bea0880d497dbf3bfb3e7ea6ce5cdb198f0aeb83c9e031720a4ce8350d348dea26ae99d5f0058d6e35625e9316e64509f699ea3db9ba45b5f155cfa06720cf793c031e7e0580a536a63e47892771c55de316f39c243eb946597882d789310808acbc8b0973ca35461c3d13b989ac117d14527314d73237e83341c1834641a6b7d30abcd68258ba7b977cedf1b0e1ca11c5d00b813cf0aabe9e89cccaf723200fcaae8c6d8a11e8c96c888ca7bf0d29cd24fc5b75dd48ab2b08bce09d42e2aca2a94f30537bd6b8996d5fb932082377c0eea50b47bdb05149a4edb035431fe3decaa1b0b4d70a0ab5be4214b7b52fb45ce5b0519cafffc0a154c4428c294a0055749680502ca46964d9221f48dcd91d48895fdb59923104cdba0a1b9235ff6831a2e3100587d6f68383139e0cbb6c93baf0a8c7123f2a1c899bf5e0f29f427ec996ca43ccefac2b65a3d20838ec1a91af8746ffef11bc48a2f75c9f32ca4ef333957cdec1e9537b9e69d07bbc120a559912b9cff9ce13ccf8e7cbef2bf63f3021acb951b9b7d49476e23b0f2ca08e7a519f72369358346e1db1860ebf0df59ceb1d2109f1343e3cd87deece5cdeeb1e420020a1f91d2477ebda8f6e65b7095d2754125ba22c9674eda91d07b747ad011f824bcb8cdf76248297353d07d1351e6c311213dbca212328d6b77bd9c99dcc85dc2e85843bffee11c8a7e8784e53813d80b5fc4c7270bf6215cf36fc5f2743b3045d01a0eb9d984b85ba5071189ecf16641fc43b0f752492a22eca1148f5761ef0a8e8268924cc0271eb85f3caa62c176abcbacb4caeca7d13f2132bc0c5562828c6e14a1d162014d1e71282e290c050501f54396cc0f843d175f35d8f9568723e70f0a8b22ac585db521588e09fe47c47ac9fcfff5b72026b466ef6123b3936bb96e71b640d8a95dcb1db664d6ff7a664ade03c23fd6b045bf91f3630c3537ff210cd2e3ffd849640f0c6478dd6f3bafe9b3a25b3426a8418fe38f811d8766179c72732e4548ea82f6a905e08fe54d42a4f224de599e1cbff7526edf9ab46d44c4c9340cc74dfc1a2a382730ce9ad9724689c0fa614c95aaa454f97857810a639dc2bc9851dabc82f065c79defbc9ecf234a07d879426f5ab3eec6894906fadbb7f6781fb60cec97062640d313cd440c0a16dcf3093ea7a5486934b237f0301c7cc496acb1d402f31567e3c65c11acaceb9270dfe868b0936e12fff5c0fd959a02b68f67a619ea25dfd08395cf7d71b554e76888fa8ae58a9795ec0f5845ae5150ececeea1bd51df84c48fe488104d000ff53d6b79f732e67d4eab780ef0f7efd549d01f87c906260eb2bd97533f6e8ecd0d2b671ab8bee76ccbcd851d3700664ce84f849804b5250082a2f2751fa232adb70ef1778db60d32e9730dc734fe44650d27a7243b793520e3424d386866405463dd78f094d5da070f0515e1b2bbdb7d661b9341df093da18bb06a0d29f74b8958e586009fb44d526cda416d01b5c38bdb18fe3bc26ce2ad846cd9db30c90bfcf4b21b31e899580fc4c2daafdb2a07f563599bf1eb5b3123cfee19ea4bc83b7b418cbdb7a7f65ee6852cd63a9841f17c06a02ab86d210c38752488e2b164d697456786b9f0440d1180e513ed316c7c44d750fbd4bbb10343f6d1977119bc591dfca0b7db488e9001b6809c39eb92d96e24970ece7a445058a57dd58513f5f9e519e09c2e0b061d86448bb7eeda63559ed8984d1473167408c559d78465fb7b2f48e8443cb82a6a8bf0e3c6a6098b5ba11e6e4ec920ea812be94e4a0d429a492369d0667dd58038c613474f827068884d2647dd5039f9e4e76b88e3841c62a58f20c250baea209921300ccef2744193befc862aceeb22abf7584d6927bb4359b6afb9719d578263351c64078e49748dd5310179692e03c39136f49075894e7191b55dbbe7879600861d48459bf5af66fe38dadd97742ae7c3ae221c92d967653c84df1a6c27c7d5faffff6e8fdc8d1ccc0f651d93a6874a335153f9e0313d769220cb5a3a7b60f96c77a90987a236391db3a8518bdd3ba4f8e47dddaee5977e6bdf0380777e0eb363579b3dd31aaef8af758187b61830e6ee0ada5a345f90b83d066093d7f9fdad09f5d4b21d32b74b671c3789028d97ae2e1bd46cd6f3099b51de89e846fc0768d0d7625c3a05327093f388573084fb8feb84ab9a8ff1ff3695788e61960f2165b0b4f1a51b8583ae8ddfa45a546f0f201bc42382ed94a7ee4bcdedfeb885f855946b65159e26ffa966de57dead178ca347786a9c6ff58ac9f1b3aaf10e3e090ad3964cd6433064cbd7ac499e9af1c4378b3788566e924138bee3bfda7d4bc27d539def901d479df34154831addd80a755a67d8da9e58e88a117f2a96052cfe970ff52b03d50b3832d9ecbcbc4595ad84c95b91945550ddb27aa97160f9823b222924bbb875f0d713850c09bbed988b472988e07def38f1453d16fc3a77fa254266d41dc88ca0dcd5908e01354f88fc41a4db8c46ccd98bd44808d313d2901e9865afb70d5869cd77bfe8ed57638a4d600d4dace87030fe178a7390b76237a182d4773b9a75f3479d0e2ec5a2d5ac84292a098c750b1600b3f77623e0137ed99a10ff8aca8b79ef480cba1cb71ea307233ee2b57357386f22133745d5b32d5053b68ec8ed0cd87dd7ef3890fb2b0723f0765b7ad1f2a5d5f4eb99fc0388bb8ae56798057acab0260034440e8ec5a0f6b9d5a107174b60a153a3fbc520725f3c4092be6e662413e6bebc12f994c508f08fce0486a08c237cc9e837a8a344db9534a211a02c8a04b6dceb558708d52469ffd04c404e92dd551398642676e3b56d854629f7705a7d54bd55a2338fe0fe455893b9cdfdf9c9176ff55be83bb1af8169b94ee514e80213a988f15a5ff00d34167de38c66f3efe83857c26964d6713eb0b8a88b7f021e28ad8d0bfa46cf931d908caed26ff905ab84a36fc29d9cd35a8e1effbca9a7c36268cf2fff256eaa2d08b5e56c60bd9414402696a362b3260bd7faa13ff0788aa903169c8e7559afbd3bd7622857de0c0e134f7e9a260b4d6dd3a567019556765463d38ff4507297dca6aa8b1af30e719e71cd2242c613bef58b253bb6a53d4b0a0832fad97238ff0283b8fc5ade5baedcd871670407d2ce12c3261adac9d1f1ee547631d542950813216b2a670fbfcc3c75bfaa2f055497a1bd9dc0dc5e962fd197671b7e044eee2bc7ed1e0495c94207653d803939bbdf96544ebfbca30832fcf15cb2182ed05e344bc44ae33b65c6b58d53f95254e22c305d3a389b0256ca036d45607e57fc61b9673998267ab7f36366c389467140f5d58364a9765e10d6db3b13a5a412259914ff69ab4688833298ab70a342d2b68c4393b76df2c4ca8b0cd42913ed06ed00871925a789af2076a23376a653f1acfb3292b312fc9d4a25a91d42152170d38f7698dd31dd0cac57294bd9f77007cf4c32eda63455a56cfebaab2ce9da61691be2346edbae0edead6e1e3f77d08da08852b91280ea67b6d985cc100263300ff6bf891ea1ebcc6fa6e5daee72345efe20ee7ab970a432bfe5cc71b9ce39f5a64b51775fa4d728bf378374932d3cf1648b2ebe855b8528a9af01c4783614ff42ab6f6458d46049c685fce52804555c0a6693d65c65776d401ba2a0e2da0127784c2c01aa7b872de0acdd9bd16cd6610d6ae7ff90300980f80cb1b909f7182670864e693d32a770282845d197fbe056c1a702cd4e4fc02f8b96dc209dcb0332dfeba2c17644d3e5b4b2c363969378c3772bb13fc2b1278bcd49232f3f71ec2385807c45499fb0a096e9c98fbe408582f6a3f6aa4d8d05b2bd432e1d959899db84cf0fbff97ad91ddeb2fd54e8d213951339813fe041cf4b8e8875f3ddd5aecb269887b084bacdec293d5ec42a1c3ad8c973c5ecd54aab296e7d7cc964f01f364243c30ab86ae2c3a7f6dac79806d363b3a45d579994fc954cb49bd677b215491574c93fb56f6da074f0660fe7bae039e1d68687732b7c3de7ce556e957e329d323ab5d97317fe46eb651d87fe00c47436397d91624b12e056bf1a09c9c287da1d5db14345b7507025503832d41e94c6d2c20071ee394330d30607da9c29fad5afa32519a183af2ab1b5f5f2c718318a25f540242f19ef1fe55f1049ddfa12462ab0b71f08c315ea75253193ebd8e82cdf7f31afe7b885e32d185a4df068b7e493cc7e32bef23217d856582e8741de225eb767ba309dbcabd36af6900b56c5d85f9e465569f42ed6398f0f8e19855f5dec9d3abb272a0dbf99246ff0773d19d722ef1ce22eeb6c1bfcfef414a696cd2ce3996c0fe3b0daea93f429c86ecd5b78d0b15e0883836e5efe6897cf4552612328c2e2e77e2d3ffa41fc43202168a547f0ba5c5298758ead4cdd8dde8d366aff0cd81f8fc8e54c5c450b5398406fa4f7331b05ef4b30840886a11191686d99af9954e025d672f342d4b17ef7b830a4bd6f81c4c4e9244d42727f756b337089439c34a00a42a5d90b341848cb4f2c909ecb4198e0070a1b1798318b11f358814027d68e53f1759a76f7e00c30241be16824eb31ebb9ded0ac54b366c48a230f280cbb114fc9b9d288d97f59257cd7010dadf5938857fba0ef8bbf0db707502aaa8c1262a9ecfc6df24e64404e50caaceb2b35c069fb9817314463b02e31fdbf0f7b1899696f339e295e2b1c8aac407152fbf2596689bdcdb99c9049119a81626fb251f03f4953cffce7745b74a5f31d88bbaf7267a24c1968389fc16e3d5b406ebbb5a6329d439efd2ac9a6f1ceac6dad42d0e3d8f9aba9f4531fd3ec9e14d3579b91739f8347c5d1bc227888437eb7af246393969443136733", 0x1009, r2)
fsetxattr$security_smack_entry(r1, &(0x7f0000001240)='security.SMACK64\x00', &(0x7f0000001280)='id_legacy\x00', 0xa, 0x2)
r4 = add_key(&(0x7f0000001140)='.dead\x00', &(0x7f0000001180)={'syz', 0x2}, &(0x7f00000011c0)="0e132240ecc470519f47cc14a0c7d748d2fb2c19ea71d6b23b54d47a339e9dd81ad30a42e5bfc63012e14fb9e1b32b245d1f24fc0fa4b35b8e03ed84f9becc31d4b2d378e3843dce72203ead622603ed19", 0x51, 0xfffffffffffffffe)
keyctl$search(0xa, r3, &(0x7f00000010c0)='logon\x00', &(0x7f0000001100)={'syz', 0x3}, r4)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f00000000c0), &(0x7f0000000100)=0x40)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0xa000, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000180)='logon\x00')
io_setup(0x1, &(0x7f00000001c0)=<r6=>0x0)
io_destroy(r6)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400, 0x0)

[ 2513.710619] oom_reaper: reaped process 6704 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:31:48 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2513.771344] audit: type=1400 audit(1561282308.887:95): avc:  denied  { setattr } for  pid=7131 comm="syz-executor.2" name="current" dev="proc" ino=594197 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=file permissive=1
[ 2513.804338] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2513.804338]    program syz-executor.0 not setting count and/or reply_len properly
[ 2513.832337] sctp: [Deprecated]: syz-executor.4 (pid 7137) Use of int in maxseg socket option.
[ 2513.832337] Use struct sctp_assoc_value instead
[ 2513.849501] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2513.859823] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2513.867384] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2513.877553] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2513.887690] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2513.897639] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2513.907387] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2513.916677] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2513.925752] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
09:31:49 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2513.945349] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2513.968075] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2513.975357] CPU: 0 PID: 7196 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2513.982320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2513.991667] Call Trace:
[ 2513.991692]  dump_stack+0x172/0x1f0
[ 2513.991714]  dump_header+0x15e/0x929
[ 2514.001606]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2514.006728]  ? ___ratelimit+0x60/0x595
[ 2514.010625]  ? do_raw_spin_unlock+0x57/0x270
[ 2514.015051]  oom_kill_process.cold+0x10/0x6ef
[ 2514.019562]  ? task_will_free_mem+0x139/0x6e0
[ 2514.024072]  out_of_memory+0x936/0x12d0
[ 2514.028064]  ? lock_downgrade+0x810/0x810
[ 2514.032224]  ? oom_killer_disable+0x280/0x280
[ 2514.036727]  ? find_held_lock+0x35/0x130
[ 2514.040803]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2514.045657]  ? memcg_event_wake+0x230/0x230
[ 2514.049994]  ? do_raw_spin_unlock+0x57/0x270
[ 2514.054406]  ? _raw_spin_unlock+0x2d/0x50
[ 2514.058557]  try_charge+0x1028/0x15b0
[ 2514.062360]  ? find_held_lock+0x35/0x130
[ 2514.066597]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2514.071446]  ? kasan_check_read+0x11/0x20
[ 2514.075598]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2514.075616]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2514.075638]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2514.085031]  wp_page_copy+0x430/0x16a0
09:31:49 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:49 executing program 2:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x400, 0x0)
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000040))
r1 = socket$isdn_base(0x22, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000800)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="790000000a473f26d9ada6a750491233b029823345e702805e574470f4693ccd67d6ed9623753a96fa3ab72f3565f130817676d2f79644bda166c5c83f0fd505ff9a9696e02b87b351bfbd64de1fe2a01c8cf5b367f369fa1b82ddf39bfdde608e4d9f29868f681bfc403ce6652b07db10943d83836f34c2553c49ab7dfabba785ebc223ccdbe297949c99ef50fb1df9435921e971c367f6b6a3eaa2ef13ea5188f6e1e59f1e76c71dd5ffce727f63b62407398a3f59a25b1d30e5c6e569db120ea08a26d07e68bcb42d3cbdce8e30b76d0cf0724b8a286a5d04a2746a301104926c57c231e20000000000000000"], &(0x7f0000000240)=0x81)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000280)={r2, 0x7f, 0x25, "8e81e7aeee2befc7de6caa18be41a9c64f9ea95432b4741fbc7415efc9f938f22919afecf6"}, 0x2d)
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000180)=ANY=[@ANYBLOB="06000000000000f22dd1f8b0633ac4a511ed0ded491400000000000000db260000000000000000000000fbffffffffa06b776dcc45533ea5f07c3fe65f6632a9e150163dd6c1366b65af7bf7410709bb33bdc618a98a8df9efd444a0166183568d32cc318e82c21b693ff5fa39e34af3ef8d3894c897b0f82c5d8fe36eed5edd3c77f425e4993d0ec59c0fee22e6e54a7c3e78b89074288f01a9eb7776da82a263f050a3b088f48ac8a7"])
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r3, 0x29, 0xd3, &(0x7f0000000780)={{0xa, 0x4e24, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x2}, {0xa, 0x4e22, 0x1, @loopback, 0x2}, 0xd7, [0x1, 0xb8, 0xf12, 0x80000000, 0x7, 0x90000000000, 0x0, 0x3f]}, 0x5c)
write$binfmt_elf64(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x7, 0x7, 0x7, 0x1ff00, 0x2, 0x3, 0x7ff, 0x2e3, 0x40, 0x20c, 0x0, 0x8, 0x38, 0x1, 0x101, 0x3, 0xbe}, [{0x7474e555, 0x4, 0x8, 0x3, 0x0, 0x7, 0xfffffffffffffffc, 0x401}], "1da895f2efa142c5759535039feb7f398437a017f34c7af1bc281a00dfda17ba09f24a27c88653574b5bf9f8c9100d50ec8e2b46eacd0a5b37cbff2c4bab52df613d", [[], [], [], []]}, 0x4ba)

[ 2514.085054]  ? follow_pfn+0x2a0/0x2a0
[ 2514.085075]  ? kasan_check_read+0x11/0x20
[ 2514.101788]  ? do_raw_spin_unlock+0x57/0x270
[ 2514.106212]  do_wp_page+0x57d/0x10b0
[ 2514.109943]  ? lock_acquire+0x16f/0x3f0
[ 2514.113928]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2514.118605]  ? kasan_check_write+0x14/0x20
[ 2514.122850]  ? do_raw_spin_lock+0xc8/0x240
[ 2514.127112]  __handle_mm_fault+0x2305/0x3f80
[ 2514.131535]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2514.136391]  ? find_held_lock+0x35/0x130
[ 2514.140456]  ? handle_mm_fault+0x322/0xb30
[ 2514.144716]  ? kasan_check_read+0x11/0x20
[ 2514.148873]  handle_mm_fault+0x43f/0xb30
[ 2514.148897]  __do_page_fault+0x62a/0xe90
[ 2514.148917]  ? vmalloc_fault+0x740/0x740
[ 2514.161068]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2514.166097]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2514.171037]  ? page_fault+0x8/0x30
[ 2514.174593]  do_page_fault+0x71/0x57d
[ 2514.178407]  ? page_fault+0x8/0x30
[ 2514.181953]  page_fault+0x1e/0x30
[ 2514.185409] RIP: 0033:0x40e468
09:31:49 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
semget(0x2, 0x0, 0x2)
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000040))

09:31:49 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68000000], [], [], [], [], [], [], []]}, 0x905)

[ 2514.188601] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf 91 e8 4b 00 31 c0 e8 13 38 ff ff 31 ff e8 5c 34 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d fe 1f 66 00
[ 2514.207502] RSP: 002b:00007fff8354f6e0 EFLAGS: 00010246
[ 2514.207518] RAX: 0000000041f98f4e RBX: 000000005be25ace RCX: 0000001b2df20000
[ 2514.207527] RDX: 0000000000000000 RSI: 0000000000000f4e RDI: ffffffff41f98f4e
[ 2514.207535] RBP: 0000000000000003 R08: 0000000041f98f4e R09: 0000000041f98f52
[ 2514.207542] R10: 00007fff8354f880 R11: 0000000000000246 R12: 000000000075bfa8
[ 2514.207550] R13: 0000000080000000 R14: 00007fd038cdb008 R15: 0000000000000003
[ 2514.221713] Task in 
[ 2514.250618] sctp: [Deprecated]: syz-executor.3 (pid 7464) Use of int in maxseg socket option.
[ 2514.250618] Use struct sctp_assoc_value instead
[ 2514.311393] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2514.311393]    program syz-executor.0 not setting count and/or reply_len properly
[ 2514.322662] /syz5 killed as a result of limit of /syz5
[ 2514.367900] memory: usage 307200kB, limit 307200kB, failcnt 89
[ 2514.388681] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2514.416337] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2514.422800] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:120KB inactive_file:0KB active_file:0KB unevictable:0KB
09:31:49 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000600", 0x2e}], 0x1}, 0x0)

09:31:49 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vsock\x00', 0x10000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000300)={<r1=>0x0, @in={{0x2, 0x4e20, @multicast2}}, [0xa3, 0x7, 0x5, 0x8c, 0x1, 0x2, 0x9, 0x86c, 0x3ff, 0x8001, 0x6, 0x27, 0xfffffffffffffff7, 0xffffffff, 0x3]}, &(0x7f0000000400)=0x100)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="001000007b5f54d9a9194932057dcc3e6cdb0050fa8b8aa7ce17cb564d87ff3506cb801ddf4976f33ee1feff16b201d44567e4b47ac66c74ee4f0e40518e73471428716a0ae8e999f3df02303be44edff4f62f656945e22f693464ac15ba89b6412f9a3ad6554d7a98406b799dc2368e64d5fba2b8e236be131f63a6c0d5e03ae4fdba5c189d5c3f0ba84b263b8056eef6aae1bc518e828b1877f2aab94e11d8e9b8d5b3fb00c1133ee2403e3683520c4ea7ae913f34ee13ffc3cdb63f3732ac0d5d50d2524083283e110416b930c09945266c134dc4bfbf4a5597f2ed7d065408eaccea267852065f3e147977bc2633f7ca99f2a6e02cefec36a06dbb324ab6ef85f428c8cd1664c6c7b65b485d1760925bd96646470d39a1b543993cb01f652a01da976528b1cec987f24f695cda1850719c41ce5f4e9ae84db8e916156e09e68c8d3ff5a3a7c6c173d4b669c8c5020ac12d4b95a1863b043dfea3eda842e0860b908afc40b26d4d6ea2a17fed0204894021327eac7ca59f94f8fdc6b0ffcf17bcc2d3f73e56484668335215d24b63dac2f13bb76920984fb73c06e3a79cc84be3a5cabdc9f95dfe582edac784682c2890b400164758af3e600b403b2bf3f6e0f43ddec010fb3775b07c4eed8d1e81a20ec2dda1b943d139daa5e434f265d0a531769896caa967b053102763014f28b7a495c5370d9d0056163c2e58b167b636e2a1f94f359e6b18888450cf0a9cd18e6ea719331a88e0633a30138ed256bcf06c37e9a9acf61e0aac937488c3cd8344318d35649a5aea80d2eb0d7b0488c2894c6e5c553f9a0284074ff8e935bce904011937c916ae00e783e9dc786aec19a47703a8abe97a30544e700420bae6afbc865c8a1687e7818418c5f0297f2309cf0a5d017bf4a0ba879d930fb0c8854537fb713d9a63b3449755a884e188195f8c4c2dfb24a003147851e778eb318790be7a480f0fa0f9639163044494513baa5bc3cb8b5564c1f0efa9d9a90372b957ccdb96f6c1f7cf0e56d9573c23cdc7027e5d6bda7bfdf94f7a8500e0648ae05c7a86edc7261955c2dea2fec97574da38e08d5890c5f821dce3975473b1abbdb65ee574e12e3e499d2ee53fc48802b6aa2fde40f95ab743c7f16751e9444f6c9ce25d7f85ad696b4073a29f81f28e18d56e111bb4adb6a0b928944c63c9a138808c223e153d822f873925750b2b33ecac6ff929e105e07a74c89edf323990cb7e757dde49efb8231ce597e8adb4402011b0971dc2b3c755b00876682f4c0498737b6b4c2c60ca8f88083f86a9251fd16bd1c53b66e0412974b86c0c114da68b2421b997c29dabdc085276f5d5202d120d9c4f044550c20d46d1330584319655c4ea7df64937d1096084e8a79f590242d1148faf8d34173f16768a2c6c0e6f31a2c5709922449b964806b68be48801532c3f2050ab902076531a0d7cc54edea102c9958d6ed81ea85f3cefd7909ea4a29eaa9cc434f12975bf4daa342c51a68359b8f1bbe2b39d887da1974c85dba91f11cd59f5164f57d11b9483ca028241b7d07a03d653c24ab7f7cf65c3a41431586e632d1c8e4adbed470fbd754415c7057a1a17135dfc8dc0deaef8b16d04904cbceaac6788f5e6d62ec9780c707082c465423ecc825c0eb2d683f484e433d4c721c0eac8a16bfbcc1490583870dfe109d66ceafc047c8e4211f8a148857c39c02f9c246143ac17db3056c27a159007ddce93f8da1acc3843915f97242e0354a024ce487f713ed88c91fe18f75867df4779cc85cc49f1e75cd66b1f0e0df528cebdeef36bbdc347af0e9aee2e76160f9111a7882f604c8a8307b61e5110178988fdc59421e3d2990f98091698da0258fc6e794192852bc038cc99a5e658f919a902b623cc36dfacec0202a278b10fbc069998bb201b30a519b0be924d40775c7a985dd2949c4ce3279b8e24d87550d2e8b754d70f4acc94791b2d4e82fe46cc7135595a106d144054b246ffe1f5bc702c2f196a3214f261264ad168f9feff885732765ef27939fcc7da6bcf574e866b555344feff05249b820639056363a4cb8d78cf96cc01e5f7020aafd7d3821547b735ad7a6e50fbd033c0c83e702f56b1188d66b1ba8de221e94b08c8c770339bc81b901a74df3ccd6095d085c21c77394b193f07ecac8b1b5c144378315cb4804cef7686b508689f4f01848fc44fa4291c2e60accd802359d0553bbba283a76c4d727abcde59b5dcfa9380b0b6f2dd442910fd28cfc79d6ad6af56c511f5c72abb6f724f4610d275f5f3b98e8700b262e846b9e966b13ba6f933be3b589b1e185f432dea416dbaf443638a65b5771af2709353180b00734153c6c6617bd4a4c9252a27153cc40a9cbdf64a9284bc9fdc82f9880e81826cc37dbbce9b6b7c40b658d2364cb1b4c4f1f397402f746b80dedab881618c49e111e292c4ae49782aa946a78fe2f3c88ea6d5b1026044d8126203a2e114026436d2fefc39d5afe0b11a165bcc3233179b94f86c3f8cacfb45fabd880559bce0da09e1f0ed08f5a2fe8110b8033b0c683bcd2d55b68bfdad9574b0e914d7c9612043d0a6c4ffa5545681f8af263ac699b866eb30ec5feaa6d847911cbbfa2e1d31416df9ac77081ed125bef696ca72c1aef94142ce64d3071e96e7a962dd0d0a5882848fe2e8059e1043748fcee94ab23bbfaeb052104c7024a71625d84fcd1407c98c4c792340b8cf1660e9d5e69e37c1ab0dec6cacba75ed4ecbdc4ef34b1c71f79fc098c2439479a5751bb4a92ab12785733b4e1cdbe2d8ba4eb5a4cbe8fd98eb8c81bc19a4c43e68962f9090ab58de5a2d0fe146ad90449cdf9f02a04f0808e3581bb1e45601493f911c0d1429f5c55d1dd06532d4af69094d8cbabfac6c13636f643c97da32669a4e0287045ee07b5d0f1bf6516c996d8bf9df4ed03df1603ed8dc2c8a0e13f44da95e638228c532530499e5342efb056f0f5e60e1c8a9bba1b2f4f8b4d01e42a16222372fd96aeb92d73e7e6e9480581d3efdfd8277fddc0b0e84bbffc087886b865e2f18e676aaa784081ea637a9c72c71d43b9b6a6d0c0c14ea6cf593f3dc721a90e1b7a982f0015d0cfd30151dfcf8275e12a4ad3ba1985b63b17ea2819fa8be3e2c94041e9266eb584f20c3f5f761eb2f041b5a665821b93277a6b7fafb37fe7ca0e538a3f2db4f17e77190beb7aefbe9479b911f9a3121f3715c1a515a6ac606b43f645aa4c6d9a3ae36a1f5ddcc391a2b8e9695b84219ec6bd0af1466c1db83d96b74715e07fab093b0035a114153d063134e40f25defd3ca3fc99743b43389c14298cc9835f0da3d71632175f8ef8b7266e65f9830503d6e9415e0161bcadc9094f8643eb40ef280a4af1519ff29687bf30fb473cd83c4477410920168d542390aebb2ca0960c510b9ac56fc38549a35f97906b97a4e4807c4fa8d2bbfdb980f023522d4f83c014a579b6b3b6e8fd58b0fd4dac45efa0984064ee742bbeebd2884665c35e3da29c88585c1188752201b399f5ca116f5cd4154bed3396bf1ba194ece962507d10b42c316dca1115dd7cc6df93f6c7e28c83a272960d51798d0d0e6d252cba81e8da02bd108a0264614fa005cd56b44867266f2ca1a9b53e7edc35540bd1b2c7e670847b387cfb577804fc1690c5cea89b6ca377541c3a770e3610f6c2c9b1f6dd11a77d00e332254362a114aa1aff151a1bf9372ad600714fc9f9c5bacbdb501b67042447ee964a8849b3d010cc7ae184a895bd615b06801b16ddad48b1183e87916b30d7e1dfb48241276fc4bf1a2e68c501ecca1a3a596b81d5ebeab5abe13337d36bffffd3b1e3c7ad8acf0c486ec34b51a76dd0d9e91c6056479bf6d9b9c79771886a60481b9ec409f82426844689629890c0d2c9ee6823902af4904251f147378fe8500ab402d5583bcdba239f13d00d6b7f34ebca23e8e75f0ea41c98b25f950452658fc76ab757d2174eb260cd00b43ad71b05e6472a9fe1fee3b3d9dd5922ae8c27c8783eb091ebc98ded45ef50dc041afbfcd32176687655be8ab0271285bf62cf0bf91b87ff32e065ebc13df2d35c92a79fa2909758f6bef678894ffd7608950799921408b353214eed6a26c871f56aa3fc5e781f00fae5f14c25fabfb8cb6e857043964c4bb1bc7e80156b2b9e04a513251850a67ab429481e17d24fdb34041999331091e04bd56dcabfb82c79216d61bc717aed0723deba4d2796dd864308fdd37060dba1519ed8cf060e3ed87aa880fd9c3f3f72b524c4cc80a784fd5df084680391c7bb20969c4526e27d86d062a45db4450308aa690d3de3b3c959b42f262de922d4d6350b5483bd30f2b473788e247ba9f2fdbda5758c550d5559104c5f9037f80ac485ac005310ade2a50fd212d6d419c3ad7b4e19fb0dfa1b8249ce3c11ca4fe8560c6d1da10743d9951bbcb44888f619e5246faaf7c4ab40bff3d6951bf0e230ad164bd33eefbfaf1a27a24a36087e596ccf34d406d3daab33ba72660b74536435a1c0b4a9d7929e371ce798fc8e89b7431e8b6e756d2712989ee7e738687af1bb24cf285d2823cb77060a049ae90d0a57ab07a0cdd626bc40c10003ac34cb2ecd17f0599bd1d03c9af7ae1f8dee874e78fa02a7075697697fb05c88457fed569f37743ef33555b971b7783aedc39567a3a5e6327d885ec5e986d03656318be28dc7b6b17c012f0560b794f91f3a59792c723bd50e4b54a28b2ee3c099b34fa3fb21e429cc05c795e619e3064df85b8825c925fe525457d5728d6fecd6e9b9620f7b3561b91eee0777018eba0645b3374764a079b66356d8dde7814c7bb3305dfc0c73121bb4d56f7b870eec8b532b72129c0a0fad0c48d24d965f6ac264c90035264d2219f624b6af5ea66f392cfacbea8b604b74c0fa185d99ebe382081688ea2384773fa3500a6f2b467789c90fd3e87a1b47a19d15a9c41c0da3a6bef1b06d78f9e50af4ae98b1bb750c522453dc29a3093c7f968198f8097d2e53143ad2f0256892cc7272356e14c381909616580ac88f8246d57530ed75d1016dfe6585a37913b0f235a4d7e746e89cb7c12e83166c8203d912eeb55879a568698015facabb5b0adb1c8a3d2d23afd16cd8e2b2691fe6b0aa739ab4f3e6ae4b19efb006b8bc556b1544c1dea5e521bd912becb21c788863556cd837bb9627ac93292a897c42b93436e7660b5c5675a5c815a63e0b9181ff77190a2e7fb7e6af14835df007ceac5d205afeede22fb9364edc38668b834048301401b6f07d9ac839891550c857a91142b89a8f340a4e246c8821fbbd49de7c4bdae40ffe35c062786c09acea345d5a37514c3fd1766643ac25085e7fa25cf0c8e5afe24324117080b598897dea67b3141234c8a5dfa279acdccb7de18b83ddfff3850ac4560c0bfa0b97c17cd9e0ecaa7aa0fc46f78a6bfa6b08bd20bb29d19718e1f598f75a94d182ffebab06b62dd5b94f89bcf6893356e0ce8ef4cd6252517275f9ed79abf5414a3f81f9dd4ee9f6002d1c6c6c118c1eaf4763bcaefed2e3740abb65862b87ff2d1e7a89c329f474847248ef508f46e6ec92470ba817c78f9b99e13a30170f6907c9915fffbb5e053eaef03862ce3497601b83b92dbd0ea18820617b520c9010084e47d1b0f4f9671e1b88b87f27910decc05cb578d15f7499917866b556c9d7ace61e08205bea31114a5f970d225bb5a3ee1c48f4440a66703399d620e128a865354d84ccc466f6fd9c4f40f9935aad7b717314de25dc740e3a825281c33471b355a5a16602c"], &(0x7f0000001480)=0x1008)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0xa, 0x80000010000005, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r3}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000000)={<r4=>r1, 0xd2b}, &(0x7f0000001600)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = msgget(0x0, 0x8000086)
msgctl$IPC_RMID(r5, 0x0)
times(&(0x7f00000014c0))
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000001540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001500)={<r6=>0xffffffffffffffff}, 0x106, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000001580)={0xa, 0x4, 0xfa00, {r6}}, 0xc)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000015c0)={r1, 0x80, 0x6}, 0x8)

09:31:49 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xe, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:49 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700], [], [], [], [], [], []]}, 0x934)

09:31:49 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x40000, 0x0)
connect$llc(r0, &(0x7f0000000040)={0x1a, 0x9226ea6ed2cf3293, 0x80000001, 0x7, 0x7, 0x2}, 0x10)

09:31:49 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c000000], [], [], [], [], [], [], []]}, 0x905)

[ 2514.459279] Memory cgroup out of memory: Kill process 7196 (syz-executor.5) score 1103 or sacrifice child
[ 2514.477096] Killed process 7196 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2514.488499] oom_reaper: reaped process 7196 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2514.587302] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2514.598865] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2514.606271] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2514.616273] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2514.624757] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2514.624757]    program syz-executor.0 not setting count and/or reply_len properly
[ 2514.625518] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2514.651648] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2514.660791] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2514.670996] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2514.680306] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
09:31:49 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0xf, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2514.682038] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
09:31:49 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r3 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x8, 0x1)
write$FUSE_IOCTL(r3, &(0x7f0000000300)={0x20, 0xfffffffffffffff5, 0x7, {0x40, 0x0, 0x6, 0x7}}, 0x20)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:49 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4000)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000040)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]})

[ 2514.790539] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2514.822135] CPU: 1 PID: 7774 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2514.829112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2514.838472] Call Trace:
[ 2514.841075]  dump_stack+0x172/0x1f0
[ 2514.844722]  dump_header+0x15e/0x929
[ 2514.848450]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2514.853562]  ? ___ratelimit+0x60/0x595
[ 2514.857458]  ? do_raw_spin_unlock+0x57/0x270
[ 2514.861883]  oom_kill_process.cold+0x10/0x6ef
[ 2514.866391]  ? task_will_free_mem+0x139/0x6e0
[ 2514.870898]  out_of_memory+0x936/0x12d0
[ 2514.870918]  ? lock_downgrade+0x810/0x810
[ 2514.879026]  ? oom_killer_disable+0x280/0x280
[ 2514.883618]  ? find_held_lock+0x35/0x130
[ 2514.887701]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2514.892580]  ? memcg_event_wake+0x230/0x230
[ 2514.896920]  ? do_raw_spin_unlock+0x57/0x270
[ 2514.901883]  ? _raw_spin_unlock+0x2d/0x50
[ 2514.906048]  try_charge+0x1028/0x15b0
[ 2514.909858]  ? find_held_lock+0x35/0x130
[ 2514.913939]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2514.918796]  ? kasan_check_read+0x11/0x20
[ 2514.922954]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2514.927809]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2514.932401]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2514.937344]  __handle_mm_fault+0x1e50/0x3f80
[ 2514.941769]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2514.946624]  ? find_held_lock+0x35/0x130
[ 2514.950692]  ? handle_mm_fault+0x322/0xb30
[ 2514.954948]  ? kasan_check_read+0x11/0x20
[ 2514.959101]  handle_mm_fault+0x43f/0xb30
[ 2514.963171]  __do_page_fault+0x62a/0xe90
[ 2514.967239]  ? blkcg_print_stat+0xb90/0xb90
[ 2514.971599]  ? vmalloc_fault+0x740/0x740
[ 2514.971619]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2514.980664]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2514.980680]  ? page_fault+0x8/0x30
09:31:50 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xebc6, 0x4)
accept$ax25(r1, 0x0, &(0x7f0000000040))
open_by_handle_at(r0, &(0x7f0000000780)=ANY=[], 0x800)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000840)={'raw\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="40184f5bb2a80248c3ae0333458745b27bbecaa93dcce5f4fbf12dec9071960dbeff616684af7c17c807268a10047c0119d163bbc599a3e323b6b896b26f38c3c5fe9cb9b76d47b3cde580a7c8d97863d027fabdce57441f8f81c76b23fef0a1c6cead245e3df0627fa2f2e57e04d104d8f28a5080ac47cd41df7a2adca85ede7f85fd708973abb385c6be8fc9212c945664c8c084bca5826990312ec146cb8ea3d11ead307989c81749d6efcb5706f8f95ee7b9a125477888e327459f6d841bef75ff6be39f2fe4e8330b3c225b890fb0de63050ba9758b6a39018a40ad8dbca8fa4dba72594856603f0808b5b3b1615b3a6a61111db59cb00d0954db", 0xfd}, {&(0x7f0000000180)="aebde4afd033392b4ec571c8d9d33088cbb297b311d7b03cd20307a58f63b72a786128a5bb4c6d6f1bcc7095a9459fd2ca8c8d911ef1bc6c8914924ff46e091f75840274c05706fba65499bb5e59f66224933b3f2c616913ee27b13af805137dda5de1efbf02d8359f254f8ea50779d25997606dff334081f3d4ae567700e51e2ff39f31a8e9de415dbd91098987b35388ee14a231e9e945d83496cef71fa16700e8ec343699f1ef7fd686e4730f2d38fe62d02b0398e7dcf7d20cc3b3b3e950dbc89e1fd31ebf2f", 0xc8}, {&(0x7f0000000280)="5c8ffe042ec55e5c605b9058c6af9d9c60953d8960867b2bdefc8e846e99a24c8a6eeef97bcb41ff3e5736bdab5120605147c243c97e8694271b0b63601194fccd5a3c62a1d3d50b8889932e5281db21d02ee6d77ee5f02a2f27c8fd01ce288160f7015f337d772bfb024f89e09c40ea8fab71b189410da467ed99b857b276f8f6ded27ad7f03a02acb70ac02b4df8674f16e756367b74eeede82faa2dc2f15bf6c13eb88f3ca4061fbc", 0xaa}, {&(0x7f0000000340)="27cc11dfff3c1537d1bafee41d7c4b09891a5ebe5bf301feef93af64cb4ccd01f815534478c14b785224a7cb10799db62b59db5fa86f83728efaa5bb8c7bb881704742aae263b1f406ac862e69f3fb667ee9b78ac785b8c14266191fcb1beb000e4a1a8604eddd84b3c3cee5d40743de8c6d2c6581c1d1dfc54e3cb09ba211eefecad00dd1397d9d4de9ef2fb7e1ffd4f5280f2ca94dba3c27663f354d6384eb4439da9c3ade575117d240ee27b87817858d18442bb7f5885d48f635d89c54683ad0b2c20e84be082eca319d544ba6e91fa448a0", 0xd4}, {&(0x7f0000000440)="0cc4ab6eb584a2366864bccbd410129b2895d5ead2e0f0360ff0bfc04023466f22e9132700c5986b7c30ca97ea5a786931f06449c26b2a1412a09762ba259f0fdfc45f4c1cd6d9e8d51d1b69532c64127683f1076fbcd147735692d1b29e6f246f0c8e64d32d7a8d8bdedc93d465bbec5dcf70ea65bd64b058a6c0d5e8b25b350b8c66198662aa75ee3a2d402e8aada3e7b5e297c108aa5d48bea054a30eb8416572c86500cfbd4c1c12233c23852329d1c8b283724a8d9190c485af441dff717bff1d15f2c89ebdf7a601ebc3e0929d9605", 0xd2}, {&(0x7f0000000540)="540c9255dbee95699b3f0c1caf73339c7f807e", 0x13}, {&(0x7f0000000580)="edad81b4177b048827f3c45d0bed0a875a20b00800894a2d0888d411f6f70980f58f", 0x22}, {&(0x7f00000005c0)="519258d38ac1e80347fd6189251072b46efda15d73660f42b8ea128fee27fbc4541313434fc9", 0x26}, {&(0x7f0000000780)="a5b22a8eecb9ac9298255c8e4ee6528a270d2c114825a73c03b1869ebf7a7dfc956cdd7c4d6bf5a5a0e4000000000000000010eb82d11a72ec180035032f84bee60433554902e72fc4843c8ace3d22eeeec1f007f8525409c2e8a080666528b7d32b749e5bb5c2adefe1edddda80df420dae295ab240692100000000000002c3e0eefb8b87ca42f59883", 0x8a}, {&(0x7f0000000640)="03d7a74f7d39d355121d4b2902d68fa60ab438d724b8a0d524c79307c58a4b3603adb3fe0899eb9b228cab937a6447620dd5ac555e11e5cd655931948a1a94767a6c737875ee83e4930895b7", 0x4c}], 0xa)

09:31:50 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74000000], [], [], [], [], [], [], []]}, 0x905)

09:31:50 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2514.980705]  do_page_fault+0x71/0x57d
[ 2514.992925]  ? page_fault+0x8/0x30
[ 2514.992940]  page_fault+0x1e/0x30
[ 2514.992951] RIP: 0033:0x40c534
[ 2514.992965] Code: 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f b6 4c 24 43 48 69 c0 a8 00 00 00 88 88 c0 bf 75 00 e8 dc 70 ff ff <83> 05 c9 3a 55 00 01 80 7c 24 41 00 74 0b f6 44 24 18 01 0f 84 58
[ 2514.992973] RSP: 002b:00007fff8354f7b0 EFLAGS: 00010217
[ 2514.999946] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00000000004592c9
[ 2515.027387] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000075bf28
[ 2515.027397] RBP: 0000000000000953 R08: 00007fd036cda700 R09: ffffffffffffffff
[ 2515.027407] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 2515.027416] R13: 0000000000000003 R14: 0000000000000000 R15: 000000000075bf2c
[ 2515.054427] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2515.054427]    program syz-executor.0 not setting count and/or reply_len properly
[ 2515.073711] Task in /syz5 killed as a result of limit of /syz5
[ 2515.089325] memory: usage 307200kB, limit 307200kB, failcnt 118
[ 2515.110222] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2515.126758] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2515.166950] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:31:50 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100600", 0x2e}], 0x1}, 0x0)

09:31:50 executing program 4:
r0 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x400000)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f00000003c0)={0xcc8b, 0x3, 0x5, 0x7, 0x2})
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
r5 = fcntl$getown(r1, 0x9)
perf_event_open(&(0x7f0000000300)={0x7, 0x70, 0x0, 0x0, 0x4, 0xd43, 0x0, 0x5, 0x10480, 0xe, 0x8, 0x9, 0x6, 0x81, 0x7, 0xf1, 0x6, 0x3, 0x9, 0x10000, 0x5, 0x81, 0x80000001, 0x634b, 0x10000, 0x4, 0x2, 0x1, 0x6, 0x5, 0x5, 0x1, 0x6, 0x58, 0x18, 0x1, 0x8, 0x100000000, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000002c0), 0x1}, 0x201, 0x2, 0x6, 0x7, 0x8, 0xf90, 0x69}, r5, 0xa, r1, 0x1)
msgctl$IPC_RMID(r4, 0x0)

09:31:50 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [], [], [], [], [], []]}, 0x934)

09:31:50 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:50 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000], [], [], [], [], [], [], []]}, 0x905)

09:31:50 executing program 2:
socket$packet(0x11, 0x3, 0x300)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x22001, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000080)={0x0, 0x1, {0x2, 0x3, 0x10000, 0x3, 0x4}})
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
getsockname$packet(r0, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000003c0)=0x14)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000340)='/selinux/load\x00', 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x110, 0x1d, 0x51d, 0x70bd29, 0x25dfdbfe, {0x12}, [@generic="6e0af7edc4a7e1e6dc28c2fddd832c68501dbbf9943868545eb1b598162850f2cafc5da0875e293e18bef9c7811f45d22bb70811e96463aceb79bf2426865ab0e6fa8f142239213ba4abb09911c7d163f2977b7dd263b59cbc72a21f2c039a62c7e48792e2c501c40ff090d353e661a7456577cd61ac7bcf0157ea08abb2de0747d4f0d4250727b4cdf4a5406159da710c02ba3b9eb5bbaf7a589dc1428314fb35eb1347e32e54b151007db6bba95612d211a13163cf0525b58f00fe9d7e8a81f1df792749a7d7dee6d24e15d4900d10510ea2f1000e1e3ee2becd44689271deb934e1215fed717089b0552c51552736b6d5b32efca786e507e028"]}, 0x110}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
socket$isdn_base(0x22, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000000100)=0xef82)

[ 2515.218415] Memory cgroup out of memory: Kill process 7774 (syz-executor.5) score 1103 or sacrifice child
[ 2515.234436] Killed process 7774 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2515.247337] oom_reaper: reaped process 7774 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
[ 2515.314202] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2515.321023] sctp: [Deprecated]: syz-executor.4 (pid 8378) Use of int in maxseg socket option.
[ 2515.321023] Use struct sctp_assoc_value instead
[ 2515.323545] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2515.341950] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2515.351666] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
09:31:50 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x12, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2515.360888] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2515.370960] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2515.380457] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2515.390120] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2515.399766] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2515.409905] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2515.409905]    program syz-executor.0 not setting count and/or reply_len properly
[ 2515.466696] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:31:50 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x3a002, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000004c0)={<r2=>0x0, 0x20, 0xc88d, 0x8, 0x80000001, 0x326}, &(0x7f0000000500)=0x14)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000540)=@assoc_value={r2, 0x7f}, 0x8)
mmap$binder(&(0x7f0000e5e000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r3}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
setxattr$security_smack_entry(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='security.SMACK64IPIN\x00', &(0x7f0000000480)='&posix_acl_accesscpuset}\x00', 0x19, 0x2)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000300)={<r6=>r4, 0x8}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000380)=@assoc_value={r6, 0x7}, &(0x7f00000003c0)=0x8)
r7 = msgget(0x3, 0x80)
msgctl$IPC_RMID(r7, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000800)={0xb, 'syz1\x00', 'syz0\x00', 'syz1\x00', 0x5a, 0x4, 0x6, 0x6, 0x4, 0x3ff, "11f785e28fef4be060c93fdaea12ead915fb28c3da051623b7d42b660900fda2d0fdb524deb7431baf625ab008fed96205d1168269c116333db25d8fbc8993b287879f99252ea0e470572d16a2687897d6149adf5b9be8795986"}, 0x172)
writev(r5, &(0x7f0000000780)=[{&(0x7f0000000580)="455d08ef26a1bb7946131631e5d5e9fa2ec84a58321569dc5c5d50f6d089e374d29757dfcac21883c41848ce1852b0b337244901800eedc3d9f819a9257f9f2e0f833200a16b93421a830fd9baa32202c681b046d925095f1481d898eb1a5da2ac0ee54f494079eb111fa9baf55de74b05", 0x71}, {&(0x7f0000000600)="17bedc892768e76d60ad723f6b5a5b4a7e112a1329e7874f", 0x18}, {&(0x7f0000000640)}, {&(0x7f0000000680)="d1431357de37f66538369a650692f1b5b56d4627082120cae95fa49e49267297ded63bbd715e63afb999199ccf8ff64a6a1f060738b6b03d6817c2f544a22d881888237ebed84dbc0b22846886135340ac1b73522565132264d18a085a50fb86fcb864ec5fb36cbb3664eef0d63adb54e843a469347b1b58636ac58450a86423bcc53190", 0x84}, {&(0x7f0000000740)="5dc19881fff8a17dfb246e92a1bfddae96db902598e5510c4efa4e524ef4a25be075319042bac7", 0x27}], 0x5)

[ 2515.516328] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2515.549486] CPU: 1 PID: 8414 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2515.556464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2515.565826] Call Trace:
[ 2515.568434]  dump_stack+0x172/0x1f0
[ 2515.572080]  dump_header+0x15e/0x929
[ 2515.575806]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2515.580915]  ? ___ratelimit+0x60/0x595
[ 2515.584812]  ? do_raw_spin_unlock+0x57/0x270
[ 2515.589237]  oom_kill_process.cold+0x10/0x6ef
[ 2515.593760]  ? task_will_free_mem+0x139/0x6e0
[ 2515.598269]  ? find_held_lock+0x35/0x130
[ 2515.602348]  out_of_memory+0x936/0x12d0
[ 2515.606339]  ? lock_downgrade+0x810/0x810
[ 2515.610643]  ? oom_killer_disable+0x280/0x280
[ 2515.615154]  ? find_held_lock+0x35/0x130
[ 2515.619236]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2515.624103]  ? memcg_event_wake+0x230/0x230
[ 2515.628446]  ? do_raw_spin_unlock+0x57/0x270
[ 2515.632862]  ? _raw_spin_unlock+0x2d/0x50
[ 2515.637030]  try_charge+0x1028/0x15b0
[ 2515.640845]  ? find_held_lock+0x35/0x130
[ 2515.644924]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
09:31:50 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x13, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:50 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d000000], [], [], [], [], [], [], []]}, 0x905)

[ 2515.649866]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2515.654719]  ? find_held_lock+0x35/0x130
[ 2515.658790]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2515.663783]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2515.668465]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2515.672974]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2515.677834]  memcg_kmem_charge+0x136/0x300
[ 2515.682085]  __alloc_pages_nodemask+0x3c6/0x760
[ 2515.686763]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2515.691778]  ? lockdep_hardirqs_on+0x415/0x5d0
09:31:50 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2515.696362]  ? trace_hardirqs_on+0x67/0x220
[ 2515.700849]  ? kasan_check_read+0x11/0x20
[ 2515.705092]  copy_process.part.0+0x3e0/0x7a30
[ 2515.709693]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2515.714793]  ? delayacct_end+0x5c/0x100
[ 2515.714813]  ? __delayacct_freepages_end+0xe0/0x140
[ 2515.714833]  ? __lock_acquire+0x6eb/0x48f0
[ 2515.714858]  ? __cleanup_sighand+0x70/0x70
[ 2515.714876]  ? mark_held_locks+0x100/0x100
[ 2515.714901]  _do_fork+0x257/0xfd0
[ 2515.736547]  ? fork_idle+0x1d0/0x1d0
[ 2515.736568]  ? blkcg_print_stat+0xb90/0xb90
[ 2515.748064]  ? kasan_check_read+0x11/0x20
[ 2515.748081]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2515.748098]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2515.760310] sctp: [Deprecated]: syz-executor.3 (pid 8709) Use of int in max_burst socket option.
[ 2515.760310] Use struct sctp_assoc_value instead
[ 2515.761722]  ? do_syscall_64+0x26/0x620
[ 2515.761739]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2515.761762]  ? do_syscall_64+0x26/0x620
[ 2515.788481]  __x64_sys_clone+0xbf/0x150
[ 2515.792490]  do_syscall_64+0xfd/0x620
[ 2515.796327]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2515.801528] RIP: 0033:0x45bc99
[ 2515.804726] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2515.823638] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2515.831356] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2515.838640] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
09:31:50 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f00000002c0)=ANY=[@ANYBLOB="000000000000000005000000000000010200000000000000", @ANYRES32=r1, @ANYBLOB="00000000000000000100"/28, @ANYRES32=r0, @ANYBLOB="00000000001000"/28])
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000003c0)={r2, @in={{0x2, 0x4e21, @multicast1}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000340)='/dev/btrfs-control\x00', 0x101040, 0x0)
write$P9_RLERRORu(r4, &(0x7f0000000380)={0x14, 0x7, 0x1, {{0x7, '[vmnet0'}, 0x99a}}, 0x14)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

[ 2515.845915] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2515.854404] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2515.861680] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2515.912353] Task in /syz5 killed as a result of limit of /syz5
[ 2515.922164] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2515.922164]    program syz-executor.0 not setting count and/or reply_len properly
[ 2515.925476] memory: usage 307180kB, limit 307200kB, failcnt 147
[ 2515.958264] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2515.979316] sctp: [Deprecated]: syz-executor.4 (pid 8802) Use of int in maxseg socket option.
[ 2515.979316] Use struct sctp_assoc_value instead
[ 2515.986222] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2516.013406] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2516.034959] Memory cgroup out of memory: Kill process 8414 (syz-executor.5) score 1103 or sacrifice child
[ 2516.046092] Killed process 8414 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:31:51 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000700", 0x2e}], 0x1}, 0x0)

09:31:51 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x15, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:51 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [], [], [], [], [], []]}, 0x934)

09:31:51 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0)
accept4$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast2}, &(0x7f00000000c0)=0x10, 0x80800)
read$eventfd(r0, &(0x7f0000000000), 0x8)

09:31:51 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff], [], [], [], [], [], [], []]}, 0x905)

[ 2516.058275] oom_reaper: reaped process 8414 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:31:51 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0x8000d2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000002c0)={0x4, [0x8, 0xbdda, 0xa3, 0x7]}, &(0x7f0000000300)=0xc)
msgctl$IPC_RMID(r3, 0x0)

[ 2516.113552] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2516.113552]    program syz-executor.0 not setting count and/or reply_len properly
[ 2516.150579] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2516.159432] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2516.164717] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2516.173631] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2516.182494] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2516.188629] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2516.191398] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:31:51 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x16, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2516.211283] syz-executor.5 cpuset=
[ 2516.213139] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2516.213159] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2516.213180] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2516.217296] syz5
[ 2516.264215] sctp: [Deprecated]: syz-executor.4 (pid 8916) Use of int in maxseg socket option.
[ 2516.264215] Use struct sctp_assoc_value instead
[ 2516.288759]  mems_allowed=0-1
[ 2516.292825] CPU: 0 PID: 8918 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2516.299760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2516.309116] Call Trace:
[ 2516.311718]  dump_stack+0x172/0x1f0
[ 2516.315361]  dump_header+0x15e/0x929
[ 2516.319092]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2516.324208]  ? ___ratelimit+0x60/0x595
[ 2516.328105]  ? do_raw_spin_unlock+0x57/0x270
[ 2516.332520]  oom_kill_process.cold+0x10/0x6ef
[ 2516.337133]  ? task_will_free_mem+0x139/0x6e0
[ 2516.341634]  ? find_held_lock+0x35/0x130
[ 2516.345713]  out_of_memory+0x936/0x12d0
[ 2516.349706]  ? lock_downgrade+0x810/0x810
[ 2516.349723]  ? oom_killer_disable+0x280/0x280
[ 2516.349757]  ? find_held_lock+0x35/0x130
09:31:51 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x17, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2516.362557]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2516.367404]  ? memcg_event_wake+0x230/0x230
[ 2516.371738]  ? do_raw_spin_unlock+0x57/0x270
[ 2516.376168]  ? _raw_spin_unlock+0x2d/0x50
[ 2516.380331]  try_charge+0x1028/0x15b0
[ 2516.384139]  ? find_held_lock+0x35/0x130
[ 2516.388208]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2516.393065]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2516.397898]  ? find_held_lock+0x35/0x130
[ 2516.401942]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2516.406776]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2516.411434]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2516.415915]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2516.420744]  memcg_kmem_charge+0x136/0x300
[ 2516.424977]  __alloc_pages_nodemask+0x3c6/0x760
[ 2516.429644]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2516.434646]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2516.439217]  ? trace_hardirqs_on+0x67/0x220
[ 2516.443522]  ? kasan_check_read+0x11/0x20
[ 2516.447658]  copy_process.part.0+0x3e0/0x7a30
[ 2516.452148]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2516.457274]  ? delayacct_end+0x5c/0x100
[ 2516.461236]  ? __delayacct_freepages_end+0xe0/0x140
[ 2516.466240]  ? __lock_acquire+0x6eb/0x48f0
[ 2516.470472]  ? __cleanup_sighand+0x70/0x70
[ 2516.474693]  ? mark_held_locks+0x100/0x100
[ 2516.478935]  _do_fork+0x257/0xfd0
[ 2516.482376]  ? fork_idle+0x1d0/0x1d0
[ 2516.486081]  ? blkcg_print_stat+0xb90/0xb90
[ 2516.490393]  ? kasan_check_read+0x11/0x20
[ 2516.494526]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2516.499265]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2516.504004]  ? do_syscall_64+0x26/0x620
[ 2516.507969]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2516.513318]  ? do_syscall_64+0x26/0x620
[ 2516.517279]  __x64_sys_clone+0xbf/0x150
[ 2516.521242]  do_syscall_64+0xfd/0x620
[ 2516.525030]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2516.530214] RIP: 0033:0x45bc99
[ 2516.533401] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2516.552429] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
09:31:51 executing program 2:
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000100)=0x3, 0x4)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000140))
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f0000000180), 0x4)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000000)={0x0, 0x105000, 0x8, 0x6, 0x20000000000000})
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$TCSBRK(r1, 0x5409, 0x4)

09:31:51 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f], [], [], [], [], [], [], []]}, 0x905)

09:31:51 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

[ 2516.560129] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2516.567381] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2516.574636] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2516.581885] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2516.589168] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
09:31:51 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x18, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2516.684194] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2516.684194]    program syz-executor.0 not setting count and/or reply_len properly
[ 2516.714389] sctp: [Deprecated]: syz-executor.4 (pid 9215) Use of int in maxseg socket option.
[ 2516.714389] Use struct sctp_assoc_value instead
[ 2516.831788] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2516.831788]    program syz-executor.0 not setting count and/or reply_len properly
[ 2516.832574] Task in /syz5 killed as a result of limit of /syz5
[ 2516.873731] memory: usage 307160kB, limit 307200kB, failcnt 175
[ 2516.879911] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2516.896906] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2516.906937] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:31:52 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100700", 0x2e}], 0x1}, 0x0)

09:31:52 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], [], [], [], [], [], []]}, 0x934)

09:31:52 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x3, 0x0)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000040)={0x1, @capture={0x1000, 0x1, {0x8, 0x100000001}, 0x80000001, 0x12}})

09:31:52 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x19, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:52 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffbf], [], [], [], [], [], [], []]}, 0x905)

09:31:52 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000002c0)=ANY=[@ANYRES32=r2, @ANYBLOB="0010000023fdccbc5c8d2eba7f3673603c03c7c9fb96ec98f111ec4f2cfd42320563419993ff6cab5fab99e45a4513027a46935a50cf2931cacfb3974d51f9a03958cdb2fa00bcf99ef44078b6120a8b0004530423a9953e71565399645e5c53060902bb96f853ce7b55cc803ed7c508ebacc363fe33bbe3a68a72871a54fdaa91cfb73ae68761dbc92c272c2a256545e48e693a30675481a7eab49a15c8b8fc35b33950c384847e1e50293f6f71b0480c3a8364021f7f99305b5f2c4619a8bd0317f03b11747c5900b1ecaa4bf01015f19c135cee4a585798f8d039e9ad48adb8d8dacd6f737cd257316975e80d00e5c86772e3c72a18b024842136c5502423bfdba368262cc0ede57744ce67e5cbb25428ae8ec084c70b96469f189495329c231709ddedb36a17fffb11e9f1fcfaf856e31b85b54261c75c67a9734760162984e308aa8e8e8287c08659474ad4d9983a5e876d966b57ea10415cb8108d27a56a5c9f3b7d7d2f4dcf75043eb2833ad80d50f1a3aed9c07a961d9cbab5095aa5630f622d869d0bd6e1d0929d77996c8c8ee3251aadb9b3be3d6ca77bc657c2bbde4f987600dfe2606a21480cbdb31e8495d8873c5fefd25232156b82459e0fa0004cb54e9ad272c9609c0160048b9656126b736f429c422184747725b0dc68e349c7de8bda3515ed24ef692fbc6ac7a3839fd6db01442ea93ed16e4af282f2dda794e8926abfdd77ece238991fa5a5a5386ac67fff2e2023df4070e7eada7b87507f87b52c5098c96fba3232115b6e07bd019c3472b0994ec69906b352280e1231899b8c6cf3f48aa2beb78272b3c4fcc0dfe6b5da1f6fe0f335932c1b774771587d3faa6b6227b4773efcdbef83ed64a932269bd16a16215ebcc4303cf5b6403b4fea84a21a841f252f02f600c80cd4ecf769b3fdb0ced5a59568e0ef703aa6e55c951f1b6ab352b27de55e8ed1e2c2bf3254bc1f961e53b6bdbbac6a1a07258e97931d35b2be4ea7ff96aa5a0ba6fb4dc3afb38155b61853d2231cb502362725c7a55af7a4770b4daba1a24b15214d72b2010ff32eb7bcd8d8897ff87467fc56bcf09a5f86c34cfa6711ddbca3caff182bf9eab1e9590ed24b0e7fb3c862a8bc29a6d8f47b8820d4ccebbbd8faf06c2464dc75ff84a831c13ff31ce0590827df98cf0ba8ef82f17f2f0eeec1520dd77aa36d62b785a4190fc3f47cd297d784d764470ce29b0d54583804fa12e7299b9a060cff2f336dbefa175790712120117bb210134f3c81161d6fa5b62c37ee0c2456d4a0c704e1e187cfa3495616f190b8f4a2f7427f378f5cffdcb3b5c80974056cc92c8a7354c3930f35f5ecb5764d1e5f6dd1394fe3eec9bbfc6d30a5f215757f3a42f6f52c546b44ba4bb4b5b10a0ab0f036508d2c97e9e5709bb5228ec40b4be25313aa63b478f52767f90dd0009c0a2802eed58f21de20e4473217f9fcd5def94f8a32d8f66266ea577ccc44cb4bce7993bd24b2baaad4ac130b4a1e73133099e974379c0d944bf29b9741de393302efb7ab1572cc212a6fb087a7fd8cc6b673d050d699c1c3ee7a0070b330b46b6236d72294fc90fb485d1322783c10ef9ee4463b02beed95c81fefd58d6e7a1b21bc3850c8fcdc782d4969ebdf29de1318e783c4e88a47af2322f7de3b491f96bfe34193bb8e849f3e5116fd1b13b2709eaa7c17b15f2ac5f02cf82afc3a61f24417358eb227cc018feb2479d919208044fb3f3b507141aa8dec3863e6e62d646004dd5d7b1551846d3bba13c08a9d027464eee61f63d22d51c55f0befc87420a16bfdbdc7fc15325d54b538dccf9032f0c748980d2946df99cd4f61393c879469fb2e01488080f6f810446223c7928efb81fae9733c068dcef061164172443bb98b908dec43eab935ee3eb1b98e50eb3512e3e663d24aa5aaa96725eea45449b750d35713239329d4cc37a43bb348df654de7c17ca2cfdc0ac811dc8420f9399576d8c1c42392b98083f7eac5fa93def897bcbdf9f9bd1c6c4a29c3f4070877e223907247da0a77bd11e449ec12c4c304229ac737d49e4893bb24add4a0eb16b8ab8c172406b863c9eb3edf5398d468fe444668fc7022e3591f5c4699eb95d390584a7cbd668eb14f44196f51f30a843900cbe13f5c9c2128b792d104514391a46ba76d1daebfd10a047a281564cde0eacdf670128a8f256752406aaf2aeef0a0c201977cfbf201db07fdf5544fb207cfabf2242d9decc4b044c5fa132ed2427f31d287160b26ebfd69a683a5067d8f1d0c9f3af0a1bbdfe09de84b81ba2b5a143800b97585b16a89f2dc7f1eeb79324206da05300a86f9132b4903e806fe1659f90a0b74364da4881dd35bfaf8332ad27eeb105ed2b8deac1b1b39c8fe2e96ceaf43d22fc51be78b1dd1d1c080cebeebb374670c089df9f2be829879a07e26f9db452fc4c7d0e6a6a7dd9ce9e48f89faffe78fd6119b8082b9c0cc4dcdb4f52537950e64d8e94f2dc20b3c6f78feadbb131c33060515b1d4472354b97089ca677b948770c3fcdb733eb5ade4b6c1e13b218359cd4873b0fe022e7662765612f7205ba897de8c1e118ccb1a84cfaa33ebe0fe5108bea580ed136be3db81b3130bac086e397f225a006b578584b03046a76d17f1eae83877b15d75964c19261ffb1aca663606d3183396d5c41b12ec1b225cd10de2bb644b37d95416bca67fe22d71072286b0007e0a588d6ccb7a95fa9853e37d487ac31c95ea3415cd3f33edb5630bd853488bedcdeacdd4c718e964a8b295a6a5796ac691f342c07514ca850ebe0a888ba03172c62962be4bc280e473e09dc1d293a3daafb78362bde31e2400d3c1acb268cb1c047aa385c7e0acac8de1f48e0822f5569a5785ff4478efe0d14b85630d117dd2c3b8900f677d348ded0242cb5c0f0b8f9797eb894dd0cd7a8dc838a75f85ab3d9b3ce1820f36df55563e885719b9c2e53e6ed3650519a23a8c355cbcb7976ff5c50682bcd7e606ed14d78e47cad6a14a11923c5cd6c742d5b24eda359faaba427c2b858afa1af911ecf18bdcf0c62c3b6b740184ef0a038dde23f44d09d5bc3f5334cea8656fad4e8e209535bf7275b1c3d052a19a9ebd142b6bdbf9886e65c1863b6ed91b4bcf50fa549dfc790e286c8bb5364f8ef273fe9ca86b0a2b56e4f4b86d7361abef470c8be8c43a921199459d0f2d4ac449d9dade7dec11f81f382cf882137e5bf00df0a2ece31f7e6b4777381fb36b84f5767b5cd0b42353240a81736b2845801237db9346b3926cab0a6f9146500ab0e6a32d69323106932cf5b2377534d56edd5ac87975570fb9fb062ef65c092f4fc32c048dec4ded300309efa749ab43de04c65d4da96963c1cc48443ce85b3c2d60b06e68a85eff0bc7b11488c73f211398a97df635a7a87d135ab845aba2e701512cf131489a22bb7ce53dc7368e8553993eee6edd74fd0cae56aa53be18aa2a1982b8fb968eceb5e2cc751c1a55d751cbe56482425cc5e1c1e6161efbd1bbf2416aca6bc4bad4034d275c02607a51617b0e955a6db64ec590a11bce0d832f072ad1747e930b4aeb9390a49e2b7cf9c55943722dc1fb358bbc3ccd172c97e1be8edec354aec437680a59146205f37b836e591f2df176599dbeea9b75b62c9e5a4a9846999ece3e329e1dd199f3049bcd30cb170e07f403993706a56abad7f1b88c015a9c3b210a7884170aa899e2d010fc6fb9e6817a560f2659a3462c49efbbcde498a9d30d76753e9f0bfdcdf7c3b961ee9e70aa74ba0e175648ac74508df1e11336452fdd072d2951f6f5272db11de0a68330baa0b3dc7d6223ab9b9c949ef6d4ca24ca992c947ba31bb1d67bef903006969089de59a5562cde0758772c9e93a197b35d77fc709b036242a386ccd5ec5356bbf6a1ab9b2f8892d004e4695b6509edb84fbbbf2482d0f4509db6e89eb579609413c9cbbd60445374f1cc1697826e6fdd09ba83a3f07dc2088605b22c8ddfd817f1aa3e469176e4c99854826df66cf5c798fca2af81b3a309e817d78da157232e5ed8614fcce3bbe0c73ec8e5a70ba995fa18ec23d163ff277d3932e2c67da4477f5ba075bffc50295c0566c58777cb899aa5ce7a1aa7cd0f6e72c902f3a978de5c65792280ae31524dd7a7aa5d8f58d0a1b007e704c98ebde149bf6b4ba98dac9d3e960333574853fe567d744ae533707da8d1b6e66d096c56de7a98655421738e2e5bf9dcc0e0030c12a950419e6e3eee88e920576bb5a5477a8ac5471198cd5b05f50fcb53490ee48b871d02de859f56195c28806c50c95f893803995477ca2d4cc76e7a2d23b36947e101216e74f622e27ead89d5606dcac81ee27ce7f0b239cf9b458a079cbeda41f8f497574a9cd2c6ae8b6ded794444e9b6fd7c8bc7637ee6c233519c81b08c181f015f16d5b73aa8c3f4df7082e75cc004222919386a912fa4a85f9e7b2bbf5ef7c1c089d1520bb7c4aaced45e551cd788d51fa6a4bd00f3428d64b51c833b0dcc149a394216ac9b97174051482456e9a5d875759d5fc4a5493eeea9334995d2024c6ca645c8cea7b71b1a3d00e135cf6779e403cbb5ead3b8f7108ab336b5459a487cfefdf58004a39a99e8bdadfad0cc0a3fdf0f18b2a99600779f1729f6d56c6bd97e56c7aa63321e61c148703b95a968c3860e403f09f6da8aa318eb66f3282fd76478426459e1431296defa2e59d81207b7fefdd47b87d5da68ddb9e5f767b283149b4e2a363f3748ed494044a617e548ed13403d7d61dd1400be7d29ad451b066944161e3e0a450346ed1f6675b6d47abfaae9800565243932e574b37358879198f6412515d3952622a70131728b85a099a0c3fd4afd5521b39ef6a99e457f41156e3cbaa3a3c44007be059b129a6d6cbd68a1ef0eea63fbfb310f631fcf4ce31e0a9878b1c81ba2edd0b182c8b5c8c910eec5246e1d76176a675ce79c95eff0b08d665bb84ed29fdd9a22a87f478df1f5dc5a5afa272348ca3a0b85a17a2a9a97b0b1c8ba909ac9055df873b540b815662af40641666675a91447c6b80af34df7f68be810c0dd47940f6ec9e18b8e83f8d80771bf52bd03f29aeb0dd8a919b175f6ec86be9cde408f0e243470bcaec41be1f7531f460a8a92fb2ecbccc419c3cd8d6a5a9aa6e14964c91e0762b0df6f7e347163e6ac857227fa56664777d742efb6cdcbfeb3effa9aa0b03cd256d46f824a3010c05a5d9cc2e182422a6622ddea357389abd66b439af7e2e05f9cc10b0978ec237cd6f561c2b84b1dba14fa844174a24ab303cad47ee38ed06841f8651b899cc81c5a28ba1d19900f7a8a76519b63fa7ce819ec4b75c083346f71b495946e8d5a9e45b288bc61d52f7494e2c6340b89f5f212677491ef91f52a7aef9f37f7755612f97e44fd4ef3cb7501ad5e5a2ff89cbd5c81a4758b4a162e31eef719ade05fa108d167fbcac5b46429088c80ee590c1459eba6c1a094bbd9e3e8f9c08ea9951dbe137e58b905faa0dc962d1be38c5a863ea7ccd30236c4743488a0d10dcd7350753084624f301130918844e8c098ca4429bf1b512229b03e5a7f8f40ed8b4952d48d58d75485a7a485d9e90ad0756750f8a24ae60225295a0faf10f12b73f0eb88ea6b01182190267ba32b4f20972b2dc1da3b4ee11fc1d48e8fb92f2bf4a8afd73dfdbaf2960128efd3915c5daeb19cb1804b621f4a029bff2a0ff25e61447a3d3a9fea6c6a2279eeb3c904d02830fe6286ba47c1fce8cae2009f2fd5fb97e0560d63a6a052b0c4775d0eaad06f261f"], &(0x7f0000001300)=0x1008)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2516.949220] Memory cgroup out of memory: Kill process 8918 (syz-executor.5) score 1103 or sacrifice child
[ 2516.960312] Killed process 8918 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2516.971572] oom_reaper: reaped process 8918 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
[ 2517.007444] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2517.016305] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2517.021516] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2517.030440] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2517.039369] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2517.048288] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:31:52 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1a, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2517.054251] sctp: [Deprecated]: syz-executor.4 (pid 9456) Use of int in maxseg socket option.
[ 2517.054251] Use struct sctp_assoc_value instead
[ 2517.057205] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2517.079308] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2517.088225] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2517.093301] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2517.151322] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2517.170764] CPU: 1 PID: 9457 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2517.177742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2517.187107] Call Trace:
[ 2517.189714]  dump_stack+0x172/0x1f0
[ 2517.193361]  dump_header+0x15e/0x929
[ 2517.197102]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2517.202225]  ? ___ratelimit+0x60/0x595
[ 2517.206129]  ? do_raw_spin_unlock+0x57/0x270
[ 2517.210561]  oom_kill_process.cold+0x10/0x6ef
[ 2517.215076]  ? task_will_free_mem+0x139/0x6e0
[ 2517.219580]  ? find_held_lock+0x35/0x130
[ 2517.219605]  out_of_memory+0x936/0x12d0
[ 2517.219623]  ? lock_downgrade+0x810/0x810
[ 2517.219641]  ? oom_killer_disable+0x280/0x280
[ 2517.227653]  ? find_held_lock+0x35/0x130
[ 2517.227684]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2517.227698]  ? memcg_event_wake+0x230/0x230
[ 2517.227716]  ? do_raw_spin_unlock+0x57/0x270
[ 2517.253935]  ? _raw_spin_unlock+0x2d/0x50
[ 2517.258105]  try_charge+0x1028/0x15b0
[ 2517.261916]  ? find_held_lock+0x35/0x130
[ 2517.266004]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2517.270853]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2517.275700]  ? find_held_lock+0x35/0x130
[ 2517.275716]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2517.275742]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2517.275757]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2517.275774]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2517.275791]  memcg_kmem_charge+0x136/0x300
[ 2517.275808]  __alloc_pages_nodemask+0x3c6/0x760
[ 2517.307694]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2517.312730]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2517.317332]  ? trace_hardirqs_on+0x67/0x220
[ 2517.321669]  ? kasan_check_read+0x11/0x20
[ 2517.325839]  copy_process.part.0+0x3e0/0x7a30
[ 2517.330351]  ? lock_downgrade+0x810/0x810
[ 2517.334514]  ? migration_entry_to_page+0x320/0x320
[ 2517.339451]  ? lru_cache_add+0x21c/0x590
[ 2517.343525]  ? kasan_check_read+0x11/0x20
[ 2517.347678]  ? do_raw_spin_unlock+0x57/0x270
09:31:52 executing program 4:
setrlimit(0x12, &(0x7f00000002c0)={0x81, 0x19})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$dmmidi(&(0x7f0000000300)='/dev/dmmidi#\x00', 0x5, 0x80)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e22, @empty}}}, 0x9b)
r3 = getegid()
setfsgid(r3)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:52 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1b, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:52 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:52 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], [], [], [], [], [], []]}, 0x934)

[ 2517.352092]  ? _raw_spin_unlock+0x2d/0x50
[ 2517.356251]  ? __cleanup_sighand+0x70/0x70
[ 2517.360487]  ? find_held_lock+0x35/0x130
[ 2517.360510]  ? __do_page_fault+0x676/0xe90
[ 2517.360526]  ? find_held_lock+0x35/0x130
[ 2517.372855]  ? __do_page_fault+0x676/0xe90
[ 2517.377105]  _do_fork+0x257/0xfd0
[ 2517.380561]  ? fork_idle+0x1d0/0x1d0
[ 2517.384281]  ? up_read+0x1a/0x110
[ 2517.387743]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2517.393287]  ? __do_page_fault+0x484/0xe90
[ 2517.397547]  ? trace_hardirqs_on_thunk+0x1a/0x1c
09:31:52 executing program 2:
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=<r0=>0x0)
ptrace$poke(0x5, r0, &(0x7f0000000040), 0xfffffffffffffffa)
socket$isdn_base(0x22, 0x3, 0x0)

[ 2517.402320]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2517.407180]  ? do_syscall_64+0x26/0x620
[ 2517.411170]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2517.416547]  ? do_syscall_64+0x26/0x620
[ 2517.420532]  __x64_sys_clone+0xbf/0x150
[ 2517.420553]  do_syscall_64+0xfd/0x620
[ 2517.420570]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2517.420585] RIP: 0033:0x45bc99
[ 2517.436820] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2517.443845] sctp: [Deprecated]: syz-executor.4 (pid 9779) Use of int in maxseg socket option.
[ 2517.443845] Use struct sctp_assoc_value instead
[ 2517.455724] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2517.455742] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2517.455752] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2517.455761] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2517.455770] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2517.455778] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2517.523070] Task in /syz5 killed as a result of limit of /syz5
[ 2517.531868] memory: usage 307172kB, limit 307200kB, failcnt 183
[ 2517.568923] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2517.610150] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2517.618955] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2517.624390] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2517.633305] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2517.633331] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2517.633357] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2517.633378] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2517.633398] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2517.651216] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2517.689768] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2517.725304] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2517.745973] Memory cgroup out of memory: Kill process 9457 (syz-executor.5) score 1103 or sacrifice child
[ 2517.756827] Killed process 9457 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:31:52 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000800", 0x2e}], 0x1}, 0x0)

09:31:52 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:52 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x80000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000003c0)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000400)=0x14)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000300)={0x3, 0x70, 0x10000, 0xe2f3, 0x2, 0x0, 0x0, 0x9, 0x2001, 0x3, 0x8, 0xd83, 0x6, 0x6, 0xfff, 0x10000, 0x760d, 0x100000001, 0x6, 0x1c, 0x2, 0xdb4a, 0xc6, 0x80, 0x8, 0xffffffff, 0x4, 0x8, 0x8, 0x4, 0x800, 0x10001, 0xffff, 0xfffffffffffffc01, 0x55bd, 0x9, 0x40, 0x3f, 0x0, 0xcc, 0x0, @perf_bp={&(0x7f00000002c0), 0x1}, 0xa481, 0x401, 0x1ff, 0x5, 0x7f, 0x5, 0x8})
msgctl$IPC_RMID(r4, 0x0)

09:31:52 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:52 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f00000000c0)={0x81, 0x2, 0xfb19, 'queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x7})
sendmsg$unix(r1, &(0x7f0000000640)={&(0x7f0000000180)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000200)="3ba542ade4b52f3269c365632e3cff756a83019c6ce79f1a0077c0bf25504bc3f200e95bdd13f5ba38fc31e27be6fec61f91c580e4720ff2767a7c991d421f4dd779f42559a2a2629467edfcadbe072dac00c9b1929f7a6ca527607068b853910e2ecfb48f65b5c78bc739e949f669f89da0e33577af059b69617866639940d6ad5c991645a2bc3984468f480cda679320423668f8bbdc49a58238f2c2b448acaf8c56106ae004926453307a7314eb7fedc84ce05ad248d173f6ef0b9a807b09e4efeb6af010df25a69d73b913b232fb5528d65fe1845cdb2c97397fd98f6d7df13071a1d396f67fb00f98bb02b07141ee4c0d1e7f", 0xf5}, {&(0x7f0000000300)="dfa043633c772ff8c76d5018f82d4da3be96ed766c271d5f3a695c6002a46c8dfd78510eb41409195b5295c181127845fe2ba8cd3eff5b0b8325f9769bcc76a5d00122f0ac6a9c5d9055302d41f82abf6357976c280b36f09fb038a12cd63e7022b734d120b11c88740dcefb95fd25998ea30b2da72f7668672228b455974cb27cb7887691fd43e91dec21873f4470f01704e03cfb2f7fdb50ab6c94e1c95052d86b1fbd42283659bae0d4c7c4257e46dcd1825fd57509429b42bccd55c1e21b77214ad1bc35fbb5b0f444545f0f35c920", 0xd1}, {&(0x7f0000000400)="73247b26577238ae79b6675f4731c4a7e5a354312392dd839161143d671fd2470737e7baf4559ac51ba99d2815d4692f1809f59c67fc67fd", 0x38}, {&(0x7f0000000440)="18200495683f2147e67d00f1c553510672865898f9184a377e4d0faa36b779a0c7977921f07ed75cc8cbbcb77be31c53c65e847606de573c2dafcbead4c9db80e846779e9b94d7019822d35931427cdbe2c7be41600f94007295e15e1c575c08a833881a630e2027870b75a93be2351826114f63307ef3f26868517e05c84b5284aeae99045c8fc3637ae26d06f94e36e76a949efe7e1b7d575544d0c537842be5bac668cd7b4a56e35984", 0xab}, {&(0x7f0000000500)="3f92246d3c41ea17280617706af74c330b896de2b10a93c8252d9856932abb0465aa9f2a994875d2b3fb2982f0897e5136f0eba5d77ad0824d3774745afad53f6dabbac0a01295fb50e496464a6605a51f3c017b464edd430489e265b4ddc2d09d351f0e0f10", 0x66}], 0x5, &(0x7f0000000600), 0x0, 0x8850}, 0x90)
syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x3, 0x2)

[ 2517.768116] oom_reaper: reaped process 9457 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:31:53 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], [], [], [], [], [], []]}, 0x934)

[ 2517.841519] sctp: [Deprecated]: syz-executor.4 (pid 10098) Use of int in maxseg socket option.
[ 2517.841519] Use struct sctp_assoc_value instead
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:53 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2517.930935] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2517.975175] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2517.985359] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2517.990267] syz-executor.5 cpuset=
[ 2517.990936] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2517.991414] syz5
[ 2517.994889] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2518.015263] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
09:31:53 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
lstat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setxattr$security_capability(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='security.capability\x00', &(0x7f0000000440)=@v3={0x3000000, [{0x80000001, 0x7fffffff}, {0x6, 0xd9c4}], r2}, 0x18, 0x2)
syz_open_dev$radio(&(0x7f00000002c0)='/dev/radio#\x00', 0x0, 0x2)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r4 = syz_open_dev$dspn(&(0x7f0000000480)='/dev/dsp#\x00', 0x8001, 0x10000)
write$binfmt_elf32(r4, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x10001, 0xcab, 0x1, 0x8000, 0x0, 0x3f, 0xffffffffffffa546, 0x309, 0x38, 0xc4, 0xfffffffffffffffc, 0x3ff, 0x20, 0x2, 0x800, 0xffff, 0x1}, [{0x6474e557, 0xfffffffffffff000, 0x8001, 0x7, 0xae, 0x2, 0xfff, 0x7fff}], "d54984c2535fafdfccacc13fe0442c7adc055fa6b41978263827b16b48e6a21aeae38a481444fc3056956c28c6c7eda0685386a20e3b9e7a2f83c50a6157f4d49be465b872f98c5f170cee9263fdd56f58af4651ad478e95081a2bc745b5022f8a45c0303b44101727854de8ae90a5fcfa90dd37a3e070bbcac76ca879da4acdccae8dd605c4bddd2f1b93b945b3255abdff458745b21544a687cb941e71c82f80b396b6f383d29570efc84a09bc390c5d85da2c02306a3ec8f769f5f8dbf0ca07f3c66d23e8796127a5ae", [[], [], [], [], [], [], [], [], [], []]}, 0xb23)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in={{0x2, 0x4e20, @empty}}}, 0x84)
r5 = msgget(0x2, 0x80)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000001000), 0x4)
msgctl$IPC_RMID(r5, 0x0)

[ 2518.024996] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2518.030679]  mems_allowed=0-1
[ 2518.034238] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2518.046326] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2518.046836] CPU: 1 PID: 10101 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2518.055433] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2518.062185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2518.062191] Call Trace:
[ 2518.062217]  dump_stack+0x172/0x1f0
[ 2518.062240]  dump_header+0x15e/0x929
[ 2518.087691]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2518.092812]  ? ___ratelimit+0x60/0x595
[ 2518.096705]  ? do_raw_spin_unlock+0x57/0x270
[ 2518.101132]  oom_kill_process.cold+0x10/0x6ef
[ 2518.105656]  ? task_will_free_mem+0x139/0x6e0
[ 2518.110276]  ? find_held_lock+0x35/0x130
[ 2518.114358]  out_of_memory+0x936/0x12d0
[ 2518.118343]  ? lock_downgrade+0x810/0x810
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2518.122494]  ? oom_killer_disable+0x280/0x280
[ 2518.126997]  ? find_held_lock+0x35/0x130
[ 2518.131086]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2518.135936]  ? memcg_event_wake+0x230/0x230
[ 2518.140265]  ? do_raw_spin_unlock+0x57/0x270
[ 2518.144676]  ? _raw_spin_unlock+0x2d/0x50
[ 2518.148833]  try_charge+0x1028/0x15b0
[ 2518.152630]  ? find_held_lock+0x35/0x130
[ 2518.156790]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2518.161637]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2518.166489]  ? find_held_lock+0x35/0x130
[ 2518.170561]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2518.175516]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2518.180191]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2518.184696]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2518.189552]  memcg_kmem_charge+0x136/0x300
[ 2518.193801]  __alloc_pages_nodemask+0x3c6/0x760
[ 2518.198478]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2518.203511]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2518.208107]  ? trace_hardirqs_on+0x67/0x220
[ 2518.212444]  ? kasan_check_read+0x11/0x20
[ 2518.216609]  copy_process.part.0+0x3e0/0x7a30
[ 2518.221118]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x22, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2518.226230]  ? delayacct_end+0x5c/0x100
[ 2518.230218]  ? __delayacct_freepages_end+0xe0/0x140
[ 2518.235245]  ? __lock_acquire+0x6eb/0x48f0
[ 2518.239499]  ? __cleanup_sighand+0x70/0x70
[ 2518.243745]  ? mark_held_locks+0x100/0x100
[ 2518.248011]  _do_fork+0x257/0xfd0
[ 2518.251469]  ? fork_idle+0x1d0/0x1d0
[ 2518.255183]  ? blkcg_print_stat+0xb90/0xb90
[ 2518.255199]  ? kasan_check_read+0x11/0x20
[ 2518.255215]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2518.255230]  ? trace_hardirqs_on_thunk+0x1a/0x1c
09:31:53 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2518.255243]  ? do_syscall_64+0x26/0x620
[ 2518.255259]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2518.255272]  ? do_syscall_64+0x26/0x620
[ 2518.255289]  __x64_sys_clone+0xbf/0x150
[ 2518.255306]  do_syscall_64+0xfd/0x620
[ 2518.255325]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2518.299452] RIP: 0033:0x45bc99
[ 2518.302654] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2518.321560] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2518.329282] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2518.336560] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2518.343837] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2518.351119] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2518.358395] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2518.428040] Task in /syz5 killed as a result of limit of /syz5
[ 2518.442483] memory: usage 307192kB, limit 307200kB, failcnt 215
[ 2518.454881] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2518.462744] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2518.477934] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2518.503041] Memory cgroup out of memory: Kill process 10101 (syz-executor.5) score 1103 or sacrifice child
[ 2518.513997] Killed process 10101 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x23, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:53 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000dfa000/0x3000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000a00000/0x600000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000d8b000/0x2000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000f43000/0x4000)=nil, &(0x7f0000ff4000/0x3000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x28c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
uname(&(0x7f00000002c0)=""/95)
msgctl$IPC_RMID(r3, 0x0)

09:31:53 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:53 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], [], [], [], [], [], []]}, 0x934)

09:31:53 executing program 2:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x701000, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000040)=0x2, 0x4)
socket$isdn_base(0x22, 0x3, 0x0)

09:31:53 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100800", 0x2e}], 0x1}, 0x0)

[ 2518.558806] oom_reaper: reaped process 10101 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2518.619212] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2518.626278] sg_write: 5 callbacks suppressed
[ 2518.626290] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2518.626290]    program syz-executor.0 not setting count and/or reply_len properly
[ 2518.628694] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2518.655008] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2518.664317] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2518.674368] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2518.675780] sctp: [Deprecated]: syz-executor.4 (pid 10547) Use of int in maxseg socket option.
[ 2518.675780] Use struct sctp_assoc_value instead
[ 2518.683527] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2518.705813] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x24, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2518.714944] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2518.724676] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
09:31:53 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2518.791693] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000
[ 2518.809296] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2518.825867] CPU: 0 PID: 10545 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2518.832908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2518.842277] Call Trace:
[ 2518.844889]  dump_stack+0x172/0x1f0
[ 2518.848637]  dump_header+0x15e/0x929
[ 2518.852360]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2518.857473]  ? ___ratelimit+0x60/0x595
[ 2518.857490]  ? do_raw_spin_unlock+0x57/0x270
[ 2518.857509]  oom_kill_process.cold+0x10/0x6ef
[ 2518.857527]  ? task_will_free_mem+0x139/0x6e0
[ 2518.865820]  ? find_held_lock+0x35/0x130
[ 2518.865841]  out_of_memory+0x936/0x12d0
[ 2518.865858]  ? lock_downgrade+0x810/0x810
[ 2518.865880]  ? oom_killer_disable+0x280/0x280
[ 2518.891498]  ? find_held_lock+0x35/0x130
[ 2518.895578]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2518.900947]  ? memcg_event_wake+0x230/0x230
[ 2518.905289]  ? do_raw_spin_unlock+0x57/0x270
[ 2518.909791]  ? _raw_spin_unlock+0x2d/0x50
[ 2518.913952]  try_charge+0x1028/0x15b0
[ 2518.917762]  ? find_held_lock+0x35/0x130
[ 2518.921841]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2518.926692]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2518.931542]  ? find_held_lock+0x35/0x130
[ 2518.935611]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2518.940479]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2518.945159]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2518.949667]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2518.954523]  memcg_kmem_charge+0x136/0x300
[ 2518.958773]  __alloc_pages_nodemask+0x3c6/0x760
[ 2518.963456]  ? should_fail+0x14d/0x85c
[ 2518.967355]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2518.972380]  ? find_held_lock+0x35/0x130
[ 2518.976464]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 2518.982128]  alloc_pages_current+0x107/0x210
[ 2518.986619]  pte_alloc_one+0x1b/0x1a0
[ 2518.990431]  __do_fault+0x2d7/0x480
[ 2518.994066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2518.999608]  __handle_mm_fault+0x2b0e/0x3f80
[ 2519.004017]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2519.004034]  ? find_held_lock+0x35/0x130
[ 2519.004049]  ? handle_mm_fault+0x322/0xb30
[ 2519.004073]  ? kasan_check_read+0x11/0x20
[ 2519.021344]  handle_mm_fault+0x43f/0xb30
[ 2519.025426]  __do_page_fault+0x62a/0xe90
[ 2519.029522]  ? vmalloc_fault+0x740/0x740
[ 2519.033600]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2519.038626]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2519.043866]  ? page_fault+0x8/0x30
[ 2519.047427]  do_page_fault+0x71/0x57d
[ 2519.051241]  ? page_fault+0x8/0x30
[ 2519.054793]  page_fault+0x1e/0x30
[ 2519.058253] RIP: 0033:0x4019f7
[ 2519.061452] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf d0 93 4c 00
[ 2519.080451] RSP: 002b:00007fff8354f7a0 EFLAGS: 00010287
[ 2519.085836] RAX: 0000001b2cf20000 RBX: 0000000000000000 RCX: 0000001b2df20000
09:31:53 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x66, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x6c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:54 executing program 2:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x84000, 0x0)
ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000040))
rt_sigprocmask(0x1, &(0x7f0000000240)={0xfffffffffffffffc}, &(0x7f0000000280), 0x8)
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f00000002c0))
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb8, r1, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x30, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4b}]}, @TIPC_NLA_MEDIA={0x38, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x99e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x55f4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}]}, @TIPC_NLA_LINK={0x3c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xed}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}]}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20008800}, 0x480c4)

09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x6d, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2519.093110] RDX: 0000001b2cf20004 RSI: 00007fff8354f560 RDI: 0000000000000000
[ 2519.093119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 2519.093127] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 2519.093135] R13: 00007fff8354f990 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2519.138884] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2519.138884]    program syz-executor.0 not setting count and/or reply_len properly
[ 2519.236713] Task in /syz5 killed as a result of limit of /syz5
[ 2519.249985] memory: usage 307200kB, limit 307200kB, failcnt 240
[ 2519.277952] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2519.296095] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2519.302290] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
09:31:54 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000900", 0x2e}], 0x1}, 0x0)

09:31:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000], [], [], [], [], [], []]}, 0x934)

09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x6f, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:54 executing program 4:
r0 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000300)={'bcsh0\x00', @remote})
setrlimit(0xb, &(0x7f0000000340)={0x6, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r4 = msgget$private(0x0, 0x40)
msgctl$IPC_RMID(r4, 0x0)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r5 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r5, 0x0)

09:31:54 executing program 2:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
flock(r0, 0x8)
fsetxattr$security_ima(r0, &(0x7f0000000000)='security.ima\x00', &(0x7f0000000080)=@v1={0x2, "f311ad4df8bfab414a8629f9da618b8080"}, 0x12, 0x2)
socket$isdn_base(0x22, 0x3, 0x0)

09:31:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2519.322415] Memory cgroup out of memory: Kill process 10545 (syz-executor.5) score 1103 or sacrifice child
[ 2519.332425] Killed process 10545 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2519.345090] oom_reaper: reaped process 10545 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
[ 2519.418257] sctp: [Deprecated]: syz-executor.4 (pid 10988) Use of int in maxseg socket option.
[ 2519.418257] Use struct sctp_assoc_value instead
[ 2519.433460] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2519.442192] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2519.447609] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2519.456534] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2519.465475] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2519.474385] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2519.483323] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2519.492182] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2519.501080] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2519.509497] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x70, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2519.509497]    program syz-executor.0 not setting count and/or reply_len properly
09:31:54 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0xc000, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000140)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={<r1=>0x0, 0xf6}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000000c0)={r1, 0x3f4ce78d}, 0x8)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x200400, 0x0)

09:31:54 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000002c0)=r2, 0x4)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e20, @multicast1}}}, 0xfffffffffffffe81)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x71, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:54 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x72, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2519.756624] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2519.756624]    program syz-executor.0 not setting count and/or reply_len properly
[ 2519.777675] sctp: [Deprecated]: syz-executor.4 (pid 11310) Use of int in maxseg socket option.
[ 2519.777675] Use struct sctp_assoc_value instead
09:31:57 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac0000000000000000000e0900", 0x2e}], 0x1}, 0x0)

09:31:57 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'team0\x00', 0x2002})

09:31:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000], [], [], [], [], [], []]}, 0x934)

09:31:57 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x73, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:57 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:57 executing program 4:
r0 = shmget(0x0, 0x2000, 0x8, &(0x7f0000ca9000/0x2000)=nil)
shmctl$SHM_UNLOCK(r0, 0xc)
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
add_key$keyring(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa)
add_key(&(0x7f0000000500)='encrypted\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="ef5c68582f0527a1c2c6a99083dca76fe72ddc89635e1f0794fe06a0563b281fbf521e8dce2c238efdd4208cd033925556e71e059eb86fdc1161984a18b61722564b57ec9a088492ad48f62b6b4c7465f6bfa8a4c78e83380f82fdc8ab6e64f5c9ebdb64dc7b1c30842ffe7fd14e3dcb3dd528f879839eb10473211e98ea1ae16e73c80f6655", 0x86, 0xfffffffffffffffc)
r4 = add_key$keyring(&(0x7f0000000640)='keyring\x00', &(0x7f0000000680)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
r5 = request_key(&(0x7f00000006c0)='blacklist\x00', &(0x7f0000000400)={'syz', 0x2}, &(0x7f0000000440)='wlan0\x00', r4)
r6 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r5)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000340)='id_legacy\x00', &(0x7f0000000380)=@builtin='builtin_trusted\x00')
msgctl$IPC_RMID(r3, 0x0)
shmget(0x0, 0x3000, 0x1040, &(0x7f0000ffc000/0x3000)=nil)

[ 2522.474796] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2522.483710] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2522.488922] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2522.488948] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2522.506774] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2522.515701] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:31:57 executing program 2:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x10000)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffff9c, 0xc010640b, &(0x7f0000000040)={0x0, <r1=>0x0, 0x6})
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f00000000c0)={0x1, 0x0, 0x100, 0x3, {0x7, 0x7ff, 0xc9d, 0xffffffff7fffffff}})
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r1})
socket$isdn_base(0x22, 0x3, 0x0)

[ 2522.524620] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2522.533527] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2522.542387] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2522.550607] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2522.562107] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2522.568584] CPU: 1 PID: 11434 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2522.575663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2522.575670] Call Trace:
[ 2522.575693]  dump_stack+0x172/0x1f0
[ 2522.575715]  dump_header+0x15e/0x929
[ 2522.575730]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2522.575745]  ? ___ratelimit+0x60/0x595
[ 2522.575759]  ? do_raw_spin_unlock+0x57/0x270
[ 2522.575777]  oom_kill_process.cold+0x10/0x6ef
[ 2522.575795]  ? task_will_free_mem+0x139/0x6e0
[ 2522.575832]  out_of_memory+0x936/0x12d0
[ 2522.575850]  ? lock_downgrade+0x810/0x810
[ 2522.575868]  ? oom_killer_disable+0x280/0x280
[ 2522.575880]  ? find_held_lock+0x35/0x130
[ 2522.575904]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2522.575921]  ? memcg_event_wake+0x230/0x230
[ 2522.621565]  ? do_raw_spin_unlock+0x57/0x270
[ 2522.621584]  ? _raw_spin_unlock+0x2d/0x50
[ 2522.621605]  try_charge+0x1028/0x15b0
[ 2522.655870]  ? find_held_lock+0x35/0x130
[ 2522.659940]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2522.659963]  ? kasan_check_read+0x11/0x20
[ 2522.659981]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2522.673784]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2522.678389]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2522.683336]  wp_page_copy+0x430/0x16a0
[ 2522.687241]  ? follow_pfn+0x2a0/0x2a0
[ 2522.691043]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2522.691075]  ? kasan_check_read+0x11/0x20
[ 2522.691093]  ? do_raw_spin_unlock+0x57/0x270
[ 2522.704738]  do_wp_page+0x57d/0x10b0
[ 2522.708465]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2522.713144]  ? kasan_check_write+0x14/0x20
[ 2522.717390]  ? do_raw_spin_lock+0xc8/0x240
[ 2522.721644]  __handle_mm_fault+0x2305/0x3f80
[ 2522.726081]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2522.730941]  ? find_held_lock+0x35/0x130
[ 2522.735019]  ? handle_mm_fault+0x322/0xb30
[ 2522.739282]  ? kasan_check_read+0x11/0x20
[ 2522.743446]  handle_mm_fault+0x43f/0xb30
[ 2522.747525]  __do_page_fault+0x62a/0xe90
[ 2522.751607]  ? vmalloc_fault+0x740/0x740
[ 2522.755685]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2522.760719]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2522.761022] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2522.761022]    program syz-executor.1 not setting count and/or reply_len properly
[ 2522.765657]  ? page_fault+0x8/0x30
[ 2522.765678]  do_page_fault+0x71/0x57d
[ 2522.765700]  ? page_fault+0x8/0x30
[ 2522.765716]  page_fault+0x1e/0x30
[ 2522.765726] RIP: 0033:0x40f456
[ 2522.765741] Code: 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 5a 10 66 00 00 00 00 00 <48> c7 05 37 4a 30 00 90 3e 71 00 31 d2 48 c7 05 22 4a 30 00 90 3e
[ 2522.765749] RSP: 002b:00007fff8354f908 EFLAGS: 00010246
09:31:57 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x74, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:57 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x200, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000001600), &(0x7f0000001640)=0x14)
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x205, 0x84)
r3 = msgget$private(0x0, 0xdf0fab38c832976)
msgctl$MSG_STAT(r3, 0xb, &(0x7f00000004c0)=""/4096)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000340)={0x0, 0x8}, &(0x7f0000000380)=0x8)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f0000001500)=ANY=[@ANYBLOB="0300001011fb24a0524be81f32c5816912de1925651c0f40f5dd272b9e6d8c01fcabea12d55ca4950ee36d4b58ce310028275543ca1b2e197ad976cb5aca2eb6ac50da787ae25bea777e843a2a210771c3c414590eafc427601c5b4360f8570b44abd13a3289b67a65d0759bedc9d720cbedf9c1e346e2e00ec5695179fb37801c32d263deae6baf645c6c1d854986220e643bf228d257865b6307f17e8516ca1ebacb1eae6388055bf2adfcc977f0f9d8165c15824a12caa322eed196239857994f831a36b2f125", @ANYRES32=<r4=>0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000440)=0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f00000003c0)=@assoc_id=r4, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r6=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
mmap$perf(&(0x7f0000f1d000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0)
r7 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000480)=0x7ff)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r6, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r8 = openat$vsock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vsock\x00', 0x200000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000014c0)=[@in={0x2, 0x4e23, @broadcast}], 0x10)
ioctl$SG_GET_COMMAND_Q(r8, 0x2270, &(0x7f0000000300))
r9 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r9, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r1, 0x110, 0x3)
msgget$private(0x0, 0x4)

09:31:58 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2522.823657] RAX: 00000000015cfc00 RBX: 00007fff8354f910 RCX: 0000000000a704a0
[ 2522.830937] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 00000000015cfc20
[ 2522.838217] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
[ 2522.850357] R10: 00000000015cfc10 R11: 0000000000000202 R12: 0000000000000001
[ 2522.857632] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff8354f9a0
09:31:58 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
msgctl$IPC_RMID(0x0, 0x0)

09:31:58 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x75, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2522.934235] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2522.934235]    program syz-executor.0 not setting count and/or reply_len properly
[ 2522.968033] sctp: [Deprecated]: syz-executor.4 (pid 11723) Use of int in maxseg socket option.
[ 2522.968033] Use struct sctp_assoc_value instead
[ 2522.969458] Task in 
[ 2522.993205] /syz5
[ 2522.994436]  killed as a result of limit of /syz5
[ 2523.028295] memory: usage 307200kB, limit 307200kB, failcnt 16031
[ 2523.056699] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2523.075056] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2523.088686] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:80KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2523.120931] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
09:31:58 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100900", 0x2e}], 0x1}, 0x0)

09:31:58 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:58 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000340)=0xe8)
stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = openat$md(0xffffffffffffff9c, &(0x7f0000000840)='/dev/md0\x00', 0x20a80, 0x0)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000880)={0x8})
r6 = getegid()
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getgroups(0x9, &(0x7f0000000640)=[0xee00, <r8=>0xee01, 0x0, 0xee01, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00])
getgroups(0x5, &(0x7f0000000680)=[0xee01, 0xee00, <r9=>0x0, 0xffffffffffffffff, 0xee01])
r10 = getegid()
fstat(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
fstat(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
lsetxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f00000007c0)={{}, {0x1, 0x4}, [{0x2, 0x2, r1}, {0x2, 0x7, r2}, {0x2, 0x4, r3}], {0x4, 0x3}, [{0x8, 0x4, r4}, {0x8, 0x4, r6}, {0x8, 0x1, r7}, {0x8, 0x1, r8}, {0x8, 0x3, r9}, {0x8, 0x5, r10}, {0x8, 0x0, r11}, {0x8, 0x1, r12}], {0x10, 0x1}, {0x20, 0x1}}, 0x7c, 0x3)
r13 = syz_open_procfs(0x0, &(0x7f0000000000)='net/hci\x00')
ioctl$SG_SET_COMMAND_Q(r13, 0x2271, &(0x7f0000000040)=0x1)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r13, 0x84, 0x1a, &(0x7f0000000080)=ANY=[@ANYRES32=<r14=>0x0, @ANYBLOB="b2000000afc175007ff6ed38978213653ae34a747f898c2eeb3c4f45029440c76a0243ab3eae6d87c9bee228f88075c6afbdd79304a48dccdac2da82845a87d3702588588b3d5105de7e18a829353ea17d38c7d59ac3570914096b3fb17177a34f33e5c22432284912a8da1a8d27f60e1413d7afaa9a2db648a5a080579c081c32cb86561a888dc9eaeb3f8b5c87e86b6581f83f4a9ec48e3a6bc69b6252f893d40ba45181fd2a169fdced77ca3ae6d856a421211655"], &(0x7f0000000140)=0xba)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r13, 0x84, 0x75, &(0x7f0000000180)={r14, 0x4}, 0x8)

09:31:58 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87000000], [], [], [], [], [], []]}, 0x934)

09:31:58 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x76, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2523.153626] Killed process 11434 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2523.236513] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2523.239603] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2523.239603]    program syz-executor.0 not setting count and/or reply_len properly
[ 2523.245349] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2523.245376] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2523.245401] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2523.245425] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2523.245449] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2523.245472] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2523.245493] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2523.279408] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
09:31:58 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
r3 = syz_open_dev$sndpcmp(&(0x7f00000002c0)='/dev/snd/pcmC#D#p\x00', 0x5, 0x2000)
ioctl$BLKPG(r3, 0x1269, &(0x7f0000000380)={0x80, 0x90, 0x6b, &(0x7f0000000300)="cb291d6fcc65fc7d3b439ecdcb7e4c97e9f2b548971bc4a388e137a42e198d8bdd365952aa8a17a515a0dbdf83fe536b8393b16502a13557bf93a3471fd538664aed7b96f69118dc1e176ad60cc04c07437d55af4cc9fa85d0438321b5422c6b1e65ccc33acb5287cb7548"})
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:31:58 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x7a, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2523.284729] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2523.301476] syz-executor.5 cpuset=
09:31:58 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x7b, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:58 executing program 2:
prctl$PR_SET_UNALIGN(0x6, 0x0)
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x20400, 0x0)
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000100)=""/209)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r2 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2)
fanotify_mark(r1, 0x20, 0xd24cd8d5a2385016, r2, &(0x7f0000000080)='./file0\x00')
socket$isdn_base(0x22, 0x3, 0x0)

[ 2523.388403] sctp: [Deprecated]: syz-executor.4 (pid 12012) Use of int in maxseg socket option.
[ 2523.388403] Use struct sctp_assoc_value instead
[ 2523.445518] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2523.445518]    program syz-executor.1 not setting count and/or reply_len properly
[ 2523.462415] syz5 mems_allowed=0-1
[ 2523.468930] CPU: 1 PID: 11967 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2523.475972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2523.485337] Call Trace:
[ 2523.487946]  dump_stack+0x172/0x1f0
[ 2523.491598]  dump_header+0x15e/0x929
[ 2523.495327]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2523.500489]  ? ___ratelimit+0x60/0x595
[ 2523.504390]  ? do_raw_spin_unlock+0x57/0x270
[ 2523.508817]  oom_kill_process.cold+0x10/0x6ef
[ 2523.513329]  ? task_will_free_mem+0x139/0x6e0
[ 2523.517839]  out_of_memory+0x936/0x12d0
[ 2523.521822]  ? lock_downgrade+0x810/0x810
[ 2523.525997]  ? oom_killer_disable+0x280/0x280
[ 2523.530517]  ? find_held_lock+0x35/0x130
[ 2523.534595]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2523.539442]  ? memcg_event_wake+0x230/0x230
[ 2523.543779]  ? do_raw_spin_unlock+0x57/0x270
[ 2523.548199]  ? _raw_spin_unlock+0x2d/0x50
[ 2523.552365]  try_charge+0x1028/0x15b0
[ 2523.556173]  ? find_held_lock+0x35/0x130
[ 2523.560265]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2523.565121]  ? kasan_check_read+0x11/0x20
[ 2523.569284]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2523.574137]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2523.578738]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2523.583682]  wp_page_copy+0x430/0x16a0
[ 2523.587587]  ? follow_pfn+0x2a0/0x2a0
09:31:58 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f00000002c0)=0xffffffffffffffe0, 0x4)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2523.591401]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2523.596512]  ? kasan_check_read+0x11/0x20
[ 2523.600670]  ? do_raw_spin_unlock+0x57/0x270
[ 2523.605094]  do_wp_page+0x57d/0x10b0
[ 2523.608824]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2523.613515]  ? kasan_check_write+0x14/0x20
[ 2523.617761]  ? do_raw_spin_lock+0xc8/0x240
[ 2523.622026]  __handle_mm_fault+0x2305/0x3f80
[ 2523.626447]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2523.631299]  ? find_held_lock+0x35/0x130
[ 2523.635366]  ? handle_mm_fault+0x322/0xb30
[ 2523.639618]  ? kasan_check_read+0x11/0x20
09:31:58 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000040)={0x2, 0x0, 0x6, 0xff, 'syz1\x00', 0x8})

[ 2523.643775]  handle_mm_fault+0x43f/0xb30
[ 2523.647860]  __do_page_fault+0x62a/0xe90
[ 2523.651936]  ? vmalloc_fault+0x740/0x740
[ 2523.656011]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2523.661122]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2523.666062]  ? page_fault+0x8/0x30
[ 2523.669618]  do_page_fault+0x71/0x57d
[ 2523.673427]  ? page_fault+0x8/0x30
[ 2523.676974]  page_fault+0x1e/0x30
[ 2523.680513] RIP: 0033:0x40f456
[ 2523.683717] Code: 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 5a 10 66 00 00 00 00 00 <48> c7 05 37 4a 30 00 90 3e 71 00 31 d2 48 c7 05 22 4a 30 00 90 3e
[ 2523.688633] sctp: [Deprecated]: syz-executor.4 (pid 12381) Use of int in maxseg socket option.
[ 2523.688633] Use struct sctp_assoc_value instead
[ 2523.702623] RSP: 002b:00007fff8354f908 EFLAGS: 00010246
[ 2523.702638] RAX: 00000000015cfc00 RBX: 00007fff8354f910 RCX: 0000000000a704a0
[ 2523.702646] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 00000000015cfc20
[ 2523.702654] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
09:31:58 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x7c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:58 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2523.702661] R10: 00000000015cfc10 R11: 0000000000000202 R12: 0000000000000001
[ 2523.702669] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2523.728995] Task in 
[ 2523.773474] /syz5 killed as a result of limit of /syz5
[ 2523.809198] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2523.809198]    program syz-executor.0 not setting count and/or reply_len properly
[ 2523.834867] memory: usage 307200kB, limit 307200kB, failcnt 16075
[ 2523.854646] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2523.879689] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2523.913872] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:80KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2523.936155] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
[ 2523.960822] Killed process 11967 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:31:59 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000a00", 0x2e}], 0x1}, 0x0)

09:31:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff], [], [], [], [], [], []]}, 0x934)

09:31:59 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x7d, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:31:59 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f00000002c0))
msgctl$IPC_RMID(r3, 0x0)

09:31:59 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:59 executing program 2:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
dup3(r0, r0, 0x80000)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000100))
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80002, 0x0)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000040)=0x8, 0x4)
openat$cgroup_ro(r1, &(0x7f00000000c0)='cpuset.memory_pressure\x00', 0x0, 0x0)

[ 2523.980352] oom_reaper: reaped process 11967 (syz-executor.5), now anon-rss:0kB, file-rss:34624kB, shmem-rss:0kB
[ 2524.054329] sctp: [Deprecated]: syz-executor.4 (pid 12603) Use of int in maxseg socket option.
[ 2524.054329] Use struct sctp_assoc_value instead
[ 2524.070550] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2524.072395] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2524.092027] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2524.098144] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2524.107720] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2524.117502] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2524.126964] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2524.136376] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:31:59 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x3)

09:31:59 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000040))
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x200, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f00000000c0)=0x1, 0x4)

[ 2524.146360] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2524.155552] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2524.155703] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2524.168683] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2524.168683]    program syz-executor.0 not setting count and/or reply_len properly
[ 2524.261268] CPU: 1 PID: 12619 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2524.268337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2524.277697] Call Trace:
[ 2524.280303]  dump_stack+0x172/0x1f0
[ 2524.283951]  dump_header+0x15e/0x929
[ 2524.287699]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2524.292821]  ? ___ratelimit+0x60/0x595
[ 2524.296711]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.296736]  oom_kill_process.cold+0x10/0x6ef
[ 2524.296758]  ? task_will_free_mem+0x139/0x6e0
[ 2524.310145]  out_of_memory+0x936/0x12d0
[ 2524.314134]  ? lock_downgrade+0x810/0x810
[ 2524.318308]  ? oom_killer_disable+0x280/0x280
[ 2524.322833]  ? find_held_lock+0x35/0x130
[ 2524.326923]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2524.331784]  ? memcg_event_wake+0x230/0x230
[ 2524.336123]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.340545]  ? _raw_spin_unlock+0x2d/0x50
[ 2524.344708]  try_charge+0x1028/0x15b0
[ 2524.348538]  ? find_held_lock+0x35/0x130
[ 2524.352619]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2524.357479]  ? kasan_check_read+0x11/0x20
[ 2524.361642]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2524.366507]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2524.371113]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2524.376053]  wp_page_copy+0x430/0x16a0
[ 2524.379959]  ? follow_pfn+0x2a0/0x2a0
[ 2524.383769]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2524.388880]  ? kasan_check_read+0x11/0x20
[ 2524.393042]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.397462]  do_wp_page+0x57d/0x10b0
[ 2524.401196]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2524.405877]  ? kasan_check_write+0x14/0x20
09:31:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffbf], [], [], [], [], [], []]}, 0x934)

09:31:59 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x20000004)

[ 2524.410124]  ? do_raw_spin_lock+0xc8/0x240
[ 2524.414367]  __handle_mm_fault+0x2305/0x3f80
[ 2524.418792]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2524.423640]  ? find_held_lock+0x35/0x130
[ 2524.423654]  ? handle_mm_fault+0x322/0xb30
[ 2524.423681]  ? kasan_check_read+0x11/0x20
[ 2524.423708]  handle_mm_fault+0x43f/0xb30
[ 2524.440200]  __do_page_fault+0x62a/0xe90
[ 2524.444288]  ? vmalloc_fault+0x740/0x740
[ 2524.448364]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2524.453399]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2524.458339]  ? page_fault+0x8/0x30
09:31:59 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000080)=0x6, 0x4)

[ 2524.461901]  do_page_fault+0x71/0x57d
[ 2524.465709]  ? page_fault+0x8/0x30
[ 2524.469255]  page_fault+0x1e/0x30
[ 2524.472719] RIP: 0033:0x40f456
[ 2524.475946] Code: 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 5a 10 66 00 00 00 00 00 <48> c7 05 37 4a 30 00 90 3e 71 00 31 d2 48 c7 05 22 4a 30 00 90 3e
[ 2524.494857] RSP: 002b:00007fff8354f908 EFLAGS: 00010246
[ 2524.500233] RAX: 00000000015cfc00 RBX: 00007fff8354f910 RCX: 0000000000a704a0
09:31:59 executing program 2:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x448d81, 0x0)
setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000080)=0x4, 0x4)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0)='SEG6\x00')
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4a4021}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r1, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x1}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x8}, @SEG6_ATTR_DST={0x14, 0x1, @remote}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x4, 0x95, 0xfffffffffffffffc]}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f0000000200)={0x0, 0x7, 0x9, 0x101, '\x00', 0x6})

[ 2524.507509] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 00000000015cfc20
[ 2524.514865] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
[ 2524.514875] R10: 00000000015cfc10 R11: 0000000000000202 R12: 0000000000000001
[ 2524.514883] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2524.650999] Task in /syz5 killed as a result of limit of /syz5
[ 2524.662300] memory: usage 307200kB, limit 307200kB, failcnt 16094
[ 2524.671126] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2524.700286] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2524.706867] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:80KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2524.730799] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
09:31:59 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100a00", 0x2e}], 0x1}, 0x0)

09:31:59 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:31:59 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00000000000000], [], [], [], [], [], [], []]}, 0x905)

09:31:59 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMGETCOUNT(r0, 0x80044943, &(0x7f0000000000))
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x101000, 0x0)
prctl$PR_GET_NO_NEW_PRIVS(0x27)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000080)='.\x00')

09:31:59 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x3, 0x342)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x420100, 0x88)
execve(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000002c0)=[&(0x7f0000000140)='\x00', &(0x7f0000000180)='/dev/midi#\x00', &(0x7f00000001c0)='/dev/midi#\x00', &(0x7f0000000200)='{\x00', &(0x7f0000000240)='/dev/midi#\x00', &(0x7f0000000280)='wlan1\x00'], &(0x7f0000000380)=[&(0x7f0000000300)='/dev/midi#\x00', &(0x7f0000000340)='\x00'])
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000100)=0x4)
syz_open_dev$sndmidi(&(0x7f00000003c0)='/dev/snd/midiC#D#\x00', 0x0, 0x101000)

09:31:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000], [], [], [], [], [], []]}, 0x934)

[ 2524.741667] Killed process 12619 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2524.752899] oom_reaper: reaped process 12619 (syz-executor.5), now anon-rss:0kB, file-rss:34624kB, shmem-rss:0kB
[ 2524.833070] sctp: [Deprecated]: syz-executor.4 (pid 13246) Use of int in maxseg socket option.
[ 2524.833070] Use struct sctp_assoc_value instead
[ 2524.866256] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2524.867013] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2524.867013]    program syz-executor.0 not setting count and/or reply_len properly
[ 2524.878729] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2524.919018] CPU: 1 PID: 13242 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2524.926056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2524.935416] Call Trace:
[ 2524.938015]  dump_stack+0x172/0x1f0
[ 2524.941658]  dump_header+0x15e/0x929
[ 2524.945378]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2524.950495]  ? ___ratelimit+0x60/0x595
[ 2524.954391]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.958812]  oom_kill_process.cold+0x10/0x6ef
[ 2524.961279] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2524.963326]  ? task_will_free_mem+0x139/0x6e0
[ 2524.963350]  out_of_memory+0x936/0x12d0
[ 2524.963367]  ? lock_downgrade+0x810/0x810
[ 2524.963386]  ? oom_killer_disable+0x280/0x280
[ 2524.963398]  ? find_held_lock+0x35/0x130
[ 2524.963424]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2524.963439]  ? memcg_event_wake+0x230/0x230
[ 2524.963459]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.963476]  ? _raw_spin_unlock+0x2d/0x50
[ 2524.963495]  try_charge+0x1028/0x15b0
[ 2524.963509]  ? find_held_lock+0x35/0x130
[ 2524.963532]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2524.963552]  ? kasan_check_read+0x11/0x20
09:32:00 executing program 3:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = getuid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000280)=0xc)
lchown(&(0x7f0000000180)='./file0\x00', r2, r3)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={<r4=>0x0, 0x1, 0x20}, &(0x7f00000000c0)=0xc)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000100)={r4, 0x7e9, 0x30, 0x101, 0x10000}, &(0x7f0000000140)=0x18)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0xc)

[ 2524.963572]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2524.963589]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2524.963609]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2524.963626]  wp_page_copy+0x430/0x16a0
[ 2524.963649]  ? follow_pfn+0x2a0/0x2a0
[ 2524.963662]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2524.963677]  ? kasan_check_read+0x11/0x20
[ 2524.963691]  ? do_raw_spin_unlock+0x57/0x270
[ 2524.963708]  do_wp_page+0x57d/0x10b0
[ 2524.963727]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2524.963741]  ? kasan_check_write+0x14/0x20
[ 2524.963755]  ? do_raw_spin_lock+0xc8/0x240
[ 2524.963775]  __handle_mm_fault+0x2305/0x3f80
[ 2524.963795]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2524.963810]  ? find_held_lock+0x35/0x130
[ 2524.963825]  ? handle_mm_fault+0x322/0xb30
[ 2524.963856]  ? kasan_check_read+0x11/0x20
[ 2524.963875]  handle_mm_fault+0x43f/0xb30
[ 2524.963896]  __do_page_fault+0x62a/0xe90
[ 2524.963919]  ? vmalloc_fault+0x740/0x740
[ 2524.963937]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2524.963952]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2524.963964]  ? page_fault+0x8/0x30
[ 2524.963984]  do_page_fault+0x71/0x57d
[ 2524.963997]  ? page_fault+0x8/0x30
[ 2524.964012]  page_fault+0x1e/0x30
[ 2524.964023] RIP: 0033:0x40f456
[ 2524.964038] Code: 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 5a 10 66 00 00 00 00 00 <48> c7 05 37 4a 30 00 90 3e 71 00 31 d2 48 c7 05 22 4a 30 00 90 3e
[ 2524.964046] RSP: 002b:00007fff8354f908 EFLAGS: 00010246
[ 2524.964064] RAX: 00000000015cfc00 RBX: 00007fff8354f910 RCX: 0000000000a704a0
09:32:00 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0x14)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x80240, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000001380)={0x7f, 0xb7b, &(0x7f0000000300)="ea8a6fa0f561b4bf743ce25587e05eb4fe2b7495d7ff63213eceac47186acffe4e695c5ae0e3c096eabf3f13d59fac828af01738c0515f9f6b30c3af7cc125e0d0bdab29f2d91095ae10ecb30bb46428b22b8d2190357beea3bd4bd5e3f74d31e5af828ba6d2723401ff274174672b2efa9f397d578d25d68f874e246137909da9efe5967310290ea0ac32177cfc0559439d2ce7fff82afd410b00f686b4b21faade6e78f80440f354e4f0349a3a06bb253bfd2c0f7d0554bf786369322f78773dc519dda5ca9c51c4436c3b8cb8e040180cd7324b73152d863db2c3ba1333117c4b0f8fa8215ccf50b305bf699ea23ccd025275556c3487d7e7b0c7805c663f0d514706a27d714b50140558ff7aea3afebd7f6cdbe1d99d53ccdaec7247276945216a42236cc78d6eb515ab2ed210d295106585818be6af5d75813df881a255b58a84f5835e63556e74ce8578a96cb858d51ecf1d3cb5028c74a6b22bbd8c25ef453df9ecba52ebbb09b9c91027961afc64fc1a759987bbcc1dc3cac9569ecf5c132dc55a8ee67881199ef33a01127020a843501907c28f1142e189d60f9f4d7918d69331ec73c0f3d323dc149d1f882b6a2a75bb7659ef3f1dde7504ddbd28706768684a7449c88e8bcaeb35a8774c0090d831afa8279db2a18cdf8a6c97adf7641d068528e93333bbdf2093f8ae4b15a2cb18901b590eed206f915a755f82cddc8c86f3871d48af4ef00ce8713ec851fa798c8c2923faec6df25bb03a370365343f7b920e8f00f30103a30db81f508a033468059b232a0f12e8025c462bfae82aec8855eb0ae3506fcf796d768d6cea7d14cb2f7b9e833c13b4a9abebba5642c8751431d2fb2a3e6fc92e9289718a5163da15f850dc91b96850d134e025e48358bedcfe362f717b0b30986976d828bf734cee17b92e52a845c81bb560e1e32ecbd2352a2a9c719ffdf6ed3d3b385279073966c8addb177d3ea807d461cf0537aef6d0472eaa5bef665f53dc2f0bb8c7a9e4bff6704bd850ddb02b22c545213be5264c42d9b7c84ae4b909db90c6da4a234b1cfeb0252a3e33b165d54518582a841bc31dd10fadf2dd5409cb613085bdca089b04f9dbddc013b8233b61e97c8d6ad81e57287ae83d59a97f13907b50103d678beea83c153da5c4bdb640c99b9b9992dc8a616b73de14d151a0ff82f8fd3b9f42f48973e1ca003750d6d4b69bbe3184b648a1c7ef97416cb3249526b914c23451f50a6f4ef6195c3b75baf3b7acbca5fd82bfdd4a46cf137fa345b2bbf4e9de4068e4e58de7fc4929190ccb8eb34469d04d7b0e9cc777ca41c422193ab84c9bef71df2c28e546af21aac9612798b60026211b9896203708b92e6a7ccb6934c96c69cee97678b33128aa7bfe68ccf56f3f4ddce8cdf2eed1ea2d343566c97f3640530468c80a2b6e90197bde40f321b67c09727018fe6210c603f5cd43c355f9d73976c14fcbd15358e78989a0ec2533530f4dc26a688bffedcbb3ade90c669c88c77ec62c8ac93834ebab3e72b42d44ecb3d7db6fd11dc658b6658cdf3e66b223f8e36f59934da52bc7008250d589c292c912d12330bb0d1fc2159c079537bd11e06c9bb35d8a9d1ced5b998bed533dc760850b624ffabd69f4950a7dbbe024ab99a5eaed5c2fd170c5cf3f9be5e172342c72c836fcb776b69fa779b50bc70f984cecfe4aaf7b20762c7f795c022e60cdc16d0a6b97af7442ab1c54b28b72ccf876fdac52fe70083c99534f00242810c7a299406581a84b9b9f82a3bedc18e487f97b2e9112bb0a864b0e1863329bb4606af07608c50018abcb51ce57472c877f2ae489ee56a669e428d2fa05f2ba264005e4d1b0b62a252f87f341514ad1e529c45b26124718b721b211d5e9cf33b2de617f46101143d314c5b2858995004a429cd80219a383839b9dcebeb763592acff508916236e857718df7863f1ade24c68ca5f09236e8de4981ab912a726d5614395a54d80d0609b1ad69aca9c854df2c6f9c9b480814b873aabe31a6164ebdae0d0518c8012e80727048c83cd6842366bd9f53933734074d8a564237e7907e583a13db968c1c2e440b53388d1f377f56d731bb0184f3ebeafc9ed3006f31704eb85347f32112f0ac814b0f44ea026878ac88262862cbd265a86a10570246e931020718f508ddfdcea96449d0b0ce8b264096185b4e7521c3752c79660e4752a99ac27baa255f5f974fa59e6439bb268f0fef5b4964e753cfaa865b0e46ba103306ac2818011803e456e8789e68067306e2c947503c7fd4ec8fa3f379aa4b7d53b50df0007cb34a87916b12820c5d306446b6575c348a403efa169773654e3134144e0f591d36d5aafd2e949e900ef61e92ff87dea2453af55cebdb61d70d4192034a0b6c66ce6d6fd9379d6f0cc971b5927d5eac16a75a4873f2989dc69917ed798fc2834e4454c962275ed76ea4a15ec4d5c738202a381ba0a5de25e15cfedfdbe2940bfc425ddf7f071b8fe093dd0af3a341a422f382b57bc1e7f4255c3795ea74be23dfd881710c21201c1e12df351d0152c8712953294d22c04bfe109b4d934b01b00ac2b8ccdfc9df05d9da40c9a747147a1b2d9bf8eb9fa5c28c4982c9295054ddf2af82f2524e4538262b410aaf343e3ad40b9f4ef36e4baa3a1d67def658d20d50542b9f3e5dfb3aa532cba7383ffb47a6e597725a8b70043c329e364817670d8659b9c8313c67e1444a77f5903b605671d55887bbd21764d143ec579dd9109822755affa8e2747161214fdd6a0664aeefe96a0a3e97ee01c9379967bd23df95946d18e73ff932b37beb60a4926921f96b2d8dd574f451d045c5b9dbb918aed43e29dbe5854d4ea77ac0896d7b762b9c20b4b5089db0ad32dd9d42ea0f0c6c42d2a366f2fe44fdbe7949c3f4343e08f557e6260cc84e5807ad9c6a1949f997dfe49f6e5f7c86afdf837e66737e4f4c86a4f5acb56ab3ca4e364928f91dee3a368c0bda1d44fae38fc5f5c22f515079b6a8c4152a5d62a6477e105c4412c72a4718d1da48b33d3ffc79c643a8750fb420837218a0ccb7c40982f8db6569b4e920a6067ce717f8efaabf63c2ae26a361cbf5d929644e8d4aae9b557d7da2b854626f75b9af6f3371806b4549cf21e4294c17f662e9a39b5b1ebdde7505eb5b07e0613970fb765019fb5ffa9bdf1d157f141fd5ac13fdd66c9702ad2075f2a2c23f2f40d78a030992e2de3be34cdb40f7501a791f37d160ae26b4bb528db887e2926b8d248e3f3b20bafb4f53d4676db982ea2debd9e597e1c45791363c84f6c15739acb089332626c7ac4efb2eef1131b7091dbb0e055bab903c815d4256125b48c802d52cbc8542abe213541c9c5e935c290fc156de2bef08ecfc8aada40f74598f2a36224c7d7fc4595d457a45658f9c706cfb276a73893e0d1513d7f377bfbfe33b3ef76aabbc9de4c2c182ac7e2e044e42ff6786bdbb7cf4422cecff7a80537b78cb7bb393c571d9dc5f2cb2e1f3286d0ec4ad1dbbdeab9dd2234028f3f27aa14296a0479ed501518886ae44e6a3adc6f9accb87e755552efd31e3f68523066dd99dde5065b7b1e279a3b0b053f8341487c8935d1b6d6325cb928025ebd919c67478c71946d110480499bd931d35d27bd59862262e3deaf195b611f847024ef003142ad3174b5cafb835c9a5a6f02d84c781247d85f66b8c662ab4469de570e1e503405c53022651c5efd9b881af7bfd7e0a73dc69b8204824fd632808a066ff8f02c09adce96952aff1beebac05cb40b536fe71a4852c61c4768f73dd44743bdfcc78ad19530cbc7388912740fd64b58ff0a9ab35faf3e70dbcde71e7b4ba10285f43616a4c8171b6727e3c7831281890a328dd59db4381362171f4dd280bf9475677ea5db75771e17a984fdc1375ecb9e362580ca857f92dedef622e064ab442e1c3c3779115b9f0ab5787575018df963eeb6c9b13530660f7456804b568aace3638c6ce9bd9a96f9ab4654f37f10f295e1b6275658fefbd0984199afd970cecd10fb33f2a9ce48c74d426785b22239d1611003faf4d09cf2d286b68e5206e5c52852e1067d5a770b205f43dee00e9001cd4a10a7ab7e1a352a7609a141a09210d4aaffd23b36f9cf965d0e28b8b93eb69e7577ba041fa88eb76b5ad033f78f03f6a24976b327b5cf265a0a5954e91f6eed1d359aa8f8d1ab6dea48289c6668abbac2feee0dc063b29583d0543decad17f3e6f5172387efb63168db1d1c0534eb3efa65c1e35a0c7b166d684799978f46fc0eb739bc46d85b96e0f0f9bf6b12bb04e0e14a98c1abbaf9a6e9032558cb3aa68807ff38557e6ddaad108abcb91ab11f17f310cec30668daa275b2c23766e7b54f3a47a39abccafc2a757c9d833a5c9a6ba3776b617756c4e6abc48c491b8b758f60895589a15706b59497ec9fbc07b6777b8f192c7ac7fdd7b649cf9a737efafa09c748da03af0d8f1cd57b57561c8361a731bc2bc7b61e6c4956d8fefa2833379ece7144826adf2add3307b8ea7153cfea3d84ff93051911ca6da8806f915bcf01b03f798a51039038615763394374a25d67ffb557df36e6053fe864571fe9816e70e2901049e5261dd6b436ecc91191a59bac4e86fba4ec2937d1176894d24932c8980f9175724431bf8b578446c1dda3e805838f516e0af0d735186a1d45c8309089199d69a2181234b437eecf70cd2cd00653bca6419230231c45c35d4ef4b5b758e2351d882885067266acde666b2abfceb1a2665ff9fbbcdb691170821b2628f6fe30565ce7c7106fc06727c7bd0871d4e49456cf8c3a9625d6039ace7028a0cf7f2bef2e8e130cc46c8de6fb67d3c751dfc3bee562728be66ded37d2aab7f020a7fc5ff7a81c22d797cc1b13773a389cba0bdfad36a08f55318a4b9167caef0e11f2658bcfa01c649e4587e43cd57f0ab674aaa0577f186fe775069d8549f8e619fa8245309746d07a852bbad95399b7ec5fb6a6f34ec68ff2ed7b3e995ba9ab54dd4e66ffcc6d2f502b5f472bcff5e04dcec7df7cad96a8aab66163f7784ce0d72eed4bb6338d4d9db424e044a63e50fccc32fd727c5011514fd2a665d45067e609fe0f2cbf5c3841310247a4c6a911656d4b7af0602e9e01ada8dd1d94e706971d495750e3bb17ee2426516365cefaa2b939fd35fafc693b0b1dbfdfac30d753526f03e006f75f409722b2b190f773c5e806919430e5342b54333635bf77520eaacfe96aef101f20ca77a376221361980ec146a37c986be313419a73f08fc23e11128531de8d2f113940c30cf6d40b78e9f04d32097fb6d80d4081fdf41e591e558229cd3cea6fb603f86834b70614adc018fe9e876045daa2c8635997c4de4a572ed17436468f6a64414b28c6e0a94e59f660216d74ed8ee1772e48ec0f7f6a9ed25807ddf4f9e1ee3b13c16f780248b665d350e61bf194ad9da64eb598ce7136b1591b592096fe1a61744c01709eeee1beea38548073a0e6034b8a6d5ea8b2dadf9fbcbffb7622587f8681059a6a95f87b44483818c3820b69ee81f3eed8981c6b521f6abf24480a7bdadcafb29493f994014413133d129dd6176878e9d9a8d3602f169ab34be0f9ba9e50f57e3904750ab9d517ba7930a14c92c9af291191ee5ba91dc3ec68d31aeb0e92f5d5745694e09ecfd8046322abf7c0ebbdb6532768087e604eddec34cef8a855b545ee1ccd4af4ac4923484cfde6a32034d7ae110dc7c10ac16f0811e5b63f9d92348eea1a046572039b8819b605a90607d4f2a", &(0x7f0000001300)="6004dc2033316d5b3f3c7f6b5e4154f39c7104dec7ee87bb05dca4581fcdb0b966aa7c69676b0687709d86d751e27eda4a7e1e9138479590adff5acc57c3d48aea6a573d09ef02d3f1b705dac777aba5c3d4358963c93bc76fecdf", 0x1000, 0x5b})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0xfe)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000001580)='trusted.overlay.nlink\x00', &(0x7f00000015c0)={'L+', 0xfffffffffffffffc}, 0x28, 0x3)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001400)={&(0x7f00000013c0)='./file0\x00', r1}, 0x10)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000001600)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000001640)=0x14)
getsockopt$inet6_dccp_int(r0, 0x21, 0x6, &(0x7f0000001440), &(0x7f0000001480)=0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f00000014c0)='./file0\x00', &(0x7f0000001500)='trusted.overlay.opaque\x00', &(0x7f0000001540)='y\x00', 0x2, 0x3)

09:32:00 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2524.973079] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2524.977303] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 00000000015cfc20
[ 2524.977311] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
[ 2524.977330] R10: 00000000015cfc10 R11: 0000000000000202 R12: 0000000000000001
[ 2524.981399] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2524.985422] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2525.056442] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
09:32:00 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x800)
getsockname$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000140)=r2)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000180)={0x2, 'bond_slave_1\x00', 0x4}, 0x18)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2525.066138] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2525.168558] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2525.224980] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2525.261198] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2525.270267] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
09:32:00 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000000)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x7f, @mcast1, 0x6}}, 0x56, 0x7}, &(0x7f00000000c0)=0x90)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={r1, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x25}}}}, &(0x7f00000001c0)=0x84)

[ 2525.279580] Task in /syz5 killed as a result of limit of /syz5
[ 2525.295695] memory: usage 307200kB, limit 307200kB, failcnt 16113
[ 2525.326025] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2525.326025]    program syz-executor.0 not setting count and/or reply_len properly
09:32:00 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x1, 0x0)
bind$bt_sco(r1, &(0x7f00000000c0)={0x1f, {0xfff, 0x1, 0x0, 0x6, 0x3f, 0x8}}, 0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2525.388827] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2525.407942] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2525.407942]    program syz-executor.1 not setting count and/or reply_len properly
[ 2525.425050] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2525.449985] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:80KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:00 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000b00", 0x2e}], 0x1}, 0x0)

09:32:00 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:00 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:32:00 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000280)=0x414, 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000040)={<r2=>0x0, 0x9004, 0x30}, &(0x7f00000000c0)=0xc)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={<r3=>r2, @in6={{0xa, 0x4e24, 0xf7c9, @ipv4={[], [], @remote}, 0xfffffffffffffffc}}}, &(0x7f00000001c0)=0x84)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000200)={r3, 0x1, 0x4, [0x7fffffff, 0x9, 0xfffffffffffffffa, 0x380000000000]}, &(0x7f0000000240)=0x10)
pivot_root(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x4)

09:32:00 executing program 2:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000001740)={<r1=>0x0, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, [0x6, 0xa5, 0x1, 0x7f, 0x1, 0x5, 0x9, 0x9, 0x100, 0x4, 0x20, 0xfffffffffffffffb, 0x7ff, 0x10000, 0x2]}, &(0x7f0000001840)=0x100)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000001880)={<r2=>0x0, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}}, 0x8, 0x80000001, 0x5, 0x0, 0x20}, &(0x7f0000001940)=0x98)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000001980)={<r3=>0x0, 0x6, 0x1, 0xff, 0x6, 0x1000}, &(0x7f00000019c0)=0x14)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000001e80)={<r4=>0x0, 0x20, 0xbc}, &(0x7f0000001ec0)=0x8)
sendmmsg$inet_sctp(r0, &(0x7f0000004c80)=[{&(0x7f0000000040)=@in={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000080)="e7d9c6f382d187096ceb6f37b3e9b9957fe244f629359616082b7c00ecb0ccbe4a57e952cab839f2151762d6d4a1b38b3367b8c99f4b2e", 0x37}, {&(0x7f00000000c0)="e3c15ed167383bbd9c2bfdce9d5499a39cee04d5b1c43d3e57", 0x19}, {&(0x7f0000000100)="4cc11b70cef80dbeada4e44df1a4e4ef7fcc705fa4a706bf48edeb8901467e17e25f7b1cbf055812ab46de9a615cfed2a733af4adab3f7b03f85095bc0be13ebe9cb33a9f8ef66523d6bec321bd8546cb511d661a8", 0x55}, {&(0x7f0000000180)="f8d7256f81688db29cf13b6cf847b8ccafbb69ab1d382de5cca111b6a3d846e70486bd5ce4cab2d03f8cdb36c16fb77526bf36dc0a2c46e0014f69b4d216368a045e1a219633423e1d7aed8630e566daec6a822556a11ccaa6f5d3650cbd57ac36c9a5fabdb4345a1c7d44064a9d78e6f253d8d43dcd8e72f1ebdcaf29349a9bcafa41cff04e694d9d9daeb2ede5e180b6cd0a386f38092a5b", 0x99}, {&(0x7f0000000240)="9f9e8e7b9df1e5f80b753ec9cc3f366c10f5d890e510d64041f359a71460589c90fa6c382e34884f67e84e6078f2dae5a075a70cabea9e05e296dcabf36e28af156d0a725d337c42d10c4859dadc820cd94a6f82f63341691543115bf0b3dc12338bdc930f86b6c4921862495d09a7a1950faaa39093f6ab502ed5f0ae50fe174bfa6c5801667b7a34d813a26e6033b40a9fb3984fdf66f5", 0x98}], 0x5, &(0x7f0000000380), 0x0, 0x80}, {&(0x7f00000003c0)=@in6={0xa, 0x4e23, 0x3ab91169, @mcast1, 0xfffffffffffffff7}, 0x1c, &(0x7f00000016c0)=[{&(0x7f0000000400)="482e935faff0ae9d45a097381d500045606f02ef8b9925164dee0119c425ea091b49b310dac7b93207e99d06986e3aadfd932326cb1dd26a3263ce034d1865a5c00d03093d25d86e53e050e7095dab7e89b4f96c46554928b385cbabec8d47c5d2392aa6a3c3de912564f21a376b29efbd1d8cd49d7cab38f6788c72a132a088538e093cbc75165b97de5157ce82e10a811b880b71733f71ab99f1196dcfdbe5ae747f1ffbde1f20473372986c16995d1c0b23aa0a41498937f4d3a7697608e116ce684b489bcff3917b1df8f2ce46b84f296dbd1da4", 0xd6}, {&(0x7f0000000500)="df00ddd632abbad51daa0e67024ff21d593a26b3ca7afcb87a8b186a769009ce15bc09ad6da0719f2716fecddf9831c4e01a7e4227bfaac8839b8ba768bd5d58af4bb4704b36cce77225a6c8d181299c0a4ae5e377f62995f7807580923de0f23dc5a832df4e3bfd6648f63c01a7d6c84d8564379057831fae9334efa4ffc4d8d605a788252752745d1a052a9d0180f15980885f21e86442173f74431caad0", 0x9f}, {&(0x7f00000005c0)="2fe7c5dd1adb99ccb5093718753337487cc10b7f3e260140f6229ef5cd29a217c18fd7ac3c963ab427a900efdd629091fc8eab99a724e5e08f", 0x39}, {&(0x7f0000000600)="05311d74b48cc5beaebe75a7b4a5777977bec0433b90b8d680d3f0b309c1f0a87add2f80ff8ece79392678d9822b27166b4b1c22d2e91e8c8696582a8458d78546265ec3506ac5266ab0948dbfa346099f9085da4e220fb7fe7a46c9ac0e788328c4bb8c6aac18176dfbc69ae68613c0bfc3d4297f8d83eda42d1a2630457b6ad10802000174f7643d0bb6728fb34bf56669df12dfdcee6c9ff153f226f574ee6282c4261e7145679fb2b20d42259d424465700e22f7896b88c1764da59f4fb34e6ef27244ae492a03adf6271a3cfd4eb2ba8204d29e2173dbaeffc098d2dca14bd9023b969526b0404b290b7e1bfa0c49ad798a201e3b5636f18fa7fa7cf328a2622e3b7e89d6716ce14e8b8453f365936a2437ab1fb5b57bcb4a4a443150b06ff04a33e56d30412a0fdc2c707fd84b40592f864f826fd8fb55ae834af66a99c1043d358fa2c5033bfb1578266378f7cc7a98f72f6603224376d43f9801ecd04193632d43c42af1cdcce3921148dd6b14a4e1b37e39f2d067976884b78a942b609fc4b1ffb2393dc3c2d8288e33956e872b4329b4cbeef41cb797cfdd054355c47b25e9bf4d7d5f0cc60752c0058da6b2439c43684530f02f224d3eb4aae2fb9bf4b0257e6e2d5652fbe61c157721785059b9d856bca473c0fa2d6ba7ac7add40ef802a37b1ed5d7141f6f5fc997ab269995e677227ecaad0eedf5efb231bbfe51fb3211346468dca940b95d1977d731afbe2b79ba0723ab38320c3cfa0fec44a91a4541f71fdcf90159800537c49c6e4a739c6f4f0ed6f672c4fd34f0e75a575e270f116272fac6e3509d62d4ae547fc519639c43b3b6c2821dba58df9d17d29e9ef4d83f525b1e1b81d89e40f7a648e02d69fbdfb9babc4be80ed5401f058494424e1414db32cf6df70eab0dfa0ff777cc1969b1e3fbfd41ced5d8066b8dc95e6ee949379f159a5b1455772240fe3e54955730bcf047bda528fb4603889b66a6dcf07ef805d9debf6bd34c5c86ba1bf6f1d30b2025cd2836c22176191e1f2815359ba4d4e20e17e766dbd1ff3a1e04720025f07251e8c4fc5331ceb7188dc352ebf7dd9b88e8b5c82fc218398656024552dd6189cb1ce4e41e1b135214bcce20d6e2765e5cb75e7aaaa3affccefb07ecd9676f240e5d97e8fd530d22f1d959fe6e3d05c1aa12dbb9137cdef491abe53ee6c910f517d669efedd0352217388aa2a8d14c39baca74d76ac60f9805f64e84d219a6c38aaa07d2b0262ba35bfea55d935bb0cee3cc5baa1ebf06c2c4d30b178cb7464b126ae81a563bae11a786204b4b2503860227abaea9513c0f85d84572ede1efb969c35cf7af0dd585ff550764977993836c0d247bde5a1fc3ea39d5a4c204e40e150c434547a75be59f4cb4083211de2ec401f955c95b14af7ff691ec57c0e863c423d9916454ac26248665b6c09c2ac84852a535717f42278173b1fd17128c209a9bdaeaac1b0cc66940154d47aac4446f204ca355df629569a9b269be5c5e30a588b70151652e779aa2fa0fef8cd27df9e561a7485d2ca4ce2862efe4e56f748c5721c9aef33f10a0800de070f7fd756de48faaa94ae9bd0958d848ce128b535d5602a6e3a7c01f845a9f68ca1400c6a083bb6152b55de04fba3928fa029acfa5ea4f10a753afee1d2c2122269e19b935e95e48a7c9104c66275b49aee778c74cd4a9c9690220d9176876d467b611320487deded03d5edd3c483534de83594d3e18590c7ab3aa3ec97ece27f2e629bf40e47a4a53f2a545f596b48011abd3c22ab143c83b9161702d395500c590f877895e7eedf6db86fd2462eb0b1e01491b1ff607de30b782cab2f82a8efd860a91fa795b36bde86793707537072042daea0197671ec4dbf880b491bee7f56321303ecd702ded23545895af150a25efff3466ced1b4e907044532917b4ee7b270e85d421f518bc72cc566b2c550bdd281c88242d89db5bcad0e69d779af3b3460d80abbc0ad5a93948f0a8c3778c029481f14386cb8b46fe85fc999a8a7560fc444e27193529d7648319a026b17fb4793319fafd93c18ecfb3774f0c9f41afb112381c1bc148f789a36cf65ed48fe1e89abec0c5a8f050bd0aadbe1a5d8809f524d1989c277bb71767f01c4965adf39214c1a28fed085f2045cdc15d20fb52531e5e9c66ffd196790e75872ac32f2a54a624ad6561dfbcc6186422bc78274a184a5284461e638407b7cf498acec93d1942fae4dce92ee09ce06d0348d79290e719eec0aed2069d97b6877567e16b8edc6e554185ed482995988eefb65e59650b837870bf443243b3e95b8e48e826163d31b84382ccb6c988d96058c001d0b8216f0f8def63e7d285216a82c31380b89650660b1bd2202791b3f32049c26f592a7420475efb515e114b6782c899d9cb574409c043b3255cc96f8c197e2dc1ff8bcf1262f4a72870299f4805d398806a64e6e799478afbc5f881e816ecea75cfed52a3fa77dbd4462fc1055150a9fdb2b5ef82758aa69cb5b6f939b32f6ccf8f8e267356861a699a64e7a74275f70e72dfc7eba938fd8ff3a40b85fcf4713e913e74eea19b5265b5aa99dde8760a605cdfec2cd8140ec99d27f34ebc2b09fd2cd80d50418981285934fc39d94b4af14fcc09c503fc328c1cb49a8a1dc5743b7a1654043d30655b019867debd9f673f6ef7bd83d9eda250ab6f5e19de3638c186c05dd84df6edaa3d42bfe0b3c83206fe66c28886fedbb0a65a906a85714369b2cb9a3c3d0efaa4566d1a0ee470ec216e4c70e00e62ad8cc1a264747f37b61500dadd182bb55c70982820dab86f8a0ae91c14f43febd003f240103dbfa0c64cc778e491a4a31c33350ee82aab8d78ed0950de962ac50322d2cb2b5ba0dbc60af9f704169cabb37e0139d09a6064af2048c3a72070ea48a9384ddc36b4e1b7a7c08517e4076a81f419961001e3d08452262bfd35b44a8ba222c05758f745ff135581b185c80090c6e10418109721d9fd8f409aafe02f91e1499f02bd97f9469d446e2aa62c02cec8052b2921b4e0f49f8f203a02699f1022221afc8a9b35c6b257b94a41caf7512757623fa8a3ad0075dac9ba41b43625ce471db0c3298a5bc2ed18558237590478485de205d267dcd1462121dbc22b562339eefb09c443ca512cf2c5e1a05395f03fabfdf2bd685dcd523192209bf86b25f87189789aba40422c592ba1e4a3d3a38813aa9300d3207fe318def0ad76c444c4e90108746efcd1187e7026f5251761331d33ae233ab592623e01c45a50d0104770c5ea188e25afab18d509151713b8d3d895e20a4d62220ba76cb02b916647ec9b7f27edce46534079cff7ac8f1fd1d1e4c5a8a9a142b1c94503270f6f9d457cdb3ecb4003f0698cb6b3f136fa982c46304744338f08b97c0c59d4df2992c26d10b02516261e86dd040edc9dbc04c5ccbcf7e400a595239143e62255d8c0ee4f4bb0fbd4adaa2c4ee71afcca355f7e034357890e737cab8ff7dd597f69e5212de2e7ffcb47a257e79b265f0c288758bca0ccb8a92b823849e9759ecf43a341609ec4dc29f529e48db00ae01788a2a968b8523c41cdc13ea9efe2b19fbf5379fd187e3004433dd34a7d551cfea81b1ab1def7e679608f6b1e885e7e89a3b1d8039791b3e6d94fb66c3f562c7ab7c06939674a7e59a3980fcbbf0d15f5e51b05f9e3155582d1992a9af039115448c59c55d5c52ab465bc50a41f0ff9bdb0b1f19dfd4066846fab3ba8cd5c9fd2c3ed9e7e4d759f30f023392c34d624db7ea4d0792267fb25eb36c93e93f0613f611dab597e1194f69a7845b1db3ac326285f27852314ef29ffb8eba442c9ae23e59ea2f3685c481daeaa3a6de897fa2b5c17a91e0501ef835410c019ba9d095c4e32ea4c57039cdfc0e63277219d8ffe1c4aa972b82a67ed70dddaf2932a4096206afaa39f466789296a04ae48f1be163d57eac7187b7bc79c90ae56ff71190aa4389bd7e01e5198e11584f46b59184855cc5409ade8bc2943b2bc5de36affd11f93f084018a4f1b43a7a2e8ff60f124e6ddb8dac2dfe5389ae5c568f661f1b8c988a319a3761529a2507d4279e0e688198c898656de3a99b137d4ce1445051ed411e50fd1ab63a039010d79a992b7efa3d3340e44378e2d559fcf52013eec3cee3777a80f057148870d4270ab441cf2a5a80946d8a5ff623ceeb8be80d2e75245fa310c4bcbbd916cb08230a869d81ec02b1b7d32339d4b0e1736f021d9cdf5c3885dda6549357e8c0d8dcd738e7c32ee109ffbfd7d1ac2fe46c43686fd3b4c03e116656a9d2a0d83946f1ed8b68018560fba46549b1a153356b8ebc844bcf476bc5a2e1ea289ef43481fa63459f183f0c5667ebedfe9983a38fd1f1aca6540cfad88f5d56591e7ac7cfba6d38239427560f48e48ddb34444283452f2df787ac78f45712cff21b2f9d88fb44ba801b10c4386bc98d47b5966759afa9895df8fa3333e687e3d579a291c565d2c93cfa8cfad147da184913defef6e4dd0d60c6eb00c0d9c59c29131c5656a8f601734d157f4305abe648743e2b1a732a9bc9964b742fddf0c035a651f8c92d7ce798f970437982e4cb14f2d3da7594f8d483c9b0b5faa68f3d1638d6f48446bc745b54c9994027f41606f20b5554c21bed4cdde5099691e0d9173b53a43f89f71492463ab2b67397a59c72ac66f38b2e787d965b7f90222a29cb9c8c06dc4a182c270180b1fda602f0d25de000461d9433eb540b5da12bd825abfa97e6caf1ebdaac9818a7820401f3d5302c5866e8ed0131859ad6f0493d5b067ddae49d67c44b0f6b5d1b2565eeca8c7bd43a82f8f2664b3a5e9a71a66dbe96c5c6fea6a0654b0dd345bf73deb513a669a4de57a3ac72c65ee3cc0311607f09fd5e591d76eaec2fbf34b68e7cf7c3efb2b178bce61f052cffd5afb0ed4d1d48d29935ff421139044b2f141c854bd469c0b9df35aa61dd39864a8e94669d9b052882e4b2103e24438e06f406eeea081feb92c3e9b46a9b381a484103d1184b3a9f62df7c6f765dac673865ae042c30cf4afa3f3027871589c6a5edc38b20437ea33db48a0e11cbfa59a91d376345640e7c7dff65ee67b50b734a168f93fa9648cb1ec8dd2d567c071a45055d60f3a9c1cbeef43a3361cf8f6cd63a0de8ade4a4bd79635a44644512c6f6967b6582fefc59a3467349ec100a56d712ce0750076970b05624e64e818e7a46b5025d846c481a7946c0a85d1baf1ade2e3ec1351e3221316488c4ebc016eda4f304f79f4bb34e4fd19e4c94e263cc38291d914cf9df1f503a73f190af103db40e0b8a6a84c2df49f2d5a8cb6f21fe7e62fa9479114e1c628f351873aec7c6811bd66e7ed6aee41789d98f1d9eeb2e8ed7cdcc7b031b3c41f97cdfb5ddd85d998b46bfb750cf68ba8d52a6fb3ff3e7eb58439ec451e72133c35cbd0f201f0a0a2f60a8463546427db34972d29585bb0f93b3c6906bacd56102462252b319d51c8a3e83b9f1884410738ae90a9349ec13eba73e4a1ae515702e7e2157f415ca2f8cada58e3a5741146cee78bcd1eb7e4686c8958f4e8b78508f909b7613119b08d4b8c0f8326549710673c92a29d589d7f7e0da732056e0014448bc7309a3c7c2602240c50a5e5e89985d75d62d45b1b4a53c4242a5b99e32dd496287a44dc0e75d9efc6bc975b349d3336667ebe97ed835a47938f15a89ddf0a34af3d94267adf231bfb81f8af2faca32d18b3a0dab82842d46ed78d40d3d34f0c47b3d5e1fe51d44c5906ac5ccb4f", 0x1000}, {&(0x7f0000001600)="4e2ddadfd4a6883ccf033689eb9df63d00f8b12fbf7ed9f633e2290f0697dce8a48b65988ae860e435b6dc9372fc3879716239caf1672adceb0473fa94ab6a0bd8add5216106b46dee480fb239ce30136a70a7251c1efc37f1955ef44a0460546d1cacba7e307cdf8fced85059e6b0044b72b948b8dfa1df98dbb0977c67df84081965ba18878b36740fd84124e23ca3521442a9f2558e48444fc45e43b87aa7bf27689f1d048c02569c7c7b1d3dcb1cae8f44c48300abf414f0f6ce4b", 0xbd}], 0x5, &(0x7f0000001a00)=[@sndinfo={0x20, 0x84, 0x2, {0x8, 0x8000, 0x10001, 0x4, r1}}, @dstaddrv6={0x20, 0x84, 0x8, @loopback}, @dstaddrv4={0x18, 0x84, 0x7, @broadcast}, @dstaddrv6={0x20, 0x84, 0x8, @rand_addr="4a2647cd2fda0d9fc8939161a7c7e85d"}, @sndinfo={0x20, 0x84, 0x2, {0xffffffff, 0x0, 0x20, 0x3, r2}}, @init={0x18, 0x84, 0x0, {0x8, 0x100000001, 0x100000001, 0x8}}, @sndinfo={0x20, 0x84, 0x2, {0x9c1, 0x4, 0xb9a4, 0x1, r3}}, @dstaddrv4={0x18, 0x84, 0x7, @empty}, @init={0x18, 0x84, 0x0, {0x2, 0x10001, 0x2, 0x2}}], 0x100, 0x4000}, {&(0x7f0000001b00)=@in6={0xa, 0x4e20, 0x7, @rand_addr="a01284e0939e4aff0e3d7ff0a5b3512c", 0x8}, 0x1c, &(0x7f0000001e00)=[{&(0x7f0000001b40)="75071fdc46319ad7e0ebf46741579abfbc7a634763bb4354f52f70d2b6afd81cb92b5fa8db8ff7cba43d53a1e74a229bfb94263587696a18808a1ff5f4c33d5b145f09d12db06ebf557fa23edcc5d9addc834c3e247f72af3206fe78dfbbf64736116deb97108769b0bd6b853c9571141aaed134ab0d60c76d26ea65b88bc7cc34116eb1745eac8aaeaae6dd", 0x8c}, {&(0x7f0000001c00)="f19f609d2ac4558af1caa67a3b1695d64891e7d6ed3e80", 0x17}, {&(0x7f0000001c40)="fa09140bf4ae2c8bd1edf27b8e63f266a6d922edf0fce8c625fedae1efd20f950576d14eff7ff5360f9395b557235488fb3c70e70745c86c98842f248e3fa9e2176c44e20239c1c628a2b1d71a903a0285dc09b251983a648c6f2df956b2c32b2ac873eb23487d35a89477ed026ea4c06ff05e968360f98cf3e642ea6f82bb8ce6198af531d9c29476f389b44ecde584bd97c19280aeb1c6e4b01d2d28c9dea7888dce47fedefde76190", 0xaa}, {&(0x7f0000001d00)="8526057f2cd25ebc5d3816a1ee5853ccd17507501cd398d2334d38075fbc0f8f65b9749ecf", 0x25}, {&(0x7f0000001d40)="bcb8e24a89dfd374a0f22914edd2c33ff99e98363be897481634efec8ef98744ddc247aaa2f38e6df0b4079ffad099d3e387d147c80ae13535a1f7bed566bb2fa73221d4788758ae4f1fd1f3b18fc8581e59ea89504dd332cf4de208eb4fc3247fe35c703e8b2b5b1d697a55f6258bb068b0bfc9082cfbd15189aeacb0a7aa56af69ce1fc87f", 0x86}], 0x5, &(0x7f0000001f00)=[@sndrcv={0x30, 0x84, 0x1, {0x6, 0x7fff, 0x2, 0x8000, 0x37, 0xa77c, 0x5, 0xffffffff, r4}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x2}}, @dstaddrv4={0x18, 0x84, 0x7, @multicast2}], 0x60, 0x40010}, {&(0x7f0000001f80)=@in={0x2, 0x4e22, @empty}, 0x10, &(0x7f00000020c0)=[{&(0x7f0000001fc0)="e76e29f97c1ab27ae952139720c6a57823d38271efec7898b03b4b065b09f6c740b71ecc22b74c097f10493e8c217d480ae296019a0efda207699806086cb3912a6bbe60f1b94594e8c672001d22ba0617d98c8f1b1a993e325f1a699ee55e624311fc2c43c1e1f2092494b975bc45bc596a1b9024536b583bc4ac7fbd7ef8c8e541cfdb161f44fa9b03e0b64de710f5910cbb61f9fa9796b647ad17d7fb84b8c0bb9b58823b3bbb12430de14080ff693f4757486b575801a33f7691f49d800d7bb384cae43bd95c1cc47e61535bea74e117974a0a570300949f87451ff8e477661cdb39f4bd7e12e33432dddff065466e0387a4ccf278a0e482", 0xfa}], 0x1, &(0x7f0000002100)=[@prinfo={0x18, 0x84, 0x5, {0x0, 0x9}}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x6}], 0x30, 0x4}, {&(0x7f0000002140)=@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000002340)=[{&(0x7f0000002180)="5b3383636c", 0x5}, {&(0x7f00000021c0)="18ebdfc78e89d337cc7de89bfd26ad38131d33a90a1752e174fe82708e33d68f1e2c0debdf6389281c98075b34ec3c9243762573d7d9b0acbfdd5322f8fa41ee802213842d36ed98b8e4250b6ad2dd9835ac9fd0338f1caa142ebd89a741d20dc3b4ac6a87c26c85ad9d5dc9e6ed2971d16a55860bc62ae09fe9ca4160a0977ce2b8cfb9591e7bea42", 0x89}, {&(0x7f0000002280)="b3426bf25d001274b0f807a075a155e0", 0x10}, {&(0x7f00000022c0)="7246ded6a56b5c3fd704ae40ac18e747209bcbcdb1e09a6dc800fac9200c2c8f70d8cecea4941f10728aa2c3dd469260814c356f0dbfadba8518d7cfbbd627a267c39cb33cedd65be67627cc470bc1bc2aae20462f06925dbfddf56d6d8892c24ad7635ed0e797034cfcb2a4b6c0836e0977f8554417c4", 0x77}], 0x4, 0x0, 0x0, 0x40}, {&(0x7f0000002380)=@in6={0xa, 0x4e23, 0x9, @mcast2, 0xb6b0}, 0x1c, &(0x7f00000045c0)=[{&(0x7f00000023c0)="82a4364a81458700d3b30a1b9d97aa5b229bac55ecd2344648498a19dac5e454b9ba6f312e8b7b1b1c245729e7db16251d44222c5f9110dad8152f673e95f281cc7767e3f1b2ac5f2a8ef3255b9ee452bafbb9820974bfbb011bc81632fd6b1aa82e046c9619d8d725671946cecd1b1397c4c80cae1c6dfcf630c5d69f8bac2b1aee23f23a471cc8fd6d83dcc2", 0x8d}, {&(0x7f0000002480)="cec1fa9260d754daa748d453866550bb69f5c6de7eef8aa041c2cc34d84c070402f06f2fd15f169e335b601cc0b8a15b26cab2002963cf3f1e7d0a0bbb101d2aa7c934f96d0128190769cf48d63703723c40b930b799f5b64be9685e9cb31a4c3931b7314e83a71bb62332f8f5e1afcb89dd2cc59d09da41284e4a5a406051401775ad44e43e184a952761b8daa1b0b0b7561f10c10d37bd5f342851a763981b2137a20a2e5538b32e39570134ff2df7991cc792bb9367a0f804231b47a11e1a9e657fc217deee3fa3a0b367fc344f9012974fdc7b03b5ae3c242e4d4468eb03d28c5310d768f7700dd107ea795deac528c68151b4efee7abfaadd2f5d62f832d8b84bedd828718d9968c20ae7896dcef5b88b3cf2016ed0bd5f178eada5e13bfef499d692c15a7cfd42d440e5d154a77aa44550d820d688e5123106871cf8795fd50b5e1910abefdbe94bbbec567de52ba29355059a9199f2d63874ddf64876fddf0397774afa77028158761e4a6d9f641101730876260fde52d66ee6cb3c9642b0aa73d05ec604ef49957960d2be101d0ce31acd76016321f985329f71a4fcac69fad5d1457c413557896d696cf8fde1dae5412f8fea3f539fde28b88d2a066362205141218aa82c7d422bee952ea1bfd4af01089fdec2f3aebc51fea790712bbfed3baeb04afef7c63d081229bda5bd42be829b5283139464fbeec59082080a4bf2e0e2c4c9c68fef121bc450e3c5aa3f9b3d9f85889b1c8d8d1ea8ccdb27c9af3a94b1b1bd70eb8576498c18bf896a026130ef6a987fe41688a20e01e4ec6b43b1f36c451ccdb9aae9d1923447136783c745a635d9a85d5ec50effd9ac4ca62634f42c5a7538e1c62abfd92eb1b16cc3bd828601ea3c39cfb531c2254f7090d441d2d31f145a6a3f6f972787266360f4b1d3d7a09de482f95550897efd65da5106511cf58f09cdf1415c69a3e4e03d669ab26ec6fbc72a9eb6262083b8322f990c34c5d7aba1628598d3096859b3e48f27bd5a1b62b3f776d8838c40d545176d18943f20e974e9556696f2ae5748c74acfaf49e66da9322018e46cab45dedd5f4decd7d406b24cec662fedf3881c24d2ddae734a64c2cbb30b5abde36b812a2902b31b8ec52c3cd0f48a52f75ceebf198bb698665ff9941ad2bbb2781b9216be123898e7daa551eb0102fff8c70db2ed9565e35bbfdc7896d946338a6620cbb370a06e17c372111f68ad976ca8a104326226f59b2b3298f955d764ba69afa6059a4f43e17ee87e0d109b0216cdc915d52519f2aaa7f96c9c46f6b31f0086386b53cae4828f79cecdb541a6076328086ea60cebae8e81df05651e53b119e2c040fd11fc693efe488314d4708e231d44300c15aaebe689f439f47e9f46fe9b648f03f81b212051fc8df038564a50f252fa88e50a41840a6d6f87050897aa04b2c220a1f5c527a301bc8e815165a926b9c3a17c7cc21359512b141fbd18f9eb7e44231fcffdf3913f0edefaefec852a56da2b0a52fa50b8daf822f232e36888adac553a66e36557c0d122e5e56f1dd9d4d440ae8a1cfa6f0a4cdac6938100d258a5cd782aad224fcc8ab29e97174f106067f11026f6b2e0009e3d1179729471503fc713d8b30b17b80f43e1ef2443d3b207358abadc6162fe07af1e9ce703390cc6c9925e0f7761a3556dd82afb33680a00b1f9ffbd2becd794dbb41b52530a4e3c62d26660e770480ac43e4c056286a57dc38412e6a677cdfeb4d6fabfffb4f28502df34bf4550c963d01c05c6a95f901562da98b905a24b51dd7ab653b02b44584ba4db9a4a51fcafccf0a9ed77e76b4c748f67f08d5241b7e2ae050998d8bfc6f76654286375dee9fe1e8716ccde7aa5027e3a32b0eb0817916a3ac5319c986f6e6b2b3b6e3a0d418e14a08a2b30d37d5b9f20d48c9778d8b68f902a4dfb3922c1188290cf475c707cc8b91b9e25a4365340c38e6fed02d7e46f820299793a621a0c9eeb22efb0f4299008d661538bdbf6607a38ac9f318bcbf6590bb75991c53fce719481b24eff0aaf1764f4b526a22baced1eebeff77d9ca163911cfe1b7aa01f10c3303c0c40417220c3f4583cb163586e91937f6a9de129f8b6b4088b40cd076590ce2485dd99b6edc7881489179ef589dcb9b1ed0f5a833c064de2cbe4df475c2832d36f009384811a7cb89aeb6437526a1c2a5761cd1fa1c2cf3728695d70f8a6efd5d5558b523c2927dc09ccdba2523bb257aed3689e6486b2306d7d9d1e9f5b84ad78f850e7b48bb88496205579acaf46dca9944797ab4b8eddf2f41e506547778d53065907f5395107beda9f3eda95ea2072708f3ae1b3061c69c755233eb720affbe1d2d45b072df054656d6c07efa4fde7d2e65b73715f0f00e0155c43df906c705470b06577e48c2dd273caeb6b048cff28c69d3117364c5bf41a555a0f6eb87aaa1c33b9b2a27c650c8bc615c3a330db4a51bae5b435449804c53b0b79a84b8fad7fd14d3c8a6710c1ca87e3c6f3cd2c35fc369ef00195da53a9fc05013d5c075be7857f6f6e57e27ddddf0588150a674ab5aed7d524caf5fdbeca9839db64341ca01a24044975b5ebed70579e1dbcd48a2c85113bdd1a610cac1061978c7bbb7fef6e640de64346d05836d7a5fdcffe5672073b65b6fddde2c53113f601428b7685f0842333fa2967838641f29ab94435b55e118e1211cdb541f3663e0bc90a708e1751ad9181c16b469056efa228c78d4b0c9a8da3c55fc2d098a8752ab13e75e787e59ea1328d5b803631cf77094526e301dab3721daeefeaf65bbab260fc7bf180b8cf3cda82af35dde4c9fd718f5f199e36522cdcde80192ab238b2542504db5a904608c0208e644074b818d9d65aa4d9dc04961c2c4f903b1c647942cd36e4139a92a628380600971bf1f135daa3fd4a169b6e8ad2839ceea336c4224ba9bdd572cb2d617c58552c5c2bb94502154599d1d90dd4b582f2530126c3a39a6d411a4d99506731000136ec1b49798a15032b74b2f0b1272617b55e0a796cd092dbf422b71d51e84119179b2f2058a4589527b3535b5b6387d77b2c31c86f0fd087f287386a1bdda958932e1895ba9c720ff39d03defffe5f8ae6ebda9c1b211875009753113ae6b53b7c48ee51d346850d93d3747c9427abace57ea95dca0f9e2ed93a2cba30f74d2dc58c45da24d18cb5d233beeba6a2d8d274940579f952613375a5634280424bec2019563599270c604ecbef5608a136eba8200425892d470a0951c090c4eea01a7ba620f1786b93d3152ad0df021c525c5aa789a96bdff6d7b6fdb917d3965d49b2b146669f6c9c63a28aa710c665419461a5047649f381e693d55b401d967f09d61af5f4f0d897a4df0b4f2f2bbadbfd07382a7750d4729a829be309d22e04051d3d7315e1b78540b3c94682134ea70cb251769454744473ba2bfcc8104750f82f1a4aee9cfa3b55992e6552cc288ab9ba2aba9351398ce07401834724cf5795618be8aa9b729420b0654e50ef1cabe64f724931dc4acc7691b6066ea6fbaa32eed71863a100c5fd3f674d3d88e638409303970ee59560a40680c53fad12e8682863372e40869e6ecd024829a24313e494964408730f0e9345ed6d22e364216c1d78970d6ab01148e5bdc3dd3fb3d99675355981eef45c138ce467ab62b152304123a4fa39cbf9940d082a96f654b087fceb649b8ba448f6f4e993683054c982081abedd4da3975bc2986b786d6d26ba253a9337c126bcaa3e71b1776731ba7318f8295f52f3d1bdb11e096ddb55cbf3a8530195608a745bb27ef7a7fe6ba3d368dd0bbb966ab9de449439d17d933aa3f955dded880a3b56a3327ecc84cc29c0a5d573341e663db85526f1356e4ae70cf36c05557a2d4d884267839f393036c2817e93a1d535dff329e41261d12dd3255f20a088727288b78578d2691b313fcc6fab9952ab57a553420a5ec43e0c9cce5403ff524f59fb9f062114820f577f8f2c83e8174ff91ca267ba6901498f1107eac6d5621d09deeb831177f4d58ce09f23bb0f7e537baa2e474ad00d4d3a84c6c4479d9d4d9afe6e39714babd84240d0a15220fec2970496c2e43f9b0a674072a20d40470b94aea0ac83292f670d88a261462c0ca255fad2d50f51b394ba8e141aa2a1953f48cb87bb6a36dd04399f7ea4efbaa102fdee17e65a8fbd0d400005786d5454af18504cb3a0d45768fd9c10bdee4acec51fae1a61f362a98660c931f8d04dc4089101bf53382fc464735004496781e60d006e005288ea96ede03de814f713e7151aa99a1f25ad22a922250240a90e3c82aec821e6eacb9f91a6eafaf6293fea8b37381955c651839495a2fe5a3cad9bc4e479ab055471039fba3dce0275b5c4621b6fae596d280ffcf4c1ffde02297762e2071d53d04f00db0ecd73a2bbcaf514b41fb0af0c8a7d2035a3ad29fc75de24eb09cc70829aedeeeb26d567e55b940dd12b4a842f0722ff2cd35dea3a1aabf71ddc935d706068e340a4fed7bac81a00fe6986b63cbab365e7ead038be9cda6038ddd890e5002c31b4c19b69088a45454af4e20079c3c012d7c20920374ba1f7467313e51f1842c48eb7c24b51260bf482caed8c136bcadb40d3e229222f9fb8da4fb2de5ca60b192f66f9574bfce271815b217f4a30e80291b3a6c51fb3a951cff8ee2e58f62bb5e3c51f581e969647be046b5464b64f6cbb6690cf6a5d5e51c9ef8d3f46fbc0ce7ba1966a5f9228c8126dbb1389f4ab34d57dbe4d95168afa410e98936bcffa3dcf1920207f8b9be9ea9a8c9525396b311bda3c1f3c0d754cb90761bb0ed1c88abc04f7b0294ec5371f8b0fed8505a9456e7b52594ffdaa8d2a739304ed3051b11133be24bf9c38b4d6085fa5d56436f4c3e0c7b9e7381b95aa2db0d1874a08ede9adaf17d55cea755fa61749dc91d96e728563ee8a064ddd4ae1b6c73f15cd2753496516607e5635a6e720960e4f7f4f4d311809775dc861ef549ffdddc700846a55ed84cab76fe883620b1d143aab44b9ae0be911ecffdf5f98427b0e083d2903972c131a7363c2a21cac8e03af5e2852f3830ea2ec5cb6f5d8655fb60e3caf35ec5f611d2e66ef528943c66f0a60341f80ebfdec469f283612bf44fd1fe28b72bd91b6607d2ca5a4dc2dbe418e791c63d25aca2ebb0d49b10c807760c5ca111c15d1665f2699ad84d25d270d91665e2cba5f345ec413a9b0cb90645f89a463823c7ec80e135fc5fdd9cc002cfd2d45731112c14d37ff1abcf35b30f5d64044c137828384dc4ccfb45bdcbd5b046a3e9096d7ab8cb480d67e2b179ae3c980c59547ec48491e141e099465e6ce6215fafbb0339f310b7673123a4590f77633c0f44b08d3d1915dc7ca760bdcb8912ce76f3a8eac21a518a8c65bf3f01e416b5f0654171474573249d34299bb3fce1a14ec0cb8635ebb6baa36b501cca74574ede0153ed434aee1de81e36578ca81e97d8318158190bde6413f0567a06d7b248f9a19d836faceb7218457920975e622743f1883b06a0acffb9e920b86b56c445ce1822b7861c502cb4e1d60e52db0318578ade43cc4bd77629d1212a323cd60e100c225bfc6868c26166cdf19590abd7ae1418a14df990ea1d4966c38d0273afd5f9431914ce920eab54989816a60075b1ffe57be90fa2906d71616ea8f248e2743884700fa52eba0618e199d9f8d0eee40e8a03b46f3ac3f929c9853171f14262eb9d5f33b69c04c7b72df1bf52d6bf6a0bc04ef0cec2607f47b479226c07f16", 0x1000}, {&(0x7f0000003480)="64080b1b774fdda5cf82f7b0dde56942a11bc1357c2a8a09d8d10df56d5d522318e2b5f11191564c0f1c2795c11ff81eb631fd10d03220e04340ca0653d3709ce03900a56aa34a227bda18c0dd3ea602ea", 0x51}, {&(0x7f0000003500)="16b9c6d3a111b210260c6b2b9d23cecc71174b210e36149597506591ce64bd7bf8a4b37c17f36a606772d70e026b2badcaebe0d882ae83027f62ecc0110566afc339d6b1dd393b952f3872f8eb920b3eb27e0154adc649439dd0b95e5f4d5933d2f635c0ea4635712470f164b6e529a7aed8343e237cf583bbe1a2bca5c50efb9c6cf2f2782644f1912bbfb1af4fa6b8a9185e9dc55044648737407b222a3b847c40d7a3d5f135722d2e233f88cc", 0xae}, {&(0x7f00000035c0)="63d139a39791fe0fad6ccade1888e299a36677889902bd4525d1b28bc030e03f108f70d73ae607f01e91f154245829044bd7e644864fe88a0d27ccef478fc4da463dfc99d46cb1758e611cbd8652a86cc5973b41bd4578c63255ba7741554281585282126f2cc7fd32c4cf8a598e7802271817c854ab0275ac8f39c67c459cfcdb0a2c4798dde8e37f87599fbf516ceccf528046fdd2139d993a22bae0bc87331bcbdf26c45cb0d447bb2263f56106dd458988091a0aa62520fb31c024502581f0561bee9b77bbe9d1552d29745d8c45c0ebd862f1ddd7847e0761832c523412084b0c4b83e4bed2d3b5d490485d488d3f85976eec8b42c31c68d2c70c4b2539c5c9580d35f990922b85e2d082f55f93f279bcc8c726b84298f46dc43003294327bc041716a8f0fe2ec60df87f6c6f72dba8e287f74f0c35aaf3842dbee4a4a5762bf3dc72f14689461117d8dc6e96b9568ed0235953824793dfc525c9a1c9f7496a66bd396d235e2f75f7d53877d16d0b622b531f659a254f56dcb1404ba00a59732834f0ea6d216ecb456bc38c15ce1dbc4d6c119e31bb541b68939f65bc1037f2ce5b5fbdb051439b2445b48ed341f9ee6cf1d9d482bc4073594631c2d21e286698be1eafa1f68ab2c9957da049c9356c6d0e58fcdf2dc1e057985421277726996d86e6f35c39703e1967e9db156de8b92845871813f644cba0669b8710c68f94325db82f29127c7bc72021401e1b6f86b49e42a71d0183903cc7fa2aa337c7309d39be4be19ae4549a32d22ba095361a352a5c07391bbddf755c9f381688d1796e33cc5cd644762516af684361e47c1900e411e41e74ac869ae331984af98b8f3167b5586330b35dbeddaeab3a6d5ec1f300bff6b2482fe100b80619b6e2fc7c3a66392756b9b740ab000a694febe13fb7ae83d8747a483abb8dfa88675c0c1a5622d9c313bf1d71d9eee548d181a772338ba1d783e2a7fd12669bf6102c947c00dc1ea0d1b58010feb3d5a9c4f936402eec6920244e85c47846da199d25d462b306ec41df5eb51b7f16eac10ef6caa7df6b59f991f67492f9f924700f3038c8e0eca237ed5bb2672f95c7a2645550179d4c685e54490dae3bec7047c10e728b744f16fd91ef56b0b9b024866f64239f928f1695cf5fa246d7c684063ea9e14266b80e1ada0dd0916fbdbae8c5550d68e85abe0e20f3ac48ed23fb8d7d27aed42735dea2774afa8f561dd8902b3c734858f98d6e9afc242022eee1d7ef622a62d90aa8b0f4e10f3cda7f24758b928bdf0331b5465c01ac3c6e69e5af0ec516d51c2a9fc961bb8b5f1397fc9141beebdd3eaf765c0aa79fe296a28faf3f1aec0e306cf9c435b3579fd34bde6c641c8fbfcf2041b8c6210b5cc23efe75b41e6d5f741fd7d6419219ca2f3bd3f0e8bae121cec5a41dfd347a1daf1f7ba6d145e899023e29094bd49198d8ad88f8b2091ea5bab9c124f32ecf0cae605899c18cbbe8d5bcfc0954dffcd743b98cb910f77ae099cd4bf52b53cfae490ed14cfe96fe9125788373cf3f9ebbadc1a2997327630988edd122111ed871f70b45caae54ea40c6a08ae7209c6e74680f6319a9edad627369ddfba3fada365750487cc8f26d118216456e087f50bf52f41a816c257d5f8d3512e2cbb2c0849979b73bfe5d0cf912d08d8c8ad327c3ebd6ad47948adf16ba2d0ebe3e0e412643452f468bcd4e1d44f308da8cbe045dc0454eca1d9edce00eef62ac0d65945857d964954f6098c926094798717d62b65dcca74e60955e250df8f74b508acdd4582ac43a4df5d43744a889b8dd1aa6530c94674d2879b81c25a316adecf3d2a4ff73a4982446851f81d85993d9733ecec0830a1c93f8cdead53fdc2058daa3741d1ed329dee4592ee6860e2b54e06e4ec533cfe042c93ddefc7e72146943d297b4d232b1caacef43f62a25bf7ec4860707beaea920ff6b888d2efede312e4baa60d95625271b7822b289676eebfaab94e77bd6b8e0ec92ffa098ac14ceabc62886d7fb582a4d67e3189c4fecef9c432f4253617d900bc6f453d1dead80371b14e6e6642a6f425f064c98d08608389d97441bd55b83ff15a617d261a3d6b1de264ba11c3d2d4701b5ebb7a0578d1ca26ed87c4ff027da409cfadc50a4991eb9d020437bb613776b7a4fadc15806dce9e06c54bb05f939d213e7bb04935f7cfd3df69b44a7681588e8881e674c604392a6f0dde008b4b306543fc39020b4e5d0000cbff9be3a0057410aac161db371a5d2b0f00fbce3c00628f48ba30c60cffd1d6d41daa0252b623f1d2588bee8fbdbaa443dcae4bae952aafcb84e18ed4dd134685f586f36dce74144893853bd2d068e63ec93671ca2fb12effe7f92c1baa9f4a2b9c8d54ede7db878240c7b536c6673e928716f7f8d57efd0eabe610bc80d3b3b871e10d17b4c8c95ddb8ff4aefac842449ff0e171da5d27029947480e36ff4e78c989e4df01097bd5c416a232770311b66238962aaa68eeafd996b094da13be890b74d4e34d3536c8869db77c0e1a5a7cd8b0f40f38e25a75e6b006748032d259b9a46d347561706f096905264dabd824466614544f597d8ebca74b1f49cea8055722f694d7d2c5e875c029d169b2eccb40d5a549825643901f767a78046fdfd742b5cb1b8f84bd07d438127062309b2d58e021ade4788e233d274b1bba0db1de8d5ee2a4009d382564c288c2c1b91b8737ceb6703c7bc8120aa902d61a223ac3715724c76d0e198fe2ad4732f086e2771990a9e8bbd7a36eb3976be25041b451cda3b1c6fd14e1af5aa3c2691d015fae9313f0f3c03d9ba93bcea2e95990c5e7a6f27298f3f585cd8987f6e2b775670be44798ae0f0b13069700f15e94ff60816be4ed7ca8ebf2a3ae989084d7de38e4a0d4859142927244b36e91293d5c78b0cf8fa52a0fadbbd77e4743804df4748fbf71e45e8ed6ee968946d42308b255f9e8294a846fae04e7843579154637567cf469a09a9ea7709ae2cf52056e7bc71486a21d1bf127512fb5afe449161b251b87a249584cbe007d511a3fe244319a5f77cf617a2c6d0a74a8033b8446190b8fef08aa2319448971376000d5d2c2850b132b7ebbf45d168973e5d01d3345214bbf3f933539fc56d3c0a8aa3714d76af0212bf3601cada9fbea922719ad048580f0094256e19cd07680e988af7c638745259671bf77e4763f2e77a183424fdf9f1e18bc925a12f56dc6b5939171f190f38949258089868d63ce4c47c7c5c391f7a863edc2fba5eaae89cf4511589b86bac5adfc3a5a0be05dd4b81d8bf18f9118b1a0f17f7726a0551eb6457a7f8c7d4e19a440e5680abca2ad3b794b262a78b8327e43e4fd5e4dde8e34ca5328f4b061e1d94ceddfc56007289a3b601fc8e89fd58ab1460e4bad37dfbc14647be874eecff4d6cec9cd2d19d666308d8e2c55e0c59c23b0d399ebc71bf3227542fe1e52b2d59d81f5ef3d0f3151317a98bf9dd5d0c865011247ed360ffe5de47d031c73f18a4b22b9f6f42b0bd3191c67b004c3d042d9d7d89ad0d72335add1175ee302efe2bd42e419c2353919bc4a6887facf03ec16be3b3ff670e8215dbba58d1340f642e029a073a2d81b0de894285478ba843321e1582cf530fb3a3ea8097a255f9b5a2aead7dd4545425c286212a83a29cec6a1bc67f5b52c2c7791771cc767480b2449f5750ce429dd05a90cefd6986195a2525fe07b0143b3ae9a0e4a96bbe4ad1ffafcd0fff1fc771eb9a22161d95136776a8f80520a2375b9c378cc9879a81f7aa4b0e3ba232b7f134c6268f0783450b4536595a853b650ba89494fe4264e0a0010935ee8816ffc951868aca96b12bc53703c29767a2fce9366afe65fd42477edd466386367a2d5e437740f922e94164ae297d0ca6445454bc56d5e020f7c9331ccf634e31f88da5eb9f3ea22dec21b9a15c6977d8b099549ff8f1ced830dea72a80b0b51c97a56c84e80f0d6c8d27099781a15f7476380c544fd6b935499e677934e9ef228efc31243dbac9f0b2568ddb10c87a853d63edb0b94d5a9fd6fb040762990de34d393cdfae3b6ec568560c7c694186a7aaadf60a72afe80da11aabb32dbd67deedf900b766fd1ec8e54489ad2e6a2cbae8bbbcc20123da81caf0f22b1c49b60afdedb8335c5086db13b5910fa2be7940f31e1c49dcbfed63e91d8a199bb60525b00e1c9f5af63b8ac58cc5df51de1acc70fa4c6f8315d6d0b5cec09415ff1998d92ba09f38668ceffa9af3933e2b1d5ab376efa58b36c8480fe98fd09bc550dd44aab75c94399b3e2d508b6e2909020aa2b8c0cd40ce2087581a7b91c1bb5d47ccc6ad6b4884eaac363c65f83ba42f887c968b4bccb841d5aca5ccbbc22011a22534699d1bcad705724ecb05f6be97fd94c1570e36b3a8fa1eb181620952649ed8cefeb15642cc068f14bc6feb159875f1d04e189a060da3d5cc840f16717bb3285b8c7f4cf8f773b5e54dcac8b08cbaeda09dea38fda074c19be6375bac3e800e0e7d42e32ca67c1eb65b0ef19ba408ccc566d0a528c7fa5cc6f93066f28dbcddc479ac17da28737c4443af18a3671a61ebf8bc840361f9d5978b75ac61de3993e1e6e69199336be41c45698c1a1fbbcf34c8d72c02ee2771f2453fa17acd5012a5aab5cb1a3e4b8d1a2ec52af54b8b424f534bf0937bff1fcd5295a4179118096c0946580a64d1b31e517e545822ff44b5fc1769ae812df4b41aab5bc2daa9b6dbda038bc6db2a171054f539cfc756f679f0c073fbebcecea66a9b6944ef8f8b3aacf64dd8e1941bd752decc802b14372c6ef7a3251afde4373e3d1fa0322f1a5d543628a8729acade6306b075e5f1eb34b0db56052d41111d5e81b3b8d21ab71ec5dba501ed52ca4f76f7ffd5317ce4fcbe378f3dcb7d7822bebda8ff7ef24109a5140b14ed2f5068426371ec99386ad4ceeb5c00e7ca8d28f7716c7f81541361a35ebaa2cb473e5e45b9dfd81bc7f54fa3e7096c1bfd5bd74861b242251da987682427b2dd02dc0301e8fd1bbac16e2eef8674b87e27691733ca7b2f1bfb9a5fefad412c1d418be5ada473bee3011356dc8c5b2eda19a074b2677d6ef0fc2be455357ef69e7cc8e74859d7791c8e1fa5806539540eea14a6e1efbb89ac0c01add684f90e3a181f5a1594a46b4f92484b07ecc46d603aae9669139929c8f7dbe498b67b8dd1513949307ae24e28afc6a5a820ef697d1f4097992627c2170b2555d2cba62e0b9f8fdc22553f4ab567dc0f2cfb8e4dfb0c044cb17f4964740a4be3ad15795b435b913592a9d3417470c290213f1b19b7c3fcd57758d4eda0c293f6541ae454739dafdbf2c021f93a6ff5b14cdb5c5a178de22496a0661d592ad573928714b0e939b4b7e53afd574bf2e210570d4cefad39c8d63468db8bd79885e7db06619d2cfb6bacc64b6ee2497ce7931c73b1a325f2d9175a590551f877e3f93c6d268e99bf36e6dd3f829d29bf31f4bc81376c1e106f0d27e9d3a4c92e34ca5b4c80779f9b04426c0ce50615ef5c54f9c717750d5ae672efb9ab368459ff519160f7293f14580014be6cbc280cacd7fc0265fdbbc50654f58b3cbdf8df8aa0a834e6ca949430948dd2f6ee180e85161646c791fdd946fa788b9a2fda40a1880579d46fe217e4572b7e007479ac37b9da503a94582893d072b24a05718fcd17c64ae78eb382a160db28cebade8cf744d2aa20119585ba0d5ca678f314f18dba8cf1dd4aade1dc581c957698993d2693aa21c5df2d615c73748e397c", 0x1000}], 0x5, &(0x7f0000004640)=[@authinfo={0x18, 0x84, 0x6, {0x5}}, @authinfo={0x18, 0x84, 0x6, {0x7}}], 0x30, 0x10}, {&(0x7f0000004680)=@in6={0xa, 0x4e21, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, 0x1c, &(0x7f0000004740)=[{&(0x7f00000046c0)="2019edc686e146da418cf5967f478f82a8bbd3479918e433156efb1371f625058d65385d2351cf05fe9f09b2380de73c0002", 0x32}, {&(0x7f0000004700)}], 0x2, &(0x7f0000004780)=[@dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [], @empty}}, @authinfo={0x18, 0x84, 0x6, {0xf90d}}], 0x38, 0x80}, {&(0x7f00000047c0)=@in={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000004a40)=[{&(0x7f0000004800)="7a83ad", 0x3}, {&(0x7f0000004840)="04594c18840b05e288f4b5a83a1184485ba3fa19bb5c9a105401aa1c335b8e1df7e9c1228ba975cae734aa91ae4d6bc5a7c86c5490cf7056de0ce59271c34b550173b437347538b6b364adf4193a8702eae6c504e2ca0f78d92bb12562dd629cf02d5af000bab51a3ed956b12e8ed866faeaa2e521d4a9237d083bbf96ef1d47cfaeec0c1d1ec7407dd9fd1bd31a640d93f6375738c06eb78c7ae5169516233e2c055f2c0e2a664e312d0acd88e7be37578b4bee60590ef6f6c37a41ac7cb945e6cd9a9de39fa765d3e04f37", 0xcc}, {&(0x7f0000004940)="d1b0dc26eb20382ab26c31fa0bb679847bca867de9436bbfb3de192890b099ed1cb470071c91eb48047b28917ac6654bea2f561de948ad8344e71713e991d4388071ce8880e2df57865a2790b9eaa61d694e7092576db423b286615b908e23153a547b42c0731d096df426480392c30bd781d0d5192c8dd1d5539ad2ebe7674f8812f9523fd7dda91f8048f9dd88a70d7df103f44a1bf910d60ad605f71fda69fdcbca6efc790633898a21f03a09590cd8db7396d99efb24e3b8d631ce9009a1674c403dba24e368afce305c9f7cae4333c772832e9b0a6b8f", 0xd9}], 0x3, 0x0, 0x0, 0x40000}, {&(0x7f0000004a80)=@in={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000004c00)=[{&(0x7f0000004ac0)="a57c34cff1c971820a7ad3d62325d7b5210af3c2305a96250803c9a0f2def1430aed2f46731e", 0x26}, {&(0x7f0000004b00)="7131fbd4ec1d6ed3ac4f6b02e35c743542d631c97d79ae81d21f3ccd5dcea373312345081e27f90ef5cd92eb2964836192b7595512275a87f93d0ed606e5a434af5d84f93142f2f88e5a6a5020e2a270ef17e83dfa9a23a5858dc98c12f19c520a983f3706d10efa5538343a24c61a3807cad9ce1d7f3a953353e15e11d74addbf321436f033ef0cef6820ec1cb0a6b50964d8b4f23953adf760e68dedfaa5eed11bbe35b39e88741fb3a147c827a90e5203f09e69a392db5ea2db0178722f5c9a1c137b2476d903b12e198d7765f8ab8244bb7a47627d878eadc98c31f7a69cb65a1def903d75fe0b771f71d6ea452b2ef8dc", 0xf3}], 0x2, &(0x7f0000004c40)=[@dstaddrv4={0x18, 0x84, 0x7, @loopback}, @dstaddrv6={0x20, 0x84, 0x8, @initdev={0xfe, 0x88, [], 0x1, 0x0}}], 0x38, 0x40000}], 0x9, 0x1)
socket$isdn_base(0x22, 0x3, 0x0)

[ 2525.564481] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
[ 2525.599117] Killed process 13242 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000], [], [], [], [], [], []]}, 0x934)

[ 2525.692275] sctp: [Deprecated]: syz-executor.4 (pid 13773) Use of int in maxseg socket option.
[ 2525.692275] Use struct sctp_assoc_value instead
[ 2525.723838] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2525.723838]    program syz-executor.0 not setting count and/or reply_len properly
09:32:00 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000300)='/dev/radio#\x00', 0x0, 0x2)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000340)={r0})
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80, 0x0)

[ 2525.799454] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:00 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x20, r2, 0x300, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}]}, 0xfffc}, 0x1, 0x0, 0x0, 0x10}, 0x8001)
r3 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x4f, 0x0)
write$P9_RLOCK(r3, &(0x7f00000000c0)={0x8, 0x35, 0x1, 0x3}, 0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2525.855713] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2525.864578] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2525.869993] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2525.878916] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2525.887838] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2525.896751] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2525.905668] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2525.914592] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2525.923186] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2525.923483] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2525.941296] CPU: 0 PID: 13779 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2525.948442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2525.957795] Call Trace:
[ 2525.960399]  dump_stack+0x172/0x1f0
[ 2525.964045]  dump_header+0x15e/0x929
[ 2525.967768]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2525.972885]  ? ___ratelimit+0x60/0x595
[ 2525.976782]  ? do_raw_spin_unlock+0x57/0x270
[ 2525.981204]  oom_kill_process.cold+0x10/0x6ef
[ 2525.985714]  ? task_will_free_mem+0x139/0x6e0
[ 2525.990211]  ? find_held_lock+0x35/0x130
[ 2525.990231]  out_of_memory+0x936/0x12d0
[ 2525.990248]  ? lock_downgrade+0x810/0x810
[ 2526.002409]  ? oom_killer_disable+0x280/0x280
[ 2526.006912]  ? find_held_lock+0x35/0x130
[ 2526.010999]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2526.015854]  ? memcg_event_wake+0x230/0x230
[ 2526.020183]  ? do_raw_spin_unlock+0x57/0x270
[ 2526.020199]  ? _raw_spin_unlock+0x2d/0x50
[ 2526.020216]  try_charge+0x1028/0x15b0
[ 2526.032556]  ? find_held_lock+0x35/0x130
[ 2526.036630]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2526.041477]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2526.046325]  ? find_held_lock+0x35/0x130
[ 2526.050401]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2526.055269]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2526.059947]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2526.064451]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2526.069595]  memcg_kmem_charge+0x136/0x300
[ 2526.073848]  __alloc_pages_nodemask+0x3c6/0x760
[ 2526.078532]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2526.083565]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2526.088160]  ? trace_hardirqs_on+0x67/0x220
[ 2526.092492]  ? kasan_check_read+0x11/0x20
[ 2526.096649]  copy_process.part.0+0x3e0/0x7a30
[ 2526.101158]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
09:32:01 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0)={<r2=>0x0}, &(0x7f0000000300)=0xc)
fcntl$setown(r0, 0x8, r2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

[ 2526.106276]  ? delayacct_end+0x5c/0x100
[ 2526.110267]  ? __delayacct_freepages_end+0xe0/0x140
[ 2526.115306]  ? __lock_acquire+0x6eb/0x48f0
[ 2526.119562]  ? __cleanup_sighand+0x70/0x70
[ 2526.123816]  ? mark_held_locks+0x100/0x100
[ 2526.128072]  _do_fork+0x257/0xfd0
[ 2526.131539]  ? fork_idle+0x1d0/0x1d0
[ 2526.135378]  ? blkcg_print_stat+0xb90/0xb90
[ 2526.139708]  ? kasan_check_read+0x11/0x20
[ 2526.143867]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2526.148635]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2526.153399]  ? do_syscall_64+0x26/0x620
[ 2526.157378]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2526.162749]  ? do_syscall_64+0x26/0x620
[ 2526.166733]  __x64_sys_clone+0xbf/0x150
[ 2526.170718]  do_syscall_64+0xfd/0x620
[ 2526.174535]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2526.179726] RIP: 0033:0x45bc99
[ 2526.182928] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2526.188367] sctp: [Deprecated]: syz-executor.4 (pid 14120) Use of int in maxseg socket option.
[ 2526.188367] Use struct sctp_assoc_value instead
[ 2526.201834] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2526.201850] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2526.201859] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2526.201867] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2526.201875] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
09:32:01 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6800000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:01 executing program 2:
r0 = socket$inet6(0xa, 0x10000000080006, 0x9)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000000c0))
r1 = socket$isdn_base(0x22, 0x3, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000040)={&(0x7f0000000000), 0x0, 0x0, 0x0, 0x3, 0x8, 0x480000000000, {0x401, 0x0, 0x7f, 0x100, 0x1, 0x5, 0x8, 0x9, 0x9, 0x6, 0x3, 0x3, 0x2, 0xdb, "783789aafeda26417c0e29999781d7e6eab54b74e66a0fe7ce0de073c6673ab5"}})
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))

09:32:01 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], []]}, 0x934)

[ 2526.201884] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2526.218641] Task in 
[ 2526.258814] /syz5 killed as a result of limit of /syz5
[ 2526.275917] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2526.275917]    program syz-executor.0 not setting count and/or reply_len properly
[ 2526.288755] memory: usage 307184kB, limit 307200kB, failcnt 16141
[ 2526.321003] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2526.330174] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2526.336577] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2526.346746] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2526.350791] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2526.355871] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2526.363218] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2526.371528] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2526.386868] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2526.396109] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2526.405420] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2526.462998] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2526.485141] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2526.485141]    program syz-executor.1 not setting count and/or reply_len properly
[ 2526.493608] Memory cgroup out of memory: Kill process 13779 (syz-executor.5) score 1103 or sacrifice child
[ 2526.511637] Killed process 13779 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2526.523599] oom_reaper: reaped process 13779 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:01 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000040)=0x4)

09:32:01 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100b00", 0x2e}], 0x1}, 0x0)

09:32:01 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000000300))
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:32:01 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:01 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={<r1=>r0})
recvfrom$llc(r1, &(0x7f0000000040)=""/20, 0x14, 0x40000002, &(0x7f0000000080)={0x1a, 0x324, 0x10001, 0x3, 0x9, 0x7ff, @dev={[], 0x1c}}, 0x10)

[ 2526.623852] sctp: [Deprecated]: syz-executor.4 (pid 14361) Use of int in maxseg socket option.
[ 2526.623852] Use struct sctp_assoc_value instead
[ 2526.638920] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2526.638920]    program syz-executor.0 not setting count and/or reply_len properly
09:32:01 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x2be)

[ 2526.681915] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:01 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], [], [], [], [], [], []]}, 0x934)

[ 2526.753803] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2526.774054] CPU: 1 PID: 14453 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2526.781115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2526.790473] Call Trace:
[ 2526.793076]  dump_stack+0x172/0x1f0
[ 2526.796726]  dump_header+0x15e/0x929
[ 2526.800454]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2526.805575]  ? ___ratelimit+0x60/0x595
[ 2526.809585]  ? do_raw_spin_unlock+0x57/0x270
[ 2526.814123]  oom_kill_process.cold+0x10/0x6ef
[ 2526.818634]  ? task_will_free_mem+0x139/0x6e0
[ 2526.823155]  ? find_held_lock+0x35/0x130
[ 2526.827251]  out_of_memory+0x936/0x12d0
[ 2526.831237]  ? lock_downgrade+0x810/0x810
[ 2526.835400]  ? oom_killer_disable+0x280/0x280
[ 2526.839905]  ? find_held_lock+0x35/0x130
[ 2526.843988]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2526.848841]  ? memcg_event_wake+0x230/0x230
[ 2526.853173]  ? do_raw_spin_unlock+0x57/0x270
[ 2526.857596]  ? _raw_spin_unlock+0x2d/0x50
[ 2526.861754]  try_charge+0x1028/0x15b0
[ 2526.865562]  ? find_held_lock+0x35/0x130
[ 2526.869638]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2526.874494]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2526.879351]  ? find_held_lock+0x35/0x130
[ 2526.879369]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2526.879393]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2526.888267]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2526.888288]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2526.888307]  memcg_kmem_charge+0x136/0x300
[ 2526.902722]  __alloc_pages_nodemask+0x3c6/0x760
[ 2526.902741]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2526.902760]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2526.921299]  ? trace_hardirqs_on+0x67/0x220
[ 2526.925629]  ? kasan_check_read+0x11/0x20
[ 2526.929788]  copy_process.part.0+0x3e0/0x7a30
[ 2526.929806]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2526.929823]  ? delayacct_end+0x5c/0x100
[ 2526.939401]  ? __delayacct_freepages_end+0xe0/0x140
[ 2526.939420]  ? __lock_acquire+0x6eb/0x48f0
[ 2526.939444]  ? __cleanup_sighand+0x70/0x70
[ 2526.956867]  ? mark_held_locks+0x100/0x100
[ 2526.961127]  _do_fork+0x257/0xfd0
[ 2526.964587]  ? fork_idle+0x1d0/0x1d0
[ 2526.964610]  ? blkcg_print_stat+0xb90/0xb90
[ 2526.964626]  ? kasan_check_read+0x11/0x20
[ 2526.964645]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2526.973330]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2526.973345]  ? do_syscall_64+0x26/0x620
[ 2526.973359]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2526.973375]  ? do_syscall_64+0x26/0x620
[ 2527.000282]  __x64_sys_clone+0xbf/0x150
[ 2527.004275]  do_syscall_64+0xfd/0x620
[ 2527.008090]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2527.013299] RIP: 0033:0x45bc99
[ 2527.016491] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2527.035403] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2527.043216] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
09:32:02 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200000, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000b80)={0x8, 0x8204, 0x7fffffff, 0x8000, <r1=>0x0}, &(0x7f0000002b80)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000002d00)={r1, 0x6, 0x8}, 0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000280)={<r2=>0x0, @in6={{0xa, 0x4e22, 0x6, @ipv4={[], [], @local}, 0x2}}, [0xfb76, 0x1, 0x100000000, 0x7fff, 0x2, 0x3, 0x1, 0x0, 0x7, 0x401, 0x3, 0x5e0, 0x3, 0x3, 0x8001]}, &(0x7f0000000380)=0x100)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000800)={<r3=>0x0}, &(0x7f0000000840)=0x8)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000880)={<r4=>0x0, 0x2, 0x3, 0x607, 0x672a0fa5, 0xce9, 0x1, 0x7f, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x8}}, 0x1f, 0x2, 0x2, 0x9, 0xff}}, &(0x7f0000000940)=0xb0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000980)={<r5=>0x0, 0x9, 0xffffffffffffffff}, &(0x7f00000009c0)=0x8)
sendmmsg$inet_sctp(r0, &(0x7f0000002bc0)=[{&(0x7f0000000040)=@in={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000080)="2966ffe8138be7e1d36967e08dfa95e5fb55e250ccc1cf6826e2f5b1d8ee1aeab321479bfc49d84740b7cc80daa83d7b2dbc46bc74bb42c4e53e3544cfad048b2e0f0b9051544048ba0c4fa18e4ebf7e48676d5a410dfac51434486ae765312e99cff5e4762fadb20eb634792eb3ddf583396dff8537b0734e250a15b7935198bdf539", 0x83}, {&(0x7f0000000140)="75178d127df46c6a0ea411e304f8ef680dff96029ef7d24b435eb244fd3c0be35097bbb654c0f9f1603e69f79a61512fc85ed1558747c4486c799b5c8897066629a67706de891de98e1caec68dacc3dbfdd104cd411aaa8bb6cb891c043c902eb3e9e9e430dc86c419c6fd8137ef5dd9aa9c5d2e07c1a5f9c3bbd1946bed7ed2d983478ff8c9593d506c5210838e671772a35847c347c8c85ee3471e2312609a6c0379e81df3828193f7cf0aa8086cae160ea0253c5ad3fe15b119aaab28a92c699636fbe358aeaea2bb2d92296535402f1b56304a29", 0xd6}], 0x2, &(0x7f00000003c0)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x2, 0xf4f0, 0x5c8, r2}}], 0x20, 0x4040}, {&(0x7f0000000400)=@in6={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0x2a}, 0x5}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000440)="4a034413b76aa7d7c3c5fcc36418a2c8e1aa2f1701213e6afc52f2730a048a2d0b1e261f0b0d76f6738073bbc1ea17980aaae6254e21cdaa06d7a737e76459f13ac89eac1289a5e3b76f80f01dbe3ea0e5e51f5f81fd32cb222d7a3df11d220384bd11d724eab7d47a2a01c4f45eedb53924ae5812ae1f796b25909081c4f6b5c613db32622d0ad54eb62354c605d36df98af6655347", 0x96}, {&(0x7f0000000500)="7eca61f2fd343e9f4eaf43fdc2c245d51aeeb12db327e57e2e86437c608a8e102fbefca9f7e78b9f4d0ccaf2533be880177964a11fa5f1b4d121c23579c567bdcfe8050f0d5b7d9c7446533c406d62d2e1e32916654381746129e5a6a9c154896be6433aa04ba7141b4b663cb1be6cd903e312b2c455aaecd24b085c24e343344b5d02298dbf1acfbf344c008f3eec3189ffb64f07d58ffb4c38d1aac2d8001378bc03ea74d4007d3b866cea67e8cb2b3d", 0xb1}, {&(0x7f00000005c0)="9101b620418944a6d5457678235cffc2", 0x10}, {&(0x7f0000000600)="30ddaf799cd16a84dba5bce25463c07a4a4705d9a082cdfff29d3d625e6062679d561730daa5a6ee84132efd3e97d297da026eae3177de247ffadfcd80309b0a68dde2a514f503b0a3dbe300a222198a6ee9770414d7e70bf5cc4d7e37bc0a55e1fe521a7842a96883a467aaab1d062ee5f707fc599ae5ab4f5f223b7329daf9a34a7764b919", 0x86}, {&(0x7f00000006c0)="cd6da5f192a0598b51234a9839ad1af642019c8be6b02a9dd17858409ceafb2d0ee53178b788643ab15bc2aba2f867e6b86c524454531bb6f674733506ec797ba784f5461917b56db5916615507e1ad86b3757fa3a7998c10ea79f344c0646a94bcf0bb7d5d39b8be986d7eced4a514decc1c2fbe9284bba645541ae4ead083c74e7c11865bf23315ff5b09bda3c66d7ce19c6e6df91cb99706610e61679417f66", 0xa1}], 0x5, &(0x7f0000000a00)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x1, 0xffffffffffff70c8, 0x200, r3}}, @init={0x18, 0x84, 0x0, {0x1, 0x3, 0x0, 0x4}}, @sndrcv={0x30, 0x84, 0x1, {0x17, 0x8001, 0x8000, 0x800, 0xffffffffffffff8d, 0xa948, 0x2, 0x9, r4}}, @sndrcv={0x30, 0x84, 0x1, {0xd5be, 0x32f, 0x8, 0x8, 0x2, 0x9, 0x3, 0xffff, r5}}], 0x98, 0x4000084}, {&(0x7f0000000ac0)=@in6={0xa, 0x4e21, 0x2, @remote, 0x528}, 0x1c, &(0x7f0000000fc0)=[{&(0x7f0000000b00)="4dd2b9f0ffadf4ce45015e9f02d8350cca9cca9a016d38dd3f6fe54d59611ebbcb9eff7459efa33e8c109a91c0320a6f864028bc1173804038add0b06e5ae00888ee2e4240341adc5100b1663fc4c0afeecfa9996dd181bcb13f2a203fa9f8f466744f83632beb5b08ad2dab3e8d376233ae9f9295b6ac2f8e281eb942", 0x7d}, {&(0x7f0000000b80)}, {&(0x7f0000000bc0)="a19a90384ce3e952633d72c407320f77b6099f26a3fb23044efea106559da893fd5820356d6859bf724334ea32f1cd9f98c008c13466b6981199fb66811240dcc18242c8da6c4a0b9279a3b8510a0d89d78fbd2b668dee4473ccc146bef39fd9272d7fa24754309bbf70765dd906c1d88847211846bc02602e6fdc53188cc068ac4d2b44cfae090da32a6ba404858947a0b11713b4f17661534f9db37172a26be360e74dc9a9d8e04c5e407897fc4b045873a6659dab9d9417f813da5a1d4b6b73d1730b084d97277f31a6313b9e1bef183fccf3eb5d4189ed", 0xd9}, {&(0x7f0000000cc0)="81d4cceec16e8a96a759", 0xa}, {&(0x7f0000000d00)="bc2d75a3559d6bdfc53f515d9f823d85100725f477c1c3d47a03577ffcd0e948226c38562ff54d8d8bdbd7cf216783022ee9b0efd4e87ba615acc5f7e4a35e996f0afc84d8d38d882ba8d3019cc17dd467fcff152d1bb8aa27e968055c18fd145fafe2f1fb919ff9cff42b0ee25823c43d669e25fa5372376a925fc219b7a24d417445f80fef5b6e75eabd5e364e1b8f0db96cfe69b8516791f224952e72d9b0f2f887ae3ce0f1671fd47bd8e4cc0f7a558ffc36e6d824beb2ffef9442d4db0d4990767bdf6278ef4c2ea3bc56c1aa235d31ff8f23b6876f9be6c7dc145335847dc64e4dd608d79cce78d6", 0xeb}, {&(0x7f0000000e00)="80e4d588237e0e570beec6349b39ecbce08bc6ffeed51e9f66ef2fa768d6173f47184ddae941425411c5cf697edd6e3a14feb71a77ab34a07dd548fb448f2dcc8158a30374c1455d388ec1a5b728d0d3cec2c6ee999ebf7d82e878976877360ec49d4368fe63f82756f1b31703dcaec96cbb629f5f32c4ccad4e60d319f62e7bd23fe946aa75cbd4333a8908400ff834bc6137026dd03572097bd691", 0x9c}, {&(0x7f0000000ec0)="1e06a0ef48c9e2a1a3ecb38fab5725b8f6c15fc4f7eb5ecb0850127053278a4cc68473ac587a99ee19a274aae8aee723ef5e891d0de1074470b0b37bdd657c828748a8cf8f4e6a1bb889a56eee76f8edf1801b99bb0a0551fc3ece90b42d83de7481a461d1dfda0e3fb525c713488563bf3fab4f7a8ca90856f8bd06d9e88daf4d1030287a7160778983c7d67d7112aff78ba658c671e68c47ad856b34062a7b02510c11917594f7a0134e4853049226544cb3fed53f12dc3475785bb590156959c198a4d1706d6aad3ff1730f3ec271f5fa80cbb80c540164071b310475a25fec4f7cc288", 0xe5}], 0x7, 0x0, 0x0, 0x810}, {&(0x7f0000001040)=@in6={0xa, 0x4e23, 0x7fff, @ipv4={[], [], @empty}, 0x9}, 0x1c, &(0x7f0000002440)=[{&(0x7f0000001080)="42b9b1191f289c881afe43b875abeccda2b62f2b185c63acf3e736cb285cc40c197984b277fcd85883a349dae4228f49752a8d127269d6f6904047b49cefbc33db5ab6a71b46da9f7f3424d58a1c14885e5a7626ff902b4dad4709818dd406b974bea264d0c1b5495bf6b825739de87f1bbb00a6d5fa43ec2c51733a953a4cb072812c14aabdf56d2b628b5b59c09ef550c3f078cff57a39c7d35a1ae8d75756959c13b6486b33101a7db186ced35fdf4c9dcf3de2c71fadb52ea739223b22534d6ae8233cacf7ee7dd14ae4879892a78e0dd19c6f98dce65501b90d485ab4fa4ea91329d684b0e2e3dd74ea06973a34c8", 0xf1}, {&(0x7f0000001180)="e823954681e3496f67f720e3e236a3a82364cd8aa835443efddae485b0c03b9991b79013be29c3e1fbddaa50c6c90c20df305f405abd53f12ec8bbf6d0e527d2124b15cf86fe7589c42bcd0515495ec89c7aaae5eec5fda8eb9e5d8d", 0x5c}, {&(0x7f0000001200)="317eac7c35859e3ac4c4d2e6f72902462ab6aae75106a308684685c064857d0eb4d423e84095227b2bd2cc17816e345e7550bda82b101cb0fc57a21b53f4e231e08f872272efb2aa342be80f0911084c96e7be6c7326b95375b4a4e15da792dae247fc99", 0x64}, {&(0x7f0000001280)="fe55e8a0b23aee8b52f405f50fa410756d52889cc8cb5ca463a5291595849ecbe17a0c0209f31e17909873ed09ee954d8c5f650ecc9b86955698950b8bda5ee52e81fb980cce2c698bc0a53c27276dd630fd6e3c3733c017ac1b04d8f5e2f301f6dde3ce4a51ef5e002d0da1f65384b42343acb4eafe522ad12852e4a502a0470cd0b4b65c93ea58865023ca9f2c", 0x8e}, {&(0x7f0000001340)="6a35e6c8a6702fab1dddfd520c5b6afbe9f3d3909f461967845a1a349734c956b070b19f88ad582e5f861a56db383c6e31c40a92dade093086b0ac7c6be3defd5f4e62158cacfc47d0de26b4396b57d04cec13d6f7adaa8a4d266a27a2a7148735503f706d63872f4c26130c19ba2f3ae14abb5d561b49f6aba3fc46f4aca7b472f2d01fcef6ef3127ee48e23cf584af038dd54d3a4d88b80e621f83c1e62a273b3aabf859b60f90608eee26d1c1f0687536bd6462379a4c9f04c81ca5570f6cfd545b78586bfba76d87c4e9dd56150f53399090859ea83ae8c8fbc773b33ee57e767675d85fc1fa70c5e9874c543dc26c9e61ae38a86554a8ac02c788df14311367eeeb250b5bb56f74b910210fe00d296255c9abdd14d7ce82aa88fa41a0a9f8c3d758416082b3f93bea2ef3c0f7aa518e1a026552b9790d8fe65ab1998c2e9df9800163bf06db43d2c67c026a5967c18a1b672ad60ac4e34a880ba3fe6900bbeb49a13e4612dc08f9a3a0ac40e2d94c0737379a70aab1e5f60e6513bdc29881670b20e3d42afecace8b3cdb1627d2873e0a518d03546482e59773f258a58107a5a828421d7f69489685927373915e522349b4096203a5771efa614d8a15661d19181a0cf4127c939b9d7e0c345565549d079667e4bdefac629769fa52c46798f0015cec29014e64fe5e80663e94b8f280806994efef596e5dcfd71c9ae19d277a6afd35cefffee9b438dc256d0e952cab74bd178f961c5aab9be17ef740de7c65998989c38a30dca7778c7cfb377e8cc70d29489f61afc19a323db3a7e43b57067819549023e2cbf234e9faf8a55ce3535614ecbb4656ff0d72f313a02cc49da753c2d8598128a1e19d94670efa52f48f7be9e758ad9636232e3ad575979349fea6bfe5f39e0938004de99d502cf45d8bf9e5feec04b0af774af720ba148720e95497fe894a2442a899d1df4a28f26d1b7ba0d6eca7cc8fb3bd283987fbc6af9294b71790914fcb8b2b141c7dc5f6b0d9776e3555ebbd208fe1922bb3e8c85824bdd58c5616e5def444d35e7f01c7f46d3d3ca975e10fb183821f679065cff29e78da1fa37f4fe75c84a0990d0356d3e5dfcd35d01a9e02b2d1dd3334da0bea8824cd28123603a31f957937930793170cf51e2732fd72f8d86fea40bae1b5f5023de588099ad175aa227e92f16a51d9b9b4b1c1b9e4cc8fcdb9bdc90f2ab9c3d23e7b1f4870b6cab91e9302f4ae5526f271ff9fec3150aa4c6997d508b7f215cce7bc4a6a0ca7d2215121fbcc20e92163000c119f6dac991e5aff832a7ec9eedd8c5da504c8478375f44d617a22d5113c517e6d084d2e6fcab43dcf494be4ddb7bcbae6e8c9b0c532536a691c6047cee6c92f27c1427746daf03ed2df16465ebcf95a426054b58cacccbda95386700762764ad9e1ba98ca7668372b0400096c9d967f5928de2aa63715f592f9efb8f33b52813c2349f76ee2bed12aae732070eb00ebc1474cae3aa031dd1189992fa8f11e8bb1e602e2663a8890ccfbfaa0831869e247288161715658d529d572d336756cd1d57863082e44823f19738e91cb44b6ea7fc1b7ce80c7aade2bd7a457653790560bb564cb62669b9c8a43d22abbbf7bfbc2291d0df721d9e5920d8643ba23f6305cab19cd42045f05c9df0878ef9a7d549c3581389fcd0755f82886621c44f17818ec5bc755f56807ee8d3ebf7d65fe2ad8ef31ef100c5e1b4bca9b3f7358a1a313947f00d3f46c28e000afa94575a6ae22c6cb7a7793c48e8efed373d158a1f8474710032dd7a3ed78bddaa75a5bf974d42306fc416447488154f66d24e83e6c6c01f56ddd645f4f7c8ec09e4a88f26a12ce72148299f7db4fefa523fae85a3641ac056d3d1b325c90fa51f15365c7abe1c7cce1d7ab0ee70fcec2ef0dc1541257293833e5f375c0668fa56472ae4f8b7555c84a65b2e41b4c1cca6177ab11ebba9a5fba8051a4dd1305e28edf8905b86841b907eaf8dfd22f92d6e937b1dea32ec09c15e6660c1a9f74c37b46f7097e39f67c8f786483f2f63331e131a44b3f0d80021006588ad06422e24a355bc011c089a2258173896bfc9de365b2ef649e170a3fdb3c79a3342302bdb10c5b15eb0d203c5122251668f501ead00d4681b84d8f736499d29347b80dc7c1515eb546fd0f8f9479212505679a92ece3abda677d225275c6f5a11791cc38d425e0a3255536b2ba9f31cfc96cddd68e8513b81a2c5546b8ee72d8c9ba653603e0f3439d96956291190ad9dbaf176a5953cab0a08c9b5f97573fe239ec0fd72f8da440ae3b3553df6bfbe808b95547999fc5308bafbe4c372d23840fc9bf3c3a4d7797d3330648995ab12fb566ac348b80fe14b69f6b2320427388acce2a325a01a19325cbb0210e6c3e3c36ef1148f9f0b2c9def79dfeabd4faa39c6585c5fc25e88ecb00c54e82d7b037b5a809794782c5b2cbc62454048b1c1013afcec89e252eea26c8341837fd165f3642aa4677d4028b719727ee7e56822bdf48fe79d96b8b9a1deecec81232a0288b703e6fe40643d7cd3258d7e48ae2291393a6590f51e1d5b356ae1262822511ede12d0cac2cc684b7b9d43785af0c5aafc91b871c032bc2dae0f8cfbd4cb20066c88ed9085b81ec8ae4a7989069bdf751988abec4b44d3e85c49398a0fb9f88648de27dfb18cb10adaf30a23043cb4b659779f49122922f435a21d3cfd125fed4ff6ee33623a8add87f397386b58d0ebfb0b89e88f047a9f67e6b4cfacb505a987a911a401b56b3ea4f04e30701e1ffa2c59476baa8403e3f33bfe7635eb916efb82fe73da836d348665f80cfd47b8e4abb8a9759d0877e1a0c802c3ffc6bef40a585b8004f03d119e66449fe9d0a30ffab06258c6edd81c56713b766e2da74211379dfaa7db7caa89ef0decf6bbc718cae5288a540c6549857d57e5858134e25b1770b0cfeb680edbd968a4fdc265a34ef9ede180742b292d7f52659abc57550b1b3ec956284e30f6a545c6890e0fab9738f502a6610c8ea9a733b12b28ec25fec2b76a1708eb4bba817085e969db61931c6b6a3dcbcf066e361eb42621294b7436d087aa5daac5c98a0dac242a9eeb93a3572c32a6645436ee2cb8d918e68bed71a11f152a1e83692de02a43aae8a46a852c1a7e45b04ef1fa2e34e03eaeab8f80d2d167fd9ccedfe80f71587e3c8dfaef56a34b53f09074faef9da800331f4f7ef161857e53d1d8630a06fb38517bd6bd7dfbaa1e2299dc90873b63dd9401f11f300163f38bc786266bf8b618577daa6d97604920b82ca6eed72b680a3721a9528990a6af2911bbcacd909746927fdf47a15303ae9dc4821d5cd87653b5d9cdf3616b31a93b349bac5737ddcd6a5bd4e2a8d5720fca2d1de33668f09b86b6af7e374566d3ddefa427158c6f4dca25605463bc88346410b6aba798b84a78a98473d72e3696073aa3a1be79a4fbcc25dd2ca890ba568b58d55685e2675420fb648133dcd4417f129ea0773344a89e0014895dfc63f9027adc92a7efe43c3121729264dda73f509b41fc1d327194e508132ed9f4fa8af1d260fd150c83a86b7c84e922c8ddc62188940c335ae678ec3e1ad9578075f00dcbc88d22a6cbf0e1d924f8517fb1055cd78a1ad1074973c7c05b487ada8567d77f0384aca1d447775300a8e171e3b6654e92aeebc47320eed2da52d816a92e80d9d9be9ecd67563a9cd82ac7a65340b02c3ad6bd46a92953a08a205c285909b581a5d712b565850f8b8362dd50b0eeaa441c1bd03d24c7b451abc8088b41cc1d536cfc0c9b1d9420154cd11523a7e0333ffa1f40955b1dedc7a37255579251bf24aa06174935fc40c7311bf60eb90897720e1b2d0ee066ffb8346983ea4de0c018b9d261925c30de8cc2dbf375055f34ccfc4d288159cfadc43dde0c92996645bec150b043539ae0693ef3a67442a550bb5c6e99492712940f1fdc05557f422a6866c0b50c63dd04c9afcbf87caa848376e9a8b76651a4955c6e4102dfc571544ec1b85fb135f82f57512e29d2c82226a75702f6051000d57232574c3cc5e446da39823c83d4a6303e51dbb45d850cf0693cd3c589f5b8c2114a562661c485da8cccc20211144d2b54cfba21c01bd4c14bb811cfc8ddccf2a9f92ac32681791b5122e34738375be95da42568bf3a6addc92e2a9ca3e1a003ff6cee3428c245b4b54d46e7c6f910f7abbb04dd9700dd964ac1014de516a04815a9e9f1680e8335b56534841daa772d9f367baeeabe1bd0743fcf5ec0d016563ee126887ba9697ffb6893e5d0dbc2792248150c4328a0a0f9507fda553f1fc0cd85e78460dacdfe3611e251009d581e088053b8e996ee54b918ddf3f9a4f1dd2952fdb85c65bcff60098198aba282d617eec32eba1f160c964adeead1562af042862b23246dba0497947c0f89bd8b8d5a5b552029f2f76ceae66cdd130cc0d44b17a96c2a5d92c8c8e66f8a918ad791e719abc5d777115d64a79dd95b94dc1d869d3a84b727f343c4d054b3a410451ff342da9cb6dce6b7adf00eb7ba59263ec3a07c4c01ddcb44b787cce7f3fa2c3cec2a248497698261ff9bfa9d90e04cc171dc173d2690c65f3c11d3c6a36a162bdb88873ab256b8d741c14571a8d55ec8d9673f06f0a6db7f3d704c5a7c64f03b9310065a205bec996a0ab93930feb99a2c94ad7caea4e7c54aff67c910418fe6f1e97be64d79624ffc513ee131779d104272043e06ca66f70e9b8a60502a738eaff54662bdabaa89ebbd2212e26b405713f5fb55c81064c4cdf6fb224e6c46842f363caf65c9ce7560f63db5369c418aad3650ba9f6c2d6fc3bb9b6940f0119a8417001616bee109b261adc5ec362023f0282c7b9b48cb601f1d075f0f43b4336eb4c71d5ce95eaaaad7d669c3b4e5b7525a9f07629b23c0e1203c928c60996480af54d9c10ede24719b5d46ddbccc4d87324096492d441f3eb19e0ba1ee0ba1813c0dd758fb6212175de1ac94706cc025064badbc2b620a0a35187db904cebc6d0ecfee316b84a4ad581cf04c1c78ff9881442f2c661091e6b0f2702251f665552172347d7c3b22865c4d5cdfb099a580dbdae3e4c0af17b530e54c9bb8953c46ce10eefc229aeb36ddfa4b307680b26fd67db21c272b95f28f9302eeb4d4629f38f24e8e68b15e254dd140515e2d041a06ba9d7a33b8048743473e528eaa5a0af0ff3a518dc0d67891af951e42dd3aed71cf6c8bc3ae411343fa49687f1c3812b356d69aa14551bafe07d8b53a3406b999d7eb8b16edf64f16e750175f323012b78ac90a59f81ea75e0d4faf5d34e47c2a0b7f2763d7970ad125eed1b54eb3572308281d6a7aa8c6cc8ae9908dfb923ecbc0b50f4c4f36e27c0185bce9806012ff92f27aa2e3100a18ecd2d6df33925ce94ac1bbfca03c3c6a4010fa68595519cd05eb98aed8003de14e93607f1368416c6e98d543cb77446a12f0b6f5ec752e08168d3a9da7e0e8faa28e21fa717e9385c50185c791d86b832866b030b223c27620ae1df8c08590abc8d401a84ef1074ca590e3662e0c5d9d16e191e1352eed95ed0806ec83b465c63488a5ff9efccc1f2ef604b884df71f3020fcf91c17d2023e48d18265d9a0e4556dca4a8d6302e0e091ef6ff761348a6104644fbbe533ce6394da5598c4eec7cdc1dfc58d9df6663622a3527b9cbca42c74e3fb0e7b8fb8c40122e087d99f8b8a71224f1d93edb83ae9370d8da99c5de1b9a2d54b16a46f5d91dae5df6ea1ec8d5d53aa290e2bab206f59da", 0x1000}, {&(0x7f0000002340)="036ab79337043b431b1b31bd08a1121d789b12dcdb6a5d0876a635f08ecce16b1cbfce0817c1094a44f33c7943755e2c52606a76123c6017b79b5c2b8aca7a22601785b8", 0x44}, {&(0x7f00000023c0)="e7d5373f66d1a6c3f307883747329304aa506954d142e9aa736932bfb25f81d94227971130d1e98a4589ae9f6923b86c60ac889d1d8b5f448f54b02c0314b2be5cadcfe1b18afa3cbad6c4e427640443143ade5f0a433bc402991484581891b7569204c8777a85d9b6119f671a47", 0x6e}], 0x7, &(0x7f00000024c0)=[@prinfo={0x18, 0x84, 0x5, {0x0, 0xfb}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x92}}, @init={0x18, 0x84, 0x0, {0x0, 0x4, 0xa37, 0x1}}], 0x48, 0x1}, {&(0x7f0000002540)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000002b00)=[{&(0x7f0000002580)="0f618ed247cd2a39a457b015f95bd1b225d764ac67854bfee4d30ea7fb8212bf2fd6882e30c6a0d038f8270c9838584d34cb59d7e7d0e5f5064f43303d37e485ec6bbc380e183d9010e7c30659bcca1bb12d45f3ac67303d7b8253ff31d4698a", 0x60}, {&(0x7f0000002600)="ddccc7e4a17bae23dfbfc2ec88885269c6a49605f0091124666d885dd0e7b8ba0fc8ea0a4de1155c46f70a6ed3397d934bab2b9bf6b8fee83e2ba780f4ec5c2fe83287406a7745bf3f964b95cfbf27559fdd08a22b20ec12ffd95b4ab38880b9852e9a0dd6e56ff9a900521b3d9b6cc412e3ba37ef3ff5bb27c3cc570256f79a777528a1bf92f57f0e2337657c624cfa6c8577157f9fb3", 0x97}, {&(0x7f00000026c0)="ad9833bb803fbcc92b498512d5c86bdb0db30a2dd1405460e5c49170c6fa0390951775de9abb60bae31504c2e6f6ee2ed4219d4aa0f8d84bc4b4580b222f359941d5b52fee6d2e22fd74555398292910acd8d0124abe66621c43e8b080409dec9601cd8668c07cf7e7ab4b58ad3f5ca043f1e225aae573482ad05a47b09eb1aba02e0948575a8088ade049", 0x8b}, {&(0x7f0000002780)="67dbcbb5b031512ecc4b2801c1e83d40e611712ccfeabf36c2561913712ef765b9e5ee9b877c24a3627b373191d4cb16022841bffe027edab420b74ac9c2321de4e863a1d46127eadc3d9afab95f828c840944e16feec870d9c5a116e5bf21a64522ff862dc73b1ffe7bb93ddb9ef200c249e83afe91e7a412fd3ccea884682b8f986464aad2239b87db", 0x8a}, {&(0x7f0000002840)="fd4d0ddf40bc45d744e1bb0bbf8e32caec4c017a6373bcee135cf3cc2e7737c1b24fa554b3c7e1ffcd6b980cebea83d77dafb57b98429b52909cfbb344d9acb54369db72ee530ce832a01c06348d56e83f619539f9be4926a5eb15280143e6901f66543bdeb30321b8aed81639e8fb08536fbd37ea03ee63d4a12e42506ea3e7982776c89fbf50a21bed8a3de488b912a8ab449aa3db8cddfc2fb3e22986578ff381f7968e4e793390140170295fd9ad40f7aad5c515ca47516b457e4a25a754dae6988a6d4534888c1c36b2c748e8dccfbbc9848f77181bed81131c046198cee3a85fd1eda2f373", 0xe8}, {&(0x7f0000002940)="5186bc23b4205d31970edfb7f926e686821b9f68ee94976704ebe317ec2a8ca9c921e9", 0x23}, {&(0x7f0000002980)="f6f60e315cfae14409f49fc5f67e71bfa773c446bb7612e6add368f5cf37c9b7325ec98b1843444bc7d81e84016a228b92c34129307557d3d059c5df8e5fbe8b0cd4b67fa25d3ab973f47debf91fc6ae3a6526cf113328c0", 0x58}, {&(0x7f0000002a00)="0b1747a8771555830fff514dc1b18624daee40062a83a45679bfb91e5242d05140c5c3f67fc2508674779063ecda54ed5a28716a93e9493131a4a81346bdacabcad5d2b03c33de97d980319fdd75874a9bfaba215edfa85576f31e129facebcd2b2b6e8b99654e745622f566dabbe982dbc90ad0190fa2daf5bb4603da2343693618d2c6c6496144c0882a70972d5a9e89b84df88037605ad8cdddb977009ba73965692a21b17b4f688cb779141469e6641ca3fc19e57bff5313cce8a9b4e2b940dbdb3e9366ed96c3cde93d4d05ac4f", 0xd0}], 0x8, &(0x7f0000002b80), 0x0, 0xc000}], 0x5, 0x81)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000002e80)={r0, &(0x7f0000002d40)="e0fe3c9814114abb4ef5142bec7b075f5b353fd9815fc20409e0897bb010b1cb282342ef7aca4efe5be5adeeb066f116916ebc4bdda1e94db68bc13296020e901b1692596457f2b4ceee3c3ccf1207b20f2ded34a7c4115365f9cd0a94dbb27c5ea945b5829943328e056df08da7c548bddff09339bcba85999e84fe62658def2a0c256fa3152e24bc7ee5cce1ba4411ba3ce9959d1444954ac7302f4cf872b7e3690a766b2eb96abdd1e71ad8a9bfe6f237da38b740", &(0x7f0000002e00)=""/113}, 0x18)

09:32:02 executing program 3:
prctl$PR_SET_DUMPABLE(0x4, 0x2)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:02 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2527.050617] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2527.057888] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2527.065168] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2527.072438] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2527.107699] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2527.107699]    program syz-executor.0 not setting count and/or reply_len properly
[ 2527.127933] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2527.136720] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2527.142033] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
09:32:02 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000040)=0x4)

[ 2527.150986] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2527.159907] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2527.168855] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2527.177791] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2527.180920] Task in 
[ 2527.186700] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2527.186719] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
09:32:02 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x101200, 0x1)
write$FUSE_IOCTL(r0, &(0x7f0000000080)={0x20, 0x0, 0x3, {0x1f, 0x4, 0x7fffffff, 0x89c3}}, 0x20)
socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/mls\x00', 0x0, 0x0)
fcntl$addseals(r1, 0x409, 0xa)
pwrite64(r1, &(0x7f0000000100)="37bb1935f886cb829a77bfeb314ff25322a38baf4a2cf1c53659dd076c147ebc9c2b639bd4da66b0739d2d9134728f521383a934841f2f02ffc591ca0395a165c40bb0eba85254f67cff6e9cc58fdbea5e95e001df39cf43c33de3f82655b970c4d999300de33a7eb983c36d988083198eb6b5db108aaa103b6d53a9602e930c8a03efff7ecda3f9391d128259bd5fc6bd6f09dcad2707ffec9f70094837f8636328d8a08f0fe0ea583e6702934827d06422363e575aac5bdfee62ef0242239af6378e1a3d0a9c95c32641b5cf01fb313e5650738fc9551e86c822eaa01c37c86d4deceb9fa83e56f455c74720fe97bb3963623bc068d4941c680c0874d5c8b54856e65271499f651ae7b89fff49857a5cd9d78fb3ad92e847a68a6ea0fae87d5369283eddc474339d3051fa71745f6fbbbae5bd5946e9c47632530e90710aa4645d3ef82a994b1c7d0725ecff436f22c5870fb9cb31ce04072dcb97bf077e56b5ad943ce68d287fa9b5547467e2a09712ae2650bcce16d081c714de832bdae870816a83c94dc67922431f62d64e623bd09b5754f94cd838d5ec99702c9f73e16001a197e21b1794a7b2e72de938ca321f1ead713f130e4350e62e920fb9b8cae69347f2bd3d278e1524ff1c2cebd7c0af3acdd9e26d39e88d35dd241fda78665ff8c00d4477e32ec846af14227b55ee09e0835d43d2b3843dc088b5962385007a771f16aeb5de98d55aeefec38213862f4e2a0a8aea69c88de93bba471dbbf2211a85e7a3f7571d77cb5910e29b7ff71c3a5c815b010df43f2d5ca7df6796eea607a077379cb96345c784cc30b9de19104877520bfe3cd6c8841b59feb425a6dedebc084096b4697cc719fce6b15ba0f9405cde68d8525fd887bcc089e59f3cc27549fb2a227e8a6eae594850127ded6b1ab5efa2f94fc63fb40d23f878b327468187ffa74d43543744885eff0789d277400281d1b25edad18aab0d83a3a98f0bb94eba557991c7c71353c61393d246819b6e577d684d62fb68cd5f4ac0f762c39e3a4ca6856773059fb837e27ea036d568d46d354b77d0cd384ff74b1adeb816e181126c24bc0cc3a4c31cfdbdf4ea22b0b577715b10be86384af140e61c0abebe69671426802cefcf9e0bbb424ef948718e15b0f915dee69ab6f92d1963ed450826fc299957024907757da67723cf51094360df0c30d6cb51d0f8a1f86e276ff79be99cab6456be80241ba2832e817fb66e70b5d27ffc0f0636baf7cf2faf09217e3aa2dd0bf08f2a812e35e9555bf6a733a34214e6f4bcc1bdeab95bb7e14ba913e088ee15cccd64a10d66679b79ae553b523175524b8202db47667d5d3e7f0b7ce90ef931089025ff12f0233abb3d320a0a896c4a128fdbf2d7f2ee7b43c7eb1e38a544e170a51bcba3aeadfbc8fe1af333997ebd3c5f9e10e4d7566000377700b7894ce01e83b466392f164cfed6c453c0267a670cf2f137d2d5b588db7d69a373b498ea26e2865476dc17a6cc448b974bd44e0f0e62cdf4bde534a9aef2097fd38c9427de2595aed87482086dcdc86569cedc1e94c3d1bc0ba12b779d46711ff215bea40630ba50937ab57e9e75990126d40574f240fa3a6b385e764f9b059d11670df0f7c76816185576c74be966a3d93cb0d14b1decd16196cbd7fb62971f6a3ffc782bbc418eeda39874c72ac2fc1edfc5c4dd50e8bd9fc18c0d7a576b5d7be9e5dece129bffc2f9c11e577edceae5c160580a8f4ce589f89060fd30872d342d07f6b8c1e82442e970dce75e7ddac131f40a2125b33fc31c61d4414985199a80ddd2f580e8fd0fec6028d74139f8d169e827b1a92ec2e9dcd8a557b8257ea93ab8422f2046b84a65a8fc0976ecc121db01fbe58eafe59f36d47a696b7ed83dd13bc214ae1a04d73c866a7f16c777b41e0365f417758cfaf3533b1f4e4fdbd28d8be8e13986eebac895159a4efce8904d267d2a3e7bab917997bf3c5cde00164c543263c2df05f6ae8758bfc12a1a4e0a7decd6917e624432b9630c540f63cc7393b31a52936a78d8ba9b2905a5f7ff7670d2447d8c392fe512bfe3bec6ac99ca431b825d74036023f00d8d30c5db124e69e1edd44855f69129702878fd178cc2cc50e834107b1b734deb56a4642b6f4913fcb37a7ed2de9ea1522791715d63af46c0d885c6c0a62ab7da839785d74b0fd32855f75c30638c4a9fa8e3be2206cb9bf0b7d7a941b30d1694e38ac230081585cbd10b121daa38e1ecc3f595246665bd72a1015953934d329c78845eb171bb8f7821b3beffdc2d9c87a1f7177e0001fe21e8a97daebc11405212e3a210014df598dbd37058c46f51709304f2709c29384c5fb093f288a9206403c8f429d4655c639430b79deb2a57364ac840fda6e3325c116c4057d7c73b2631d4b97932a8912876ec0f9e0ba34f58e29a24970dbd1b7603fecd20b4e564b1347dbfec809f3e365b7c97e03cbe9a40a992ced743203e60a956eb61ab6c58755a8f1bd7533d93186ed5067112e64a494dedc4ce6a6cc13fb9f4086b767613687cea8d903c28732411c143668232373132eef501c131eea13bf1f71e2924aba11d84cea3e36724a58004bd3239436d13c56bb7f75d100b3e8dba2f55071a14c84a40cf56565b70de9854401d70f52274e6fd9ef8324f8e84f80ab1cdeb3c5674c8dbf0e8e7e829b0ca176b678a95b7980b37624b4aba8f25b9228bbbbe6c6c5ae77fc5144b9e241edb0f9632295d238acf82a131fb10277111ae358ed97195d64d113ff51caa48267387f83b4a2b025a7580af8c06be917361fcdac967a1b9e9a6df83b5e5333b45b57eaa5e994ca4a10e137dd539d5d1a1f83b828e8ec4175a01d3ad1ce2c10c15f227b9309464d065c969f2e84ae7f0ae6a013f7f49cc82734ef3e5c345db3e05bd462e38518835f7264296275a8043f68186c5a38a723fc562f8ca08502a13dc768346edb05395d31a1b9c5a65b0b70cda9080d8a5862ec4b829962741710cbfb80b8d0df4a86c3c59bc9e32069d1c48645e15e64727d0a50c6cd4e9080577e37c553a145a36dbfe5887fef7b383d9e18873591e75a1299b22ce686a60d0866130cc3f35f39f592f4f7da32c790911c51f35632a7f5bf99b0e2d3413ed8a884924cfae11bc76f937ce648f40f61bcb31cff135b54c8a7e153d1790b1d9fc566d46d2559f39b8124ced994f20de1d809bf648703307bab0a869023d523b953865d2b0d86db9e5fa612242d05400141d1d81337e90f7cf8b013983e32491dc0f669a79a04b229924640e738bf281605241048a66e31db6396a74e62e17c699b69f721966016224b2e85730d00d288f8bbc3262e5f25909c8ef6236f2ef97f9c825e2e10293bff0d07cb27cf8019303b0c6b4c17703840711e926e74dda5b7ac12d09a7c597197f590393016d961af6a7b2d47373633905d7f982262ae25ed72959e645a69261e3b5ef06dac6c57a6c0e131b602147500868a4701fd3f987e9e7a91a6052d320a2cfe098ac2666627c0e8153d69d9a4e12eac212be4c772820cb96493b59c04b0423894da062db6c6921108fd18d140ca513facbb3ad9bbe033c5baa8d7b99902a44802b0b34386362064a14073eb2df4ebc47726237ecfe493b90a47a6ec9bcfa290082e90feae3234f7063754307ecdc83cb4392297026bca607c0afe90030c257487df2bc68ed973bafdbf4a7f5c6797fb4bb054db3cf34a47ee4ec927957296e9159551e3dd688a8332622604c5f41641e70973f3edcd2096e0ce2f9c98cb9fe372cbd0ea85b9f7042b4ce4b4f0a5844bbfb5d0abdc02dd21e361b6024b7ced9f1151f81909315e403ea671d4c1990a76e189d010736872cc71fa86e15f0bd44c1610f52da97a3324c0830479afbf047db4c6d962e6cd95f8bd68deaf8d02a10434911b500fa02015309a259ce62759f4557b50ac3abf2ca52dccf0781b365d563776fe027a4cfc95b900eb7fbf58ac652ad5f1e21c2ecab2b19c219fa28d9858aab02a22e07c97a0a82da30bb543a106717139be9e639909643b9147cc0ff28706593b2078ea6579d5031e2f1bae06bc14aba44f7fd26fd0d5fb36260dac1dba1f68c594dc7ec5226b1637d8a49e22ba8153c7aaf19e6ef43adc66d83e584a57392fb8ac19e2f130df973c6177fc524731e5bd5d541113ee25c1ad0ae74bd419cebcc6b324c4cea05801b0dba2e7fbd3c27070f198a5c3ac7e5edfadc3ce90c5aea119f950ae74de08897abf21d01a76ba9aee9ad5458d13bf3cdc8601a54f3dbddba03b024148c34ff4af123fda724936974f313d7235ce899b035bbb11764a61f1e7a8430ba05e5b2fd17588a1b0946824b6967118c79e3bce2e1d89dc46a5effd3c5809dd16dfe01b75c670d129b9848f87acb4ed35fc446db9b7bc077c35d077aee0752084a2067d0cd2122d3f9f424132e710bca02022acbcb721cff6096cc7ef3a759037011149e6541af97094e042e785896027df7a0202c398473e3ad9124265dd2695752b8f0ce5a5f684fe905bb6bb07d4536d4bce274f6d9d60ea165dac3c26c7cc11ad7040f9728f371fca2387f3a67f1cacef1139465e49c1117914644e5a1328f61e946395a1da1087cf12a4f7c6713555ac2826037ac1c39d328b756454cc49b850a3f1dd3b95f0fef39e778c3ddf632c2505f6fa8f2d79939b2eb048628bc27464fb6fc4e4b59857d432125b10c5c81248e21130715cfdd6b55d525000b43d88114037ddcc8e4a0b7cb9502325afd5c448bebaf2c911d56e5a9fdf875ce502769669faafdf05fbd1b13123d9af91d5b26ef6f518086f7367063043ad241d4269210e2c6c0fce2510ef5eaa0b593042e8ad32e998d1a3422b550a75c8022110dffd1d1db817394dafac12d0e0d9663ff9a0bcd6d8e5988d9b57cb7c3f957d5e287059fd42ed74498585ca9d2c0e9698921cd3965ea5803956889fb864627ba177b326e9ddd470f4426530bf65ecc90753d2856c91fdec3149a777cebedab7b214ece899ae0fdd090572efe8d98578ba6f7a0dbed9290fafbfbbba41ac50fc7fbb3de5e1a9d27b013c140c1048fe263830d334993393858b3708ee2b63098593c0abb39133108bd3a86193f827958dc7fcc4fdc649731bcbf7d72cf462646e6315b8f7c0fadd4b5b0bf599d11d0992a38c0199b5b5b155405dd398e976e55ff020e2407c8db9c903eb9bbcc6c4c5fbab8e275f2ba6385674151e2bb6b3d8701032f423095a6a0b6cd6badcb73ab5481d553db6c4c9bf937f2e275b0346016e183676ad8ee9062527cfec8aa29cec459d70c52d011f12d38da64d750512bc35a7b9ec0337b148262519a9602541d49a4b1b89b5fa722502abdd64b7a68c8c723e32e2ef6b029882eac1956e32c6932e24fde31427f73b70b72f532f2c0f91418a57efbb072158602f79e343bdf81b6da96edc673c3fe3a39c7a40785a7a6c272c46c536da3b0da41d5a59add5e1e44eeb4ff8d1c71c04d4290633e6f84cf3ef3628a0b6caf1df640acf865ea92241d78a981bbfe2501846dee63aa5e24398cc071877716eaa6b59ad149fe5f3fa3cad624902f370edeaa7afb938ee1cc7790373ccce6f2cf8348251f0ce7e4edc53ae4458e1bf15d26c4f69b7668a64041fb7beb3cf3856a3cfbb65205f5b34a2e7d710773d7bc59758899c3df02037d6aa2eaebe8ef19910ed37f47cf4f7705e430f2e44fcc59c19649a417a241f282762e57a4838977e01ab72b257f045987ff2cc7bdeefc9c8509b161e329d1", 0x1000, 0x55)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x9, {0xfff, 0x7, 0x10200000, 0x9, 0x0, 0x5}, 0x63, 0x1}, 0xe)

[ 2527.312502] /syz5 killed as a result of limit of /syz5
[ 2527.338335] memory: usage 307184kB, limit 307200kB, failcnt 16177
[ 2527.367992] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2527.380133] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2527.387583] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2527.408640] Memory cgroup out of memory: Kill process 14453 (syz-executor.5) score 1103 or sacrifice child
[ 2527.419515] Killed process 14453 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:02 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000c00", 0x2e}], 0x1}, 0x0)

09:32:02 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
r2 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x78, 0x0)
ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000300))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

09:32:02 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x2000)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000040)=0x80000000, &(0x7f0000000080)=0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000180)=0xfffffd36)

09:32:02 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], [], [], [], [], [], []]}, 0x934)

09:32:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2527.441996] oom_reaper: reaped process 14453 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2527.530881] sctp: [Deprecated]: syz-executor.4 (pid 14898) Use of int in maxseg socket option.
[ 2527.530881] Use struct sctp_assoc_value instead
[ 2527.554982] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2527.564326] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2527.570052] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
09:32:02 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)}, {&(0x7f0000000140)=""/114, 0x72}], 0x2, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)=r2)
setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000040)=0x7, 0x1)
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000200))

[ 2527.579714] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2527.589230] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2527.599651] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2527.601880] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2527.608806] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:02 executing program 2:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4, 0x24000)
ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000080)={0x10})
socket$isdn_base(0x22, 0x3, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0xc002, 0x0)

[ 2527.630831] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2527.640209] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2527.692609] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2527.719578] CPU: 1 PID: 14900 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2527.726640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2527.736001] Call Trace:
[ 2527.738605]  dump_stack+0x172/0x1f0
[ 2527.742249]  dump_header+0x15e/0x929
[ 2527.745983]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2527.751098]  ? ___ratelimit+0x60/0x595
[ 2527.754991]  ? do_raw_spin_unlock+0x57/0x270
[ 2527.759416]  oom_kill_process.cold+0x10/0x6ef
[ 2527.763923]  ? task_will_free_mem+0x139/0x6e0
[ 2527.768426]  ? find_held_lock+0x35/0x130
[ 2527.772502]  out_of_memory+0x936/0x12d0
[ 2527.776490]  ? lock_downgrade+0x810/0x810
[ 2527.780657]  ? oom_killer_disable+0x280/0x280
[ 2527.785162]  ? find_held_lock+0x35/0x130
[ 2527.789245]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2527.794111]  ? memcg_event_wake+0x230/0x230
[ 2527.798450]  ? do_raw_spin_unlock+0x57/0x270
[ 2527.802865]  ? _raw_spin_unlock+0x2d/0x50
[ 2527.807020]  try_charge+0x1028/0x15b0
[ 2527.810830]  ? find_held_lock+0x35/0x130
[ 2527.814918]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2527.819767]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2527.824620]  ? find_held_lock+0x35/0x130
[ 2527.828688]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2527.833588]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2527.838274]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2527.842868]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2527.847723]  memcg_kmem_charge+0x136/0x300
[ 2527.851969]  __alloc_pages_nodemask+0x3c6/0x760
[ 2527.856651]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2527.861678]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2527.866260]  ? trace_hardirqs_on+0x67/0x220
[ 2527.866273]  ? kasan_check_read+0x11/0x20
[ 2527.866293]  copy_process.part.0+0x3e0/0x7a30
[ 2527.866312]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2527.884437]  ? delayacct_end+0x5c/0x100
[ 2527.888426]  ? __delayacct_freepages_end+0xe0/0x140
[ 2527.893609]  ? __lock_acquire+0x6eb/0x48f0
[ 2527.897865]  ? __cleanup_sighand+0x70/0x70
[ 2527.902114]  ? mark_held_locks+0x100/0x100
[ 2527.906374]  _do_fork+0x257/0xfd0
[ 2527.909837]  ? fork_idle+0x1d0/0x1d0
[ 2527.913562]  ? blkcg_print_stat+0xb90/0xb90
[ 2527.917888]  ? kasan_check_read+0x11/0x20
[ 2527.922048]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2527.926809]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2527.931568]  ? do_syscall_64+0x26/0x620
[ 2527.935552]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2527.940922]  ? do_syscall_64+0x26/0x620
[ 2527.944904]  __x64_sys_clone+0xbf/0x150
[ 2527.948885]  do_syscall_64+0xfd/0x620
[ 2527.952696]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2527.957900] RIP: 0033:0x45bc99
09:32:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d00000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff00000000], [], [], [], [], [], [], []]}, 0x905)

09:32:03 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
dup(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

[ 2527.961097] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2527.980000] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2527.987726] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2527.994999] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2528.002272] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2528.003419] sctp: [Deprecated]: syz-executor.4 (pid 15121) Use of int in maxseg socket option.
09:32:03 executing program 3:
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000140)={0x0, 0xff}, &(0x7f0000000300)=0x8)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)={0xfffffffffffff949, 0xffffffff})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e21, 0x9, @mcast2, 0x7}}, 0xffff, 0x3}, 0x90)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, &(0x7f00000001c0), &(0x7f0000000180)=0x2a6)

09:32:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000], [], [], [], [], [], [], []]}, 0x905)

[ 2528.003419] Use struct sctp_assoc_value instead
[ 2528.009541] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2528.009551] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2528.147777] Task in /syz5 killed as a result of limit of /syz5
[ 2528.180631] memory: usage 307192kB, limit 307200kB, failcnt 16201
[ 2528.252804] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2528.267080] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2528.276831] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:03 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100c00", 0x2e}], 0x1}, 0x0)

09:32:03 executing program 2:
r0 = syz_open_dev$vivid(&(0x7f0000000080)='/dev/video#\x00', 0x2, 0x2)
ioctl$VIDIOC_DQEVENT(r0, 0x80885659, &(0x7f00000000c0)={0x0, @frame_sync})
socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000040)={0x9, 0x7, 0x2})

09:32:03 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={<r1=>0x0, 0x8}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000100)={r1, 0xe8, "f02207cbbd39a9510a931e2c85a486f15d959ecd5a1e165077a8dc2e9fdce8dc12028a2663767bca1ffe27ce6c58a2fa2300bf54e61039d2c17035a7615ec98524e885c0925764375c69db93cc8ee0e00e571c5c177adb5804cabf2c62b655982dcdc912a816fa9f57f6c100287a1d0048152435420e67c144a0aabe2d009e3e0694b556208618bbd757338440adc7621be01c8199c07d4f05ff4820c5b950390aca6ee2e1a7990b0ec5bd0056b6ec63aeb4a798a0cc561d05998030336092def233b82584280530b43ae6ef09a246cc2c1cc5a5611da31dcf9ae555e68ae741c553ef11d7dd5615"}, &(0x7f0000000200)=0xf0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000a80)='/dev/sequencer2\x00', 0x20040, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000ac0)=[@window={0x3, 0x4272, 0xa4ee}, @timestamp, @sack_perm, @mss={0x2, 0x5}, @sack_perm, @sack_perm, @window={0x3, 0xa5, 0x400}, @sack_perm], 0x8)

09:32:03 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], [], [], [], [], [], []]}, 0x934)

09:32:03 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
times(&(0x7f00000002c0))
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)

09:32:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], [], [], [], [], [], [], []]}, 0x905)

[ 2528.304292] Memory cgroup out of memory: Kill process 14900 (syz-executor.5) score 1103 or sacrifice child
[ 2528.319429] Killed process 14900 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2528.397391] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2528.406245] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2528.411465] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2528.420431] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2528.429353] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2528.438249] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2528.447195] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2528.456112] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2528.462980] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2528.465000] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2528.474086] sctp: [Deprecated]: syz-executor.4 (pid 15340) Use of int in maxseg socket option.
[ 2528.474086] Use struct sctp_assoc_value instead
[ 2528.486543] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2528.513118] CPU: 0 PID: 15346 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2528.520142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2528.529495] Call Trace:
[ 2528.532096]  dump_stack+0x172/0x1f0
[ 2528.535741]  dump_header+0x15e/0x929
[ 2528.539465]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2528.544576]  ? ___ratelimit+0x60/0x595
[ 2528.548559]  ? do_raw_spin_unlock+0x57/0x270
[ 2528.552982]  oom_kill_process.cold+0x10/0x6ef
[ 2528.557490]  ? task_will_free_mem+0x139/0x6e0
[ 2528.562069]  ? find_held_lock+0x35/0x130
[ 2528.566145]  out_of_memory+0x936/0x12d0
[ 2528.570132]  ? lock_downgrade+0x810/0x810
[ 2528.574289]  ? oom_killer_disable+0x280/0x280
[ 2528.578792]  ? find_held_lock+0x35/0x130
[ 2528.582873]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2528.587736]  ? memcg_event_wake+0x230/0x230
[ 2528.592076]  ? do_raw_spin_unlock+0x57/0x270
[ 2528.596488]  ? _raw_spin_unlock+0x2d/0x50
[ 2528.600646]  try_charge+0x1028/0x15b0
[ 2528.604452]  ? find_held_lock+0x35/0x130
[ 2528.608521]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2528.613380]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2528.618229]  ? find_held_lock+0x35/0x130
[ 2528.622290]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2528.627158]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2528.631843]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2528.636351]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2528.641202]  memcg_kmem_charge+0x136/0x300
[ 2528.645446]  __alloc_pages_nodemask+0x3c6/0x760
09:32:03 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000], [], [], [], [], [], []]}, 0x934)

[ 2528.650124]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2528.655153]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2528.659744]  ? trace_hardirqs_on+0x67/0x220
[ 2528.664072]  ? kasan_check_read+0x11/0x20
[ 2528.668235]  copy_process.part.0+0x3e0/0x7a30
[ 2528.672740]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2528.677847]  ? delayacct_end+0x5c/0x100
[ 2528.681833]  ? __delayacct_freepages_end+0xe0/0x140
[ 2528.686856]  ? __lock_acquire+0x6eb/0x48f0
[ 2528.691103]  ? __cleanup_sighand+0x70/0x70
[ 2528.695343]  ? mark_held_locks+0x100/0x100
[ 2528.699699]  _do_fork+0x257/0xfd0
[ 2528.703159]  ? fork_idle+0x1d0/0x1d0
[ 2528.706886]  ? blkcg_print_stat+0xb90/0xb90
[ 2528.711205]  ? kasan_check_read+0x11/0x20
[ 2528.715352]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2528.715367]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2528.715381]  ? do_syscall_64+0x26/0x620
[ 2528.715396]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2528.715410]  ? do_syscall_64+0x26/0x620
[ 2528.715426]  __x64_sys_clone+0xbf/0x150
[ 2528.715443]  do_syscall_64+0xfd/0x620
[ 2528.745954]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2528.751144] RIP: 0033:0x45bc99
[ 2528.754339] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2528.757753] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2528.773240] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2528.773257] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2528.773265] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2528.773274] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2528.773282] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2528.773290] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2528.789827] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2528.811899] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2528.826497] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
09:32:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], [], [], [], [], [], []]}, 0x905)

09:32:04 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3)
ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x1, 0x5, 0xfffffffffffffffa, 0x4, 0x7})
keyctl$session_to_parent(0x12)
socket$bt_bnep(0x1f, 0x3, 0x4)

09:32:04 executing program 3:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x8000, 0x0)
write$apparmor_current(r0, &(0x7f0000000100)=@hat={'permhat ', 0x3, 0x5e, ['syz1\x00']}, 0x20)
openat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:04 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
r2 = accept(r1, &(0x7f00000002c0)=@sco, &(0x7f0000000340)=0x80)
ioctl$SIOCX25SDTEFACILITIES(r2, 0x89eb, &(0x7f0000000380)={0xfffffffffffffffd, 0x10001, 0x1ff, 0xd9f, 0x200, 0xa, 0x24, "74584a3d76131d8361e0b0c533e8521ffcb975a6", "26ab6ece3b8e449e2d06cc7224bbcca5fab5d204"})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r4, 0x0)

[ 2528.840486] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2528.840506] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2528.840533] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2528.862632] Task in 
[ 2528.867221] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2528.867243] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2528.914848] /syz5 killed as a result of limit of /syz5
[ 2528.927409] memory: usage 307192kB, limit 307200kB, failcnt 16229
[ 2528.946244] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2528.954703] sg_write: 7 callbacks suppressed
[ 2528.954716] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2528.954716]    program syz-executor.0 not setting count and/or reply_len properly
[ 2528.973416] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2528.982057] sctp: [Deprecated]: syz-executor.4 (pid 15673) Use of int in maxseg socket option.
[ 2528.982057] Use struct sctp_assoc_value instead
[ 2528.998413] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:04 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={<r1=>0x0, 0x4b0b, 0x7065cbbc, 0x20, 0xffffffff, 0x26}, &(0x7f00000000c0)=0x14)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000100)={<r2=>0x0, 0x10000, 0xfffffffffffffe00}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000180)={r1, 0x3d8, 0x80000001, 0x6c78c2e6, 0x101, 0x7ff, 0x7fffffff, 0x10001, {r2, @in={{0x2, 0x4e24, @broadcast}}, 0x3, 0xec, 0x5, 0xffff, 0x3f}}, &(0x7f0000000240)=0xb0)

[ 2529.081447] Memory cgroup out of memory: Kill process 15346 (syz-executor.5) score 1103 or sacrifice child
[ 2529.133068] Killed process 15346 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:04 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000d00", 0x2e}], 0x1}, 0x0)

09:32:04 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = dup3(r0, r0, 0x80000)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000080)={0xa, &(0x7f0000000000)=[{0x3, 0xa108, 0x5, 0xffffffffffff0000}, {0x81, 0x0, 0x5, 0x8}, {0x10001, 0x60000000, 0x4, 0x6}, {0xfffffffffffffffd, 0xa6, 0x3, 0x1}, {0x27df, 0x1, 0x7, 0x7}, {0x1, 0x8, 0x8, 0x94d}, {0x0, 0x2, 0x2, 0x100}, {0x3, 0x1, 0x1, 0x5}, {0xfff, 0x2, 0x8000, 0x177d}, {0x0, 0x0, 0xfff, 0x1}]}, 0x10)

09:32:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000000000000], [], [], [], [], [], []]}, 0x934)

[ 2529.187883] oom_reaper: reaped process 15346 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2529.266173] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2529.275216] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2529.280450] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2529.289382] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2529.290744] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [], [], [], [], [], [], []]}, 0x905)

09:32:04 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000002c0), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x20000000000006)
msgctl$IPC_RMID(r3, 0x0)

09:32:04 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x4)

[ 2529.298280] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2529.298307] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2529.298333] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2529.328939] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2529.328959] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2529.403912] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2529.411302] sctp: [Deprecated]: syz-executor.4 (pid 15951) Use of int in maxseg socket option.
[ 2529.411302] Use struct sctp_assoc_value instead
[ 2529.426792] CPU: 0 PID: 15879 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2529.433821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2529.443179] Call Trace:
[ 2529.445775]  dump_stack+0x172/0x1f0
[ 2529.449415]  dump_header+0x15e/0x929
[ 2529.453142]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2529.458256]  ? ___ratelimit+0x60/0x595
[ 2529.462148]  ? do_raw_spin_unlock+0x57/0x270
[ 2529.466574]  oom_kill_process.cold+0x10/0x6ef
[ 2529.471082]  ? task_will_free_mem+0x139/0x6e0
[ 2529.475584]  ? find_held_lock+0x35/0x130
[ 2529.479659]  out_of_memory+0x936/0x12d0
[ 2529.483649]  ? lock_downgrade+0x810/0x810
[ 2529.487807]  ? oom_killer_disable+0x280/0x280
[ 2529.492306]  ? find_held_lock+0x35/0x130
[ 2529.496383]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2529.501234]  ? memcg_event_wake+0x230/0x230
[ 2529.505568]  ? do_raw_spin_unlock+0x57/0x270
[ 2529.509986]  ? _raw_spin_unlock+0x2d/0x50
[ 2529.514142]  try_charge+0x1028/0x15b0
[ 2529.517948]  ? find_held_lock+0x35/0x130
[ 2529.522025]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2529.526866]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2529.531709]  ? find_held_lock+0x35/0x130
[ 2529.535774]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2529.540632]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2529.545308]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2529.549815]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2529.554673]  memcg_kmem_charge+0x136/0x300
[ 2529.558919]  __alloc_pages_nodemask+0x3c6/0x760
[ 2529.563596]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2529.568622]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2529.568640]  ? trace_hardirqs_on+0x67/0x220
[ 2529.577523]  ? kasan_check_read+0x11/0x20
[ 2529.581680]  copy_process.part.0+0x3e0/0x7a30
[ 2529.586182]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2529.591306]  ? delayacct_end+0x5c/0x100
[ 2529.595291]  ? __delayacct_freepages_end+0xe0/0x140
[ 2529.600310]  ? __lock_acquire+0x6eb/0x48f0
09:32:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700000000000000], [], [], [], [], [], []]}, 0x934)

[ 2529.604560]  ? __cleanup_sighand+0x70/0x70
[ 2529.608800]  ? mark_held_locks+0x100/0x100
[ 2529.613053]  _do_fork+0x257/0xfd0
[ 2529.616529]  ? fork_idle+0x1d0/0x1d0
[ 2529.620255]  ? blkcg_print_stat+0xb90/0xb90
[ 2529.624578]  ? kasan_check_read+0x11/0x20
[ 2529.628724]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2529.633485]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2529.638247]  ? do_syscall_64+0x26/0x620
[ 2529.642232]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2529.647603]  ? do_syscall_64+0x26/0x620
[ 2529.647841] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2529.651583]  __x64_sys_clone+0xbf/0x150
[ 2529.651605]  do_syscall_64+0xfd/0x620
[ 2529.660371] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2529.664226]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2529.664238] RIP: 0033:0x45bc99
[ 2529.664253] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2529.664267] RSP: 002b:00007fff8354f678 EFLAGS: 00000202
[ 2529.668070] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2529.673306]  ORIG_RAX: 0000000000000038
[ 2529.673315] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2529.673324] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2529.673332] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2529.673340] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2529.673348] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2529.710827] Task in 
[ 2529.715183] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2529.715205] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2529.719230] /syz5
[ 2529.726472] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2529.733792]  killed as a result of limit of 
[ 2529.740981] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [], [], [], [], [], []]}, 0x905)

09:32:04 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000f37000/0x2000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r2 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r2, 0x0)

09:32:04 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000080)=0xfffffffffffffc87)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x7, 0x422000)
ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000040)=""/55)

09:32:04 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x2, 0x400000)
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f00000000c0)={0x0, 0x0, 0x3, &(0x7f0000000080)=0x1})
openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/user\x00', 0x2, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000100))

[ 2529.741001] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2529.748308] /syz5
[ 2529.755566] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2529.812419] memory: usage 307132kB, limit 307200kB, failcnt 16238
09:32:05 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000080)={<r1=>0x0, 0xc5, "4c1af293bfcaf487e42bb996f84e307f0a76c8e4d19b762cdd2313de9311fc61bfa58def14bcbef054f090585716bcce0623ddb7a7ac6c476b6abb3f18f7744f2b010553edab24336c87d91754ba666c8f9a20810db63976077eba83b8bd11f3802ae19b0b08ec95f8cd2854db565ad6313b99aa60bccd8483d2ee3ea16629f0bfff8c54b11e8227a25ac2a7417835e898a855f55e41fe2da3f0cd4bcbb2589dfaeb1d27f02b81a7503b0fa47749fa2133c7e02a81dc39f111e8ff5a8740393ea2411fbb71"}, &(0x7f0000000180)=0xcd)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000001c0)={r1, 0x100000000, 0x10, 0x4, 0x21a}, &(0x7f0000000200)=0x18)

[ 2529.875719] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2529.875719]    program syz-executor.0 not setting count and/or reply_len properly
[ 2529.902933] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2529.910731] sctp: [Deprecated]: syz-executor.4 (pid 16200) Use of int in maxseg socket option.
[ 2529.910731] Use struct sctp_assoc_value instead
[ 2529.921743] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2529.941067] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2530.010335] Memory cgroup out of memory: Kill process 15879 (syz-executor.5) score 1103 or sacrifice child
[ 2530.048013] Killed process 15879 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2530.071013] oom_reaper: reaped process 15879 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:05 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100d00", 0x2e}], 0x1}, 0x0)

09:32:05 executing program 2:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1, 0x250001)
connect$l2tp(r1, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x2, 0x0, {0xa, 0x4e24, 0x5, @local, 0xfffffffffffffffc}}}, 0x3a)

09:32:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff00000000], [], [], [], [], [], []]}, 0x934)

09:32:05 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
fcntl$setflags(r0, 0x2, 0x1)

09:32:05 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000480)={0x800100d})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0, 0xd2b}, &(0x7f0000000040)=0x3c5)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r4 = msgget(0x3, 0x80)
r5 = dup2(r1, r2)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000004c0)={r3, 0x6}, &(0x7f0000000500)=0x8)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000580)=<r6=>0x0)
ptrace$peekuser(0x3, r6, 0x101)
setsockopt$inet6_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000002c0), 0x4)
ioctl$VIDIOC_G_FREQUENCY(r5, 0xc02c5638, &(0x7f00000003c0)={0xad9, 0x2, 0x80c2})
msgctl$IPC_RMID(r4, 0x0)
getsockopt$inet6_opts(r5, 0x29, 0x36, &(0x7f0000000300)=""/92, &(0x7f0000000380)=0x5c)

[ 2530.217880] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2530.226835] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2530.232069] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2530.241033] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2530.249953] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2530.258874] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:32:05 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [], [], [], [], [], [], []]}, 0x905)

09:32:05 executing program 2:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000700)='/dev/userio\x00', 0x42, 0x0)
readv(r0, &(0x7f0000000980)=[{&(0x7f0000000740)=""/176, 0xb0}, {&(0x7f0000000800)=""/102, 0x66}, {&(0x7f0000000880)}, {&(0x7f00000008c0)=""/145, 0x91}], 0x4)
r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid\x00')
writev(r1, &(0x7f0000000640)=[{&(0x7f0000000040)="f62f1a40212f2c08956e3803348e95f9ab9394f3ebaa0b8d333b7e04ba0008f79881727c549e872d113d41d9deced26e7ddebbcffafc10413f501468818cbd6ce6f4ff25c376477baa2df25733dcf1cba0182971162df3ba9d3bef18ecd0feddaa6ccddf28fde61aac2b5cb200cd68b70f65390fdda1f2e28761ce8ee919ede6daa4102331428f6f1996b88e129da57d16677bd39eb8d1fe2f89e5572ad9", 0x9e}, {&(0x7f0000000100)="14dfefffeebc69b2bb958a10ad6c55ca16d5d20979ac92dd5c0bcecf61e77ce26fe7dcf67a92bebaf8a2a27cd04ea751d925d63f1ed532aeaf44351166506bd4ede6b61cf26301dbd108f8291a4ebc6dd09158af131802f12d2abcc47364ddeee4afaa902804fa46d7a64e0833b386b2a6502372517e1b0681587c71f89630ad269767bf9dcdd1a9273be1eb6dd8167ddb9103ecf81a88938ec047cbd971a6440357f705b0c966f1b8b2918a930178974ac90dcb00011b4e71dff8c53018f482fa4472b19b84d353b7f28a28e4", 0xcd}, {&(0x7f0000000200)="eb58cee7a56c384259814aaed3fe94dbaf30117131daa6e5213d894105dbe37df4085ab51d15c05a8fe9c93c752723c08769d5b5fe31b8de43ea0c0a7d82e71709aa01a80e663c5924e757c8298af51a23ff634b7527a22c2f404b6dd4", 0x5d}, {&(0x7f0000000280)="721496df43f4faf5c9dfc5a961f1b05cd1f93239ee703abc39784246e71dee36f2c349b9cf17396243ba36027e82187b2f159e4fa3197d08157d9ccc2d7c811abc3ffb0495451cedba2bafb1839d307e283a9afdbd5e504919d7983ee62ef583b0066ada8f019afa6456affd33bd7c3e1f89212d171d9dc6c8600ca922251f8a99e9ebe33a4a09f2d9e202", 0x8b}, {&(0x7f0000000340)="f7a8b28bea3df8099689877414875a2ac48817ed301cbc28b70fd1bbac8a30dcc2e8d068ad6c6fd37d758432601980427b", 0x31}, {&(0x7f0000000380)="2b0e827219f7f989bf16ff72c2d87c19ccd0fd98c0ed4de71da62e41c83be9f87f02a8b9cef3cd5cd6dd085b2d53e4e8d3ff8e281268b6d6e82530e0995b5333dd043e57ae03fabe29645bbb969f9b9645d86fb20d91ae57f2634ede0817d7a597eb0aec9fc3a191a21b0039ea0316e2c3377639caf5f7cecbe36fd34d2f", 0x7e}, {&(0x7f0000000400)="18fc35f6d914e34cfdb3aa5ef1019836769753ff148f5ca87f002bee0aa3ff", 0x1f}, {&(0x7f0000000440)="f00dff8d4ee8fe8f5102e26a66225c3e90dd6b025d7fca4bef2a4ccf77383546190fcbf08424800dff14033a447913e83490e09927eb35844fe49ef8d5fd3bbb130f17e204e50c1d8ad7ea1f7eaccdea8dd2df4bb3a71a6347599d79d354a587f8660c36ccfe398a27877eca8e84dbd7e864d2aa8b14521877090ca18ae5ccd118e731cd46ac4dbf22c4c2805ba91b867c0c86e55885bb076fb918acb3d0796bc66b6cea0084bc23c5bc498b65a40edfe53dcf4184002f403e388aa7f64c62ed2f0d9d7a7894688a719e8f80ac5a961cc2cae3", 0xd3}, {&(0x7f0000000540)="209ee750f4ad188ad29eb292eedd4e96f46e64ed702fb34e943f9e6226195f5121b9ae36d10598787a6a9249c9f454060970b087c003d63868290dac4678d095cf1b7d88f5a6b41ff27477f22125385ffd4d646b5a626ec6dc4fc32224488c5152fc8f1ad14335480e5904214a0b48d96fd3b4cd0dd993d3bb9a0c5d29ee7a42cb3b120e87f189593ccf84873735fab0dad7df8578279b016cc324be", 0x9c}, {&(0x7f0000000600)}], 0xa)
socket$isdn_base(0x22, 0x3, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000600)='/dev/cachefiles\x00', 0x505000, 0x0)

[ 2530.267785] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2530.269106] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2530.276757] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2530.296840] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2530.310303] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2530.344404] sctp: [Deprecated]: syz-executor.4 (pid 16674) Use of int in maxseg socket option.
[ 2530.344404] Use struct sctp_assoc_value instead
[ 2530.357122] CPU: 0 PID: 16526 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2530.364709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2530.371744] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2530.371744]    program syz-executor.0 not setting count and/or reply_len properly
[ 2530.374063] Call Trace:
[ 2530.374090]  dump_stack+0x172/0x1f0
[ 2530.374113]  dump_header+0x15e/0x929
[ 2530.374131]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2530.374147]  ? ___ratelimit+0x60/0x595
[ 2530.374160]  ? do_raw_spin_unlock+0x57/0x270
[ 2530.374186]  oom_kill_process.cold+0x10/0x6ef
[ 2530.417972]  ? task_will_free_mem+0x139/0x6e0
[ 2530.422491]  out_of_memory+0x936/0x12d0
[ 2530.426476]  ? lock_downgrade+0x810/0x810
[ 2530.430633]  ? oom_killer_disable+0x280/0x280
[ 2530.435135]  ? find_held_lock+0x35/0x130
[ 2530.439214]  mem_cgroup_out_of_memory+0x1d2/0x240
09:32:05 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], [], [], [], [], [], []]}, 0x905)

[ 2530.444064]  ? memcg_event_wake+0x230/0x230
[ 2530.448399]  ? do_raw_spin_unlock+0x57/0x270
[ 2530.452820]  ? _raw_spin_unlock+0x2d/0x50
[ 2530.456985]  try_charge+0x1028/0x15b0
[ 2530.460796]  ? find_held_lock+0x35/0x130
[ 2530.464874]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2530.469733]  ? kasan_check_read+0x11/0x20
[ 2530.473902]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2530.478758]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2530.483356]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2530.488296]  wp_page_copy+0x430/0x16a0
09:32:05 executing program 2:
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)
socket$isdn_base(0x22, 0x3, 0x0)
mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xa)

[ 2530.492199]  ? follow_pfn+0x2a0/0x2a0
[ 2530.496026]  ? kasan_check_read+0x11/0x20
[ 2530.500179]  ? do_raw_spin_unlock+0x57/0x270
[ 2530.504598]  do_wp_page+0x57d/0x10b0
[ 2530.508323]  ? lock_acquire+0x16f/0x3f0
[ 2530.512304]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2530.516982]  ? kasan_check_write+0x14/0x20
[ 2530.521223]  ? do_raw_spin_lock+0xc8/0x240
[ 2530.525466]  __handle_mm_fault+0x2305/0x3f80
[ 2530.529890]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2530.534744]  ? find_held_lock+0x35/0x130
[ 2530.538750] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2530.538750]    program syz-executor.0 not setting count and/or reply_len properly
[ 2530.538815]  ? handle_mm_fault+0x322/0xb30
[ 2530.559094]  ? kasan_check_read+0x11/0x20
[ 2530.563258]  handle_mm_fault+0x43f/0xb30
[ 2530.567336]  __do_page_fault+0x62a/0xe90
[ 2530.571412]  ? vmalloc_fault+0x740/0x740
[ 2530.575483]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2530.580502]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2530.585436]  ? page_fault+0x8/0x30
[ 2530.585458]  do_page_fault+0x71/0x57d
09:32:05 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000040)=0x4)

[ 2530.585474]  ? page_fault+0x8/0x30
[ 2530.596321]  page_fault+0x1e/0x30
[ 2530.599774] RIP: 0033:0x40e468
[ 2530.602975] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf 91 e8 4b 00 31 c0 e8 13 38 ff ff 31 ff e8 5c 34 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d fe 1f 66 00
[ 2530.621896] RSP: 002b:00007fff8354f6e0 EFLAGS: 00010246
[ 2530.627263] RAX: 000000009270f5f2 RBX: 000000003e9bf4ad RCX: 0000001b2df20000
[ 2530.634540] RDX: 0000000000000000 RSI: 00000000000015f2 RDI: ffffffff9270f5f2
09:32:05 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vga_arbiter\x00', 0x40800, 0x0)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000300)={0x8})

[ 2530.641812] RBP: 0000000000000017 R08: 000000009270f5f2 R09: 000000009270f5f6
[ 2530.649080] R10: 00007fff8354f880 R11: 0000000000000246 R12: 000000000075bfa8
[ 2530.649092] R13: 0000000080000000 R14: 00007fd038cdb008 R15: 0000000000000017
09:32:05 executing program 2:
socket$isdn_base(0x22, 0x3, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x2)

[ 2530.823098] Task in /syz5 killed as a result of limit of /syz5
[ 2530.837146] memory: usage 307200kB, limit 307200kB, failcnt 16270
[ 2530.857227] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2530.880170] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2530.927881] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:136KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:06 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000e00", 0x2e}], 0x1}, 0x0)

09:32:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [], [], [], [], [], [], []]}, 0x905)

09:32:06 executing program 3:
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000000c0)={<r1=>0x0, 0x8}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={r1, @in={{0x2, 0x4e22, @rand_addr=0xfffffffffffffc01}}}, &(0x7f0000000200)=0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000240), &(0x7f0000000040)=0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)

09:32:06 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], []]}, 0x934)

09:32:06 executing program 4:
socket$rxrpc(0x21, 0x2, 0xa)
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r1}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000002c0)={<r2=>0x0, 0x40}, &(0x7f0000000040)=0x1f5368da2e7367b3)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r3 = msgget(0x2, 0x80)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000300)={0x1, 0x0, [{}]})
msgctl$IPC_RMID(r3, 0x0)

09:32:06 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], [], [], [], [], [], []]}, 0x934)

[ 2531.019513] Memory cgroup out of memory: Kill process 16526 (syz-executor.5) score 1103 or sacrifice child
[ 2531.039100] Killed process 16526 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2531.051929] oom_reaper: reaped process 16526 (syz-executor.5), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB
09:32:06 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x4)

[ 2531.130870] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2531.131428] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2531.131428]    program syz-executor.0 not setting count and/or reply_len properly
[ 2531.140060] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2531.161428] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2531.173044] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2531.182305] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2531.191497] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2531.200710] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2531.209866] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2531.219041] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2531.226856] sctp: [Deprecated]: syz-executor.4 (pid 17162) Use of int in maxseg socket option.
[ 2531.226856] Use struct sctp_assoc_value instead
[ 2531.245012] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2531.252964] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2531.265363] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2531.270585] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2531.279504] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2531.288453] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2531.297391] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2531.306299] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2531.308684] syz-executor.5 cpuset=
[ 2531.315200] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2531.315218] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2531.363437] syz5 mems_allowed=0-1
[ 2531.366984] CPU: 1 PID: 17165 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2531.374000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2531.383359] Call Trace:
[ 2531.385974]  dump_stack+0x172/0x1f0
[ 2531.389619]  dump_header+0x15e/0x929
[ 2531.393345]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2531.398457]  ? ___ratelimit+0x60/0x595
[ 2531.402351]  ? do_raw_spin_unlock+0x57/0x270
[ 2531.406777]  oom_kill_process.cold+0x10/0x6ef
[ 2531.411283]  ? task_will_free_mem+0x139/0x6e0
[ 2531.414144] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2531.414144]    program syz-executor.1 not setting count and/or reply_len properly
[ 2531.415798]  out_of_memory+0x936/0x12d0
[ 2531.415819]  ? lock_downgrade+0x810/0x810
[ 2531.415843]  ? oom_killer_disable+0x280/0x280
[ 2531.444482]  ? find_held_lock+0x35/0x130
[ 2531.448564]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2531.453410]  ? memcg_event_wake+0x230/0x230
[ 2531.457740]  ? do_raw_spin_unlock+0x57/0x270
[ 2531.462153]  ? _raw_spin_unlock+0x2d/0x50
[ 2531.466316]  try_charge+0x1028/0x15b0
[ 2531.470123]  ? find_held_lock+0x35/0x130
[ 2531.474202]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2531.479057]  ? kasan_check_read+0x11/0x20
[ 2531.483216]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2531.488067]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2531.492682]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2531.497625]  wp_page_copy+0x430/0x16a0
[ 2531.501529]  ? follow_pfn+0x2a0/0x2a0
[ 2531.505338]  ? kasan_check_read+0x11/0x20
[ 2531.509495]  ? do_raw_spin_unlock+0x57/0x270
[ 2531.513917]  do_wp_page+0x57d/0x10b0
[ 2531.517649]  ? lock_acquire+0x16f/0x3f0
[ 2531.521634]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2531.526311]  ? kasan_check_write+0x14/0x20
[ 2531.530556]  ? do_raw_spin_lock+0xc8/0x240
[ 2531.534803]  __handle_mm_fault+0x2305/0x3f80
[ 2531.539228]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2531.544080]  ? find_held_lock+0x35/0x130
[ 2531.548152]  ? handle_mm_fault+0x322/0xb30
[ 2531.552403]  ? kasan_check_read+0x11/0x20
[ 2531.556566]  handle_mm_fault+0x43f/0xb30
[ 2531.560641]  __do_page_fault+0x62a/0xe90
[ 2531.564719]  ? vmalloc_fault+0x740/0x740
[ 2531.568792]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2531.573823]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2531.578759]  ? page_fault+0x8/0x30
[ 2531.582318]  do_page_fault+0x71/0x57d
[ 2531.586128]  ? page_fault+0x8/0x30
[ 2531.589677]  page_fault+0x1e/0x30
[ 2531.593134] RIP: 0033:0x40e468
[ 2531.596327] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf 91 e8 4b 00 31 c0 e8 13 38 ff ff 31 ff e8 5c 34 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d fe 1f 66 00
[ 2531.615233] RSP: 002b:00007fff8354f6e0 EFLAGS: 00010246
[ 2531.620603] RAX: 000000000ad41aa2 RBX: 00000000d4f172ab RCX: 0000001b2df20000
[ 2531.627878] RDX: 0000000000000000 RSI: 0000000000001aa2 RDI: ffffffff0ad41aa2
[ 2531.635150] RBP: 0000000000000008 R08: 000000000ad41aa2 R09: 000000000ad41aa6
[ 2531.642425] R10: 00007fff8354f880 R11: 0000000000000246 R12: 000000000075bfa8
[ 2531.649697] R13: 0000000080000000 R14: 00007fd038cdb008 R15: 0000000000000008
09:32:06 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x200002, 0x0)
getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000100)=""/9, &(0x7f0000000140)=0x9)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f00000000c0)='\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [], [], [], [], [], [], []]}, 0x905)

09:32:06 executing program 4:
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$cec(&(0x7f00000003c0)='/dev/cec#\x00', 0x2, 0x2)
unlinkat(r1, &(0x7f0000000400)='./file0\x00', 0x200)
setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0, 0xd2b}, &(0x7f0000000040)=0xfffffffffffffc99)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
ioctl$CAPI_NCCI_OPENCOUNT(0xffffffffffffffff, 0x80044326, &(0x7f0000000380)=0x4)
r3 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r3, 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f00000002c0)={{0xa, 0x4e22, 0x7, @empty, 0x10001}, {0xa, 0x4e22, 0x1f, @remote, 0x8}, 0xfffffffffffffdc1, [0xc554, 0xffffffff, 0x54, 0xff, 0x1, 0x5, 0xfffffffffffff800, 0x1000]}, 0x5c)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000340)={0x2, 0x4e20, @broadcast}, 0x10)

09:32:06 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [], [], [], [], [], []]}, 0x934)

09:32:06 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x200005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:06 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], []]}, 0x934)

[ 2531.668760] Task in /syz5 killed as a result of limit of /syz5
[ 2531.681145] sd 0:0:1:0: [sg0] tag#4741 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2531.692761] sd 0:0:1:0: [sg0] tag#4741 CDB: Write(10)
[ 2531.698825] sd 0:0:1:0: [sg0] tag#4741 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2531.699323] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2531.699323]    program syz-executor.0 not setting count and/or reply_len properly
[ 2531.707934] sd 0:0:1:0: [sg0] tag#4741 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2531.733442] sd 0:0:1:0: [sg0] tag#4741 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2531.742513] sd 0:0:1:0: [sg0] tag#4741 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2531.751671] sd 0:0:1:0: [sg0] tag#4741 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2531.760868] sd 0:0:1:0: [sg0] tag#4741 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2531.770127] sd 0:0:1:0: [sg0] tag#4741 CDB[60]: d8 9b 15 da 44
[ 2531.787823] memory: usage 307188kB, limit 307200kB, failcnt 16305
[ 2531.826146] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2531.844916] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2531.846562] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2531.854008] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2531.865251] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2531.870627] Memory cgroup stats for 
[ 2531.874168] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2531.874195] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2531.874216] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2531.874237] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2531.878444] /syz5
[ 2531.886820] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2531.896541] :
[ 2531.904720] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2531.923094]  cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2531.970502] Memory cgroup out of memory: Kill process 17165 (syz-executor.5) score 1103 or sacrifice child
[ 2531.993106] Killed process 17165 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2532.016888] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
09:32:07 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100e00", 0x2e}], 0x1}, 0x0)

09:32:07 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f00000001c0)={0x7f, 0x1, 0xcab4, 'queue0\x00', 0x7fffffff})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080)=0x5, 0x4)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0), &(0x7f0000000180)=0x4)

09:32:07 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x200, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000001600), &(0x7f0000001640)=0x14)
setrlimit(0xb, &(0x7f0000000280)={0x81, 0x9})
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_sctp(0xa, 0x205, 0x84)
r3 = msgget$private(0x0, 0xdf0fab38c832976)
msgctl$MSG_STAT(r3, 0xb, &(0x7f00000004c0)=""/4096)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000340)={0x0, 0x8}, &(0x7f0000000380)=0x8)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f0000001500)=ANY=[@ANYBLOB="0300001011fb24a0524be81f32c5816912de1925651c0f40f5dd272b9e6d8c01fcabea12d55ca4950ee36d4b58ce310028275543ca1b2e197ad976cb5aca2eb6ac50da787ae25bea777e843a2a210771c3c414590eafc427601c5b4360f8570b44abd13a3289b67a65d0759bedc9d720cbedf9c1e346e2e00ec5695179fb37801c32d263deae6baf645c6c1d854986220e643bf228d257865b6307f17e8516ca1ebacb1eae6388055bf2adfcc977f0f9d8165c15824a12caa322eed196239857994f831a36b2f125", @ANYRES32=<r4=>0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000440)=0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f00000003c0)=@assoc_id=r4, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000d43000/0x3000)=nil, &(0x7f0000d90000/0x3000)=nil, &(0x7f0000f80000/0x1000)=nil, &(0x7f0000ed3000/0x4000)=nil, &(0x7f0000e30000/0x1000)=nil, &(0x7f0000de9000/0x2000)=nil, &(0x7f0000fd6000/0x3000)=nil, &(0x7f0000e3e000/0x1000)=nil, &(0x7f0000000180)="43ed276453ab6ee14b138671ede48bb20dc8b1767cabd9f9181c9093b669d5579b4865fe2f5ee473687e9876ddcabf109bcb797f2f3935b0fb56910a95e007ef782bf7641fd439d9ccf069b0d8266bd2db1c843683545afa6613a21894bbf2138f5b4cb4e15a3edf98b3e04abb845c5575a708943fa3904897c9f6", 0x7b, r2}, 0x68)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r6=>0x0, 0xd2b}, &(0x7f0000000040)=0x8)
mmap$perf(&(0x7f0000f1d000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0)
r7 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000480)=0x7ff)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={r6, @in6={{0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x4}}}, 0x84)
r8 = openat$vsock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vsock\x00', 0x200000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000014c0)=[@in={0x2, 0x4e23, @broadcast}], 0x10)
ioctl$SG_GET_COMMAND_Q(r8, 0x2270, &(0x7f0000000300))
r9 = msgget(0x2, 0x80)
msgctl$IPC_RMID(r9, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r1, 0x110, 0x3)
msgget$private(0x0, 0x4)

09:32:07 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48], [], [], [], [], [], [], []]}, 0x905)

[ 2532.016888]    program syz-executor.1 not setting count and/or reply_len properly
[ 2532.122681] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2532.122681]    program syz-executor.0 not setting count and/or reply_len properly
09:32:07 executing program 3:
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$inet6_sctp(0xa, 0x6, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:07 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], []]}, 0x934)

09:32:07 executing program 4:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = shmget(0x1, 0x4000, 0x78000004, &(0x7f0000ffa000/0x4000)=nil)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f0000000040)={{0x2, @name="3b103c0db29bc63bd97d3bbff3f4fe34a918ef563bd6ccf4a3b10a1ca1322a81"}, "b02b0d8ac53325b30f2394e96a47d12f13b6b25838e181afcb19844045353997", 0x2})
r2 = shmget$private(0x0, 0x3000, 0xa, &(0x7f0000ffa000/0x3000)=nil)
shmctl$IPC_RMID(r2, 0x0)

[ 2532.213507] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2532.295721] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2532.320324] CPU: 1 PID: 17704 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2532.327385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2532.336767] Call Trace:
[ 2532.339374]  dump_stack+0x172/0x1f0
09:32:07 executing program 4 (fault-call:1 fault-nth:0):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2532.343027]  dump_header+0x15e/0x929
[ 2532.346747]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2532.351855]  ? ___ratelimit+0x60/0x595
[ 2532.355750]  ? do_raw_spin_unlock+0x57/0x270
[ 2532.360170]  oom_kill_process.cold+0x10/0x6ef
[ 2532.364677]  ? task_will_free_mem+0x139/0x6e0
[ 2532.369201]  out_of_memory+0x936/0x12d0
[ 2532.373189]  ? lock_downgrade+0x810/0x810
[ 2532.373209]  ? oom_killer_disable+0x280/0x280
[ 2532.373222]  ? find_held_lock+0x35/0x130
[ 2532.373250]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2532.390751]  ? memcg_event_wake+0x230/0x230
09:32:07 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2532.395089]  ? do_raw_spin_unlock+0x57/0x270
[ 2532.399508]  ? _raw_spin_unlock+0x2d/0x50
[ 2532.403767]  try_charge+0x1028/0x15b0
[ 2532.407579]  ? find_held_lock+0x35/0x130
[ 2532.411663]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2532.416528]  ? kasan_check_read+0x11/0x20
[ 2532.420687]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2532.425544]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2532.430143]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2532.435087]  wp_page_copy+0x430/0x16a0
[ 2532.438992]  ? follow_pfn+0x2a0/0x2a0
[ 2532.442800]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2532.447913]  ? kasan_check_read+0x11/0x20
[ 2532.452068]  ? do_raw_spin_unlock+0x57/0x270
[ 2532.456491]  do_wp_page+0x57d/0x10b0
[ 2532.460226]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2532.464907]  ? kasan_check_write+0x14/0x20
[ 2532.469156]  ? do_raw_spin_lock+0xc8/0x240
[ 2532.473411]  __handle_mm_fault+0x2305/0x3f80
[ 2532.477831]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2532.482694]  ? find_held_lock+0x35/0x130
[ 2532.486760]  ? handle_mm_fault+0x322/0xb30
[ 2532.491013]  ? kasan_check_read+0x11/0x20
[ 2532.495167]  handle_mm_fault+0x43f/0xb30
[ 2532.499250]  __do_page_fault+0x62a/0xe90
[ 2532.503330]  ? vmalloc_fault+0x740/0x740
[ 2532.507406]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2532.512422]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2532.517354]  ? page_fault+0x8/0x30
[ 2532.517375]  do_page_fault+0x71/0x57d
[ 2532.517388]  ? page_fault+0x8/0x30
[ 2532.517406]  page_fault+0x1e/0x30
[ 2532.531700] RIP: 0033:0x40bc28
[ 2532.534905] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 88 2c 00 00 8b 05 e2 c3 32 00 48 8b 15 73 48 66 00 83 c0 01 <89> 05 d2 c3 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f
[ 2532.553807] RSP: 002b:00007fff8354f740 EFLAGS: 00010202
[ 2532.559155] RAX: 0000000000000001 RBX: 0000001b2cf20014 RCX: 0000001b2df20000
[ 2532.566413] RDX: 0000001b2cf20000 RSI: 0000000000001441 RDI: ffffffffb0db9441
[ 2532.573679] RBP: 0000001b2cf20018 R08: 00000000b0db9441 R09: 00000000b0db9445
[ 2532.580929] R10: 00007fff8354f880 R11: 0000000000000246 R12: 0000001b2cf2001c
[ 2532.588193] R13: 000000000026a33e R14: 000000000075bf20 R15: 000000000075bf2c
09:32:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [], [], [], [], []]}, 0x934)

09:32:07 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x300, 0x3c, 0x0, &(0x7f0000000040))

09:32:07 executing program 2 (fault-call:3 fault-nth:0):
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2532.610409] Task in /syz5 killed as a result of limit of /syz5
[ 2532.629696] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2532.629696]    program syz-executor.0 not setting count and/or reply_len properly
[ 2532.655328] memory: usage 307200kB, limit 307200kB, failcnt 16324
[ 2532.657196] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2532.670494] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2532.675630] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2532.675765] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2532.691479] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2532.700395] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2532.709308] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2532.718298] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2532.727192] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2532.728973] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2532.736094] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2532.793545] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2532.819036] Memory cgroup out of memory: Kill process 17704 (syz-executor.5) score 1103 or sacrifice child
[ 2532.829685] Killed process 17704 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:08 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000000f00", 0x2e}], 0x1}, 0x0)

09:32:08 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0xfef7)
socket$inet6_sctp(0xa, 0x0, 0x84)

09:32:08 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:08 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2, 0x0, &(0x7f0000000040))

09:32:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c], [], [], [], [], [], [], []]}, 0x905)

[ 2532.843894] oom_reaper: reaped process 17704 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:08 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [], [], [], [], [], []]}, 0x934)

[ 2532.994191] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2533.013978] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2533.019413] CPU: 0 PID: 18036 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2533.026424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2533.035784] Call Trace:
[ 2533.038386]  dump_stack+0x172/0x1f0
09:32:08 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x4000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2533.042033]  dump_header+0x15e/0x929
[ 2533.045756]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2533.050855]  ? ___ratelimit+0x60/0x595
[ 2533.054748]  ? do_raw_spin_unlock+0x57/0x270
[ 2533.059168]  oom_kill_process.cold+0x10/0x6ef
[ 2533.063685]  ? task_will_free_mem+0x139/0x6e0
[ 2533.068200]  out_of_memory+0x936/0x12d0
[ 2533.072186]  ? lock_downgrade+0x810/0x810
[ 2533.076346]  ? oom_killer_disable+0x280/0x280
[ 2533.080853]  ? find_held_lock+0x35/0x130
[ 2533.084934]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2533.089787]  ? memcg_event_wake+0x230/0x230
09:32:08 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [], [], [], [], [], []]}, 0x934)

[ 2533.094125]  ? do_raw_spin_unlock+0x57/0x270
[ 2533.098541]  ? _raw_spin_unlock+0x2d/0x50
[ 2533.102707]  try_charge+0x1028/0x15b0
[ 2533.106523]  ? find_held_lock+0x35/0x130
[ 2533.110603]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2533.115458]  ? kasan_check_read+0x11/0x20
[ 2533.119619]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2533.124471]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2533.129075]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2533.134020]  wp_page_copy+0x430/0x16a0
[ 2533.137928]  ? follow_pfn+0x2a0/0x2a0
09:32:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50], [], [], [], [], [], [], []]}, 0x905)

09:32:08 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3, 0x0, &(0x7f0000000040))

[ 2533.141734]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2533.146845]  ? kasan_check_read+0x11/0x20
[ 2533.150995]  ? do_raw_spin_unlock+0x57/0x270
[ 2533.155402]  do_wp_page+0x57d/0x10b0
[ 2533.155420]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2533.155435]  ? kasan_check_write+0x14/0x20
[ 2533.155447]  ? do_raw_spin_lock+0xc8/0x240
[ 2533.155466]  __handle_mm_fault+0x2305/0x3f80
[ 2533.155486]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2533.155502]  ? find_held_lock+0x35/0x130
[ 2533.155517]  ? handle_mm_fault+0x322/0xb30
[ 2533.155538]  ? kasan_check_read+0x11/0x20
[ 2533.155554]  handle_mm_fault+0x43f/0xb30
[ 2533.155574]  __do_page_fault+0x62a/0xe90
[ 2533.155593]  ? vmalloc_fault+0x740/0x740
[ 2533.206164]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2533.211188]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2533.211205]  ? page_fault+0x8/0x30
[ 2533.211226]  do_page_fault+0x71/0x57d
[ 2533.223464]  ? page_fault+0x8/0x30
[ 2533.227014]  page_fault+0x1e/0x30
[ 2533.230472] RIP: 0033:0x40bc28
09:32:08 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x100)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000000c0)={<r2=>0x0, 0x8, 0x20, 0x451, 0x5}, &(0x7f0000000100)=0x18)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={r2, @in={{0x2, 0x4e20, @multicast2}}, 0x75, 0xf, 0x136, 0xffffffffffff8000, 0x6}, 0x98)
ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f0000000200))

[ 2533.233672] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 88 2c 00 00 8b 05 e2 c3 32 00 48 8b 15 73 48 66 00 83 c0 01 <89> 05 d2 c3 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f
[ 2533.252577] RSP: 002b:00007fff8354f740 EFLAGS: 00010202
[ 2533.257945] RAX: 0000000000000001 RBX: 0000001b2cf20014 RCX: 0000001b2df20000
[ 2533.257955] RDX: 0000001b2cf20000 RSI: 0000000000001441 RDI: ffffffffb0db9441
[ 2533.257964] RBP: 0000001b2cf20018 R08: 00000000b0db9441 R09: 00000000b0db9445
[ 2533.257974] R10: 00007fff8354f880 R11: 0000000000000246 R12: 0000001b2cf2001c
[ 2533.257983] R13: 000000000026a663 R14: 000000000075bf20 R15: 000000000075bf2c
09:32:08 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x7600}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2533.460239] Task in /syz5 killed as a result of limit of /syz5
[ 2533.466393] memory: usage 307200kB, limit 307200kB, failcnt 16361
[ 2533.479762] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2533.486623] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2533.492778] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2533.535046] Memory cgroup out of memory: Kill process 18036 (syz-executor.5) score 1103 or sacrifice child
09:32:08 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001100f00", 0x2e}], 0x1}, 0x0)

09:32:08 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x4, 0x0, &(0x7f0000000040))

09:32:08 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8, 0x80000)
ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f00000000c0)={[0x0, 0x2, 0x7000], 0xfffffffffffffffc, 0x4, 0x101})

09:32:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60], [], [], [], [], [], [], []]}, 0x905)

09:32:08 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x9600}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:08 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50], [], [], [], [], [], []]}, 0x934)

[ 2533.566763] Killed process 18036 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2533.582296] oom_reaper: reaped process 18036 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
09:32:08 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x5, 0x0, &(0x7f0000000040))

[ 2533.748647] scsi_io_completion_action: 2 callbacks suppressed
[ 2533.748994] sd 0:0:1:0: [sg0] tag#4745 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2533.764891] sd 0:0:1:0: [sg0] tag#4745 CDB: Write(10)
[ 2533.770718] sd 0:0:1:0: [sg0] tag#4745 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2533.780130] sd 0:0:1:0: [sg0] tag#4745 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2533.781011] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.5'.
09:32:08 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x400000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:08 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x6, 0x0, &(0x7f0000000040))

09:32:08 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040))

[ 2533.789372] sd 0:0:1:0: [sg0] tag#4745 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2533.807187] sd 0:0:1:0: [sg0] tag#4745 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2533.816566] sd 0:0:1:0: [sg0] tag#4745 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2533.825825] sd 0:0:1:0: [sg0] tag#4745 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2533.835185] sd 0:0:1:0: [sg0] tag#4745 CDB[60]: d8 9b 15 da 44
09:32:09 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87], [], [], [], [], [], []]}, 0x934)

09:32:09 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x7, 0x0, &(0x7f0000000040))

[ 2534.109888] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2534.118876] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2534.124393] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2534.133292] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2534.142156] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2534.151091] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2534.160000] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2534.168917] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2534.177820] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2534.358797] syz-executor.5 invoked oom-killer: gfp_mask=0x6040d0(GFP_KERNEL|__GFP_COMP|__GFP_RECLAIMABLE), nodemask=(null), order=0, oom_score_adj=1000
[ 2534.382090] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2534.403117] CPU: 0 PID: 18587 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2534.410259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2534.419623] Call Trace:
[ 2534.422234]  dump_stack+0x172/0x1f0
[ 2534.425885]  dump_header+0x15e/0x929
[ 2534.429623]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2534.434742]  ? ___ratelimit+0x60/0x595
[ 2534.438633]  ? do_raw_spin_unlock+0x57/0x270
[ 2534.443034]  oom_kill_process.cold+0x10/0x6ef
[ 2534.447520]  ? task_will_free_mem+0x139/0x6e0
[ 2534.452007]  out_of_memory+0x936/0x12d0
[ 2534.455969]  ? lock_downgrade+0x810/0x810
[ 2534.460105]  ? oom_killer_disable+0x280/0x280
[ 2534.464585]  ? find_held_lock+0x35/0x130
[ 2534.468637]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2534.473473]  ? memcg_event_wake+0x230/0x230
[ 2534.477790]  ? do_raw_spin_unlock+0x57/0x270
[ 2534.482192]  ? _raw_spin_unlock+0x2d/0x50
[ 2534.486340]  try_charge+0x1028/0x15b0
[ 2534.490133]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2534.494966]  ? rcu_read_lock_sched_held+0x110/0x130
[ 2534.499967]  ? __alloc_pages_nodemask+0x63c/0x760
[ 2534.504889]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2534.509545]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2534.514034]  ? cache_grow_begin+0x594/0x8b0
[ 2534.518348]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2534.522919]  ? trace_hardirqs_on+0x67/0x220
[ 2534.527243]  cache_grow_begin+0x25f/0x8b0
[ 2534.531378]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 2534.536903]  ? __cpuset_node_allowed+0x136/0x540
[ 2534.541642]  fallback_alloc+0x1fd/0x2d0
[ 2534.545607]  ____cache_alloc_node+0x1be/0x1e0
[ 2534.550085]  kmem_cache_alloc+0x1f3/0x700
[ 2534.554231]  ? lookup_one_len+0x10e/0x1a0
[ 2534.558381]  alloc_inode+0xb6/0x190
[ 2534.561997]  new_inode_pseudo+0x19/0xf0
[ 2534.565955]  new_inode+0x1f/0x40
[ 2534.569362]  debugfs_get_inode+0x1a/0x130
[ 2534.573507]  __debugfs_create_file+0xb9/0x400
[ 2534.578003]  debugfs_create_file+0x5a/0x70
[ 2534.582311]  cfg80211_debugfs_rdev_add+0x7e/0xf0
[ 2534.587106]  wiphy_register+0x1a5e/0x23e0
[ 2534.591246]  ? wiphy_unregister+0xfd0/0xfd0
[ 2534.595557]  ? rcu_read_lock_sched_held+0x110/0x130
[ 2534.600556]  ? __kmalloc+0x5e1/0x750
[ 2534.604255]  ? trace_hardirqs_on+0x67/0x220
[ 2534.608562]  ? kasan_check_read+0x11/0x20
[ 2534.612695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2534.618281]  ? ieee80211_cs_list_valid+0x1a1/0x280
[ 2534.623201]  ieee80211_register_hw+0x1568/0x3860
[ 2534.627952]  ? ieee80211_ifa_changed+0xc70/0xc70
[ 2534.632718]  ? hrtimer_init+0x8b/0x300
[ 2534.636631]  ? mac80211_hwsim_set_tsf+0x220/0x220
[ 2534.641463]  mac80211_hwsim_new_radio+0x1ca6/0x3e00
[ 2534.646466]  ? irq_work_queue+0x30/0x90
[ 2534.650432]  ? hwsim_exit_net+0xc50/0xc50
[ 2534.654573]  ? vprintk_default+0x28/0x30
[ 2534.658632]  ? vprintk_func+0x86/0x189
[ 2534.662511]  hwsim_new_radio_nl+0x5eb/0x893
[ 2534.666819]  ? mac80211_hwsim_new_radio+0x3e00/0x3e00
[ 2534.671995]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2534.677106]  ? nla_parse+0x1fc/0x2f0
[ 2534.680879]  genl_family_rcv_msg+0x6db/0xd30
[ 2534.685279]  ? genl_unregister_family+0x790/0x790
[ 2534.690106]  ? __local_bh_enable_ip+0x15a/0x270
[ 2534.694780]  ? __dev_queue_xmit+0x892/0x3010
[ 2534.699180]  genl_rcv_msg+0xca/0x16c
[ 2534.702885]  netlink_rcv_skb+0x17d/0x460
[ 2534.706933]  ? genl_family_rcv_msg+0xd30/0xd30
[ 2534.711499]  ? netlink_ack+0xb50/0xb50
[ 2534.715382]  genl_rcv+0x29/0x40
[ 2534.718656]  netlink_unicast+0x537/0x720
[ 2534.722711]  ? netlink_attachskb+0x770/0x770
[ 2534.727108]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2534.732634]  netlink_sendmsg+0x8ae/0xd70
[ 2534.736685]  ? netlink_unicast+0x720/0x720
[ 2534.740907]  ? selinux_socket_sendmsg+0x36/0x40
[ 2534.745558]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2534.751076]  ? security_socket_sendmsg+0x8d/0xc0
[ 2534.755820]  ? netlink_unicast+0x720/0x720
[ 2534.760043]  sock_sendmsg+0xd7/0x130
[ 2534.763743]  ___sys_sendmsg+0x803/0x920
[ 2534.767704]  ? copy_msghdr_from_user+0x430/0x430
[ 2534.772448]  ? lock_downgrade+0x810/0x810
[ 2534.776585]  ? kasan_check_read+0x11/0x20
[ 2534.780736]  ? __fget+0x367/0x540
[ 2534.784177]  ? iterate_fd+0x360/0x360
[ 2534.787965]  ? lock_downgrade+0x810/0x810
[ 2534.792102]  ? __fget_light+0x1a9/0x230
[ 2534.796061]  ? __fdget+0x1b/0x20
[ 2534.799429]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 2534.804958]  __sys_sendmsg+0x105/0x1d0
[ 2534.808833]  ? __ia32_sys_shutdown+0x80/0x80
[ 2534.813251]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2534.817999]  ? do_syscall_64+0x26/0x620
[ 2534.821963]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2534.827310]  ? do_syscall_64+0x26/0x620
[ 2534.831275]  __x64_sys_sendmsg+0x78/0xb0
[ 2534.835324]  do_syscall_64+0xfd/0x620
[ 2534.839112]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2534.844284] RIP: 0033:0x4592c9
[ 2534.847459] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 2534.866343] RSP: 002b:00007fd036cd9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2534.874048] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9
[ 2534.881397] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2534.888649] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 2534.895902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd036cda6d4
[ 2534.903156] R13: 00000000004c6f76 R14: 00000000004dc0b0 R15: 00000000ffffffff
[ 2534.915280] Task in /syz5 killed as a result of limit of /syz5
[ 2534.921908] memory: usage 307200kB, limit 307200kB, failcnt 16405
[ 2534.929134] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2534.935963] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2534.942118] Memory cgroup stats for /syz5: cache:0KB rss:224KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2534.962133] Memory cgroup out of memory: Kill process 18491 (syz-executor.5) score 1103 or sacrifice child
[ 2534.972774] Killed process 18491 (syz-executor.5) total-vm:72712kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2534.984751] oom_reaper: reaped process 18491 (syz-executor.5), now anon-rss:0kB, file-rss:34768kB, shmem-rss:0kB
09:32:10 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001000", 0x2e}], 0x1}, 0x0)

09:32:10 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68], [], [], [], [], [], [], []]}, 0x905)

09:32:10 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TIOCSERGETLSR(r1, 0x5459, &(0x7f0000000080))

09:32:10 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x8, 0x0, &(0x7f0000000040))

09:32:10 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x50e000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:10 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], [], [], [], [], [], []]}, 0x934)

[ 2535.102144] sg_write: 5 callbacks suppressed
[ 2535.102158] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2535.102158]    program syz-executor.0 not setting count and/or reply_len properly
[ 2535.106940] sd 0:0:1:0: [sg0] tag#4745 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2535.132311] sd 0:0:1:0: [sg0] tag#4745 CDB: Write(10)
[ 2535.138611] sd 0:0:1:0: [sg0] tag#4745 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
09:32:10 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x9, 0x0, &(0x7f0000000040))

[ 2535.148141] sd 0:0:1:0: [sg0] tag#4745 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2535.157653] sd 0:0:1:0: [sg0] tag#4745 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2535.167787] sd 0:0:1:0: [sg0] tag#4745 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2535.177706] sd 0:0:1:0: [sg0] tag#4745 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2535.187018] sd 0:0:1:0: [sg0] tag#4745 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:10 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@local, @local}, &(0x7f0000000300)=0xc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x10000, 0x4)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="060327bd70060004000000080006001f0000000c000200080002004e21000008000500ff7fffff14000200080002004e210000080006000100008008000400000200"/78], 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
ioctl$int_out(r0, 0x2, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2535.196849] sd 0:0:1:0: [sg0] tag#4745 CDB[60]: d8 9b 15 da 44
[ 2535.216761] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:10 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c], [], [], [], [], [], [], []]}, 0x905)

09:32:10 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xa, 0x0, &(0x7f0000000040))

[ 2535.253180] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2535.267899] CPU: 0 PID: 18919 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2535.274943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2535.284292] Call Trace:
[ 2535.284316]  dump_stack+0x172/0x1f0
[ 2535.284337]  dump_header+0x15e/0x929
[ 2535.284354]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2535.284369]  ? ___ratelimit+0x60/0x595
[ 2535.284388]  ? do_raw_spin_unlock+0x57/0x270
[ 2535.290577]  oom_kill_process.cold+0x10/0x6ef
[ 2535.290598]  ? task_will_free_mem+0x139/0x6e0
[ 2535.290612]  ? find_held_lock+0x35/0x130
[ 2535.290632]  out_of_memory+0x936/0x12d0
[ 2535.324684]  ? lock_downgrade+0x810/0x810
[ 2535.328848]  ? oom_killer_disable+0x280/0x280
[ 2535.333352]  ? find_held_lock+0x35/0x130
[ 2535.337435]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2535.342284]  ? memcg_event_wake+0x230/0x230
[ 2535.346619]  ? do_raw_spin_unlock+0x57/0x270
[ 2535.351037]  ? _raw_spin_unlock+0x2d/0x50
[ 2535.355197]  try_charge+0x1028/0x15b0
[ 2535.359008]  ? find_held_lock+0x35/0x130
[ 2535.363087]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2535.367633] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2535.367633]    program syz-executor.0 not setting count and/or reply_len properly
[ 2535.367942]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2535.388811]  ? find_held_lock+0x35/0x130
[ 2535.392883]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2535.397748]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2535.402443]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2535.406960]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2535.411814]  memcg_kmem_charge+0x136/0x300
[ 2535.416075]  __alloc_pages_nodemask+0x3c6/0x760
[ 2535.420756]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2535.425787]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2535.430379]  ? trace_hardirqs_on+0x67/0x220
[ 2535.434710]  ? kasan_check_read+0x11/0x20
[ 2535.438873]  copy_process.part.0+0x3e0/0x7a30
[ 2535.443378]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2535.448492]  ? delayacct_end+0x5c/0x100
09:32:10 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xb, 0x0, &(0x7f0000000040))

[ 2535.452487]  ? __delayacct_freepages_end+0xe0/0x140
[ 2535.457519]  ? __lock_acquire+0x6eb/0x48f0
[ 2535.461773]  ? __cleanup_sighand+0x70/0x70
[ 2535.466021]  ? mark_held_locks+0x100/0x100
[ 2535.470278]  _do_fork+0x257/0xfd0
[ 2535.473745]  ? fork_idle+0x1d0/0x1d0
[ 2535.477477]  ? blkcg_print_stat+0xb90/0xb90
[ 2535.481800]  ? kasan_check_read+0x11/0x20
[ 2535.485953]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2535.490715]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2535.495482]  ? do_syscall_64+0x26/0x620
09:32:10 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], [], [], [], [], [], []]}, 0x934)

[ 2535.499465]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2535.504836]  ? do_syscall_64+0x26/0x620
[ 2535.508823]  __x64_sys_clone+0xbf/0x150
[ 2535.512807]  do_syscall_64+0xfd/0x620
[ 2535.516612]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2535.521793] RIP: 0033:0x45bc99
[ 2535.524993] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2535.543908] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2535.551631] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2535.558999] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2535.566278] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2535.573558] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2535.580834] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2535.589707] sd 0:0:1:0: [sg0] tag#4737 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2535.598738] sd 0:0:1:0: [sg0] tag#4737 CDB: Write(10)
[ 2535.604028] sd 0:0:1:0: [sg0] tag#4737 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2535.612958] sd 0:0:1:0: [sg0] tag#4737 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2535.621831] sd 0:0:1:0: [sg0] tag#4737 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2535.631352] sd 0:0:1:0: [sg0] tag#4737 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2535.640294] sd 0:0:1:0: [sg0] tag#4737 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2535.649204] sd 0:0:1:0: [sg0] tag#4737 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2535.658107] sd 0:0:1:0: [sg0] tag#4737 CDB[60]: d8 9b 15 da 44
[ 2535.673154] Task in /syz5 killed as a result of limit of /syz5
[ 2535.684429] memory: usage 307180kB, limit 307200kB, failcnt 16449
[ 2535.702435] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2535.702435]    program syz-executor.1 not setting count and/or reply_len properly
[ 2535.708061] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2535.728783] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2535.743165] Memory cgroup stats for /syz5: cache:0KB rss:224KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2535.767775] Memory cgroup out of memory: Kill process 18919 (syz-executor.5) score 1103 or sacrifice child
[ 2535.783541] Killed process 18919 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:10 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101000", 0x2e}], 0x1}, 0x0)

09:32:10 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74], [], [], [], [], [], [], []]}, 0x905)

09:32:10 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x607100}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:10 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
fcntl$getflags(r0, 0x40b)

09:32:10 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xc, 0x0, &(0x7f0000000040))

[ 2535.799293] oom_reaper: reaped process 18919 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
09:32:11 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000000c0)={<r2=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r2, 0x0, r0})

[ 2535.905124] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2535.905124]    program syz-executor.0 not setting count and/or reply_len properly
[ 2535.906174] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:11 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xd, 0x0, &(0x7f0000000040))

[ 2535.957649] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2535.976060] CPU: 0 PID: 19154 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2535.983124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2535.992492] Call Trace:
[ 2535.995102]  dump_stack+0x172/0x1f0
[ 2535.998742]  dump_header+0x15e/0x929
[ 2536.002471]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2536.007590]  ? ___ratelimit+0x60/0x595
[ 2536.011490]  ? do_raw_spin_unlock+0x57/0x270
[ 2536.015917]  oom_kill_process.cold+0x10/0x6ef
[ 2536.020436]  ? task_will_free_mem+0x139/0x6e0
[ 2536.024943]  ? find_held_lock+0x35/0x130
[ 2536.029011]  out_of_memory+0x936/0x12d0
[ 2536.032989]  ? lock_downgrade+0x810/0x810
[ 2536.037148]  ? oom_killer_disable+0x280/0x280
[ 2536.041645]  ? find_held_lock+0x35/0x130
[ 2536.045725]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2536.050575]  ? memcg_event_wake+0x230/0x230
09:32:11 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a], [], [], [], [], [], [], []]}, 0x905)

[ 2536.054908]  ? do_raw_spin_unlock+0x57/0x270
[ 2536.059325]  ? _raw_spin_unlock+0x2d/0x50
[ 2536.063494]  try_charge+0x1028/0x15b0
[ 2536.067701]  ? find_held_lock+0x35/0x130
[ 2536.071776]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2536.076626]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2536.081483]  ? find_held_lock+0x35/0x130
[ 2536.085559]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2536.090418]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2536.095088]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2536.099581]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2536.104416]  memcg_kmem_charge+0x136/0x300
[ 2536.108638]  __alloc_pages_nodemask+0x3c6/0x760
[ 2536.113309]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2536.118324]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2536.122893]  ? trace_hardirqs_on+0x67/0x220
[ 2536.127199]  ? kasan_check_read+0x11/0x20
[ 2536.131348]  copy_process.part.0+0x3e0/0x7a30
[ 2536.135853]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2536.140955]  ? delayacct_end+0x5c/0x100
[ 2536.144920]  ? __delayacct_freepages_end+0xe0/0x140
[ 2536.149925]  ? __lock_acquire+0x6eb/0x48f0
[ 2536.154256]  ? __cleanup_sighand+0x70/0x70
[ 2536.158500]  ? mark_held_locks+0x100/0x100
[ 2536.162741]  _do_fork+0x257/0xfd0
[ 2536.166180]  ? fork_idle+0x1d0/0x1d0
[ 2536.169882]  ? blkcg_print_stat+0xb90/0xb90
[ 2536.174198]  ? kasan_check_read+0x11/0x20
[ 2536.178344]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2536.183083]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2536.187823]  ? do_syscall_64+0x26/0x620
[ 2536.191783]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2536.197137]  ? do_syscall_64+0x26/0x620
[ 2536.201110]  __x64_sys_clone+0xbf/0x150
[ 2536.205076]  do_syscall_64+0xfd/0x620
[ 2536.208863]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2536.214043] RIP: 0033:0x45bc99
[ 2536.217235] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2536.236134] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2536.243839] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2536.251091] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
09:32:11 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000], [], [], [], [], [], []]}, 0x934)

09:32:11 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x70d000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2536.258345] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2536.265612] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2536.272882] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2536.318776] Task in /syz5 killed as a result of limit of /syz5
[ 2536.350452] memory: usage 307180kB, limit 307200kB, failcnt 16476
[ 2536.376118] sd 0:0:1:0: [sg0] tag#4752 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2536.385833] sd 0:0:1:0: [sg0] tag#4752 CDB: Write(10)
[ 2536.389947] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2536.391392] sd 0:0:1:0: [sg0] tag#4752 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2536.401452] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2536.407216] sd 0:0:1:0: [sg0] tag#4752 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2536.418734] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB
[ 2536.422367] sd 0:0:1:0: [sg0] tag#4752 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2536.422401]  shmem:0KB
[ 2536.429657] sd 0:0:1:0: [sg0] tag#4752 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2536.444903]  mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2536.450388] sd 0:0:1:0: [sg0] tag#4752 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:11 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xe, 0x0, &(0x7f0000000040))

[ 2536.470102] Memory cgroup out of memory: Kill process 19154 (syz-executor.5) score 1103 or sacrifice child
[ 2536.472676] sd 0:0:1:0: [sg0] tag#4752 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2536.492277] sd 0:0:1:0: [sg0] tag#4752 CDB[60]: d8 9b 15 da 44
[ 2536.497037] Killed process 19154 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2536.511792] oom_reaper: reaped process 19154 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2536.519639] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2536.519639]    program syz-executor.0 not setting count and/or reply_len properly
[ 2536.525741] sock: process `syz-executor.4' is using obsolete getsockopt SO_BSDCOMPAT
09:32:11 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x716000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:11 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101100", 0x2e}], 0x1}, 0x0)

09:32:11 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0xf, 0x0, &(0x7f0000000040))

09:32:11 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x9, 0x7ff, 0x375d, 0x905, 0x9, 0x1ff, 0x1, 0x6, 0x8, 0xfff, 0x10000}, 0xb)

[ 2536.733874] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2536.762925] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2536.772207] CPU: 0 PID: 19578 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2536.779244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2536.788606] Call Trace:
[ 2536.791212]  dump_stack+0x172/0x1f0
[ 2536.794861]  dump_header+0x15e/0x929
[ 2536.798589]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2536.803702]  ? ___ratelimit+0x60/0x595
[ 2536.807598]  ? do_raw_spin_unlock+0x57/0x270
[ 2536.812013]  oom_kill_process.cold+0x10/0x6ef
[ 2536.816520]  ? task_will_free_mem+0x139/0x6e0
[ 2536.821028]  ? find_held_lock+0x35/0x130
[ 2536.825105]  out_of_memory+0x936/0x12d0
[ 2536.829095]  ? lock_downgrade+0x810/0x810
09:32:11 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d], [], [], [], [], [], [], []]}, 0x905)

09:32:11 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000001c0), &(0x7f0000000180)=0xfffffe7b)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x20000, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f00000000c0))
setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000140)={{&(0x7f0000000000)=""/18, 0x12}, &(0x7f0000000040), 0x19}, 0x20)
ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000100)="5d35c635d088c7d4de5be05bfef6764382820459664536ac304f28bccf13fa3f32318066065cebfaf6a02b034aff")

[ 2536.833255]  ? oom_killer_disable+0x280/0x280
[ 2536.837756]  ? find_held_lock+0x35/0x130
[ 2536.841834]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2536.846683]  ? memcg_event_wake+0x230/0x230
[ 2536.851010]  ? do_raw_spin_unlock+0x57/0x270
[ 2536.855430]  ? _raw_spin_unlock+0x2d/0x50
[ 2536.859592]  try_charge+0x1028/0x15b0
[ 2536.863408]  ? find_held_lock+0x35/0x130
[ 2536.867491]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2536.872354]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2536.877203]  ? find_held_lock+0x35/0x130
09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x10, 0x0, &(0x7f0000000040))

[ 2536.877219]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2536.877244]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2536.886113]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2536.886131]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2536.886149]  memcg_kmem_charge+0x136/0x300
[ 2536.886167]  __alloc_pages_nodemask+0x3c6/0x760
[ 2536.886183]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2536.886202]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2536.886218]  ? trace_hardirqs_on+0x67/0x220
[ 2536.886234]  ? kasan_check_read+0x11/0x20
[ 2536.927730]  copy_process.part.0+0x3e0/0x7a30
09:32:12 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x760000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2536.931994] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2536.931994]    program syz-executor.0 not setting count and/or reply_len properly
[ 2536.932236]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2536.932252]  ? delayacct_end+0x5c/0x100
[ 2536.932276]  ? __delayacct_freepages_end+0xe0/0x140
[ 2536.962396]  ? __lock_acquire+0x6eb/0x48f0
[ 2536.966658]  ? __cleanup_sighand+0x70/0x70
[ 2536.971609]  ? mark_held_locks+0x100/0x100
[ 2536.975851]  _do_fork+0x257/0xfd0
[ 2536.975871]  ? fork_idle+0x1d0/0x1d0
[ 2536.975892]  ? blkcg_print_stat+0xb90/0xb90
[ 2536.975907]  ? kasan_check_read+0x11/0x20
[ 2536.975924]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2536.996283]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2537.001054]  ? do_syscall_64+0x26/0x620
[ 2537.005040]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2537.010412]  ? do_syscall_64+0x26/0x620
[ 2537.014407]  __x64_sys_clone+0xbf/0x150
[ 2537.018404]  do_syscall_64+0xfd/0x620
[ 2537.022224]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2537.027419] RIP: 0033:0x45bc99
09:32:12 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x472c, 0x10400)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x4, &(0x7f0000000140)={0xe4}, 0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2537.030619] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2537.049527] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2537.057251] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2537.064527] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2537.071808] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
09:32:12 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700], [], [], [], [], [], []]}, 0x934)

09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x11, 0x0, &(0x7f0000000040))

[ 2537.079084] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2537.086352] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2537.127871] Task in /syz5 killed as a result of limit of /syz5
[ 2537.138444] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2537.149028] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2537.152996] memory: usage 307184kB, limit 307200kB, failcnt 16511
[ 2537.154603] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2537.160509] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2537.160518] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2537.160532] Memory cgroup stats for 
[ 2537.169724] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2537.182669] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2537.204544] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2537.213769] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], [], [], [], [], [], [], []]}, 0x905)

[ 2537.223348] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2537.232300] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2537.264732] /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x12, 0x0, &(0x7f0000000040))

[ 2537.310121] Memory cgroup out of memory: Kill process 19578 (syz-executor.5) score 1103 or sacrifice child
[ 2537.339632] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2537.339632]    program syz-executor.0 not setting count and/or reply_len properly
09:32:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001200", 0x2e}], 0x1}, 0x0)

09:32:12 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x3, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
fcntl$getown(r0, 0x9)

09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x13, 0x0, &(0x7f0000000040))

09:32:12 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x960000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:12 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [], [], [], [], [], []]}, 0x934)

[ 2537.389311] Killed process 19578 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:12 executing program 3:
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x14, 0x0, &(0x7f0000000040))

[ 2537.527358] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2537.538353] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2537.543843] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2537.553695] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2537.562981] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
09:32:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], [], [], [], [], [], [], []]}, 0x905)

[ 2537.572461] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2537.581975] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2537.591219] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2537.600579] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:12 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0xd07000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2537.622666] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2537.668699] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2537.668699]    program syz-executor.0 not setting count and/or reply_len properly
[ 2537.670534] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2537.708456] CPU: 0 PID: 19954 Comm: syz-executor.5 Not tainted 4.19.55 #27
09:32:12 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x15, 0x0, &(0x7f0000000040))

[ 2537.715500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2537.724856] Call Trace:
[ 2537.727464]  dump_stack+0x172/0x1f0
[ 2537.731110]  dump_header+0x15e/0x929
[ 2537.734836]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2537.739954]  ? ___ratelimit+0x60/0x595
[ 2537.743853]  ? do_raw_spin_unlock+0x57/0x270
[ 2537.748288]  oom_kill_process.cold+0x10/0x6ef
[ 2537.752799]  ? task_will_free_mem+0x139/0x6e0
[ 2537.757311]  ? find_held_lock+0x35/0x130
[ 2537.761392]  out_of_memory+0x936/0x12d0
09:32:12 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2537.765384]  ? lock_downgrade+0x810/0x810
[ 2537.769549]  ? oom_killer_disable+0x280/0x280
[ 2537.774055]  ? find_held_lock+0x35/0x130
[ 2537.778136]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2537.783003]  ? memcg_event_wake+0x230/0x230
[ 2537.783024]  ? do_raw_spin_unlock+0x57/0x270
[ 2537.783038]  ? _raw_spin_unlock+0x2d/0x50
[ 2537.783057]  try_charge+0x1028/0x15b0
[ 2537.791761]  ? find_held_lock+0x35/0x130
[ 2537.791786]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2537.791803]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2537.813446]  ? find_held_lock+0x35/0x130
09:32:12 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0xe05000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2537.817534]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2537.822396]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2537.827076]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2537.831587]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2537.836453]  memcg_kmem_charge+0x136/0x300
[ 2537.840698]  __alloc_pages_nodemask+0x3c6/0x760
[ 2537.846693]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2537.851727]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2537.856327]  ? trace_hardirqs_on+0x67/0x220
[ 2537.860676]  copy_process.part.0+0x3e0/0x7a30
09:32:13 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(r1, 0xc080aebe, &(0x7f00000000c0)={0x0, 0x0, 0x2080})
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000002140)={<r2=>0x0}, &(0x7f0000002180)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000021c0)={r2}, &(0x7f0000002200)=0x8)

[ 2537.865182]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2537.870302]  ? delayacct_end+0x5c/0x100
[ 2537.874297]  ? __delayacct_freepages_end+0xe0/0x140
[ 2537.879328]  ? __lock_acquire+0x6eb/0x48f0
[ 2537.883585]  ? __cleanup_sighand+0x70/0x70
[ 2537.887838]  ? mark_held_locks+0x100/0x100
[ 2537.892094]  _do_fork+0x257/0xfd0
[ 2537.895567]  ? fork_idle+0x1d0/0x1d0
[ 2537.899298]  ? blkcg_print_stat+0xb90/0xb90
[ 2537.903622]  ? kasan_check_read+0x11/0x20
[ 2537.907778]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2537.912540]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2537.917308]  ? do_syscall_64+0x26/0x620
[ 2537.921294]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2537.926666]  ? do_syscall_64+0x26/0x620
[ 2537.930655]  __x64_sys_clone+0xbf/0x150
[ 2537.934649]  do_syscall_64+0xfd/0x620
[ 2537.938476]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2537.943661] RIP: 0033:0x45bc99
[ 2537.943675] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2537.943683] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2537.943698] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2537.943710] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2537.965784] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2537.965794] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2537.965803] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2537.996870] Task in /syz5 killed as a result of limit of /syz5
[ 2538.028404] memory: usage 307188kB, limit 307200kB, failcnt 16542
[ 2538.048426] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2538.071201] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2538.103127] Memory cgroup stats for /syz5: cache:0KB rss:92KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:13 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101200", 0x2e}], 0x1}, 0x0)

09:32:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600], [], [], [], [], [], [], []]}, 0x905)

09:32:13 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000000))
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000240)=""/148, 0x94}], 0x30, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
preadv(r1, &(0x7f00000004c0)=[{&(0x7f0000000400)=""/159}, {&(0x7f00000013c0)=""/4096}], 0x400, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000080)={0x0, @speck128, 0xe13c7cbefbebcbd9, "f7c49f3bee9cc53a"})

09:32:13 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x400000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:13 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [], [], [], [], [], []]}, 0x934)

09:32:13 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x19, 0x0, &(0x7f0000000040))

[ 2538.147131] Memory cgroup out of memory: Kill process 19954 (syz-executor.5) score 1103 or sacrifice child
[ 2538.157763] Killed process 19954 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2538.175862] oom_reaper: reaped process 19954 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2538.218407] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2538.228479] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2538.231653] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2538.231653]    program syz-executor.0 not setting count and/or reply_len properly
[ 2538.234085] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2538.259407] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2538.269376] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2538.279231] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2538.288720] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2538.298622] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:13 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x1a, 0x0, &(0x7f0000000040))

[ 2538.300707] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2538.307694] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2538.373404] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2538.378926] CPU: 0 PID: 20501 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2538.385950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2538.395309] Call Trace:
[ 2538.397919]  dump_stack+0x172/0x1f0
[ 2538.401576]  dump_header+0x15e/0x929
[ 2538.405306]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2538.410425]  ? ___ratelimit+0x60/0x595
[ 2538.414323]  ? do_raw_spin_unlock+0x57/0x270
[ 2538.419298]  oom_kill_process.cold+0x10/0x6ef
[ 2538.423810]  ? task_will_free_mem+0x139/0x6e0
[ 2538.423827]  ? find_held_lock+0x35/0x130
[ 2538.423846]  out_of_memory+0x936/0x12d0
[ 2538.423863]  ? lock_downgrade+0x810/0x810
[ 2538.423879]  ? oom_killer_disable+0x280/0x280
[ 2538.423891]  ? find_held_lock+0x35/0x130
[ 2538.423915]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2538.423932]  ? memcg_event_wake+0x230/0x230
[ 2538.432461]  ? do_raw_spin_unlock+0x57/0x270
[ 2538.458226]  ? _raw_spin_unlock+0x2d/0x50
[ 2538.458249]  try_charge+0x1028/0x15b0
[ 2538.458267]  ? find_held_lock+0x35/0x130
[ 2538.470597]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2538.470614]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2538.470634]  ? find_held_lock+0x35/0x130
[ 2538.488400]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2538.493262]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2538.497938]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2538.502444]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2538.507296]  memcg_kmem_charge+0x136/0x300
[ 2538.511540]  __alloc_pages_nodemask+0x3c6/0x760
[ 2538.516230]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2538.521263]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2538.525858]  ? trace_hardirqs_on+0x67/0x220
[ 2538.530190]  ? kasan_check_read+0x11/0x20
[ 2538.534359]  copy_process.part.0+0x3e0/0x7a30
[ 2538.538870]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2538.543987]  ? delayacct_end+0x5c/0x100
[ 2538.548002]  ? __delayacct_freepages_end+0xe0/0x140
[ 2538.553035]  ? __lock_acquire+0x6eb/0x48f0
[ 2538.557297]  ? __cleanup_sighand+0x70/0x70
[ 2538.561550]  ? mark_held_locks+0x100/0x100
[ 2538.565808]  _do_fork+0x257/0xfd0
[ 2538.569281]  ? fork_idle+0x1d0/0x1d0
[ 2538.573013]  ? blkcg_print_stat+0xb90/0xb90
[ 2538.577359]  ? kasan_check_read+0x11/0x20
[ 2538.581514]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2538.586280]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2538.591046]  ? do_syscall_64+0x26/0x620
[ 2538.595206]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2538.600580]  ? do_syscall_64+0x26/0x620
[ 2538.604558]  __x64_sys_clone+0xbf/0x150
[ 2538.604577]  do_syscall_64+0xfd/0x620
[ 2538.604596]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2538.604607] RIP: 0033:0x45bc99
09:32:13 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x760000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:13 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040))

09:32:13 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], [], [], [], [], [], []]}, 0x934)

09:32:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700], [], [], [], [], [], [], []]}, 0x905)

[ 2538.604622] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2538.604628] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2538.604643] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2538.604651] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2538.604660] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2538.604669] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2538.604677] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2538.635046] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2538.697040] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2538.703336] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2538.712615] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
09:32:13 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

[ 2538.722009] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2538.731489] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2538.741103] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2538.750953] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2538.760566] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2538.767435] Task in /syz5 killed as a result of limit of /syz5
[ 2538.789934] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2538.789934]    program syz-executor.0 not setting count and/or reply_len properly
[ 2538.793268] memory: usage 307188kB, limit 307200kB, failcnt 16569
09:32:13 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x1d, 0x0, &(0x7f0000000040))

[ 2538.878190] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2538.891836] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2538.904519] Memory cgroup stats for /syz5: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:14 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001300", 0x2e}], 0x1}, 0x0)

09:32:14 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x7fffffffefff}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:14 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000040)=0xfffffcd2)

09:32:14 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x1e, 0x0, &(0x7f0000000040))

09:32:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], [], [], [], [], [], [], []]}, 0x905)

[ 2538.939314] Memory cgroup out of memory: Kill process 20501 (syz-executor.5) score 1103 or sacrifice child
[ 2538.966275] Killed process 20501 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2538.978029] oom_reaper: reaped process 20501 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
09:32:14 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:14 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x22, 0x0, &(0x7f0000000040))

09:32:14 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], [], [], [], [], [], []]}, 0x934)

[ 2539.142763] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], [], [], [], [], [], [], []]}, 0x905)

[ 2539.194929] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2539.222960] CPU: 1 PID: 20963 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2539.230023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2539.239380] Call Trace:
[ 2539.241985]  dump_stack+0x172/0x1f0
[ 2539.245638]  dump_header+0x15e/0x929
[ 2539.249365]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2539.254476]  ? ___ratelimit+0x60/0x595
[ 2539.258373]  ? do_raw_spin_unlock+0x57/0x270
[ 2539.261599] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2539.262792]  oom_kill_process.cold+0x10/0x6ef
[ 2539.262814]  ? task_will_free_mem+0x139/0x6e0
[ 2539.262838]  ? find_held_lock+0x35/0x130
[ 2539.271733] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2539.275977]  out_of_memory+0x936/0x12d0
[ 2539.275997]  ? lock_downgrade+0x810/0x810
[ 2539.276015]  ? oom_killer_disable+0x280/0x280
[ 2539.276035]  ? find_held_lock+0x35/0x130
[ 2539.280675] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2539.284568]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2539.284583]  ? memcg_event_wake+0x230/0x230
[ 2539.284603]  ? do_raw_spin_unlock+0x57/0x270
[ 2539.284624]  ? _raw_spin_unlock+0x2d/0x50
[ 2539.290019] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2539.293757]  try_charge+0x1028/0x15b0
09:32:14 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x960000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2539.293771]  ? find_held_lock+0x35/0x130
[ 2539.293794]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2539.293816]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2539.298066] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2539.302417]  ? find_held_lock+0x35/0x130
[ 2539.302438]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2539.306637] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2539.315305]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2539.315322]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2539.315343]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2539.315365]  memcg_kmem_charge+0x136/0x300
[ 2539.320376] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2539.324511]  __alloc_pages_nodemask+0x3c6/0x760
[ 2539.324530]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2539.324552]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2539.329063] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2539.333074]  ? trace_hardirqs_on+0x67/0x220
[ 2539.333097]  copy_process.part.0+0x3e0/0x7a30
09:32:14 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], [], [], [], [], [], []]}, 0x934)

[ 2539.333115]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2539.333130]  ? delayacct_end+0x5c/0x100
[ 2539.333148]  ? __delayacct_freepages_end+0xe0/0x140
[ 2539.333166]  ? __lock_acquire+0x6eb/0x48f0
[ 2539.333190]  ? __cleanup_sighand+0x70/0x70
[ 2539.342098] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2539.345781]  ? mark_held_locks+0x100/0x100
[ 2539.345810]  _do_fork+0x257/0xfd0
[ 2539.345830]  ? fork_idle+0x1d0/0x1d0
[ 2539.368359]  ? blkcg_print_stat+0xb90/0xb90
[ 2539.368376]  ? kasan_check_read+0x11/0x20
[ 2539.368392]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2539.368408]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2539.386117]  ? do_syscall_64+0x26/0x620
[ 2539.386133]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2539.386146]  ? do_syscall_64+0x26/0x620
[ 2539.386169]  __x64_sys_clone+0xbf/0x150
[ 2539.386186]  do_syscall_64+0xfd/0x620
[ 2539.386203]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2539.484920] RIP: 0033:0x45bc99
[ 2539.493359] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2539.493367] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2539.493383] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2539.493391] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2539.493399] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2539.493410] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2539.558825] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2539.558893] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2539.608020] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2539.608951] Task in 
[ 2539.613559] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2539.618310] /syz5
[ 2539.625988] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2539.629849]  killed as a result of limit of /syz5
[ 2539.637232] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2539.641961] memory: usage 307188kB, limit 307200kB, failcnt 16599
[ 2539.650937] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2539.662935] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2539.666260] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2539.677867] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2539.681901] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800], [], [], [], [], [], [], []]}, 0x905)

[ 2539.697139] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2539.706331] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2539.745015] Memory cgroup out of memory: Kill process 20963 (syz-executor.5) score 1103 or sacrifice child
[ 2539.767058] Killed process 20963 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2539.788834] oom_reaper: reaped process 20963 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:14 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101300", 0x2e}], 0x1}, 0x0)

09:32:14 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0)=0x3, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e22, @empty}], 0x10)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000100)={<r1=>0x0, 0x7fffffff, 0x1, [0x3]}, &(0x7f0000000140)=0xa)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r1, 0xffffffff}, 0x8)

09:32:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00], [], [], [], [], [], [], []]}, 0x905)

09:32:14 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x60710000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:14 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x23, 0x0, &(0x7f0000000040))

[ 2539.860237] sctp: [Deprecated]: syz-executor.3 (pid 21367) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2539.860237] Use struct sctp_sack_info instead
09:32:15 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], [], [], [], [], [], []]}, 0x934)

09:32:15 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x24, 0x0, &(0x7f0000000040))

[ 2539.989002] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2540.067962] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2540.077137] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2540.085990] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2540.090633] CPU: 0 PID: 21387 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2540.091207] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2540.098192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2540.098198] Call Trace:
[ 2540.098222]  dump_stack+0x172/0x1f0
[ 2540.098245]  dump_header+0x15e/0x929
[ 2540.098261]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2540.098275]  ? ___ratelimit+0x60/0x595
[ 2540.098295]  ? do_raw_spin_unlock+0x57/0x270
[ 2540.107168] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2540.116465]  oom_kill_process.cold+0x10/0x6ef
[ 2540.116484]  ? task_will_free_mem+0x139/0x6e0
[ 2540.116504]  ? find_held_lock+0x35/0x130
[ 2540.119074] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2540.122708]  out_of_memory+0x936/0x12d0
[ 2540.122724]  ? lock_downgrade+0x810/0x810
[ 2540.122743]  ? oom_killer_disable+0x280/0x280
[ 2540.126473] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2540.131519]  ? find_held_lock+0x35/0x130
[ 2540.135422] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2540.139779]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2540.148624] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2540.153079]  ? memcg_event_wake+0x230/0x230
[ 2540.153098]  ? do_raw_spin_unlock+0x57/0x270
[ 2540.153112]  ? _raw_spin_unlock+0x2d/0x50
[ 2540.153134]  try_charge+0x1028/0x15b0
[ 2540.157613] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2540.161662]  ? find_held_lock+0x35/0x130
[ 2540.192001]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2540.204879]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2540.204898]  ? find_held_lock+0x35/0x130
[ 2540.204913]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2540.204939]  memcg_kmem_charge_memcg+0x7c/0x130
09:32:15 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x25, 0x0, &(0x7f0000000040))

09:32:15 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000080)=0xfff, 0x4)

09:32:15 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0xd0700000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2540.204954]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2540.204973]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2540.204991]  memcg_kmem_charge+0x136/0x300
[ 2540.205009]  __alloc_pages_nodemask+0x3c6/0x760
[ 2540.231523]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2540.231544]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2540.231564]  ? trace_hardirqs_on+0x67/0x220
[ 2540.241331]  ? kasan_check_read+0x11/0x20
[ 2540.304820]  copy_process.part.0+0x3e0/0x7a30
[ 2540.309330]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2540.314445]  ? delayacct_end+0x5c/0x100
[ 2540.318443]  ? __delayacct_freepages_end+0xe0/0x140
[ 2540.323485]  ? __lock_acquire+0x6eb/0x48f0
[ 2540.327733]  ? __cleanup_sighand+0x70/0x70
[ 2540.331992]  ? mark_held_locks+0x100/0x100
[ 2540.336358]  _do_fork+0x257/0xfd0
[ 2540.339840]  ? fork_idle+0x1d0/0x1d0
[ 2540.343575]  ? blkcg_print_stat+0xb90/0xb90
[ 2540.347909]  ? kasan_check_read+0x11/0x20
[ 2540.352074]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2540.356842]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2540.361613]  ? do_syscall_64+0x26/0x620
09:32:15 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x26, 0x0, &(0x7f0000000040))

[ 2540.365601]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2540.370977]  ? do_syscall_64+0x26/0x620
[ 2540.374970]  __x64_sys_clone+0xbf/0x150
[ 2540.378962]  do_syscall_64+0xfd/0x620
[ 2540.382778]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2540.387980] RIP: 0033:0x45bc99
[ 2540.391182] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2540.410096] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
09:32:15 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000], [], [], [], [], [], []]}, 0x934)

[ 2540.417826] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2540.425110] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2540.432397] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2540.439676] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2540.446954] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
09:32:15 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000100)=0x1)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/access\x00', 0x2, 0x0)
r2 = dup2(r0, r1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffa000/0x3000)=nil, 0x3000}, &(0x7f00000000c0)=0x10)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r2, 0x110, 0x5, &(0x7f0000000280)=[0x0, 0x3], 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000140)={{{@in=@dev, @in6=@dev}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000240)=0xe8)

[ 2540.505156] Task in /syz5 killed as a result of limit of /syz5
[ 2540.511274] memory: usage 307188kB, limit 307200kB, failcnt 16627
[ 2540.517689] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2540.531708] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2540.550649] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2540.576153] Memory cgroup out of memory: Kill process 21387 (syz-executor.5) score 1103 or sacrifice child
[ 2540.587867] Killed process 21387 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2540.642460] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2540.651457] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2540.656922] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2540.665842] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2540.674761] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2540.683682] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:32:15 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001400", 0x2e}], 0x1}, 0x0)

09:32:15 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x27, 0x0, &(0x7f0000000040))

09:32:15 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0xe0500000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000], [], [], [], [], [], [], []]}, 0x905)

09:32:15 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)=0xff, 0x4)

[ 2540.692594] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2540.701527] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2540.710446] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
09:32:15 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x28, 0x0, &(0x7f0000000040))

[ 2540.775047] sg_write: 4 callbacks suppressed
[ 2540.775080] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2540.775080]    program syz-executor.0 not setting count and/or reply_len properly
[ 2540.803474] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:15 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x400, 0x0)
ioctl$SIOCX25GDTEFACILITIES(r0, 0x89ea, &(0x7f00000000c0))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000080)={0x7, 0x8, 0x9, 0x0, r0})
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={<r2=>0x0, 0x8001}, &(0x7f0000000180)=0xc)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000001c0)={r2, 0x8, 0xd3, "106a66ceb48ae22f281600ef946abfe69c3f54623b4fa345d8008032cf684b9b7fb2688902dc305962b88fb3c72ade750398a43855e820b7db54b61d421eabf3f5979b18fa131482aeede60d90694bff7b4f3dd8be9b368f47170a55cdce327ed6cd27a289ccef257ff43ed830aaa09ab2ee5dac71a06cb20c02f38480a19d6ea8cb5ce3451014baebc61f276941369ef56ffcd55b42c360872575c15e30cb2ee8fc04bd60fdce65f028f9c381eb7264f76f361822c735866271b1ba38e43035d687b80172d1e9eb06399e542767456879e25d"}, 0xdb)

[ 2540.821446] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2540.844575] CPU: 0 PID: 21720 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2540.852059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2540.861422] Call Trace:
[ 2540.864033]  dump_stack+0x172/0x1f0
[ 2540.867677]  dump_header+0x15e/0x929
[ 2540.871403]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2540.876517]  ? ___ratelimit+0x60/0x595
[ 2540.880411]  ? do_raw_spin_unlock+0x57/0x270
[ 2540.884837]  oom_kill_process.cold+0x10/0x6ef
[ 2540.889346]  ? task_will_free_mem+0x139/0x6e0
[ 2540.893851]  ? find_held_lock+0x35/0x130
[ 2540.898385]  out_of_memory+0x936/0x12d0
[ 2540.902377]  ? lock_downgrade+0x810/0x810
[ 2540.906540]  ? oom_killer_disable+0x280/0x280
[ 2540.911071]  ? find_held_lock+0x35/0x130
[ 2540.915150]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2540.920005]  ? memcg_event_wake+0x230/0x230
09:32:16 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000080)={<r1=>0x0, 0xbc, "1b2d2c4a44ab43dd8161d51971ed47052737bcb64964a05b8cf5fde8e0d43440800a739a686a02ab493811e292e5e201fc4ec2c9d018cf83b00ca4748adfcfaee0454f4ed051e3ceb06119e28e93cceb0cf67a3b9bbad3689b1600a4ada2aa6d53b47640cfc321512e56e305c73189ba13073fa1d871895b218afdf0518ba9ea0a4e44a33cfcc3faa35fa80237dab88197db7d3705b449c6c5a6a3a7688db2968272ebae84191048183781b9451e3b0dcc4f5a4d53c7e8953c5d57df"}, &(0x7f0000000180)=0xc4)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000240)={r1, 0x400}, &(0x7f0000000200)=0x8)

09:32:16 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000], [], [], [], [], [], []]}, 0x934)

[ 2540.924336]  ? do_raw_spin_unlock+0x57/0x270
[ 2540.928751]  ? _raw_spin_unlock+0x2d/0x50
[ 2540.932908]  try_charge+0x1028/0x15b0
[ 2540.936711]  ? find_held_lock+0x35/0x130
[ 2540.940782]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2540.945631]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2540.950483]  ? find_held_lock+0x35/0x130
[ 2540.954554]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2540.959410]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2540.964091]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2540.968600]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2540.973460]  memcg_kmem_charge+0x136/0x300
[ 2540.977701]  __alloc_pages_nodemask+0x3c6/0x760
[ 2540.982378]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2540.987412]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2540.992020]  ? trace_hardirqs_on+0x67/0x220
[ 2540.996339]  ? kasan_check_read+0x11/0x20
[ 2541.000492]  copy_process.part.0+0x3e0/0x7a30
[ 2541.004998]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2541.010109]  ? delayacct_end+0x5c/0x100
[ 2541.014099]  ? __delayacct_freepages_end+0xe0/0x140
[ 2541.019126]  ? __lock_acquire+0x6eb/0x48f0
[ 2541.023722]  ? __cleanup_sighand+0x70/0x70
[ 2541.027968]  ? mark_held_locks+0x100/0x100
[ 2541.032328]  _do_fork+0x257/0xfd0
[ 2541.032779] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2541.035789]  ? fork_idle+0x1d0/0x1d0
[ 2541.035812]  ? blkcg_print_stat+0xb90/0xb90
[ 2541.035829]  ? kasan_check_read+0x11/0x20
[ 2541.035846]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2541.035859]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2541.035872]  ? do_syscall_64+0x26/0x620
[ 2541.035887]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2541.035899]  ? do_syscall_64+0x26/0x620
[ 2541.035918]  __x64_sys_clone+0xbf/0x150
[ 2541.035940]  do_syscall_64+0xfd/0x620
[ 2541.044730] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2541.048307]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2541.052617] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2541.056818] RIP: 0033:0x45bc99
[ 2541.056833] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2541.056840] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2541.056854] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2541.056862] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2541.056870] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2541.056878] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2541.056892] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
09:32:16 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000], [], [], [], [], [], [], []]}, 0x905)

09:32:16 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0xffefffffff7f0000}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2541.061643] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2541.113064] Task in 
[ 2541.129200] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2541.129221] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2541.144255] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2541.177276] /syz5
[ 2541.182297] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:16 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x29, 0x0, &(0x7f0000000040))

[ 2541.193546] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2541.222335] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2541.222335]    program syz-executor.0 not setting count and/or reply_len properly
[ 2541.241252]  killed as a result of limit of /syz5
[ 2541.273344] memory: usage 307188kB, limit 307200kB, failcnt 16655
[ 2541.280282] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2541.295177] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2541.301593] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2541.337074] Memory cgroup out of memory: Kill process 21720 (syz-executor.5) score 1103 or sacrifice child
[ 2541.354604] Killed process 21720 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2541.368937] oom_reaper: reaped process 21720 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
09:32:16 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101400", 0x2e}], 0x1}, 0x0)

09:32:16 executing program 3:
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000100)=0x7)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)

09:32:16 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6800], [], [], [], [], [], [], []]}, 0x905)

09:32:16 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2a, 0x0, &(0x7f0000000040))

09:32:16 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x2800, 0x0)
r1 = socket$inet6_sctp(0xa, 0x6, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000080)=0xe8)
fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
write$P9_RGETATTR(r0, &(0x7f00000002c0)={0xa0, 0x19, 0x1, {0x20, {0x19, 0x0, 0x7}, 0x5, r3, r4, 0x5, 0x2, 0x5, 0x5, 0x4516, 0xff, 0x1, 0xd46, 0x40, 0xfffffffffffffffe, 0x3, 0x0, 0x6, 0x0, 0x4}}, 0xa0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

09:32:16 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87000000], [], [], [], [], [], []]}, 0x934)

[ 2541.498003] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2541.498003]    program syz-executor.0 not setting count and/or reply_len properly
09:32:16 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x800, 0x0)
ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f00000001c0))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r2=>r0})
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f00000000c0)={0x0, {{0x2, 0x4e21, @local}}}, 0x88)

09:32:16 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2b, 0x0, &(0x7f0000000040))

[ 2541.542382] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
09:32:16 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)
r2 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x5, 0x26801)
ioctl$VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000100)={0x1000, 0x72367d5d, 0x3, @stepwise={0x823, 0x8, 0x7, 0x2, 0x0, 0x2}})
r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x404000)
statx(r3, &(0x7f0000000080)='./file0\x00', 0x100, 0x48, &(0x7f00000001c0))

[ 2541.658545] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2541.667377] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2541.672600] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2541.681664] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2541.690605] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2541.699538] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:32:16 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0x1c89, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, @in={0x2, 0x4e23, @local}], 0x2c)

[ 2541.708492] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2541.717413] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2541.726345] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2541.752985] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2541.775451] CPU: 1 PID: 22223 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2541.782522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2541.791889] Call Trace:
[ 2541.794495]  dump_stack+0x172/0x1f0
[ 2541.798139]  dump_header+0x15e/0x929
[ 2541.801863]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2541.806997]  ? ___ratelimit+0x60/0x595
[ 2541.810897]  ? do_raw_spin_unlock+0x57/0x270
[ 2541.815317]  oom_kill_process.cold+0x10/0x6ef
[ 2541.819821]  ? task_will_free_mem+0x139/0x6e0
[ 2541.824317]  ? find_held_lock+0x35/0x130
[ 2541.828393]  out_of_memory+0x936/0x12d0
[ 2541.832383]  ? lock_downgrade+0x810/0x810
[ 2541.836545]  ? oom_killer_disable+0x280/0x280
[ 2541.841049]  ? find_held_lock+0x35/0x130
[ 2541.845128]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2541.849978]  ? memcg_event_wake+0x230/0x230
[ 2541.854312]  ? do_raw_spin_unlock+0x57/0x270
[ 2541.858723]  ? _raw_spin_unlock+0x2d/0x50
[ 2541.862887]  try_charge+0x1028/0x15b0
[ 2541.866695]  ? find_held_lock+0x35/0x130
[ 2541.870773]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2541.875620]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2541.880468]  ? find_held_lock+0x35/0x130
[ 2541.884539]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2541.889484]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2541.894159]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2541.898660]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2541.903510]  memcg_kmem_charge+0x136/0x300
[ 2541.907754]  __alloc_pages_nodemask+0x3c6/0x760
[ 2541.912433]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2541.917457]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2541.922046]  ? trace_hardirqs_on+0x67/0x220
[ 2541.926368]  ? kasan_check_read+0x11/0x20
[ 2541.930526]  copy_process.part.0+0x3e0/0x7a30
[ 2541.935035]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2541.940142]  ? delayacct_end+0x5c/0x100
[ 2541.944124]  ? __delayacct_freepages_end+0xe0/0x140
[ 2541.949148]  ? __lock_acquire+0x6eb/0x48f0
[ 2541.953397]  ? __cleanup_sighand+0x70/0x70
[ 2541.957645]  ? mark_held_locks+0x100/0x100
[ 2541.961909]  _do_fork+0x257/0xfd0
[ 2541.965376]  ? fork_idle+0x1d0/0x1d0
[ 2541.969109]  ? blkcg_print_stat+0xb90/0xb90
[ 2541.973444]  ? kasan_check_read+0x11/0x20
[ 2541.977601]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2541.982365]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2541.987133]  ? do_syscall_64+0x26/0x620
[ 2541.991116]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2541.996491]  ? do_syscall_64+0x26/0x620
[ 2542.000480]  __x64_sys_clone+0xbf/0x150
[ 2542.002879] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2542.002879]    program syz-executor.0 not setting count and/or reply_len properly
[ 2542.004469]  do_syscall_64+0xfd/0x620
[ 2542.004492]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2542.004503] RIP: 0033:0x45bc99
[ 2542.004526] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2542.051612] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2542.059334] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2542.067084] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
09:32:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00], [], [], [], [], [], [], []]}, 0x905)

09:32:17 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2c, 0x0, &(0x7f0000000040))

[ 2542.074358] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2542.081635] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2542.088928] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2542.105562] Task in /syz5 killed as a result of limit of /syz5
[ 2542.111599] memory: usage 307188kB, limit 307200kB, failcnt 16690
[ 2542.134668] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2542.154186] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
09:32:17 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001500", 0x2e}], 0x1}, 0x0)

09:32:17 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff], [], [], [], [], [], []]}, 0x934)

09:32:17 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2d, 0x0, &(0x7f0000000040))

09:32:17 executing program 3:
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x8000000007ffff)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f00000000c0)={'bond_slave_0\x00', {0x2, 0x4e24, @empty}})
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000100)={0x1, 0x7f, 0x1})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000140), &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400], [], [], [], [], [], [], []]}, 0x905)

09:32:17 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2542.168289] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2542.188612] Memory cgroup out of memory: Kill process 22223 (syz-executor.5) score 1103 or sacrifice child
[ 2542.199257] Killed process 22223 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2542.210949] oom_reaper: reaped process 22223 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:17 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2e, 0x0, &(0x7f0000000040))

[ 2542.315034] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2542.315034]    program syz-executor.0 not setting count and/or reply_len properly
09:32:17 executing program 3:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0xffffffffffffff01)
ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f00000000c0)=0x4)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x102)
signalfd4(r2, &(0x7f0000000140)={0x20}, 0x8, 0x800)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KDMKTONE(r4, 0x4b30, 0xf233)

09:32:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00], [], [], [], [], [], [], []]}, 0x905)

09:32:17 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x2f, 0x0, &(0x7f0000000040))

09:32:17 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x6, 0x1)
ioctl$SIOCNRDECOBS(r0, 0x89e2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x40140, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f00000000c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

09:32:17 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000200), &(0x7f0000000240)=0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000080)={<r1=>0x0, @in6={{0xa, 0x4e20, 0x1, @mcast2, 0x5}}, [0x600000000000, 0xfff, 0x0, 0x9, 0x2, 0x48, 0x400, 0x9bd, 0x1000, 0x6, 0x3, 0x8000, 0x5e, 0x337, 0x1c000]}, &(0x7f0000000180)=0x100)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000001c0)={r1, 0x9, 0x2}, 0x8)

[ 2542.541616] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2542.613963] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2542.619434] CPU: 1 PID: 22506 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2542.626449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2542.635805] Call Trace:
[ 2542.638409]  dump_stack+0x172/0x1f0
[ 2542.642060]  dump_header+0x15e/0x929
[ 2542.645791]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2542.650907]  ? ___ratelimit+0x60/0x595
[ 2542.654805]  ? do_raw_spin_unlock+0x57/0x270
[ 2542.659237]  oom_kill_process.cold+0x10/0x6ef
[ 2542.663744]  ? task_will_free_mem+0x139/0x6e0
[ 2542.668244]  ? find_held_lock+0x35/0x130
[ 2542.672348]  out_of_memory+0x936/0x12d0
[ 2542.676335]  ? lock_downgrade+0x810/0x810
[ 2542.680484]  ? oom_killer_disable+0x280/0x280
[ 2542.684971]  ? find_held_lock+0x35/0x130
[ 2542.689046]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2542.693891]  ? memcg_event_wake+0x230/0x230
[ 2542.698238]  ? do_raw_spin_unlock+0x57/0x270
[ 2542.702658]  ? _raw_spin_unlock+0x2d/0x50
[ 2542.706824]  try_charge+0x1028/0x15b0
[ 2542.710625]  ? find_held_lock+0x35/0x130
[ 2542.714691]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2542.714705]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2542.714720]  ? find_held_lock+0x35/0x130
[ 2542.714734]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2542.714757]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2542.737957]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2542.742469]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2542.747325]  memcg_kmem_charge+0x136/0x300
[ 2542.751577]  __alloc_pages_nodemask+0x3c6/0x760
[ 2542.756259]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2542.761289]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2542.765881]  ? trace_hardirqs_on+0x67/0x220
[ 2542.770205]  ? kasan_check_read+0x11/0x20
[ 2542.774362]  copy_process.part.0+0x3e0/0x7a30
[ 2542.778860]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2542.783967]  ? delayacct_end+0x5c/0x100
[ 2542.787943]  ? __delayacct_freepages_end+0xe0/0x140
[ 2542.792971]  ? __lock_acquire+0x6eb/0x48f0
[ 2542.797217]  ? __cleanup_sighand+0x70/0x70
[ 2542.801459]  ? mark_held_locks+0x100/0x100
[ 2542.805711]  _do_fork+0x257/0xfd0
[ 2542.809174]  ? fork_idle+0x1d0/0x1d0
[ 2542.812897]  ? blkcg_print_stat+0xb90/0xb90
[ 2542.817228]  ? kasan_check_read+0x11/0x20
[ 2542.821384]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2542.826141]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2542.830896]  ? do_syscall_64+0x26/0x620
[ 2542.834879]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2542.841039]  ? do_syscall_64+0x26/0x620
[ 2542.845025]  __x64_sys_clone+0xbf/0x150
[ 2542.849004]  do_syscall_64+0xfd/0x620
[ 2542.852811]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2542.858001] RIP: 0033:0x45bc99
[ 2542.861192] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2542.880096] RSP: 002b:00007fff8354f678 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2542.887816] RAX: ffffffffffffffda RBX: 00007fd036cda700 RCX: 000000000045bc99
[ 2542.895088] RDX: 00007fd036cda9d0 RSI: 00007fd036cd9db0 RDI: 00000000003d0f00
[ 2542.902725] RBP: 00007fff8354f890 R08: 00007fd036cda700 R09: 00007fd036cda700
[ 2542.909993] R10: 00007fd036cda9d0 R11: 0000000000000202 R12: 0000000000000000
[ 2542.917268] R13: 00007fff8354f72f R14: 00007fd036cda9c0 R15: 000000000075bf2c
[ 2542.919273] Task in /syz5 killed as a result of limit of /syz5
[ 2542.932887] memory: usage 307196kB, limit 307200kB, failcnt 16718
[ 2542.939129] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2542.952829] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
09:32:18 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101500", 0x2e}], 0x1}, 0x0)

09:32:18 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffbf], [], [], [], [], [], []]}, 0x934)

09:32:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d00], [], [], [], [], [], [], []]}, 0x905)

09:32:18 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x30, 0x0, &(0x7f0000000040))

09:32:18 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x800, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x1f, @local}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e22, 0x9, @mcast2, 0x4}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e24, 0x5, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7ff}], 0x74)

09:32:18 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000), 0x0)

[ 2542.959137] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2542.981231] Memory cgroup out of memory: Kill process 22506 (syz-executor.5) score 1103 or sacrifice child
[ 2542.991448] Killed process 22506 (syz-executor.5) total-vm:72580kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2543.003905] oom_reaper: reaped process 22506 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2543.043346] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2543.043346]    program syz-executor.0 not setting count and/or reply_len properly
[ 2543.071993] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2543.080822] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2543.086121] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2543.095046] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2543.103957] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2543.107704] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000
[ 2543.112814] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2543.112894] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:18 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x31, 0x0, &(0x7f0000000040))

09:32:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [], [], [], [], [], [], []]}, 0x905)

[ 2543.112915] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2543.112935] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
09:32:18 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000080)=<r1=>0x0)
fcntl$lock(r0, 0x6, &(0x7f00000000c0)={0x0, 0x3, 0x5, 0x1f, r1})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2543.198695] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2543.213194] CPU: 1 PID: 22955 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2543.220233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2543.220242] Call Trace:
[ 2543.232174]  dump_stack+0x172/0x1f0
[ 2543.235815]  dump_header+0x15e/0x929
[ 2543.239534]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2543.244647]  ? ___ratelimit+0x60/0x595
[ 2543.248538]  ? do_raw_spin_unlock+0x57/0x270
[ 2543.252961]  oom_kill_process.cold+0x10/0x6ef
[ 2543.257474]  ? task_will_free_mem+0x139/0x6e0
[ 2543.261983]  ? find_held_lock+0x35/0x130
[ 2543.266057]  out_of_memory+0x936/0x12d0
[ 2543.270045]  ? lock_downgrade+0x810/0x810
[ 2543.274206]  ? oom_killer_disable+0x280/0x280
[ 2543.275668] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2543.275668]    program syz-executor.0 not setting count and/or reply_len properly
[ 2543.278703]  ? find_held_lock+0x35/0x130
[ 2543.278732]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2543.278745]  ? memcg_event_wake+0x230/0x230
[ 2543.278769]  ? do_raw_spin_unlock+0x57/0x270
[ 2543.312385]  ? _raw_spin_unlock+0x2d/0x50
[ 2543.316547]  try_charge+0x1028/0x15b0
[ 2543.320351]  ? find_held_lock+0x35/0x130
[ 2543.324425]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2543.329274]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2543.334124]  ? find_held_lock+0x35/0x130
[ 2543.338190]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2543.343053]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2543.347735]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2543.352241]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2543.357097]  memcg_kmem_charge+0x136/0x300
[ 2543.361343]  __alloc_pages_nodemask+0x3c6/0x760
[ 2543.366023]  ? should_fail+0x14d/0x85c
[ 2543.369920]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2543.374946]  ? find_held_lock+0x35/0x130
[ 2543.379027]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 2543.384572]  alloc_pages_current+0x107/0x210
[ 2543.388988]  pte_alloc_one+0x1b/0x1a0
[ 2543.392815]  __do_fault+0x2d7/0x480
[ 2543.396451]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 2543.402000]  __handle_mm_fault+0x2b0e/0x3f80
[ 2543.406416]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2543.406437]  ? find_held_lock+0x35/0x130
[ 2543.415305]  ? handle_mm_fault+0x322/0xb30
[ 2543.415332]  ? kasan_check_read+0x11/0x20
[ 2543.415353]  handle_mm_fault+0x43f/0xb30
[ 2543.427760]  __do_page_fault+0x62a/0xe90
[ 2543.431837]  ? vmalloc_fault+0x740/0x740
[ 2543.435912]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2543.440935]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2543.445865]  ? page_fault+0x8/0x30
[ 2543.445886]  do_page_fault+0x71/0x57d
[ 2543.445899]  ? page_fault+0x8/0x30
[ 2543.445913]  page_fault+0x1e/0x30
[ 2543.445927] RIP: 0033:0x4019f7
[ 2543.463392] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf d0 93 4c 00
[ 2543.482295] RSP: 002b:00007fff8354f7a0 EFLAGS: 00010287
[ 2543.482310] RAX: 0000001b2cf20000 RBX: 0000000000000000 RCX: 0000001b2df20000
09:32:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [], [], [], [], [], [], []]}, 0x905)

09:32:18 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000100), &(0x7f0000000140)=0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000080)={<r1=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000180)={r1, @in={{0x2, 0x4e23, @remote}}, 0x80000001, 0x5, 0x2, 0xfffffffffffffff9, 0x100000000}, &(0x7f0000000240)=0x98)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x40, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x2, {0xfffffffffffff001, 0x10000, "3ba58de5497a210b2968acbe10736bcc0f91e3c0b79e19f36d0d4469a73a4c152eac16f121677c0ddcdb06abd90bdef43e1262c4fe25f179b1d56d53b79e13fb3c2d948675c482878eb5ab2ab602a53d4750bd686d0ff2bd3e30fdc9534e0b9cddb1f0d894e0559c2f24c12d14b12fa5b5b74930afe4f8209609360c45fa0d0fc35dd7f5ec46946e77137d5d5fc3f6a3010e526ac49e383a524c981886c8de9ac6454e84d48eb18037991ae301c4402563a93297f3a9144cc98aaff4c119b6e166466bfb9e1094f271b7255ae8069139a103338528e5a813d0155e207665dd56c2ab95b90ceae22475c0ca4b19a787eae876e4b8b039a10fb803c1b3e2d84afa", 0x85, 0x80000000, 0x1, 0x0, 0x0, 0x1, 0x2}, r3}}, 0x128)

09:32:18 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x37, 0x0, &(0x7f0000000040))

[ 2543.482322] RDX: 0000001b2cf20004 RSI: 00007fff8354f560 RDI: 0000000000000000
[ 2543.495182] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2543.495182]    program syz-executor.0 not setting count and/or reply_len properly
[ 2543.502195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 2543.502205] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 2543.502213] R13: 00007fff8354f990 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2543.627684] Task in /syz5 killed as a result of limit of /syz5
[ 2543.634684] memory: usage 307200kB, limit 307200kB, failcnt 16743
[ 2543.641052] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2543.649322] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2543.655751] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2543.677341] Memory cgroup out of memory: Kill process 22955 (syz-executor.5) score 1103 or sacrifice child
[ 2543.687482] Killed process 22955 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2543.709002] oom_reaper: reaped process 22955 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:18 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001600", 0x2e}], 0x1}, 0x0)

09:32:18 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000], [], [], [], [], [], []]}, 0x934)

09:32:18 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r2 = socket$netlink(0x10, 0x3, 0x10000000000b)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e85500dd0000040d000600ea1102000005000000", 0x29}], 0x1)
r3 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x9, 0x2400)
getsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
r4 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x10000, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYBLOB="010002008d6f00000000000000796dac3cfae01f0000000000000017b878bdb87b0283b6d5f0ba0f45c1935a00b65629fea0d75f55b3994de77b4e53d143c3832582698f6d5e41c2cbf7e262b632bde34edea884b95209b82ceb237f331e4cd7c317"])
recvmsg(0xffffffffffffffff, 0x0, 0x2000)
write$selinux_create(r4, &(0x7f0000000240)=@objname={'system_u:object_r:pam_var_run_t:s0', 0x20, '/usr/lib/telepathy/mission-control-5', 0x20, 0x81, 0x20, './file0\x00'}, 0x65)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:18 executing program 3:
syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x2ea6d2b2, 0x420102)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:18 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x38, 0x0, &(0x7f0000000040))

[ 2543.728907] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2543.728907]    program syz-executor.0 not setting count and/or reply_len properly
[ 2543.792395] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2543.801344] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2543.806826] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2543.815741] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2543.824659] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2543.832435] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2543.833559] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2543.833583] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2543.833605] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2543.833627] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2543.860548] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
09:32:19 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x39, 0x0, &(0x7f0000000040))

09:32:19 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000100)=0xffffffffffffff99)

09:32:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], [], [], [], [], [], [], []]}, 0x905)

[ 2543.860548]    program syz-executor.1 not setting count and/or reply_len properly
[ 2543.963167] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2543.968927] CPU: 1 PID: 23193 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2543.975946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2543.985303] Call Trace:
[ 2543.987899]  dump_stack+0x172/0x1f0
[ 2543.991536]  dump_header+0x15e/0x929
[ 2543.995266]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2544.000377]  ? ___ratelimit+0x60/0x595
[ 2544.004279]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.008707]  oom_kill_process.cold+0x10/0x6ef
[ 2544.013215]  ? task_will_free_mem+0x139/0x6e0
[ 2544.017741]  out_of_memory+0x936/0x12d0
[ 2544.021751]  ? lock_downgrade+0x810/0x810
[ 2544.025909]  ? oom_killer_disable+0x280/0x280
[ 2544.030409]  ? find_held_lock+0x35/0x130
[ 2544.034492]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2544.039342]  ? memcg_event_wake+0x230/0x230
[ 2544.043675]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.048091]  ? _raw_spin_unlock+0x2d/0x50
[ 2544.052252]  try_charge+0x1028/0x15b0
[ 2544.056061]  ? find_held_lock+0x35/0x130
[ 2544.060139]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2544.065453]  ? kasan_check_read+0x11/0x20
[ 2544.069616]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2544.074469]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2544.079073]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2544.084017]  wp_page_copy+0x430/0x16a0
[ 2544.087925]  ? follow_pfn+0x2a0/0x2a0
[ 2544.091736]  ? kasan_check_read+0x11/0x20
[ 2544.095892]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.100310]  do_wp_page+0x57d/0x10b0
[ 2544.104033]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2544.108709]  ? kasan_check_write+0x14/0x20
[ 2544.112951]  ? do_raw_spin_lock+0xc8/0x240
[ 2544.117287]  __handle_mm_fault+0x2305/0x3f80
[ 2544.121719]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2544.126569]  ? find_held_lock+0x35/0x130
[ 2544.130636]  ? handle_mm_fault+0x322/0xb30
[ 2544.134894]  ? kasan_check_read+0x11/0x20
[ 2544.139051]  handle_mm_fault+0x43f/0xb30
[ 2544.143127]  __do_page_fault+0x62a/0xe90
[ 2544.147217]  ? blkcg_print_stat+0xb90/0xb90
[ 2544.151556]  ? vmalloc_fault+0x740/0x740
[ 2544.155630]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2544.160650]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2544.165591]  ? page_fault+0x8/0x30
[ 2544.169140]  do_page_fault+0x71/0x57d
[ 2544.172946]  ? page_fault+0x8/0x30
[ 2544.176495]  page_fault+0x1e/0x30
[ 2544.179952] RIP: 0033:0x47130e
[ 2544.183146] Code: ff 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 81 ec 28 05 00 00 48 c7 c0 d4 ff ff ff 64 8b 00 <89> 85 5c fb ff ff 8b 87 c0 00 00 00 85 c0 0f 85 ee 00 00 00 c7 87
[ 2544.202051] RSP: 002b:00007fff8354ed80 EFLAGS: 00010202
09:32:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], [], [], [], [], [], [], []]}, 0x905)

[ 2544.207421] RAX: 0000000000000006 RBX: 00007fff8354f2e0 RCX: 0000000000000000
[ 2544.214690] RDX: 00007fff8354f458 RSI: 00000000004beadb RDI: 00007fff8354f2e0
[ 2544.221965] RBP: 00007fff8354f2d0 R08: 0000000000000000 R09: 00007fff8354f458
[ 2544.229249] R10: 0000000000000075 R11: 0000000000000202 R12: 00007fff8354f470
[ 2544.236524] R13: 00000000004beadb R14: 00007fff8354f458 R15: 0000000000000001
09:32:19 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3b, 0x0, &(0x7f0000000040))

09:32:19 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:19 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={<r2=>r1, 0x306}, &(0x7f0000000180)=0x8)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x6800, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000018002a0d000000000000000002000000000000070000000008001500020000000800160004000200"], 0x2c}}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={r2, 0x80}, &(0x7f0000000080)=0x8)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x4140, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000200)={0x7, &(0x7f0000000380)=[{}, {}, {}, {<r5=>0x0}, {}, {}, {}]})
ioctl$DRM_IOCTL_DMA(r4, 0xc0406429, &(0x7f0000000340)={r5, 0x4, &(0x7f0000000240)=[0x3, 0x37340e05, 0x6, 0xfffffffffffffffd], &(0x7f0000000280)=[0x25, 0x7fff, 0x72800], 0x1, 0x8, 0x1, &(0x7f00000002c0)=[0x0, 0x9, 0x1, 0x1f, 0x5, 0xe60, 0xffff, 0xffffffff7fffffff], &(0x7f0000000300)})
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, &(0x7f0000000300)=@bpq0='bpq0\x00', 0x10)

[ 2544.361972] Task in /syz5 killed as a result of limit of /syz5
[ 2544.389396] memory: usage 307200kB, limit 307200kB, failcnt 16781
[ 2544.420902] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2544.430315] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2544.442206] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:84KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2544.472753] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
[ 2544.503078] Killed process 23193 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
09:32:19 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101600", 0x2e}], 0x1}, 0x0)

09:32:19 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000], [], [], [], [], [], []]}, 0x934)

09:32:19 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3d, 0x0, &(0x7f0000000040))

09:32:19 executing program 3:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x90401, 0x0)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f00000000c0), &(0x7f0000000100)=0x8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], [], [], [], [], [], [], []]}, 0x905)

[ 2544.520100] oom_reaper: reaped process 23193 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
09:32:19 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000080)={<r1=>0x0, 0x30, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e24, @rand_addr=0x7}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000100)={<r2=>r1}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

[ 2544.606090] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2544.615632] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2544.622013] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2544.631223] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2544.634363] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
09:32:19 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x2, 0x10000)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f00000000c0)=0x38, 0x4)
write$P9_RXATTRCREATE(r1, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7)
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000100)=0x812, 0x2)
ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000180)="4f5dc262ec4521630e9a3ee31540bf90209ad3f3aa284b50e18a1b2a26f4474a6c090ed38b4ad91799d8bad4331a1d69d9ee05bc1ce1b3125e73760dd9063a2fb8c2b6280af142dcdc6662e04cdd94b5dd3bd6e512fa395d56d4d672bbe5d3100d7492cdd0959e2d6e8310f4204fb640719ce3fbbaa4bd7f689381d03c67d1dbb50876c2f12bfa26fb5c1220ecf4e7ab384f33e1063c756f929a41aa1938d990f4a8c389fb212475719a96d9eced84b7ebe59aa8f5ad59fa201b7fca839512cf3faeb89292c8728a66b8666ff6bc482b")
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2544.640466] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2544.660317] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2544.670320] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2544.679866] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2544.691365] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:19 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040)=0x7ffffffff000)

09:32:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], [], [], [], [], [], [], []]}, 0x905)

[ 2544.786015] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2544.824556] CPU: 0 PID: 23527 Comm: syz-executor.5 Not tainted 4.19.55 #27
09:32:19 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x3, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
gettid()
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x12000, 0x84)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f00000000c0)={0x4, "8ba4e4c95b09e54bce0dff3e429394630bc7c513adb63e5f098b034c9b075efa", 0x1, 0x1})

[ 2544.831631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2544.841005] Call Trace:
[ 2544.843612]  dump_stack+0x172/0x1f0
[ 2544.847265]  dump_header+0x15e/0x929
[ 2544.850995]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2544.856112]  ? ___ratelimit+0x60/0x595
[ 2544.860010]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.864440]  oom_kill_process.cold+0x10/0x6ef
[ 2544.868956]  ? task_will_free_mem+0x139/0x6e0
[ 2544.873465]  out_of_memory+0x936/0x12d0
[ 2544.873484]  ? lock_downgrade+0x810/0x810
[ 2544.873502]  ? oom_killer_disable+0x280/0x280
[ 2544.873515]  ? find_held_lock+0x35/0x130
[ 2544.873538]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2544.886140]  ? memcg_event_wake+0x230/0x230
[ 2544.886160]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.886175]  ? _raw_spin_unlock+0x2d/0x50
[ 2544.886194]  try_charge+0x1028/0x15b0
[ 2544.886210]  ? find_held_lock+0x35/0x130
[ 2544.886230]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2544.886249]  ? kasan_check_read+0x11/0x20
[ 2544.925322]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2544.930181]  mem_cgroup_try_charge+0x24d/0x5e0
09:32:20 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2544.934779]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2544.939719]  wp_page_copy+0x430/0x16a0
[ 2544.943629]  ? follow_pfn+0x2a0/0x2a0
[ 2544.947443]  ? kasan_check_read+0x11/0x20
[ 2544.951603]  ? do_raw_spin_unlock+0x57/0x270
[ 2544.956018]  do_wp_page+0x57d/0x10b0
[ 2544.959745]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2544.964427]  ? kasan_check_write+0x14/0x20
[ 2544.968672]  ? do_raw_spin_lock+0xc8/0x240
[ 2544.972913]  __handle_mm_fault+0x2305/0x3f80
[ 2544.977333]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2544.982184]  ? find_held_lock+0x35/0x130
09:32:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], [], [], [], [], [], [], []]}, 0x905)

[ 2544.986253]  ? handle_mm_fault+0x322/0xb30
[ 2544.990494]  ? kasan_check_read+0x11/0x20
[ 2544.994663]  handle_mm_fault+0x43f/0xb30
[ 2544.998734]  __do_page_fault+0x62a/0xe90
[ 2545.002802]  ? vmalloc_fault+0x740/0x740
[ 2545.006874]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2545.011896]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2545.016939]  ? page_fault+0x8/0x30
[ 2545.020487]  do_page_fault+0x71/0x57d
[ 2545.024299]  ? page_fault+0x8/0x30
[ 2545.027851]  page_fault+0x1e/0x30
[ 2545.031396] RIP: 0033:0x45791b
[ 2545.034597] Code: 25 20 06 00 00 b8 90 3d 41 00 48 89 15 ae ee 61 00 48 85 c0 74 08 4c 89 cf e8 81 c4 fb ff 45 85 f6 0f 85 58 01 00 00 48 85 db <48> c7 05 6a d6 2b 00 00 00 00 00 48 c7 05 4f d6 2b 00 00 00 00 00
[ 2545.053496] RSP: 002b:00007fff8354f910 EFLAGS: 00010202
[ 2545.053510] RAX: 0000000000000000 RBX: 00007fff8354f910 RCX: 0000000000413da3
[ 2545.053517] RDX: 0000055510bce58a RSI: 0000000000000018 RDI: 00000000015cfc20
[ 2545.053525] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
[ 2545.053534] R10: 00000000015cfc10 R11: 0000000000000202 R12: 0000000000000001
[ 2545.053541] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2545.093554] Task in /syz5 killed as a result of limit of /syz5
[ 2545.101410] memory: usage 307200kB, limit 307200kB, failcnt 16806
[ 2545.108327] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2545.116156] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2545.122314] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:68KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2545.219884] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
[ 2545.243235] Killed process 23527 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:34816kB, shmem-rss:0kB
[ 2545.271402] oom_reaper: reaped process 23527 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[ 2545.282046] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2545.294209] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2545.302427] CPU: 0 PID: 7701 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2545.309372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2545.318723] Call Trace:
[ 2545.321321]  dump_stack+0x172/0x1f0
[ 2545.324970]  dump_header+0x15e/0x929
[ 2545.328694]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2545.333807]  ? ___ratelimit+0x60/0x595
[ 2545.337697]  ? do_raw_spin_unlock+0x57/0x270
[ 2545.342094]  oom_kill_process.cold+0x10/0x6ef
[ 2545.346591]  ? task_will_free_mem+0x139/0x6e0
[ 2545.351087]  out_of_memory+0x936/0x12d0
[ 2545.355052]  ? oom_killer_disable+0x280/0x280
[ 2545.359533]  ? find_held_lock+0x35/0x130
[ 2545.363605]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2545.368465]  ? memcg_event_wake+0x230/0x230
[ 2545.372778]  ? do_raw_spin_unlock+0x57/0x270
[ 2545.377174]  ? _raw_spin_unlock+0x2d/0x50
[ 2545.381309]  try_charge+0xd25/0x15b0
[ 2545.385019]  ? find_held_lock+0x35/0x130
[ 2545.389081]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2545.393912]  ? kasan_check_read+0x11/0x20
[ 2545.398044]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2545.402880]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2545.407473]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2545.412399]  wp_page_copy+0x430/0x16a0
[ 2545.416277]  ? follow_pfn+0x2a0/0x2a0
[ 2545.420063]  ? kasan_check_read+0x11/0x20
[ 2545.424204]  ? do_raw_spin_unlock+0x57/0x270
[ 2545.428607]  do_wp_page+0x57d/0x10b0
[ 2545.432311]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2545.436966]  ? kasan_check_write+0x14/0x20
[ 2545.441183]  ? do_raw_spin_lock+0xc8/0x240
[ 2545.445423]  __handle_mm_fault+0x2305/0x3f80
[ 2545.449828]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2545.454659]  ? find_held_lock+0x35/0x130
[ 2545.458723]  ? handle_mm_fault+0x322/0xb30
[ 2545.462966]  ? kasan_check_read+0x11/0x20
[ 2545.467126]  handle_mm_fault+0x43f/0xb30
[ 2545.471186]  __do_page_fault+0x62a/0xe90
[ 2545.475230]  ? blkcg_print_stat+0xb90/0xb90
[ 2545.479543]  ? vmalloc_fault+0x740/0x740
[ 2545.483601]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2545.488619]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2545.493533]  ? page_fault+0x8/0x30
[ 2545.497059]  do_page_fault+0x71/0x57d
[ 2545.500841]  ? page_fault+0x8/0x30
[ 2545.504379]  page_fault+0x1e/0x30
[ 2545.507829] RIP: 0033:0x4579fa
[ 2545.511019] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 2545.529913] RSP: 002b:00007fff8354f910 EFLAGS: 00010246
[ 2545.535259] RAX: 0000000000000000 RBX: 00007fff8354f910 RCX: 000000000045789a
[ 2545.542531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 2545.549786] RBP: 00007fff8354f950 R08: 0000000000000001 R09: 00000000015cf940
[ 2545.557036] R10: 00000000015cfc10 R11: 0000000000000246 R12: 00000000000000ca
[ 2545.564295] R13: 0000000000001c27 R14: 0000000000000000 R15: 00007fff8354f9a0
[ 2545.572264] Task in /syz5 killed as a result of limit of /syz5
[ 2545.579427] memory: usage 307044kB, limit 307200kB, failcnt 16807
[ 2545.585852] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2545.592779] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2545.599095] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:56KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2545.619096] Memory cgroup out of memory: Kill process 7701 (syz-executor.5) score 117 or sacrifice child
[ 2545.629900] Killed process 7701 (syz-executor.5) total-vm:72448kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB
[ 2545.646680] oom_reaper: reaped process 7701 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
09:32:20 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001700", 0x2e}], 0x1}, 0x0)

09:32:20 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
fstat(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setreuid(r2, r4)
creat(&(0x7f0000000340)='./file0\x00', 0xa1)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r5 = fcntl$dupfd(r0, 0x406, r0)
ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f00000002c0)={{0xfffffffffffffffd, 0xbf39, 0x7fffffff}, 'syz0\x00', 0x50})
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r6=>0x0}, 0x0)
r7 = open(&(0x7f00000001c0)='./file0\x00', 0x2, 0x1a0)
write$FUSE_ENTRY(r7, &(0x7f0000000200)={0x90, 0x0, 0x2, {0x3, 0x2, 0x7ff, 0x800, 0x9, 0x8000, {0x2, 0x26, 0x8, 0x8, 0x7, 0x8, 0x6, 0x800, 0x17c2, 0x5, 0x4, r4, r3, 0x401, 0x2}}}, 0x90)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r6, 0x306}, &(0x7f0000000180)=0x8)
setreuid(r4, r4)

09:32:20 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040)=0xf0ffffff7f0000)

09:32:20 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = add_key(&(0x7f0000000180)='rxrpc\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000200)="1d5bc8eada9953447202b6688da4766a2c41c69e56b66e3e597c1b9e35073bc0fd7b3336afdfd2181202467c3222f406612a7ae3ed8737d0c6a1e4f62102ca889832d39afb859f9ebd510c4b0417e76e28add3d529a6be54a4fe76c821cbed0b4b332a46e25b88b4e00bd9520ad33985efc49d941e71ec06d8be96ab380190d8dffdd880da0713cb88d786fb755ca542c37da614c3c7881913032c45684b0664fc30566eac2ea391f087ddc9edd5b40d66891b5bdabff74ceb611c67c41a7915c6c1081e110310f2724971603363f8754ce7fca3eaaa6d71d76a88af3f7efed320e0c3499e3d796235c29aa16a4cdb7be94b405c7e064ea1d16e0b2cb1d2c6ecbe048c2b40d4393abfc5351bd8cfc9c4644565ba2cb675baa7534f93fc4381b2401254c0d7b40c4315cc3801724515b052cb4cc9d5dc4e562906229632739390e95de51fa06cefca5197de4cc8fcb7d2fe5b23ff942180fbb1dd3e0132af4f37a20ab40f4a983959964e17aea1b1bf96cfd42e4c6b57cc234bbaf7c7d7c1be1e1f98ba4aee19920885a3412cbe08413f90718fa1f3646ecc32f7cd4344a07ce1b979d3e95d97ee82083239b841fa3eee5116bed76601420778cbe9887bb0117044351ce33fdf2a92127a6ddf5736d2a8c30b4bfbc70e347885042d75104df7f468c956d4cb2f833bd661674577e9f79552ab85a713f9465eae03cf9ae0acdf6fdef51305702bbd8d00dafa0e784cd924e7dc2c2fe9fed5150d4d34c8c5f1594ed4c20eac18034ffc2c16d33c7235906dcb61654158b0cea4b7c2ee3a70e4208d6564703b7e9df3e92e3b9a8b83312cdb0033eaa6f967b5a72766357e5ecaaad52ec745fd99e866f3fe6745cba5a91a7c7968a90ac5b9d792d6b2ed4cb5dd72bd11020bde2c3d6fde2691362ae9cbc720499a7ba7d226e959a96a99622e8890d972630b8a2692032c1d3e43d25a2c0fa58e8c4efd8f1cec92807efa5a842f0689227c5da033efb62312511df45bb4350134e2ca3a552be50350a826a5e1e80eb1a69c8c2602dad9bc500bffa2d1b690bb720edd1a9b5349973f02a7cf917e4ef3c6a91a32d6b68b37e58bcdbd7094ba45f8fa50edc56778a8ee1c41be29f162a0e5effb3e33f9f1475e7fae682cbd66a535d165f85785742666b5c512ba7008b04e8eaa047ed1130366516358874c5f0ad8a6c1ee42cd3ec45839674c5d491eeadf8c5e2b7a32a1746d5c820e4e278e0f1a948272b40fa20d464dfb420f275b5b8ece2980bed1fdec5e0eb35f91ca8ec5895dcbe0bb7a9498e54928699e7c5bb17d2eb91b14c2f03bf088b7615fe65b8f349563a0aca78eb5095b407682aa63b1af439b9895c87582e0972d9c0c43c5d55e51c8c8f8ff1201dd0a18f4b61ad3549aee2db854e7346ba692d4e5ae22289e23353d7f8b71a70bb41d4f44434e974a3446f83bb18ad651c978bbe9cacf6c9f0a8480813318bd0302cf14486d8204ff7b14dd8fcceff98a235bfb99f5fb9a26ac31eac24d6772774b8cf4beb623b2ce6e8ca53027dac14a88cdfa3dfcb2065b5cd336befec530c10736eb440566bb3effecac311aff5a3e9e5248df98376d05c70cbc472a5048afc2a22547ffa77663d128409a76030bcf231a8a6d78a09426bdf40f81318d76b4ae4d492443b158f329f9994a7dae63c2d480d4ab9bca585ce468d5b383c96917a22606152c0abb89577a93fc88129a8c1c4f27e61f9c27dc1a594e61526d5b4b34cde4e37a7e01d7d8692ff50668de3993133402c07d3a1dee1596ffde3d40ded53ff5036d3ffc9a022fbf64118e9dc44af8f0a97053f326d6824388579e1c56d0c4d33f18d0598f1c6725b370ea3ccf5520c46ffda38339e2454f32bbb2f34a324a01dc8103ac40c23857ed9d2624c2834b2fc67446de24dd4ca641847172004d309d8cbb4aa5cc0477050c7489fc164dd5f45bd8c0acb43850d9719892a8495bdf1171d1fbd753f5c24bef411c98a72e700a5105664dac3436219720eb2a7184e92c45de8150e2b568f88e534490dc0512a6d070a3bc309aebe8db18bc72bbfb3bcc32f4b9b438e8429450e6243ed7742435553dbb19d61dd9ed480b2b20e1da1892370e7bf8b5aa43d90d334f59ba5ae82c75ad08438a35a449ea6f9a01c482bb7dd27f1b2eb84ba831aac1cf7830668da154eac9cf303065d06b0b9f43a7208b6e7254d305a369721bd951cd20fdeefe60df83dea5b7e0e5301db383ec19d96e147a8ad1f71d2810fea31af01d99dc072fb0fea9a1d07500b7e25f4432d9e0d28f73150c90126ad68758cb5ac33b790919675b28eab05084f83825318dffe6611e62ddddc027c916e0a661921ccba55678066c6b218484e0859956b393e433232fc075b835bb38d9664872e135b33f7f2729f7e4dcacb6ec26f65383059813f157ac372ce2bc1c461c03da73fb100e431a656a62bf7b45a48abea02ed30079996c35fcb31eebff5e73634b16fa43fb64860bd7a2a1b5a9bac50a9aa9030808a40d702706fc6d84cfeec798d35dd5445767189dd7771321215bb4742be71b576da2cd5fa65226abc361597ea62b60f747728e0f7bb01ffcb7d36d46ad1855cad3e1da5e84b67d210fda368592bd7f2d0e70d4f7c5eee633be10dce15acef3d9d20b9deffa44a4003564c871fd097cd1d17c00c608326795ae5edef6e8b093ff4c483238b5b70617763869236201e21faad11b056116a36d19499c5854dc4f16a633fa0919ace4bcdbce22c07b76162f63eaa40754dc1307df1beabae4e283e3dc0be2739db0e023bbf99a80509a536d074d2f6ce4e01b0cf6b7b59582bd56f01fb5ec6041b5b43e9093cbda38d5027184eb729b4a5f522120f6944f76887e2d28aa648c2785571da248194f2b85091bae757d14e33696586daa07840b8f591011895cd151106056b57141d9b2025b3f8cc2e089787d70ff990b6d849e8706798a7e800907315b63d6c406bda067733ef7488fe3a20eec226bfa49d186563f3baae0eff0267d3a8f6568d1ac5a8b34817a27f666be2b7409d0a17068b5a429084043d0d4cbac9cd9b087b0ab17e59f91602ccb11de6c98eb4894eced0f7bdb5034245bedfd7f3eb36bbd638c76edb957455632a4abe922e473be2d67f25457e9bfd6ffb0976647e98f37e7447d205b8cfd44670b5d4d01651cf41fcc0e5080b58b6a2b0c2d0baa31ec9c1947b14e62ad6925215781c53a95c329ea7f6e1d0826a045602ad105982c88686876842ac8fe5451a24868d43b4344999c9d55c399fa725aaca9f69f53dd7570857b801c9d9d2a76f3bf90cd5505e074116fadb37cf5acc1bf94a7647cce73fd57847ee2836bff955623abbddb1629e15fb0c0a96f174b687095df0f93bb1033931d2f5b9b97a3c27ec768399f5bea19ddfd9375e2a22348869db9e5d7376b291f1693169c717ace524c85eba854ad1ece5dc46db072733a8a50c75c8ea8c57f1a7eaa8fa8e9c1091c20dbe4b2fcc3479ebe5a6ac68b63e3462de84fea57493c2f2a706f252865c09d08e3fffcf5486d2dcff51120a8d52f7c1cc36365779e851781cef06f2a86a76f8c23d078c37b89f56d24016409e1642f3a0465821663e6e965f6854d6c11454cb406e40d774773224d58080ea40937c43ff949f8f73cde19ed37a830a147a2c7908a11ac49952a050738d60cbd5216d63575450ce599ac4f4a45b02500e11e5d09f4f9859cc4074cce0cfd10ab1564217da903db7d5f42308a36c9c51e8cc97c54cc7668006518b79eac886cac21ff94cfd7c99055cc2cf39000efb56f6404d1ff1a2ae47143d8aebe9e9a8f26f0fad85a7ee14e7f19b4dc6ec437aba8bb021d2c5fb37ef9a20f50a1d4eacb53cab0fa439e1673186595f3f9498feb41b2594a05595c59bbf8baa4e5cf9977666c369469b47fd9ad7df81944b595a380d4a1415b895b4ead0c8a7327fca941a34fe1946d0c6284e381de156b5add58aa5f1408db24264af5d4914ddcba4d6e0c4211f5e41b4ece9cae2eb8a06db4950be97142228cfaae15eb5bab283db75dbc0b73aff49c344399e6ae72b7569a8476e3736e57fbafdbcf0f832bbd674ed6c64542482e0f8c250e052d7ed1f8d4fc64fdb7ad8952e4461f17fbdf854dcfc43778397273f41f53de70ea9337bb4a25962214be259d2cce70c9de9ca0447ce562302398796396f8586e9b5c2da022058fbb461e831759f7776078649c18344ff7102c97fd3cf26e8f2c352c7ffd70816e154877627d3e715d314392876f2c310f8a39f704ea3194c4e518d138fb6c0af234bf8319545dd387cc4b55deb1660816bb5ef108b71703142c26081db7a59303ad6b027051bf5f472b209c70d62169bb8ea641f12a0f7e943204bbbd4be076d3cddf19d9e31844160adcfeaeb18d5c6b3b668d0686f2724c9a02dc7a18ade2e3637bffd2c515f8be22db1b96b8bba365da12ae73bd7dc53eb6f9e92142b4bae80b92f74f131c046d81287ad6d90679059cc2f7a6d34bdb83fe31e9172d7e700cda40cafd85a069e80876f2cc0ec70878adf84a336aaa12671c1828e150697dc6808d2c8c72e832bd60ba69692bb0ce1bf3dcc3c786f3d756ba90039a66dd52dcc08d806373a5f2d4a7e4d4d908691ca26ea9184e2c0d933e8a24d39377249b96135c38112ecfa2d89d93d66fd28b92faed0d1901faa2ddec3ba8ba1a155d0ec418d88b50bc3510a6237dc7dd0883f85eb3a7aea186c4d7c4dd1f19e600c1631c15d8ab9b4e84ca774ed6ea8b57c346e30a6148ce58bdc5c10f2421b344540d300c7cc11761d5a07ed70d2ad9245a5131c5f8e80c3449f9799d384776741166037ae3eed39a08739acf03d6a36fb1c1fcf90176139ee1b9b39b3ac8e88b6f126277dfe484a18160c7dea95927cf8b3a7c7f89356731c9394f967b2d4966933eebeb1c5045e2457922eb48d6902f2730c208c9bc3b1998f737eade8c623e2715cbd3a16616accd12ee529a16506a2b14cb1532017483c68363bf3b1b8f242d003eb72cceb67afa7d5c1c26c5170f5c87cbb9abd59ba727271073fac07792d81a4d410b91315af11a3d65a044d24f65541ff0b0d6c7432bc43ddc50fdc44e89f10ea72b0a2cdff82208086fa7881231d0ed550cdd96cce349af8f1f0fe5f762b57ba28d7a9d2c2c44910c6502d2194c6ac88ffe85782e65e9cda4e02be17fb75dfe9dc86839cb939025993aa81d97decdf4aabcd519e2189da59f8bc12183e6858edc13da5a2be2f8c48f99e87975e8da4dc805e56a7614cefac9bb2472d4b16f9ef77f5cfa7c2a885c2bb111e6040af919fe9a900ec3a884301cd56a1945e90f3b550018cf581e05795f65b56669b82db28dca483961885010203bb144cfda37ef0ce02f8615ecae8cd9b2072a572ca6ae37026039608d629a74450715818c220759e6384884dae488cbdd63ec2760f40e2a05d218243148d5ce683babafa24114ac7113496d35ff6c21b02a052e6a2c5fb8bf7a36397236ac2ddb031eadaec7e4498e1e0b656fbbe642668fe2708a5da288bc8e75400919803ac77f1830271182a11b4f41ad3f0c0d4a6cbe3364781611a54c69effda2586e45b320a8dffafbe3cd5557239dac8fec7c891719e5cac98ff025e23317f1a307e9b04d2ccd8319e7ca891c473f1692a608f49548cc25e33496e08b914376a32594722786f76a0e73fcec6d2a1636425434f278daca06e5093ccb13b7b012d1a1b3274d41d57b1aa491724fe9bbc14f2fba796280cf0a57b678414761504e3c", 0x1000, 0x0)
keyctl$search(0xa, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x1}, r2)

09:32:20 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], []]}, 0x934)

09:32:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000], [], [], [], [], [], [], []]}, 0x905)

[ 2545.878186] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2545.884960] sg_write: 5 callbacks suppressed
[ 2545.884989] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2545.884989]    program syz-executor.0 not setting count and/or reply_len properly
[ 2545.887111] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2545.912723] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
09:32:21 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000040)=0xfffffffffffffd73)

[ 2545.921649] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2545.930574] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2545.939491] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2545.948401] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2545.957483] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2545.966391] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
09:32:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000], [], [], [], [], [], [], []]}, 0x905)

09:32:21 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000005c0)={<r1=>0x0, 0x2}, &(0x7f0000000600)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000640)=@assoc_id=r1, 0x4)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
sendmsg$inet(r0, &(0x7f0000000580)={&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000080)="f7dd66e04b5de7b16f084999839406f4a26530bafe2de937a4b4f9c82c76c20e37d17ef828f68d2fc2a29b35ef4e67d2fa55b633d2bdd77a3ebcf0f146924f277e6a587cb8fc29eb31daad13d2418c7cee", 0x51}, {&(0x7f0000000100)="cdcfbaa80dcc546ed0e4ade2c062288bdc2649fb89c53507242c9aa2417df645b189980c4b1b98ce42785881909eec43d5775668cd75b30e5649c676b374aa02fd1bbda4af47459fecf3f064da1265137737d8086218bee9efa84074d0e388852675153e87ac01fb2357933c35b735b11428b455dd5a20bf530e703a056cb7b38d1e59829b846619cf4306ff3ca43a5f24126f2d8c43e0f69f67adc597833536e3f62274a305a26aa887d2bf6b73f9fd97c54a29db7725f13bfca6231b100fa5db9318d39e92619adffe21f5dbd4d7cba8e9", 0xd2}, {&(0x7f0000000200)="7bc56831d5f9f58b90fc7fe271c4d62d2b", 0x11}, {&(0x7f0000000240)="cb15ebc6957b6d5518ae453fe1866094fbba101bb7a661734a6d1e985e17894c96eb82b5bdd4c4852a675197ad4272c9766be589cce284add63efb4535d8068b0ac657dcd22bd3ff1e8a7b5403c5029c7c3491d78c0367ac34d88edc843425b82f5b0487c0d04ca27b58aaf87158b94ca5041a4e5eff615d1f3e600ea70f82f377baf6f10ed60dbf9fa4b2902bd893c19667468c769a4fc28734d5e8bb14c8effc0b5de9a9c582e6016dd2a7fca9b182f9f31c36386f", 0xb6}, {&(0x7f0000000300)="07553abebbb4453f10a4c867fc1f817243e495e062a1fc6c0cab58e7ee40b336de0ceba789738f08d21459da9ef3a3bb2f59a0156bdedcc73ab3b529287b67efeff124f408c8bc20a2d1b49aa07485308d3e7e7c3abea30d6a72004bf089b357617dda6c320728d74db1ed8297f1be5bfbdd26e1f79b1d528b8ee8e577d2f26f610b0691766ee98b85a2b707c50b7a3a05019de16bc854f3dcc0ad9305fe90d698c93845f40b95eca4b2fc2f08bb64d51f09698997076745ac4aef62929e1c5d2465764ddf289df988c57d", 0xcb}, {&(0x7f0000000400)="87a61bc82543af33af8e19fc73e754879657acf0ce28f91a0c1917f7e579b96fc719f0014b9bca6b12b572bfd293abc29ea4a61c1aec9c95a4725ecd2f9b4ce663efd3696df8a7aa5c85b4e18851ed229497b1cb9197db86f890a941638d980269688bbc660b66dd820043d781108e2c12fd3dcade072e3b21e2c67657ef894c8ed61d7b3504eba73069e53a55e9d0836ba8a4314421e7e34675ccd6e6fa49874ffd813df5005d6d03cffa69c1fd287385d72f9a6f887cd7993e486762bfb120bcaab97287cbf9a743e2811033b486a77c3f11332d424c219369de", 0xdb}], 0x6}, 0x80)

09:32:21 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x6, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:21 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000240)=""/152, 0x98}, {&(0x7f0000000300)=""/73, 0x49}, {&(0x7f0000000380)=""/106, 0x6a}, {&(0x7f0000000400)=""/73, 0x49}, {&(0x7f0000000100)=""/11, 0xb}], 0x5}, 0x41)
setsockopt$inet_dccp_int(r1, 0x21, 0x3, &(0x7f0000000040)=0xffffffff, 0x4)
getsockopt$inet_dccp_int(r1, 0x21, 0x10, &(0x7f0000000540), &(0x7f0000000580)=0x4)
fcntl$getownex(r0, 0x10, &(0x7f0000000600)={0x0, <r2=>0x0})
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x6, &(0x7f0000000640)=""/85)
syz_genetlink_get_family_id$nbd(&(0x7f00000005c0)='nbd\x00')
fsetxattr$security_smack_transmute(r0, &(0x7f00000007c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000740)='TRUE', 0xffffffffffffffb9, 0x1)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r3, 0x306}, &(0x7f0000000180)=0x8)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x400080, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r4, 0xc0bc5310, &(0x7f0000000800))

09:32:21 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], [], [], [], [], [], []]}, 0x934)

[ 2546.240498] sctp: [Deprecated]: syz-executor.4 (pid 24079) Use of int in maxseg socket option.
[ 2546.240498] Use struct sctp_assoc_value instead
[ 2546.248083] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2546.248083]    program syz-executor.0 not setting count and/or reply_len properly
[ 2546.356394] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2546.365239] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2546.370470] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2546.379464] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2546.388401] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2546.397330] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2546.406248] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2546.415168] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2546.424081] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
09:32:21 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000001101700", 0x2e}], 0x1}, 0x0)

09:32:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000], [], [], [], [], [], [], []]}, 0x905)

09:32:21 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xcd0, 0x0)

09:32:21 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = getpgrp(0x0)
ptrace$cont(0x18, r1, 0x9, 0xfffffffffffff001)
fsync(r0)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x1, 0x0)
write$P9_RLOPEN(r2, &(0x7f00000000c0)={0x18, 0xd, 0x2, {{0x11, 0x3, 0x4}, 0x20}}, 0x18)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x58)
write$P9_RSTAT(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="38d1220ddf44d57d0071000300c60b0080840300000001000000000000002233945811e02f6465762f6c6c6d2d6d6f6e69746f720011002f6465762f646c6d2d6d6f6e6e746f72000b005b2f6d696d655f2d7d6f6669746f720000000000000000000000000000000000131aaf3015e65c2a4871be99f37346c250c86cdf9e994a525f76e9b63e7cb7e6b1ba1ecc"], 0x78)
getsockname$packet(r0, &(0x7f0000000180), &(0x7f00000001c0)=0x14)

09:32:21 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], [], [], [], [], [], []]}, 0x934)

09:32:21 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x4de589a64d6cc0d0, 0x0)
ioctl$KDSETMODE(r1, 0x4b3a, 0x78)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000080)={0xff, 0x3, 0x3f, 0x4}, 0x8)

[ 2546.770369] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2546.779694] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2546.785536] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2546.795493] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2546.805005] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
09:32:22 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x80000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x82, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x3, 'veth0_to_team\x00', 0x9}, 0x18)

[ 2546.814602] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2546.823758] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2546.832798] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2546.842192] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2546.849860] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2546.849860]    program syz-executor.0 not setting count and/or reply_len properly
09:32:22 executing program 4:
r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x200, 0x800)
r1 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x2c77, 0x400000)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000100)=r1)
r2 = dup(0xffffffffffffff9c)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r2, &(0x7f0000000200)="21d300f3932b969740abef83e8e165a49fa8cc857fc1839b6ebafa7fa3df4e3ef64e9f8e72a5e83aa98dac2c2efda905a250e2117c7b9a22177ca5ef5f5fadc1394941f6692a9c1d5fd636b8fddd5b8a9e3d73787bd456d98d5e2c814693752e7fd0e4c787b9b13415fefcafc71ba018952b5739f0b830e7400eada2510951f6ae8d3a11a7c2e34f532125bed43afcbe2e096ce47e74ed76d5e4544360f0cc2fb530d0afdb", &(0x7f00000002c0)=""/158}, 0x18)
r3 = getgid()
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000480)=0xe8)
mount$9p_xen(&(0x7f0000000140)='/dev/media#\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x300000, &(0x7f00000004c0)={'trans=xen,', {[{@access_user='access=user'}, {@dfltgid={'dfltgid', 0x3d, r3}}, {@cache_mmap='cache=mmap'}, {@fscache='fscache'}, {@access_client='access=client'}, {@debug={'debug', 0x3d, 0x4}}, {@afid={'afid', 0x3d, 0x1}}, {@cachetag={'cachetag', 0x3d, '/dev/bus/usb/00#/00#\x00'}}], [{@subj_role={'subj_role', 0x3d, '/dev/media#\x00'}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'nodeveth0'}}, {@dont_measure='dont_measure'}, {@fsname={'fsname', 0x3d, '/dev/media#\x00'}}, {@obj_type={'obj_type', 0x3d, 'wlan1nodev\xefem1['}}, {@uid_gt={'uid>', r4}}, {@obj_type={'obj_type', 0x3d, '/dev/bus/usb/00#/00#\x00'}}]}})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
getsockopt$sock_int(r5, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:22 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000], [], [], [], [], [], [], []]}, 0x905)

09:32:22 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x8, 0x10040)
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000080)=""/165)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f00000001c0)=""/56, &(0x7f0000000200)=0x38)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000001240)={0x1000, &(0x7f0000000240)=""/4096})

09:32:22 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
sendmsg(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000080)="85ac422e583ebd9c282e22055529703ea1958d4188a899825d932575e4812ce1e1873e566502ba38a1f893d8c42cbb7fd98549bf0484786c1e252d936ba7682d2f3fb031e1358e6e114425efc90de88a1b4729b1e77ca34de70242ae764a94beff164a3b4a9ffa9f02010cdf16e1a15addd241602b87dbd9d7808d1fcd42c5f2ac176889719fcc2ff3851f5b23235008d4e9df13f2aea262bd", 0x99}, {&(0x7f0000000140)="77eae61694475d5ff7fd3c11bb8138d58ded66a6c7fd2207a19476d451259214d3797944afd737a4df20cc2cb3bf1fa2b198d7faabfd8958f0ace6da068a930cf6fbf0a90ea99ab3ed1dac94f042a594eb7ce36f106b46c0c7b7f9e49627e38095703e48188c54d56c5d7b6add05aac93f", 0x71}, {&(0x7f00000001c0)="e9c7611f103834", 0x7}, {&(0x7f0000000200)="7db7c87240967d3a3e65a2c44439468643ef588df809a7df12fa6f51e1a670d3363b27fa01f743645df427fa9e666c97dbdda99702fe391a43bbfc0583f28931911293f5f7cd058b2e1d231d9861f7414332680842603b074c927c20c12328830fc0594d58d6556092bed29c364271535a6900b32f86c82eabbacc097ad4a393235b2e8cecb8b57401f45ffff3916740d805741b6b1829aff78e75dd5a67592c40d2c9013329f78f6a01a53b1dc334c70f48534f305ff669f5047d1b02d7169461b3d490a68d4b3fc056f6754754b99f63d0d91ea6d0ac272276706509b0487ecd6082aeb174209b", 0xe8}, {&(0x7f0000000300)="6bfc621f233d204a61d62d5f110a97b55ddd60da976552f64de074aae69901797b2f43cb5f735c3daf728ad4ad77ef25b44d0da88dc8da82c653b627836f43bf7dd2085fcce8a97b56bc68777d945b3301193e4bd71e0589ab3188aa7c489cf9baa1ab21ab37e63b0433986293cdb7c6bca0f5f51cb727b395ea24e7795db2943759621bbb5bd4ec14cd325c9f2096434b0954679fe6c51168e15ec579608cf05b788b19c982ec6917160800de26e970024cdb94aaef4f5008d96b2e74ea412d707d5d68660b56b36b5b11fc38f096888014f543c1e7dc8b1842dd765ef367a4494af55d35f085d725987a772a53b2", 0xef}, {&(0x7f0000000400)="057e2510dbbbc0353a180a871974ad76c43180545b4de955787242a2c61265404d87b1381099c3a6860597b5e9b8828a901ffa3a16eacd478c71333e8aad5f5535ce5e6b69582e5981346f60650dd1483d4f4e22b357653664226d4437fab961682f424d7d1ab99ed4f4cc5301b8af6cf643f5a15d5e07b31b4f0c9b58d42e8c3a949f63ff597c9bb1d3a1f9707b0af6e67c380b10b5ab9f9103fa73cd0375ddc93651f782cfed0c1097b9934791e1b176ec437c8f5d14661a7909345c92734e01bdaadb16e161e41c942efc49060964441dd8dc57589269", 0xd8}], 0x6, &(0x7f0000000580)=[{0x38, 0x0, 0x4, "64a40c42b1718ef6c333bfc386489e2be790ba9e0b0b2119c0711e1eee8980911f11c4dd4eef"}], 0x38}, 0x40000)

09:32:22 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], [], [], [], [], [], []]}, 0x934)

[ 2547.157429] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2547.157429]    program syz-executor.0 not setting count and/or reply_len properly
[ 2547.249392] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2547.258296] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2547.263559] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2547.272417] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2547.281338] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2547.290246] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2547.299150] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2547.308043] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2547.316937] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2548.683566] audit: type=1400 audit(1561282343.807:96): avc:  denied  { map } for  pid=25034 comm="syz-executor.5" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14274 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[ 2548.772509] IPVS: ftp: loaded support on port[0] = 21
[ 2548.882304] chnl_net:caif_netlink_parms(): no params data found
[ 2548.982309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2548.988884] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2548.996483] device bridge_slave_0 entered promiscuous mode
[ 2549.004127] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2549.010521] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2549.018066] device bridge_slave_1 entered promiscuous mode
[ 2549.087873] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 2549.098433] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 2549.116755] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 2549.125021] team0: Port device team_slave_0 added
[ 2549.178395] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 2549.186905] team0: Port device team_slave_1 added
[ 2549.192393] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 2549.200097] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 2549.256782] device hsr_slave_0 entered promiscuous mode
[ 2549.293883] device hsr_slave_1 entered promiscuous mode
[ 2549.334031] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 2549.375090] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 2549.397319] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2549.403731] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2549.410334] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2549.416710] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2549.508796] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 2549.515982] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2549.550742] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 2549.561083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2549.579991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2549.597637] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2549.605749] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 2549.678994] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 2549.685170] 8021q: adding VLAN 0 to HW filter on device team0
[ 2549.697533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2549.705774] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2549.712120] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2549.725062] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2549.733366] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2549.739698] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2549.815666] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2549.824812] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 2549.867105] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2549.882594] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[ 2549.892749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2549.901391] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2549.948167] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[ 2549.955366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2549.964070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2550.020601] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 2550.027016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 2550.045186] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 2550.058764] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2550.138975] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2550.150618] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2550.157550] CPU: 1 PID: 25044 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2550.164571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2550.164577] Call Trace:
[ 2550.164602]  dump_stack+0x172/0x1f0
[ 2550.164625]  dump_header+0x15e/0x929
[ 2550.164642]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2550.164657]  ? ___ratelimit+0x60/0x595
[ 2550.164671]  ? do_raw_spin_unlock+0x57/0x270
[ 2550.164690]  oom_kill_process.cold+0x10/0x6ef
[ 2550.164708]  ? task_will_free_mem+0x139/0x6e0
[ 2550.164740]  out_of_memory+0x936/0x12d0
[ 2550.164759]  ? lock_downgrade+0x810/0x810
[ 2550.164774]  ? oom_killer_disable+0x280/0x280
[ 2550.164784]  ? find_held_lock+0x35/0x130
[ 2550.164803]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2550.164814]  ? memcg_event_wake+0x230/0x230
[ 2550.164828]  ? do_raw_spin_unlock+0x57/0x270
[ 2550.184261]  ? _raw_spin_unlock+0x2d/0x50
[ 2550.184282]  try_charge+0x1028/0x15b0
[ 2550.184298]  ? find_held_lock+0x35/0x130
[ 2550.184323]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2550.193286]  ? kasan_check_read+0x11/0x20
[ 2550.193308]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2550.193325]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2550.193345]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2550.193363]  wp_page_copy+0x430/0x16a0
[ 2550.193387]  ? follow_pfn+0x2a0/0x2a0
[ 2550.193398]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2550.193414]  ? kasan_check_read+0x11/0x20
[ 2550.206764]  ? do_raw_spin_unlock+0x57/0x270
[ 2550.214840]  do_wp_page+0x57d/0x10b0
[ 2550.214859]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2550.214874]  ? kasan_check_write+0x14/0x20
[ 2550.214886]  ? do_raw_spin_lock+0xc8/0x240
[ 2550.214906]  __handle_mm_fault+0x2305/0x3f80
[ 2550.214926]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2550.214941]  ? find_held_lock+0x35/0x130
[ 2550.214957]  ? handle_mm_fault+0x322/0xb30
[ 2550.228408]  ? kasan_check_read+0x11/0x20
[ 2550.228427]  handle_mm_fault+0x43f/0xb30
[ 2550.237124]  __do_page_fault+0x62a/0xe90
[ 2550.237148]  ? vmalloc_fault+0x740/0x740
[ 2550.237165]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2550.237180]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2550.237196]  ? page_fault+0x8/0x30
[ 2550.237215]  do_page_fault+0x71/0x57d
[ 2550.249197]  ? page_fault+0x8/0x30
[ 2550.249211]  page_fault+0x1e/0x30
[ 2550.249225] RIP: 0033:0x40bc28
[ 2550.258195] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 88 2c 00 00 8b 05 e2 c3 32 00 48 8b 15 73 48 66 00 83 c0 01 <89> 05 d2 c3 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f
[ 2550.258204] RSP: 002b:00007ffe7b1e1ab0 EFLAGS: 00010202
[ 2550.272507] RAX: 0000000000000001 RBX: 0000001b30620014 RCX: 0000001b31620000
[ 2550.272516] RDX: 0000001b30620000 RSI: 0000000000001441 RDI: ffffffffb0db9441
[ 2550.272525] RBP: 0000001b30620018 R08: 00000000b0db9441 R09: 00000000b0db9445
[ 2550.272536] R10: 00007ffe7b1e1bf0 R11: 0000000000000246 R12: 0000001b3062001c
[ 2550.280182] R13: 000000000026e96d R14: 000000000075bf20 R15: 000000000075bf2c
[ 2550.283693] Task in 
[ 2550.294235] /syz5
[ 2550.302762]  killed as a result of limit of /syz5
[ 2550.302788] memory: usage 307200kB, limit 307200kB, failcnt 16830
[ 2550.302800] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2550.318007] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2550.328593] Memory cgroup stats for 
[ 2550.333898] /syz5
[ 2550.341725] : cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB
[ 2550.357483]  dirty:0KB
[ 2550.368485]  writeback:0KB
[ 2550.373897]  swap:0KB
[ 2550.404307]  inactive_anon:0KB
09:32:25 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001800", 0x2e}], 0x1}, 0x0)

09:32:25 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x800, 0x4)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = dup2(r1, r0)
ioctl$SIOCAX25CTLCON(r2, 0x89e8, &(0x7f0000000080)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0xb, 0xb8, 0x8, [@null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @default]})
getsockopt$sock_int(r1, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:25 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000080)={{0xa, 0x4e20, 0xffff, @mcast2, 0x800}, {0xa, 0x4e23, 0xffffffffffffff05, @dev={0xfe, 0x80, [], 0x13}, 0x7fff}, 0x7ff, [0x5, 0x5, 0x5, 0x5, 0x80, 0xc995b64, 0x9, 0x3]}, 0x5c)

09:32:25 executing program 2:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3, 0x20000)
write$eventfd(r0, &(0x7f0000000280)=0x7, 0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000001c0)={<r2=>0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x4, 0x1, 0x10000, 0x7fff, 0x5}, &(0x7f0000000100)=0x98)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={<r3=>r2, 0xfffffffffffff973}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r3, 0x306}, &(0x7f0000000180)=0x8)

09:32:25 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], [], [], [], [], [], [], []]}, 0x905)

09:32:25 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000], [], [], [], [], [], []]}, 0x934)

[ 2550.418981]  active_anon:112KB
[ 2550.427890]  inactive_file:0KB
[ 2550.444954]  active_file:0KB
[ 2550.458859]  unevictable:0KB
[ 2550.482085] Memory cgroup out of memory: Kill process 25044 (syz-executor.5) score 1103 or sacrifice child
[ 2550.482161] Killed process 25044 (syz-executor.5) total-vm:72584kB, anon-rss:92kB, file-rss:34816kB, shmem-rss:0kB
[ 2550.562320] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2550.562320]    program syz-executor.0 not setting count and/or reply_len properly
[ 2550.577022] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2550.587898] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2550.593758] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2550.609520] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2550.612667] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2550.630613] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2550.639790] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2550.649287] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:25 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x88, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

[ 2550.658410] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2550.659664] syz-executor.5 cpuset=
[ 2550.667501] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2550.700433] syz5 mems_allowed=0-1
09:32:25 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000], [], [], [], [], [], [], []]}, 0x905)

09:32:25 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$vfio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vfio/vfio\x00', 0x200000, 0x0)
ioctl$SIOCGIFMTU(r1, 0x8921, &(0x7f0000000340))
io_setup(0xffffffffffffff4c, &(0x7f0000000040)=<r2=>0x0)
io_cancel(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7, 0xffffffff80000001, r0, &(0x7f0000000100)="ac163a4cc1d5006b1fafbb4bf18168756ffbeda00e32e28f48978d17d86e1dab95861b776224dba590d811441d472508d1c78155c647cbd3a07b472867732a5d774d5807b13e0f5c95a4b321e0ce1016cb7bbc2c324011f65e3c35d632e87087fc894b1b4a2f4d8190b26242a2bd63ec4ca136844be72dacf947bb829951", 0x7e, 0x2, 0x0, 0x1, r0}, &(0x7f0000000200))
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000180))
r3 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
getsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000240), &(0x7f0000000280)=0x4)
ioctl$DRM_IOCTL_SET_VERSION(r3, 0xc0106407, &(0x7f00000000c0)={0xfffffffffffffd5e, 0x9, 0x40})

[ 2550.711671] CPU: 0 PID: 25060 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2550.718715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2550.728069] Call Trace:
[ 2550.730669]  dump_stack+0x172/0x1f0
[ 2550.734311]  dump_header+0x15e/0x929
[ 2550.738043]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2550.743160]  ? ___ratelimit+0x60/0x595
[ 2550.747056]  ? do_raw_spin_unlock+0x57/0x270
[ 2550.751479]  oom_kill_process.cold+0x10/0x6ef
[ 2550.755990]  ? task_will_free_mem+0x139/0x6e0
09:32:25 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2550.760503]  out_of_memory+0x936/0x12d0
[ 2550.764493]  ? lock_downgrade+0x810/0x810
[ 2550.768677]  ? oom_killer_disable+0x280/0x280
[ 2550.773190]  ? find_held_lock+0x35/0x130
[ 2550.777270]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2550.782119]  ? memcg_event_wake+0x230/0x230
[ 2550.786453]  ? do_raw_spin_unlock+0x57/0x270
[ 2550.790868]  ? _raw_spin_unlock+0x2d/0x50
[ 2550.795024]  try_charge+0x1028/0x15b0
[ 2550.798827]  ? find_held_lock+0x35/0x130
[ 2550.802908]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2550.805351] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2550.805351]    program syz-executor.0 not setting count and/or reply_len properly
[ 2550.807761]  ? kasan_check_read+0x11/0x20
[ 2550.807783]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2550.807805]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2550.837394]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2550.842349]  __handle_mm_fault+0x1e50/0x3f80
[ 2550.848426]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2550.853282]  ? find_held_lock+0x35/0x130
[ 2550.857351]  ? handle_mm_fault+0x322/0xb30
[ 2550.861608]  ? kasan_check_read+0x11/0x20
[ 2550.865774]  handle_mm_fault+0x43f/0xb30
[ 2550.869856]  __do_page_fault+0x62a/0xe90
[ 2550.873929]  ? blkcg_print_stat+0xb90/0xb90
[ 2550.878269]  ? vmalloc_fault+0x740/0x740
[ 2550.882344]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2550.887369]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2550.892309]  ? page_fault+0x8/0x30
[ 2550.896231]  do_page_fault+0x71/0x57d
[ 2550.900041]  ? page_fault+0x8/0x30
[ 2550.903588]  page_fault+0x1e/0x30
[ 2550.907043] RIP: 0033:0x40c534
09:32:26 executing program 4:
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000100)=""/115, 0x73)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = socket$inet6_sctp(0xa, 0x806, 0x84)
getsockopt$sock_int(r1, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:26 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c000000], [], [], [], [], [], [], []]}, 0x905)

[ 2550.910238] Code: 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f b6 4c 24 43 48 69 c0 a8 00 00 00 88 88 c0 bf 75 00 e8 dc 70 ff ff <83> 05 c9 3a 55 00 01 80 7c 24 41 00 74 0b f6 44 24 18 01 0f 84 58
[ 2550.929146] RSP: 002b:00007ffe7b1e1b20 EFLAGS: 00010217
[ 2550.934532] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00000000004592c9
[ 2550.941814] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000075bf28
[ 2550.949094] RBP: 0000000000000953 R08: 00007fd80e0d9700 R09: ffffffffffffffff
[ 2550.956371] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 2550.963684] R13: 0000000000000003 R14: 0000000000000000 R15: 000000000075bf2c
[ 2550.982522] Task in /syz5 killed as a result of limit of /syz5
[ 2551.004639] memory: usage 307200kB, limit 307200kB, failcnt 16840
[ 2551.038765] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2551.038765]    program syz-executor.0 not setting count and/or reply_len properly
[ 2551.058466] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2551.081488] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2551.095860] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:96KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2551.171916] Memory cgroup out of memory: Kill process 25060 (syz-executor.5) score 1103 or sacrifice child
[ 2551.211165] Killed process 25060 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
09:32:26 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001d00", 0x2e}], 0x1}, 0x0)

09:32:26 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0xfffffffffffffef3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

09:32:26 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000100)=0xffffffffffffff0b)
getsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000080)=""/19, &(0x7f00000000c0)=0x13)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x400)
ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f0000000180))

09:32:26 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000000000000], [], [], [], [], [], []]}, 0x934)

09:32:26 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000], [], [], [], [], [], [], []]}, 0x905)

09:32:26 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100)=<r1=>0x0)
getpgid(r1)
ioctl$sock_ifreq(r0, 0x89a2, &(0x7f0000000140)={'veth1_to_team\x00', @ifru_map={0x200, 0x8000, 0x80000000, 0x7, 0x0, 0x5}})
r2 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x5, 0x8200)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x321)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000000)={<r3=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000000c0)={r3, 0xd75a}, 0x8)

[ 2551.289506] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2551.289506]    program syz-executor.0 not setting count and/or reply_len properly
[ 2551.311889] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2551.321384] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2551.328152] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2551.338778] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2551.348053] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2551.357818] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2551.367685] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2551.377142] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:26 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getpeername(r0, &(0x7f0000000080)=@hci={0x1f, <r1=>0x0}, &(0x7f0000000100)=0x80)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000140)={@dev={0xfe, 0x80, [], 0x1a}, r1}, 0x14)

[ 2551.386438] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2551.410983] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000
09:32:26 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000], [], [], [], [], [], [], []]}, 0x905)

09:32:26 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000080)=""/44)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)
ioctl$CAPI_CLR_FLAGS(r1, 0x80044325, &(0x7f00000000c0))
recvfrom$ax25(r1, &(0x7f0000000100)=""/52, 0x34, 0x2000, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @bcast]}, 0x48)

09:32:26 executing program 3:
init_module(&(0x7f0000000080)=',-@@%***systemppp1:GPL^%\x00', 0x19, &(0x7f00000000c0)='bdev&\x00')
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:26 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700000000000000], [], [], [], [], [], []]}, 0x934)

09:32:26 executing program 4:
r0 = syz_open_dev$sndtimer(&(0x7f0000000400)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x0, 0x3}})
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2551.591421] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2551.617041] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2551.617041]    program syz-executor.0 not setting count and/or reply_len properly
[ 2551.632262] CPU: 1 PID: 25715 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2551.640199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2551.649566] Call Trace:
[ 2551.652186]  dump_stack+0x172/0x1f0
[ 2551.655840]  dump_header+0x15e/0x929
[ 2551.659574]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2551.664702]  ? ___ratelimit+0x60/0x595
[ 2551.668607]  ? do_raw_spin_unlock+0x57/0x270
[ 2551.673035]  oom_kill_process.cold+0x10/0x6ef
[ 2551.677554]  ? task_will_free_mem+0x139/0x6e0
[ 2551.682065]  ? find_held_lock+0x35/0x130
[ 2551.686148]  out_of_memory+0x936/0x12d0
[ 2551.690140]  ? lock_downgrade+0x810/0x810
[ 2551.694306]  ? oom_killer_disable+0x280/0x280
[ 2551.698816]  ? find_held_lock+0x35/0x130
[ 2551.702904]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2551.707760]  ? memcg_event_wake+0x230/0x230
[ 2551.712102]  ? do_raw_spin_unlock+0x57/0x270
[ 2551.716525]  ? _raw_spin_unlock+0x2d/0x50
[ 2551.720691]  try_charge+0x1028/0x15b0
[ 2551.724506]  ? find_held_lock+0x35/0x130
[ 2551.728598]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2551.733454]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2551.738320]  ? find_held_lock+0x35/0x130
[ 2551.742397]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2551.747272]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2551.751956]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2551.756468]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2551.761330]  memcg_kmem_charge+0x136/0x300
[ 2551.765614]  __alloc_pages_nodemask+0x3c6/0x760
[ 2551.770308]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2551.775440]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 2551.780478]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 2551.786044]  alloc_pages_current+0x107/0x210
[ 2551.790473]  pte_alloc_one+0x1b/0x1a0
[ 2551.794321]  __pte_alloc+0x2a/0x360
[ 2551.797969]  __handle_mm_fault+0x340b/0x3f80
[ 2551.802399]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2551.807258]  ? find_held_lock+0x35/0x130
[ 2551.811334]  ? handle_mm_fault+0x322/0xb30
[ 2551.815607]  ? kasan_check_read+0x11/0x20
[ 2551.819771]  handle_mm_fault+0x43f/0xb30
[ 2551.823934]  __do_page_fault+0x62a/0xe90
[ 2551.828098]  ? blkcg_print_stat+0xb90/0xb90
[ 2551.832441]  ? vmalloc_fault+0x740/0x740
[ 2551.836524]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2551.841557]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2551.844107] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2551.846505]  ? page_fault+0x8/0x30
[ 2551.846526]  do_page_fault+0x71/0x57d
[ 2551.855571] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2551.858719]  ? page_fault+0x8/0x30
[ 2551.858742]  page_fault+0x1e/0x30
[ 2551.862931] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2551.867802] RIP: 0033:0x40c534
[ 2551.867818] Code: 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f b6 4c 24 43 48 69 c0 a8 00 00 00 88 88 c0 bf 75 00 e8 dc 70 ff ff <83> 05 c9 3a 55 00 01 80 7c 24 41 00 74 0b f6 44 24 18 01 0f 84 58
[ 2551.867826] RSP: 002b:00007ffe7b1e1b20 EFLAGS: 00010217
[ 2551.867839] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 00000000004592c9
[ 2551.867848] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000075bf28
[ 2551.867857] RBP: 0000000000000953 R08: 00007fd80e0d9700 R09: ffffffffffffffff
[ 2551.867865] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 2551.867874] R13: 0000000000000003 R14: 0000000000000000 R15: 000000000075bf2c
[ 2551.901513] Task in 
[ 2551.908577] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2551.917760] /syz5
[ 2551.919335] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2551.932324]  killed as a result of limit of 
[ 2551.933898] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2551.950505] /syz5
[ 2551.950971] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2551.984276] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2551.984424] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2552.006690] memory: usage 307196kB, limit 307200kB, failcnt 16868
[ 2552.023572] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2552.058850] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2552.076569] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:96KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2552.098248] Memory cgroup out of memory: Kill process 25715 (syz-executor.5) score 1103 or sacrifice child
09:32:27 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000001f00", 0x2e}], 0x1}, 0x0)

09:32:27 executing program 3:
r0 = getpgid(0xffffffffffffffff)
waitid(0x0, r0, &(0x7f0000000000), 0x2, &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x805, 0x84)

09:32:27 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0xa00, 0x0)
ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
r3 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x80000001, 0x84000)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000100)=0x4, 0x4)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

09:32:27 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68000000], [], [], [], [], [], [], []]}, 0x905)

09:32:27 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040)=0x1cd)

[ 2552.108474] Killed process 25715 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2552.120041] oom_reaper: reaped process 25715 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2552.223263] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2552.223263]    program syz-executor.0 not setting count and/or reply_len properly
09:32:27 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000))
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x40000, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x20000, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000100)="7e3a0f017c780066baf80cb89ceb638bef66bafc0ced0f2207660f3a0d495e25b9150200000f3267660f38821fc4e3b9409da72f00000066baf80cb861fc378aef66bafc0cecc74424001dfd0a27c7442402fbffffffc7442406000000000f011424", 0x62}], 0x1, 0x3, &(0x7f00000001c0)=[@efer={0x2, 0x1}, @flags], 0x2)

09:32:27 executing program 3:
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0)
ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f00000000c0)=""/235)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:27 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c000000], [], [], [], [], [], [], []]}, 0x905)

[ 2552.367458] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
09:32:27 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff00000000], [], [], [], [], [], []]}, 0x934)

[ 2552.461944] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2552.467631] CPU: 0 PID: 26351 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2552.474661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2552.484031] Call Trace:
[ 2552.486641]  dump_stack+0x172/0x1f0
[ 2552.490291]  dump_header+0x15e/0x929
[ 2552.494031]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2552.499154]  ? ___ratelimit+0x60/0x595
[ 2552.503061]  ? do_raw_spin_unlock+0x57/0x270
[ 2552.507488]  oom_kill_process.cold+0x10/0x6ef
09:32:27 executing program 2:
r0 = getpgid(0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x20, 0x101400)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
getgroups(0x9, &(0x7f00000001c0)=[0xee01, 0xee00, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, <r3=>0xee00, 0xffffffffffffffff, 0xee00, 0x0])
ioctl$TUNSETGROUP(r2, 0x400454ce, r3)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r4, 0x306}, &(0x7f0000000180)=0xffffffffffffffe6)

[ 2552.512002]  ? task_will_free_mem+0x139/0x6e0
[ 2552.516520]  out_of_memory+0x936/0x12d0
[ 2552.520517]  ? lock_downgrade+0x810/0x810
[ 2552.524686]  ? oom_killer_disable+0x280/0x280
[ 2552.529190]  ? find_held_lock+0x35/0x130
[ 2552.533275]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2552.538135]  ? memcg_event_wake+0x230/0x230
[ 2552.542478]  ? do_raw_spin_unlock+0x57/0x270
[ 2552.546902]  ? _raw_spin_unlock+0x2d/0x50
[ 2552.551212]  try_charge+0x1028/0x15b0
[ 2552.555031]  ? find_held_lock+0x35/0x130
[ 2552.559116]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2552.563978]  ? kasan_check_read+0x11/0x20
[ 2552.563999]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2552.564023]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2552.577595]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2552.582543]  __handle_mm_fault+0x1e50/0x3f80
[ 2552.582565]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2552.582583]  ? find_held_lock+0x35/0x130
[ 2552.595883]  ? handle_mm_fault+0x322/0xb30
[ 2552.596845] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2552.600248]  ? kasan_check_read+0x11/0x20
[ 2552.600270]  handle_mm_fault+0x43f/0xb30
[ 2552.608979] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2552.613077]  __do_page_fault+0x62a/0xe90
[ 2552.613094]  ? blkcg_print_stat+0xb90/0xb90
[ 2552.613115]  ? vmalloc_fault+0x740/0x740
[ 2552.617177] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2552.622351]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2552.626440] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2552.630792]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2552.634863] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2552.643662]  ? page_fault+0x8/0x30
[ 2552.643685]  do_page_fault+0x71/0x57d
[ 2552.643698]  ? page_fault+0x8/0x30
[ 2552.643714]  page_fault+0x1e/0x30
[ 2552.648721] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2552.657624] RIP: 0033:0x40c534
09:32:27 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x2000, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f0000000080)=0x800021)

[ 2552.657640] Code: 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f b6 4c 24 43 48 69 c0 a8 00 00 00 88 88 c0 bf 75 00 e8 dc 70 ff ff <83> 05 c9 3a 55 00 01 80 7c 24 41 00 74 0b f6 44 24 18 01 0f 84 58
[ 2552.657651] RSP: 002b:00007ffe7b1e1b20 EFLAGS: 00010207
[ 2552.662577] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2552.671400] RAX: 0000000000000001 RBX: 0000000000000064 RCX: 00000000004592c9
[ 2552.671408] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000075bf28
[ 2552.671417] RBP: 0000000000000953 R08: 00007fd80e0d9700 R09: ffffffffffffffff
[ 2552.671424] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf20
[ 2552.671436] R13: 0000000000000003 R14: 0000000000000000 R15: 000000000075bf2c
[ 2552.674992] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2552.731523] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2552.742038] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2552.742038]    program syz-executor.0 not setting count and/or reply_len properly
[ 2552.761224] Task in 
09:32:27 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040)=0x384)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

[ 2552.849256] QAT: Invalid ioctl
[ 2552.925026] /syz5 killed as a result of limit of /syz5
[ 2552.932169] memory: usage 307200kB, limit 307200kB, failcnt 16901
[ 2552.976216] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2552.983637] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2552.990300] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:96KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2553.010844] Memory cgroup out of memory: Kill process 26351 (syz-executor.5) score 1103 or sacrifice child
09:32:28 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000002000", 0x2e}], 0x1}, 0x0)

09:32:28 executing program 3:
syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x7, 0x242800)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:28 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x8000, 0x0)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000240)='trusted.overlay.upper\x00', &(0x7f0000000280)={0x0, 0xfb, 0x9e, 0x1, 0x4, "b93d3c9c1e0eea5f48307ce09306bac2", "118a6853c5919cd52970173a865cd6e24545c13a4ee00822462b120e7ef9a59b0b7d98a3b410720bdaaee0feee68091bfbc434daa044e2765d5860371ec942fa6ea2bf3d3a4c6cffe444397801759582378fa273b7f5e11c5d393acbf469ca5e23136c8701c1cee972aca5136ce65eae2f51dd7319e2abc1cb74b43ecf0d209af2e4cdfe930711e85b"}, 0x9e, 0x1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca5055e0bcfec7be070")
syz_mount_image$iso9660(&(0x7f0000000140)='iso9660\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6d61703d61636f726e2c00156edca6d71dc778f5a9b0d150eede8aea091121dcc79a175fddcc9fcf567f1623acfe7c4abbe76ffe08dda275fb28e90eba6f27374ab5610130b59d5028fe64a76bd3b53d94ad6b52d87e5773488c"])
ioctl$SIOCGETNODEID(r2, 0x89e1, &(0x7f0000000340))
getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0xc)

09:32:28 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74000000], [], [], [], [], [], [], []]}, 0x905)

09:32:28 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2553.021435] Killed process 26351 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2553.048010] oom_reaper: reaped process 26351 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
09:32:28 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], [], [], [], [], [], []]}, 0x934)

[ 2553.148971] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2553.148971]    program syz-executor.0 not setting count and/or reply_len properly
09:32:28 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x4000, 0x0)
ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f0000000140)={0x5, &(0x7f00000000c0)=[{}, {}, {}, {}, {}]})

[ 2553.226727] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2553.283628] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2553.292752] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2553.299002] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2553.308817] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2553.311901] syz-executor.5 cpuset=
[ 2553.318078] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2553.331209] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2553.336782] syz5
[ 2553.340298] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2553.351581] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2553.355189]  mems_allowed=0-1
[ 2553.360704] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:28 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x2005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2553.389026] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2553.389026]    program syz-executor.0 not setting count and/or reply_len properly
[ 2553.432625] CPU: 1 PID: 26875 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2553.439688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2553.449156] Call Trace:
[ 2553.451766]  dump_stack+0x172/0x1f0
[ 2553.455414]  dump_header+0x15e/0x929
[ 2553.459151]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2553.464272]  ? ___ratelimit+0x60/0x595
[ 2553.468171]  ? do_raw_spin_unlock+0x57/0x270
[ 2553.472723]  oom_kill_process.cold+0x10/0x6ef
[ 2553.477242]  ? task_will_free_mem+0x139/0x6e0
[ 2553.481752]  ? find_held_lock+0x35/0x130
[ 2553.485835]  out_of_memory+0x936/0x12d0
[ 2553.489828]  ? lock_downgrade+0x810/0x810
[ 2553.493997]  ? oom_killer_disable+0x280/0x280
[ 2553.498506]  ? find_held_lock+0x35/0x130
[ 2553.502590]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2553.507454]  ? memcg_event_wake+0x230/0x230
[ 2553.511801]  ? do_raw_spin_unlock+0x57/0x270
[ 2553.516226]  ? _raw_spin_unlock+0x2d/0x50
[ 2553.520497]  try_charge+0x1028/0x15b0
[ 2553.524305]  ? find_held_lock+0x35/0x130
[ 2553.528386]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2553.533243]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2553.538102]  ? find_held_lock+0x35/0x130
[ 2553.542178]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2553.547047]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2553.551737]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2553.554881] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2553.556250]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2553.556271]  memcg_kmem_charge+0x136/0x300
[ 2553.556291]  __alloc_pages_nodemask+0x3c6/0x760
09:32:28 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000080)={{{@in6=@remote, @in6=@local}}, {{@in=@dev}, 0x0, @in6=@initdev}}, &(0x7f0000000000)=0xe8)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snapshot\x00', 0x20000, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x10001, 0x8, 0x9, 0xfffffffffffffff8, 0x5, 0xc4, 0x7, 0x1, 0x1f, 0x1, 0x696a, 0x7fff, 0x40100000000, 0x1ff, 0xff, 0x10001], 0x104000, 0x4002})

09:32:28 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x2, 0x200141)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={<r1=>0x0, 0x7}, &(0x7f0000000100)=0x8)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000380)='/selinux/policy\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x6, 0x100000001, 0x200, 0xed, 0x200, 0x7f, 0x1, 0x0, r1}, &(0x7f0000000180)=0x20)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000340)={0x9, [0x5, 0x4, 0x0, 0x7, 0x717, 0x5, 0x8c, 0x3ff, 0x5]}, 0x16)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r3 = socket$inet6_sctp(0xa, 0x4, 0x84)
getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000200)={r1, 0x6, 0x2, 0x100000000, 0x4, 0x1, 0xffffffff, 0x1, {r1, @in={{0x2, 0x4e24, @remote}}, 0x6, 0x9, 0x7, 0x5, 0x1}}, &(0x7f00000002c0)=0xb0)
set_mempolicy(0x2, &(0x7f00000001c0), 0xacac)
ioctl$DRM_IOCTL_INFO_BUFS(r0, 0xc0106418, &(0x7f0000000300)={0x65b0, 0x2, 0x6, 0x100000000, 0x2, 0x800})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:28 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [], [], [], [], [], []]}, 0x934)

[ 2553.565605] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2553.569801]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2553.569825]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2553.574345] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2553.578711]  ? trace_hardirqs_on+0x67/0x220
[ 2553.578723]  ? kasan_check_read+0x11/0x20
[ 2553.578747]  copy_process.part.0+0x3e0/0x7a30
[ 2553.584213] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2553.588932]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2553.588949]  ? delayacct_end+0x5c/0x100
[ 2553.588968]  ? __delayacct_freepages_end+0xe0/0x140
[ 2553.588988]  ? __lock_acquire+0x6eb/0x48f0
[ 2553.589011]  ? __cleanup_sighand+0x70/0x70
[ 2553.589030]  ? mark_held_locks+0x100/0x100
[ 2553.593806] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2553.602442]  _do_fork+0x257/0xfd0
[ 2553.602462]  ? fork_idle+0x1d0/0x1d0
[ 2553.602490]  ? blkcg_print_stat+0xb90/0xb90
[ 2553.606990] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2553.610944]  ? kasan_check_read+0x11/0x20
[ 2553.610960]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2553.610977]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2553.615761] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2553.624280]  ? do_syscall_64+0x26/0x620
[ 2553.624295]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2553.624310]  ? do_syscall_64+0x26/0x620
[ 2553.624328]  __x64_sys_clone+0xbf/0x150
[ 2553.624347]  do_syscall_64+0xfd/0x620
[ 2553.624365]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
09:32:28 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x0, 0x2, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2553.624377] RIP: 0033:0x45bc99
[ 2553.624392] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2553.624400] RSP: 002b:00007ffe7b1e19e8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2553.624416] RAX: ffffffffffffffda RBX: 00007fd80e0d9700 RCX: 000000000045bc99
[ 2553.624431] RDX: 00007fd80e0d99d0 RSI: 00007fd80e0d8db0 RDI: 00000000003d0f00
[ 2553.624440] RBP: 00007ffe7b1e1c00 R08: 00007fd80e0d9700 R09: 00007fd80e0d9700
[ 2553.624448] R10: 00007fd80e0d99d0 R11: 0000000000000202 R12: 0000000000000000
[ 2553.624457] R13: 00007ffe7b1e1a9f R14: 00007fd80e0d99c0 R15: 000000000075bf2c
[ 2553.633913] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2553.688926] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2553.775245] Task in /syz5 killed as a result of limit of /syz5
[ 2553.827150] memory: usage 307172kB, limit 307200kB, failcnt 16915
[ 2553.849104] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2553.858891] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2553.888428] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:96KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2553.917468] Memory cgroup out of memory: Kill process 26875 (syz-executor.5) score 1103 or sacrifice child
09:32:29 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000003000", 0x2e}], 0x1}, 0x0)

09:32:29 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0xc0000, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x260140, 0x0)
ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000000c0)={0x6, 0x8, 0x1, r2})

09:32:29 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000], [], [], [], [], [], [], []]}, 0x905)

09:32:29 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [], [], [], [], []]}, 0x934)

[ 2553.960920] Killed process 26875 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2553.978910] oom_reaper: reaped process 26875 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2554.065019] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2554.065019]    program syz-executor.0 not setting count and/or reply_len properly
[ 2554.091682] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2554.101242] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2554.107083] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2554.116361] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2554.126650] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2554.136634] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2554.146918] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2554.155994] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
09:32:29 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000040)=0xffffff28)

09:32:29 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x8001, 0x1, 0xffffffffffffffff, 0x800}]})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

[ 2554.165622] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:29 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d000000], [], [], [], [], [], [], []]}, 0x905)

09:32:29 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000000)=0x6)
r1 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x2, 0x400000)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000140)=0x8)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x400, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f00000000c0)={0x5, 0xe1, 0x20, 0x3})

09:32:29 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)=0x80000000000)

[ 2554.327855] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
[ 2554.366382] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2554.372038] CPU: 0 PID: 27658 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2554.379063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2554.388428] Call Trace:
[ 2554.391038]  dump_stack+0x172/0x1f0
[ 2554.394686]  dump_header+0x15e/0x929
[ 2554.398416]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2554.403683]  ? ___ratelimit+0x60/0x595
[ 2554.407586]  ? do_raw_spin_unlock+0x57/0x270
[ 2554.412021]  oom_kill_process.cold+0x10/0x6ef
[ 2554.416538]  ? task_will_free_mem+0x139/0x6e0
[ 2554.421056]  ? find_held_lock+0x35/0x130
[ 2554.425140]  out_of_memory+0x936/0x12d0
[ 2554.427514] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2554.427514]    program syz-executor.0 not setting count and/or reply_len properly
[ 2554.429129]  ? lock_downgrade+0x810/0x810
[ 2554.429154]  ? oom_killer_disable+0x280/0x280
[ 2554.453828]  ? find_held_lock+0x35/0x130
[ 2554.457919]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2554.462771]  ? memcg_event_wake+0x230/0x230
[ 2554.467102]  ? do_raw_spin_unlock+0x57/0x270
[ 2554.467117]  ? _raw_spin_unlock+0x2d/0x50
[ 2554.467137]  try_charge+0x1028/0x15b0
[ 2554.467149]  ? find_held_lock+0x35/0x130
[ 2554.467170]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2554.488411]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2554.493269]  ? find_held_lock+0x35/0x130
[ 2554.497348]  ? get_mem_cgroup_from_mm+0x10b/0x2b0
[ 2554.502220]  memcg_kmem_charge_memcg+0x7c/0x130
[ 2554.506908]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 2554.511424]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2554.516285]  memcg_kmem_charge+0x136/0x300
[ 2554.520538]  __alloc_pages_nodemask+0x3c6/0x760
09:32:29 executing program 3:
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={<r1=>0x0, 0xbc, &(0x7f0000000100)=[@in={0x2, 0x4e24, @empty}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1d}}, @in6={0xa, 0x4e20, 0xffffffff, @remote, 0x101}, @in6={0xa, 0x4e20, 0x20, @local, 0x5}, @in6={0xa, 0x4e23, 0x6, @mcast2, 0x20}, @in6={0xa, 0x4e20, 0x3, @remote, 0x2}, @in6={0xa, 0x4e21, 0x7, @mcast2, 0x100000001}, @in={0x2, 0x4e22, @multicast2}]}, &(0x7f00000001c0)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0)={r1, 0x99, 0x136}, 0xfebe)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240)=r0, 0x4)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0xfe3a)

09:32:29 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfffffff], [], [], [], [], [], [], []]}, 0x905)

[ 2554.525225]  ? __alloc_pages_slowpath+0x2870/0x2870
[ 2554.530269]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 2554.534874]  ? trace_hardirqs_on+0x67/0x220
[ 2554.539214]  ? kasan_check_read+0x11/0x20
[ 2554.543383]  copy_process.part.0+0x3e0/0x7a30
[ 2554.547898]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2554.553018]  ? delayacct_end+0x5c/0x100
[ 2554.557001]  ? __delayacct_freepages_end+0xe0/0x140
[ 2554.562023]  ? __lock_acquire+0x6eb/0x48f0
[ 2554.566282]  ? __cleanup_sighand+0x70/0x70
[ 2554.570535]  ? mark_held_locks+0x100/0x100
[ 2554.574786]  _do_fork+0x257/0xfd0
[ 2554.578255]  ? fork_idle+0x1d0/0x1d0
[ 2554.581988]  ? blkcg_print_stat+0xb90/0xb90
[ 2554.586324]  ? kasan_check_read+0x11/0x20
[ 2554.590491]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2554.593598] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2554.593598]    program syz-executor.0 not setting count and/or reply_len properly
[ 2554.595260]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2554.595276]  ? do_syscall_64+0x26/0x620
[ 2554.595292]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
09:32:29 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f], [], [], [], [], [], [], []]}, 0x905)

[ 2554.595315]  ? do_syscall_64+0x26/0x620
[ 2554.629510]  __x64_sys_clone+0xbf/0x150
[ 2554.633505]  do_syscall_64+0xfd/0x620
[ 2554.637325]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2554.642520] RIP: 0033:0x45bc99
[ 2554.645726] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 2554.664636] RSP: 002b:00007ffe7b1e19e8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2554.672358] RAX: ffffffffffffffda RBX: 00007fd80e0d9700 RCX: 000000000045bc99
[ 2554.679657] RDX: 00007fd80e0d99d0 RSI: 00007fd80e0d8db0 RDI: 00000000003d0f00
[ 2554.686938] RBP: 00007ffe7b1e1c00 R08: 00007fd80e0d9700 R09: 00007fd80e0d9700
[ 2554.694214] R10: 00007fd80e0d99d0 R11: 0000000000000202 R12: 0000000000000000
[ 2554.701491] R13: 00007ffe7b1e1a9f R14: 00007fd80e0d99c0 R15: 000000000075bf2c
[ 2554.741682] Task in /syz5 killed as a result of limit of /syz5
[ 2554.747909] memory: usage 307192kB, limit 307200kB, failcnt 16952
[ 2554.757245] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2554.764236] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2554.770485] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:96KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2554.790324] Memory cgroup out of memory: Kill process 27658 (syz-executor.5) score 1103 or sacrifice child
[ 2554.807877] Killed process 27658 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
09:32:30 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000003f00", 0x2e}], 0x1}, 0x0)

09:32:30 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x2000)

09:32:30 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffbf], [], [], [], [], [], [], []]}, 0x905)

09:32:30 executing program 2:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000100)={0x8000, 0x6, 0x8}, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = getpid()
syz_open_procfs(r2, &(0x7f0000000200)='net/ip_vs_stats_percpu\x00')
getsockopt$bt_hci(r1, 0x0, 0x3, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r3, 0x306}, &(0x7f0000000180)=0x8)
mkdirat$cgroup(r0, &(0x7f0000000240)='syz0\x00', 0x1ff)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r4, 0xae78, &(0x7f0000000080)=0x2)
syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0x1, 0x2)

09:32:30 executing program 3:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x0, 0x6, 0xfffffffffffffffd}}, 0x30)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000100)="4799addd0f5380ddb326402a", 0xc)

09:32:30 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [], [], [], [], [], []]}, 0x934)

[ 2554.835260] oom_reaper: reaped process 27658 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
[ 2554.921667] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2554.941301] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2554.947481] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2554.957850] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2554.967267] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2554.977032] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2554.986117] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2554.989796] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2554.995396] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2555.013159] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2555.015651] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2555.021604] CPU: 1 PID: 27959 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2555.034445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2555.043815] Call Trace:
[ 2555.046424]  dump_stack+0x172/0x1f0
[ 2555.050077]  dump_header+0x15e/0x929
[ 2555.053811]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2555.058933]  ? ___ratelimit+0x60/0x595
[ 2555.062836]  ? do_raw_spin_unlock+0x57/0x270
[ 2555.067268]  oom_kill_process.cold+0x10/0x6ef
[ 2555.071809]  ? task_will_free_mem+0x139/0x6e0
[ 2555.076341]  out_of_memory+0x936/0x12d0
[ 2555.080337]  ? lock_downgrade+0x810/0x810
[ 2555.084505]  ? oom_killer_disable+0x280/0x280
[ 2555.089015]  ? find_held_lock+0x35/0x130
[ 2555.093106]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2555.097968]  ? memcg_event_wake+0x230/0x230
[ 2555.102401]  ? do_raw_spin_unlock+0x57/0x270
[ 2555.106824]  ? _raw_spin_unlock+0x2d/0x50
[ 2555.110990]  try_charge+0x1028/0x15b0
[ 2555.114803]  ? find_held_lock+0x35/0x130
[ 2555.118900]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2555.123762]  ? kasan_check_read+0x11/0x20
[ 2555.127925]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2555.132784]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2555.137384]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2555.142338]  __handle_mm_fault+0x1e50/0x3f80
[ 2555.146852]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2555.151710]  ? find_held_lock+0x35/0x130
[ 2555.155779]  ? handle_mm_fault+0x322/0xb30
[ 2555.160043]  ? kasan_check_read+0x11/0x20
[ 2555.164209]  handle_mm_fault+0x43f/0xb30
[ 2555.168298]  __do_page_fault+0x62a/0xe90
[ 2555.172378]  ? vmalloc_fault+0x740/0x740
[ 2555.176453]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2555.181490]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2555.186435]  ? page_fault+0x8/0x30
[ 2555.190002]  do_page_fault+0x71/0x57d
[ 2555.193815]  ? page_fault+0x8/0x30
[ 2555.197369]  page_fault+0x1e/0x30
[ 2555.200829] RIP: 0033:0x45bc7d
[ 2555.204028] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 30 8e fb ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8
09:32:30 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [], [], [], [], [], []]}, 0x934)

[ 2555.221811] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2555.222936] RSP: 002b:00007ffe7b1e19e8 EFLAGS: 00010202
[ 2555.222952] RAX: ffffffffffffffea RBX: 00007fd80e0d9700 RCX: 00007fd80e0d9700
[ 2555.222960] RDX: 00000000003d0f00 RSI: 00007fd80e0d8db0 RDI: 0000000000410000
[ 2555.222969] RBP: 00007ffe7b1e1c00 R08: 00007fd80e0d99d0 R09: 00007fd80e0d9700
[ 2555.222977] R10: 00007fd80e0d8dc0 R11: 0000000000000246 R12: 0000000000000000
[ 2555.222985] R13: 00007ffe7b1e1a9f R14: 00007fd80e0d99c0 R15: 000000000075bf2c
[ 2555.232079] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2555.267116] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2555.289258] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2555.298467] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2555.307929] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
09:32:30 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:30 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000080)=""/178)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

[ 2555.317021] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2555.332158] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2555.341637] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2555.346683] Task in /syz5 killed as a result of limit of /syz5
[ 2555.356931] memory: usage 307200kB, limit 307200kB, failcnt 16980
[ 2555.364309] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2555.371638] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
09:32:30 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:30 executing program 3:
socket$inet6_sctp(0xa, 0x5, 0x84)

[ 2555.422379] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:92KB inactive_file:0KB active_file:0KB unevictable:0KB
09:32:30 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50], [], [], [], [], [], []]}, 0x934)

[ 2555.486677] Memory cgroup out of memory: Kill process 27959 (syz-executor.5) score 1103 or sacrifice child
[ 2555.531488] Killed process 27959 (syz-executor.5) total-vm:72580kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2555.588901] oom_reaper: reaped process 27959 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB
[ 2555.631167] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2555.640239] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2555.645514] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2555.654406] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2555.663303] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2555.672258] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2555.681152] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2555.690042] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2555.698932] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
09:32:30 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000004000", 0x2e}], 0x1}, 0x0)

09:32:30 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:30 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x10100, 0x0)
write$UHID_CREATE(r1, &(0x7f0000000180)={0x0, 'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/172, 0xac, 0x401, 0x81, 0x3, 0x4, 0x10000}, 0x120)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

09:32:30 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:31 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x100, 0x202000)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000340)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000003c0)=0x28)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
select(0x40, &(0x7f00000001c0)={0x1, 0x40, 0x200, 0x5, 0x0, 0x4d, 0x100000001}, &(0x7f0000000200)={0x0, 0x2, 0x3, 0x0, 0xfff, 0x80000001, 0x2823, 0x400}, &(0x7f0000000240)={0x2b, 0x2, 0x7, 0x8000, 0x100000000, 0x0, 0x9, 0x7}, &(0x7f0000000280)={0x77359400})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000040)={<r3=>0x0, 0x6, 0x5, 0x20}, &(0x7f0000000080)=0xfffffffffffffec0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000000c0)={0x81, 0xc4e, 0x8201, 0x5a, 0x5, 0x9, 0x1, 0x5, r3}, &(0x7f0000000100)=0x20)
ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000400)=""/103)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={<r4=>0x0}, 0x0)
ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x839)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000480)={0x0, 0x0, 0x5, 0x0, [], [{0x8000, 0x3, 0x100, 0x129, 0x3, 0x10000}, {0x100000001, 0x1, 0x1ff000000000000, 0x5, 0x0, 0x4}], [[], [], [], [], []]})
r5 = syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x3, 0x2)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000300)={r2})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r4, 0x306}, &(0x7f0000000180)=0x8)

09:32:31 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080)=[@in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e20, 0xd2, @loopback, 0x6}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e22, 0x8, @empty, 0xfff}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x68)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000100)={'ipvs\x00'}, &(0x7f0000000140)=0x1e)

09:32:31 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video36\x00', 0x2, 0x0)
ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f00000000c0))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2555.962046] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000
[ 2555.991644] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2556.003397] CPU: 1 PID: 28599 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2556.010450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2556.019817] Call Trace:
[ 2556.022425]  dump_stack+0x172/0x1f0
[ 2556.026074]  dump_header+0x15e/0x929
[ 2556.029805]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2556.034927]  ? ___ratelimit+0x60/0x595
[ 2556.038830]  ? do_raw_spin_unlock+0x57/0x270
[ 2556.043265]  oom_kill_process.cold+0x10/0x6ef
[ 2556.047774]  ? task_will_free_mem+0x139/0x6e0
[ 2556.052292]  out_of_memory+0x936/0x12d0
[ 2556.056282]  ? lock_downgrade+0x810/0x810
[ 2556.060442]  ? oom_killer_disable+0x280/0x280
[ 2556.065514]  ? find_held_lock+0x35/0x130
[ 2556.069598]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2556.074457]  ? memcg_event_wake+0x230/0x230
[ 2556.078836]  ? do_raw_spin_unlock+0x57/0x270
[ 2556.083279]  ? _raw_spin_unlock+0x2d/0x50
[ 2556.087445]  try_charge+0x1028/0x15b0
[ 2556.091257]  ? find_held_lock+0x35/0x130
[ 2556.095344]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2556.100209]  ? kasan_check_read+0x11/0x20
[ 2556.104379]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2556.109241]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2556.113845]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2556.118804]  wp_page_copy+0x430/0x16a0
[ 2556.122715]  ? follow_pfn+0x2a0/0x2a0
[ 2556.126534]  ? kasan_check_read+0x11/0x20
[ 2556.130698]  ? do_raw_spin_unlock+0x57/0x270
[ 2556.135125]  do_wp_page+0x57d/0x10b0
[ 2556.138858]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2556.143545]  ? kasan_check_write+0x14/0x20
[ 2556.147794]  ? do_raw_spin_lock+0xc8/0x240
[ 2556.152047]  __handle_mm_fault+0x2305/0x3f80
[ 2556.156471]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2556.161329]  ? find_held_lock+0x35/0x130
[ 2556.165404]  ? handle_mm_fault+0x322/0xb30
[ 2556.169665]  ? kasan_check_read+0x11/0x20
[ 2556.173829]  handle_mm_fault+0x43f/0xb30
[ 2556.177916]  __do_page_fault+0x62a/0xe90
[ 2556.181999]  ? vmalloc_fault+0x740/0x740
[ 2556.186081]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2556.191116]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2556.196069]  ? page_fault+0x8/0x30
[ 2556.199641]  do_page_fault+0x71/0x57d
[ 2556.203457]  ? page_fault+0x8/0x30
[ 2556.207018]  page_fault+0x1e/0x30
[ 2556.210477] RIP: 0033:0x40c376
[ 2556.213681] Code: 74 28 41 8b 07 85 c0 0f 85 f0 00 00 00 41 83 c6 01 48 81 c5 a8 00 00 00 41 83 fe 10 75 d7 bf 85 e9 4b 00 31 c0 e8 1a 58 ff ff <c6> 45 f8 01 44 89 75 f4 48 89 ef c6 45 15 00 c7 45 fc 00 00 00 00
[ 2556.232681] RSP: 002b:00007ffe7b1e1b20 EFLAGS: 00010246
[ 2556.238064] RAX: 0000000000000001 RBX: 000000000075bf2c RCX: 00007ffe7b1e1bd8
[ 2556.245342] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000010
[ 2556.252624] RBP: 000000000075bf2c R08: 00007ffe7b1e1be0 R09: 0000000000760060
09:32:31 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:31 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xe8, r1, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x44, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x401}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6e}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x10001}]}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x63}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2e}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x45}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @rand_addr=0x4}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000140)={r3, 0x306}, &(0x7f0000000180)=0x8)

09:32:31 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87], [], [], [], [], [], []]}, 0x934)

[ 2556.259903] R10: 0000000000000075 R11: 0000000000000006 R12: 000000000075bf20
[ 2556.267180] R13: 0000000000000003 R14: 0000000000000000 R15: 000000000075bf2c
[ 2556.293354] Task in /syz5 killed as a result of limit of /syz5
[ 2556.321151] memory: usage 307200kB, limit 307200kB, failcnt 17003
[ 2556.377410] sg_write: 4 callbacks suppressed
[ 2556.377424] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2556.377424]    program syz-executor.0 not setting count and/or reply_len properly
[ 2556.380294] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2556.410318] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2556.420434] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
09:32:31 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
poll(&(0x7f0000000080)=[{r0, 0x102}, {r0, 0x1080}, {r0, 0x4001}, {r0, 0x400}, {r0, 0x8}, {r0, 0x200}, {r0, 0x80}], 0x7, 0xfffffffffffffffd)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2556.426042] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2556.436714] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2556.445992] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2556.455420] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2556.464648] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:31 executing program 4:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xffff, 0x8001)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r1, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2556.473736] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2556.482894] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
[ 2556.501271] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2556.508134] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:80KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2556.557792] Memory cgroup out of memory: Kill process 28599 (syz-executor.5) score 1103 or sacrifice child
[ 2556.590060] Killed process 28599 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2556.633741] oom_reaper: reaped process 28599 (syz-executor.5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB
09:32:31 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000004800", 0x2e}], 0x1}, 0x0)

09:32:31 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:31 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x80, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000001c0)={r1, @in6={{0xa, 0x4e24, 0x21, @mcast2, 0x5}}, 0x5, 0x20, 0x100000001, 0xa8}, &(0x7f0000000280)=0x98)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={<r3=>r1, 0x306}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000000c0)=ANY=[@ANYRES32=r3, @ANYBLOB="010005000300050000007f000100402c1d6449553fd9617d78a49644eebb97be4de72b55d8999b34e5b7d12d91bc281ac2a64609e982"], &(0x7f0000000080)=0x12)
syz_init_net_socket$rose(0xb, 0x5, 0x0)

09:32:31 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], [], [], [], [], [], []]}, 0x934)

09:32:31 executing program 3:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
socket$inet(0x2, 0x4c47e44634d902d3, 0x20000000000003)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}, 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)
r4 = socket$inet6_sctp(0xa, 0xd, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 2556.735852] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2556.735852]    program syz-executor.0 not setting count and/or reply_len properly
[ 2556.764487] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2556.773289] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2556.778516] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2556.787478] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2556.796393] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2556.801874] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2556.805292] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2556.805318] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
09:32:31 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$netlink(0x10, 0x3, 0x8000000000004)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x100, 0x0)
setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000080)=0x1ff, 0x2)
write(r1, &(0x7f0000000180)="2700000014000707030e000002000a0010000100f5fe3936bb760c23001259f32dc57410e8a99f", 0x27)
socket$inet6(0xa, 0x2, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x80)
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:32 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2556.805341] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2556.805360] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2556.852934] protocol 88fb is buggy, dev hsr_slave_0
[ 2556.857057] syz-executor.5 cpuset=
[ 2556.858085] protocol 88fb is buggy, dev hsr_slave_1
[ 2556.858154] syz5 mems_allowed=0-1
[ 2556.907883] CPU: 0 PID: 29147 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2556.914945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2556.924311] Call Trace:
[ 2556.926918]  dump_stack+0x172/0x1f0
[ 2556.930567]  dump_header+0x15e/0x929
[ 2556.934300]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2556.939416]  ? ___ratelimit+0x60/0x595
[ 2556.943319]  ? do_raw_spin_unlock+0x57/0x270
[ 2556.947748]  oom_kill_process.cold+0x10/0x6ef
[ 2556.952261]  ? task_will_free_mem+0x139/0x6e0
09:32:32 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], [], [], [], [], [], []]}, 0x934)

09:32:32 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040), 0x4)

[ 2556.956773]  out_of_memory+0x936/0x12d0
[ 2556.960941]  ? lock_downgrade+0x810/0x810
[ 2556.965109]  ? oom_killer_disable+0x280/0x280
[ 2556.969626]  ? find_held_lock+0x35/0x130
[ 2556.973721]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2556.978582]  ? memcg_event_wake+0x230/0x230
[ 2556.982989]  ? do_raw_spin_unlock+0x57/0x270
[ 2556.987415]  ? _raw_spin_unlock+0x2d/0x50
[ 2556.991579]  try_charge+0x1028/0x15b0
[ 2556.995398]  ? find_held_lock+0x35/0x130
[ 2556.997446] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2556.999479]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2556.999500]  ? kasan_check_read+0x11/0x20
[ 2556.999520]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2557.008227] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2557.013021]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2557.013041]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2557.013061]  wp_page_copy+0x430/0x16a0
[ 2557.017213] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2557.022042]  ? follow_pfn+0x2a0/0x2a0
[ 2557.027255] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2557.031785]  ? kasan_check_read+0x11/0x20
[ 2557.036724] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2557.040575]  ? do_raw_spin_unlock+0x57/0x270
[ 2557.049472] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2557.053219]  do_wp_page+0x57d/0x10b0
[ 2557.053239]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2557.062080] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2557.066212]  ? kasan_check_write+0x14/0x20
[ 2557.066225]  ? do_raw_spin_lock+0xc8/0x240
[ 2557.066245]  __handle_mm_fault+0x2305/0x3f80
[ 2557.075088] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2557.079462]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2557.088311] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2557.091991]  ? find_held_lock+0x35/0x130
[ 2557.142127]  ? handle_mm_fault+0x322/0xb30
[ 2557.146399]  ? kasan_check_read+0x11/0x20
[ 2557.150572]  handle_mm_fault+0x43f/0xb30
[ 2557.154671]  __do_page_fault+0x62a/0xe90
09:32:32 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000], [], [], [], [], [], []]}, 0x934)

09:32:32 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000100)={<r1=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x306}, &(0x7f0000000180)=0x8)

[ 2557.158762]  ? vmalloc_fault+0x740/0x740
[ 2557.162931]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2557.167961]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2557.172908]  ? page_fault+0x8/0x30
[ 2557.176467]  do_page_fault+0x71/0x57d
[ 2557.180284]  ? page_fault+0x8/0x30
[ 2557.183929]  page_fault+0x1e/0x30
[ 2557.187391] RIP: 0033:0x40f428
[ 2557.190593] Code: 48 8b 05 93 4a 30 00 48 89 08 48 8b 15 91 4a 30 00 48 89 42 08 48 8b 05 76 4a 30 00 48 89 05 7f 4a 30 00 49 8d 81 c0 02 00 00 <48> 89 05 81 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 2557.209505] RSP: 002b:00007ffe7b1e1c78 EFLAGS: 00010246
[ 2557.209892] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2557.214966] RAX: 0000000001422c00 RBX: 00007ffe7b1e1c80 RCX: 0000000000713ea0
[ 2557.214975] RDX: 000000000040f260 RSI: 0000000000713e90 RDI: 0000000001422c20
[ 2557.214984] RBP: 00007ffe7b1e1cc0 R08: 0000000000000001 R09: 0000000001422940
[ 2557.214993] R10: 0000000001422c10 R11: 0000000000000202 R12: 0000000000000001
[ 2557.215001] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7b1e1d10
[ 2557.224067] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2557.260388] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2557.274468] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2557.274489] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2557.274508] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2557.274527] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2557.274545] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2557.274567] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2557.295243] Task in 
[ 2557.341243] /syz5 killed as a result of limit of /syz5
[ 2557.351789] memory: usage 307200kB, limit 307200kB, failcnt 17023
09:32:32 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

[ 2557.361304] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2557.361304]    program syz-executor.0 not setting count and/or reply_len properly
[ 2557.393181] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2557.441372] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2557.480117] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2557.499992] protocol 88fb is buggy, dev hsr_slave_0
[ 2557.500063] protocol 88fb is buggy, dev hsr_slave_1
[ 2557.500189] protocol 88fb is buggy, dev hsr_slave_0
[ 2557.500249] protocol 88fb is buggy, dev hsr_slave_1
[ 2557.500368] protocol 88fb is buggy, dev hsr_slave_0
[ 2557.500421] protocol 88fb is buggy, dev hsr_slave_1
[ 2557.500521] protocol 88fb is buggy, dev hsr_slave_0
[ 2557.500620] protocol 88fb is buggy, dev hsr_slave_1
[ 2557.642667] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2557.642667]    program syz-executor.1 not setting count and/or reply_len properly
[ 2557.673604] Memory cgroup out of memory: Kill process 25035 (syz-executor.5) score 117 or sacrifice child
[ 2557.698167] Killed process 29147 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2557.732032] oom_reaper: reaped process 29147 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
09:32:32 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000004c00", 0x2e}], 0x1}, 0x0)

09:32:32 executing program 4:
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@dev={0xfe, 0x80, [], 0x1a}, 0x1, 0x2, 0x0, 0x3, 0x70, 0xf1}, &(0x7f00000000c0)=0x20)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r1, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:32 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0}, 0x0)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
bind$ax25(r2, &(0x7f0000000080)={{0x3, @bcast, 0x6}, [@null, @bcast, @bcast, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={<r3=>r1, 0x306}, &(0x7f0000000180)=0x8)
iopl(0x7fff)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)={r3, 0x2, 0x4, [0x20, 0x0, 0x6, 0x6]}, 0x10)

09:32:32 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000080))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={<r1=>0x0, 0x5, 0xfffffffffffffff9, 0x100000000, 0x7, 0xd7c5}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x6, 0x800b, 0x9, 0x7, r1}, 0x10)

09:32:32 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2557.761694] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2557.770856] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2557.776868] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2557.786347] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2557.796498] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2557.806148] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2557.816198] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2557.825354] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2557.834802] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:33 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000280)=0x4)
r1 = dup(r0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000080)={<r2=>0x0, 0xb3}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000100)={r2, @in={{0x2, 0x4e21, @remote}}}, &(0x7f00000001c0)=0x84)
ioctl$BLKSECTGET(r1, 0x1267, &(0x7f0000000200))

[ 2557.880650] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2557.880650]    program syz-executor.0 not setting count and/or reply_len properly
09:32:33 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000080)={0x8001, 0x1, 0xffffffff, 'queue0\x00', 0x1})

[ 2557.957179] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2558.015689] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2558.028647] CPU: 1 PID: 29898 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2558.035702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2558.045071] Call Trace:
[ 2558.047676]  dump_stack+0x172/0x1f0
[ 2558.051326]  dump_header+0x15e/0x929
[ 2558.055060]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2558.060174]  ? ___ratelimit+0x60/0x595
[ 2558.064559]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.068997]  oom_kill_process.cold+0x10/0x6ef
[ 2558.073518]  ? task_will_free_mem+0x139/0x6e0
[ 2558.078024]  out_of_memory+0x936/0x12d0
[ 2558.082002]  ? lock_downgrade+0x810/0x810
[ 2558.086171]  ? oom_killer_disable+0x280/0x280
[ 2558.090853]  ? find_held_lock+0x35/0x130
[ 2558.094939]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2558.099789]  ? memcg_event_wake+0x230/0x230
[ 2558.104129]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.108566]  ? _raw_spin_unlock+0x2d/0x50
[ 2558.112736]  try_charge+0x1028/0x15b0
[ 2558.116549]  ? find_held_lock+0x35/0x130
[ 2558.120637]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2558.125633]  ? kasan_check_read+0x11/0x20
[ 2558.129803]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2558.134665]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2558.136655] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2558.136655]    program syz-executor.0 not setting count and/or reply_len properly
[ 2558.139270]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2558.139290]  wp_page_copy+0x430/0x16a0
[ 2558.139326]  ? follow_pfn+0x2a0/0x2a0
[ 2558.168069]  ? kasan_check_read+0x11/0x20
[ 2558.172233]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.176659]  do_wp_page+0x57d/0x10b0
[ 2558.180398]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2558.185081]  ? kasan_check_write+0x14/0x20
[ 2558.189336]  ? do_raw_spin_lock+0xc8/0x240
[ 2558.193592]  __handle_mm_fault+0x2305/0x3f80
[ 2558.198026]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2558.202892]  ? find_held_lock+0x35/0x130
[ 2558.206967]  ? handle_mm_fault+0x322/0xb30
[ 2558.211225]  ? kasan_check_read+0x11/0x20
09:32:33 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:33 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400, 0x0)

[ 2558.215401]  handle_mm_fault+0x43f/0xb30
[ 2558.219486]  __do_page_fault+0x62a/0xe90
[ 2558.223570]  ? vmalloc_fault+0x740/0x740
[ 2558.227729]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2558.227742]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2558.227758]  ? page_fault+0x8/0x30
[ 2558.237695]  do_page_fault+0x71/0x57d
[ 2558.245022]  ? page_fault+0x8/0x30
[ 2558.248582]  page_fault+0x1e/0x30
[ 2558.252046] RIP: 0033:0x40f428
09:32:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8700], [], [], [], [], [], []]}, 0x934)

09:32:33 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:33 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x0, 0x2, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='auxv\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x7}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0xa, 0x4, 0xfa00, {r2}}, 0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r3=>0x0}, 0x0)
getrlimit(0xf, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r3, 0x306}, &(0x7f0000000180)=0x8)

[ 2558.255256] Code: 48 8b 05 93 4a 30 00 48 89 08 48 8b 15 91 4a 30 00 48 89 42 08 48 8b 05 76 4a 30 00 48 89 05 7f 4a 30 00 49 8d 81 c0 02 00 00 <48> 89 05 81 10 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 2558.274173] RSP: 002b:00007ffe7b1e1c78 EFLAGS: 00010246
[ 2558.279558] RAX: 0000000001422c00 RBX: 00007ffe7b1e1c80 RCX: 0000000000713ea0
[ 2558.286839] RDX: 000000000040f260 RSI: 0000000000713e90 RDI: 0000000001422c20
[ 2558.294121] RBP: 00007ffe7b1e1cc0 R08: 0000000000000001 R09: 0000000001422940
[ 2558.301406] R10: 0000000001422c10 R11: 0000000000000202 R12: 0000000000000001
[ 2558.308685] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7b1e1d10
[ 2558.363029] Task in /syz5 killed as a result of limit of /syz5
[ 2558.403728] memory: usage 307200kB, limit 307200kB, failcnt 17056
[ 2558.410106] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2558.414953] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2558.414953]    program syz-executor.0 not setting count and/or reply_len properly
[ 2558.435092] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2558.444166] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2558.449399] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2558.453421] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2558.458309] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2558.470391] Memory cgroup stats for 
[ 2558.473358] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2558.473378] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2558.473398] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2558.477409] /syz5
[ 2558.486006] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2558.495111] :
[ 2558.503660] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2558.516097]  cache:0KB
[ 2558.522467]  rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2558.544212] Memory cgroup out of memory: Kill process 25035 (syz-executor.5) score 117 or sacrifice child
[ 2558.555217] Killed process 29898 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2558.608036] sg_write: data in/out 327645/2314 bytes for SCSI command 0x0-- guessing data in;
[ 2558.608036]    program syz-executor.1 not setting count and/or reply_len properly
[ 2558.644972] oom_reaper: reaped process 29898 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
09:32:33 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000006000", 0x2e}], 0x1}, 0x0)

09:32:33 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in=@loopback, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f00000001c0)=0xe8)
fsetxattr$security_capability(r0, &(0x7f0000000080)='security.capability\x00', &(0x7f0000000200)=@v3={0x3000000, [{0x4, 0xbe}, {0x6, 0x8000}], r1}, 0x18, 0x1)

09:32:33 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@local, @in=@multicast1}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9b, 0x100)
ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000080)={r0})

09:32:33 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
getsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000080)=""/31, &(0x7f00000000c0)=0x1f)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x306}, &(0x7f0000000180)=0x8)

[ 2558.716993] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2558.730473] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2558.735946] CPU: 0 PID: 25035 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2558.743054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2558.752413] Call Trace:
[ 2558.755023]  dump_stack+0x172/0x1f0
[ 2558.758675]  dump_header+0x15e/0x929
[ 2558.762411]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2558.767536]  ? ___ratelimit+0x60/0x595
[ 2558.771440]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.775872]  oom_kill_process.cold+0x10/0x6ef
[ 2558.780516]  ? task_will_free_mem+0x139/0x6e0
[ 2558.785036]  out_of_memory+0x936/0x12d0
[ 2558.789026]  ? lock_downgrade+0x810/0x810
[ 2558.789045]  ? oom_killer_disable+0x280/0x280
[ 2558.797680]  ? find_held_lock+0x35/0x130
[ 2558.801862]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2558.806725]  ? memcg_event_wake+0x230/0x230
[ 2558.811061]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.811079]  ? _raw_spin_unlock+0x2d/0x50
[ 2558.811097]  try_charge+0x1028/0x15b0
[ 2558.823444]  ? find_held_lock+0x35/0x130
[ 2558.827627]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2558.832520]  ? kasan_check_read+0x11/0x20
[ 2558.832543]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2558.841531]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2558.846607]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2558.846624]  wp_page_copy+0x430/0x16a0
[ 2558.846646]  ? follow_pfn+0x2a0/0x2a0
[ 2558.846665]  ? kasan_check_read+0x11/0x20
[ 2558.846679]  ? do_raw_spin_unlock+0x57/0x270
[ 2558.846695]  do_wp_page+0x57d/0x10b0
[ 2558.871600]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2558.871618]  ? kasan_check_write+0x14/0x20
[ 2558.880684]  ? do_raw_spin_lock+0xc8/0x240
[ 2558.884945]  __handle_mm_fault+0x2305/0x3f80
[ 2558.889382]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2558.894338]  ? find_held_lock+0x35/0x130
[ 2558.898906]  ? handle_mm_fault+0x322/0xb30
[ 2558.903173]  ? kasan_check_read+0x11/0x20
[ 2558.907346]  handle_mm_fault+0x43f/0xb30
[ 2558.911433]  __do_page_fault+0x62a/0xe90
[ 2558.911448]  ? blkcg_print_stat+0xb90/0xb90
[ 2558.911467]  ? vmalloc_fault+0x740/0x740
[ 2558.923907]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2558.923925]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2558.933867]  ? page_fault+0x8/0x30
[ 2558.937433]  do_page_fault+0x71/0x57d
[ 2558.941258]  ? page_fault+0x8/0x30
[ 2558.944818]  page_fault+0x1e/0x30
[ 2558.946265] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2558.946265]    program syz-executor.0 not setting count and/or reply_len properly
[ 2558.948283] RIP: 0033:0x4579be
09:32:33 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:34 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [], [], [], [], [], []]}, 0x934)

09:32:34 executing program 3:

[ 2558.948299] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74
[ 2558.948307] RSP: 002b:00007ffe7b1e1c80 EFLAGS: 00010246
[ 2558.948331] RAX: 0000000000000001 RBX: 00007ffe7b1e1c80 RCX: 000000000045789a
[ 2558.986461] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2558.986475] RBP: 00007ffe7b1e1cc0 R08: 0000000000000001 R09: 0000000001422940
[ 2558.986483] R10: 0000000001422c10 R11: 0000000000000246 R12: 0000000000000001
[ 2558.986491] R13: 0000000000000012 R14: 0000000000000000 R15: 00007ffe7b1e1d10
09:32:34 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x319}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000100)={0x6, [0x1, 0x800, 0x280000000000000, 0x4, 0x0, 0x6]})
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={<r2=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x307}, &(0x7f0000000040)=0x7)
r3 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x2, 0x101000)
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={r2, 0x40}, &(0x7f00000000c0)=0x8)

[ 2559.091727] sd 0:0:1:0: [sg0] tag#4754 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2559.102232] sd 0:0:1:0: [sg0] tag#4754 CDB: Write(10)
[ 2559.107707] sd 0:0:1:0: [sg0] tag#4754 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2559.117923] sd 0:0:1:0: [sg0] tag#4754 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2559.127351] sd 0:0:1:0: [sg0] tag#4754 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
09:32:34 executing program 3:

[ 2559.137504] sd 0:0:1:0: [sg0] tag#4754 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2559.142942] Task in /syz5 killed as a result of limit of /syz5
[ 2559.146595] sd 0:0:1:0: [sg0] tag#4754 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2559.153708] memory: usage 307196kB, limit 307200kB, failcnt 17082
[ 2559.161546] sd 0:0:1:0: [sg0] tag#4754 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2559.177257] sd 0:0:1:0: [sg0] tag#4754 CDB[60]: d8 9b 15 da 44
09:32:34 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000000)=0x149)

09:32:34 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2559.251691] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
09:32:34 executing program 3:

[ 2559.291936] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2559.307719] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:52KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2559.358017] sg_write: data in/out 327645/2267 bytes for SCSI command 0x0-- guessing data in;
[ 2559.358017]    program syz-executor.0 not setting count and/or reply_len properly
[ 2559.374771] Memory cgroup out of memory: Kill process 25035 (syz-executor.5) score 117 or sacrifice child
[ 2559.406304] Killed process 30380 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
09:32:34 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="2e000000220005000000c187185095cf0400b0eba0b4d65c0000000051894d5d1dac000000000000000000006800", 0x2e}], 0x1}, 0x0)

09:32:34 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x9, 0x20000)
ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f0000000080))
getsockopt$sock_int(r0, 0x1, 0x3c, 0x0, &(0x7f0000000040))

09:32:34 executing program 3:

09:32:34 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000], [], [], [], [], [], [], []]}, 0x905)

09:32:34 executing program 3:

[ 2559.667053] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
09:32:34 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x65, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380)="2a6c9d779627af160a5012976584759e5c879a6557890847e9d0cfbb449485e050b10622a950e5e212dc66e086ec3ad9337cd34459a58330db264c0f1d1b4a5d09bae59cbe0d95a0f92bcc7d8a2d739a33f3a3c0745262a46515a8b7cb140247d89b15da44", 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x0, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x6474e557, 0x7, 0x4, 0x7fffffff, 0x80000001, 0x1, 0x25, 0x401}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12d75bbf61718ab1218540f76ae62ef4e5bdc89821afbf7cc8e72e5b8d3a707724828dc319c269e7180bd1b480dd9643", [[], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [], [], [], [], [], []]}, 0x934)

09:32:34 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000015c0)={0x53, 0x0, 0x0, 0xc7, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001380), 0x0, 0xff, 0x0, 0x1, 0x0})
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x10001, 0x0, 0x5, 0x0, 0x80000000, 0x3, 0x3, 0x100000001, 0x138, 0x40, 0x21a, 0x4, 0x2, 0x38, 0x1, 0x9c1c, 0xb38, 0x1ff}, [{0x7, 0x1, 0x800, 0x0, 0x5, 0x3, 0x7}], "c225bf187e4820e5bb710f1e23f7ee9c251a3079b1fbfa58ad06d7f9665c2d5b9b43a0f54014c9719712e49ab8c6c61f26c16409a16e9f42d23923c252ac5666a76468bd32fb224be256540a03370026f1a3dfdf1cfbb114a10dd55e43a4ccd0b165b5429c9aa81e19b5500b63b7c6130f5134fd64af42255cfeb4743deabdd7bb842bc8b721307832432cae12", [[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], [], [], [], [], [], [], []]}, 0x905)

[ 2559.719681] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2559.783111] CPU: 0 PID: 25035 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2559.790180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2559.799545] Call Trace:
[ 2559.802158]  dump_stack+0x172/0x1f0
[ 2559.805808]  dump_header+0x15e/0x929
[ 2559.809539]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2559.814661]  ? ___ratelimit+0x60/0x595
[ 2559.818566]  ? do_raw_spin_unlock+0x57/0x270
[ 2559.822067] sd 0:0:1:0: [sg0] tag#4755 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[ 2559.822995]  oom_kill_process.cold+0x10/0x6ef
[ 2559.823016]  ? task_will_free_mem+0x139/0x6e0
[ 2559.823036]  out_of_memory+0x936/0x12d0
[ 2559.823058]  ? lock_downgrade+0x810/0x810
[ 2559.831731] sd 0:0:1:0: [sg0] tag#4755 CDB: Write(10)
[ 2559.836203]  ? oom_killer_disable+0x280/0x280
[ 2559.836219]  ? find_held_lock+0x35/0x130
[ 2559.836241]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2559.836259]  ? memcg_event_wake+0x230/0x230
[ 2559.840762] sd 0:0:1:0: [sg0] tag#4755 CDB[00]: 2a 6c 9d 77 96 27 af 16 0a 50 12 97 65 84 75 9e
[ 2559.844717]  ? do_raw_spin_unlock+0x57/0x270
[ 2559.844733]  ? _raw_spin_unlock+0x2d/0x50
[ 2559.844755]  try_charge+0x1028/0x15b0
[ 2559.849010] sd 0:0:1:0: [sg0] tag#4755 CDB[10]: 5c 87 9a 65 57 89 08 47 e9 d0 cf bb 44 94 85 e0
[ 2559.854180]  ? find_held_lock+0x35/0x130
[ 2559.854203]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2559.854224]  ? kasan_check_read+0x11/0x20
[ 2559.858702] sd 0:0:1:0: [sg0] tag#4755 CDB[20]: 50 b1 06 22 a9 50 e5 e2 12 dc 66 e0 86 ec 3a d9
[ 2559.862749]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2559.867672] sd 0:0:1:0: [sg0] tag#4755 CDB[30]: 33 7c d3 44 59 a5 83 30 db 26 4c 0f 1d 1b 4a 5d
[ 2559.871937]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2559.880832] sd 0:0:1:0: [sg0] tag#4755 CDB[40]: 09 ba e5 9c be 0d 95 a0 f9 2b cc 7d 8a 2d 73 9a
[ 2559.885203]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2559.885222]  wp_page_copy+0x430/0x16a0
[ 2559.889363] sd 0:0:1:0: [sg0] tag#4755 CDB[50]: 33 f3 a3 c0 74 52 62 a4 65 15 a8 b7 cb 14 02 47
[ 2559.893153]  ? follow_pfn+0x2a0/0x2a0
[ 2559.893172]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2559.901998] sd 0:0:1:0: [sg0] tag#4755 CDB[60]: d8 9b 15 da 44
[ 2559.906045]  ? kasan_check_read+0x11/0x20
[ 2559.906061]  ? do_raw_spin_unlock+0x57/0x270
[ 2559.906078]  do_wp_page+0x57d/0x10b0
[ 2559.972424]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2559.972441]  ? kasan_check_write+0x14/0x20
[ 2559.983591]  ? do_raw_spin_lock+0xc8/0x240
[ 2559.983613]  __handle_mm_fault+0x2305/0x3f80
[ 2559.983632]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2559.983650]  ? find_held_lock+0x35/0x130
[ 2560.018252]  ? handle_mm_fault+0x322/0xb30
[ 2560.026534]  ? kasan_check_read+0x11/0x20
[ 2560.026553]  handle_mm_fault+0x43f/0xb30
[ 2560.026579]  __do_page_fault+0x62a/0xe90
[ 2560.038926]  ? vmalloc_fault+0x740/0x740
[ 2560.043010]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2560.048043]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2560.052985]  ? page_fault+0x8/0x30
[ 2560.056553]  do_page_fault+0x71/0x57d
[ 2560.060407]  ? page_fault+0x8/0x30
[ 2560.064397]  page_fault+0x1e/0x30
[ 2560.067855] RIP: 0033:0x4579fa
[ 2560.071054] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 2560.090052] RSP: 002b:00007ffe7b1e1c80 EFLAGS: 00010246
[ 2560.090067] RAX: 0000000000000000 RBX: 00007ffe7b1e1c80 RCX: 000000000045789a
[ 2560.090075] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 2560.090083] RBP: 00007ffe7b1e1cc0 R08: 0000000000000001 R09: 0000000001422940
[ 2560.090090] R10: 0000000001422c10 R11: 0000000000000246 R12: 00000000000000ca
[ 2560.090098] R13: 0000000000000013 R14: 0000000000000000 R15: 00007ffe7b1e1d10
[ 2560.104920] Task in 
[ 2560.132698] /syz5 killed as a result of limit of /syz5
[ 2560.141446] memory: usage 307200kB, limit 307200kB, failcnt 17117
[ 2560.148100] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2560.161855] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2560.168242] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:56KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2560.191468] Memory cgroup out of memory: Kill process 25035 (syz-executor.5) score 117 or sacrifice child
[ 2560.201779] Killed process 30881 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB
[ 2560.212681] oom_reaper: reaped process 30881 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[ 2560.230689] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 2560.246323] syz-executor.5 cpuset=syz5 mems_allowed=0-1
[ 2560.251729] CPU: 1 PID: 25035 Comm: syz-executor.5 Not tainted 4.19.55 #27
[ 2560.258730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2560.268081] Call Trace:
[ 2560.270678]  dump_stack+0x172/0x1f0
[ 2560.274304]  dump_header+0x15e/0x929
[ 2560.278101]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 2560.283206]  ? ___ratelimit+0x60/0x595
[ 2560.287099]  ? do_raw_spin_unlock+0x57/0x270
[ 2560.291513]  oom_kill_process.cold+0x10/0x6ef
[ 2560.296002]  ? task_will_free_mem+0x139/0x6e0
[ 2560.300496]  out_of_memory+0x936/0x12d0
[ 2560.304480]  ? lock_downgrade+0x810/0x810
[ 2560.308643]  ? oom_killer_disable+0x280/0x280
[ 2560.313263]  ? find_held_lock+0x35/0x130
[ 2560.317327]  mem_cgroup_out_of_memory+0x1d2/0x240
[ 2560.322164]  ? memcg_event_wake+0x230/0x230
[ 2560.326492]  ? do_raw_spin_unlock+0x57/0x270
[ 2560.330906]  ? _raw_spin_unlock+0x2d/0x50
[ 2560.335048]  try_charge+0x1028/0x15b0
[ 2560.338842]  ? find_held_lock+0x35/0x130
[ 2560.342915]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 2560.347775]  ? kasan_check_read+0x11/0x20
[ 2560.351929]  ? get_mem_cgroup_from_mm+0x128/0x2b0
[ 2560.356767]  mem_cgroup_try_charge+0x24d/0x5e0
[ 2560.361347]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 2560.366292]  wp_page_copy+0x430/0x16a0
[ 2560.370187]  ? follow_pfn+0x2a0/0x2a0
[ 2560.373982]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2560.379165]  ? kasan_check_read+0x11/0x20
[ 2560.383318]  ? do_raw_spin_unlock+0x57/0x270
[ 2560.387744]  do_wp_page+0x57d/0x10b0
[ 2560.391463]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 2560.396135]  ? kasan_check_write+0x14/0x20
[ 2560.400372]  ? do_raw_spin_lock+0xc8/0x240
[ 2560.404618]  __handle_mm_fault+0x2305/0x3f80
[ 2560.409033]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[ 2560.413873]  ? find_held_lock+0x35/0x130
[ 2560.417928]  ? handle_mm_fault+0x322/0xb30
[ 2560.422162]  ? kasan_check_read+0x11/0x20
[ 2560.426316]  handle_mm_fault+0x43f/0xb30
[ 2560.430392]  __do_page_fault+0x62a/0xe90
[ 2560.434451]  ? vmalloc_fault+0x740/0x740
[ 2560.438511]  ? trace_hardirqs_off_caller+0x65/0x220
[ 2560.443533]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 2560.448472]  ? page_fault+0x8/0x30
[ 2560.452018]  do_page_fault+0x71/0x57d
[ 2560.455814]  ? page_fault+0x8/0x30
[ 2560.459346]  page_fault+0x1e/0x30
[ 2560.462789] RIP: 0033:0x4579fa
[ 2560.465987] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 2560.484896] RSP: 002b:00007ffe7b1e1c80 EFLAGS: 00010246
[ 2560.490265] RAX: 0000000000000000 RBX: 00007ffe7b1e1c80 RCX: 000000000045789a
[ 2560.497531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 2560.504913] RBP: 00007ffe7b1e1cc0 R08: 0000000000000001 R09: 0000000001422940
[ 2560.512183] R10: 0000000001422c10 R11: 0000000000000246 R12: 00000000000000ca
[ 2560.519445] R13: 0000000000000013 R14: 0000000000000000 R15: 00007ffe7b1e1d10
[ 2560.527257] Task in /syz5 killed as a result of limit of /syz5
[ 2560.533373] memory: usage 307056kB, limit 307200kB, failcnt 17190
[ 2560.539603] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2560.546493] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 2560.552811] Memory cgroup stats for /syz5: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:52KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 2560.573340] Memory cgroup out of memory: Kill process 25035 (syz-executor.5) score 117 or sacrifice child
[ 2560.583163] Killed process 25035 (syz-executor.5) total-vm:72448kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB
[ 2718.843214] INFO: task syz-executor.2:30605 blocked for more than 140 seconds.
[ 2718.850632]       Not tainted 4.19.55 #27
[ 2718.855235] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2718.855314] kobject: 'wlan2572' (00000000c91e77af): kobject_cleanup, parent           (null)
[ 2718.863230] syz-executor.2  D29440 30605   7690 0x00000004
[ 2718.863250] Call Trace:
[ 2718.863274]  __schedule+0x80d/0x1c70
[ 2718.863288]  ? pci_mmcfg_check_reserved+0x170/0x170
[ 2718.863298]  ? preempt_schedule+0x4b/0x60
[ 2718.863310]  ? ___preempt_schedule+0x16/0x18
[ 2718.863322]  schedule+0x92/0x1c0
[ 2718.876439] kobject: 'wlan2572' (00000000c91e77af): calling ktype release
[ 2718.878006]  rwsem_down_write_failed+0x774/0xc30
[ 2718.880931] kobject: 'wlan2572': free name
[ 2718.887644]  ? rwsem_down_read_failed+0x3c0/0x3c0
[ 2718.891563] kobject: 'rfkill2595' (0000000024d7f4d0): kobject_uevent_env
[ 2718.894745]  ? __debug_object_init+0x190/0xc30
[ 2718.894759]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 2718.894775]  call_rwsem_down_write_failed+0x17/0x30
[ 2718.894784]  ? call_rwsem_down_write_failed+0x17/0x30
[ 2718.894797]  down_write+0x53/0x90
[ 2718.903403] kobject: 'rfkill2595' (0000000024d7f4d0): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim2597/ieee80211/phy2596/rfkill2595'
[ 2718.909681]  ? register_netdevice_notifier+0x7e/0x630
[ 2718.909692]  register_netdevice_notifier+0x7e/0x630
[ 2718.909706]  ? __lockdep_init_map+0x10c/0x5b0
[ 2718.909715]  ? __dev_close_many+0x300/0x300
[ 2718.909726]  ? __lockdep_init_map+0x10c/0x5b0
[ 2718.909801]  bcm_init+0x1a8/0x220
[ 2718.909810]  ? canbcm_pernet_init+0x90/0x90
[ 2718.909818]  can_create+0x288/0x4a0
[ 2718.909830]  __sock_create+0x3d8/0x730
[ 2718.909843]  __sys_socket+0x103/0x220
[ 2718.909852]  ? move_addr_to_kernel+0x80/0x80
[ 2718.909863]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 2718.909872]  ? do_syscall_64+0x26/0x620
[ 2718.909881]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2718.909889]  ? do_syscall_64+0x26/0x620
[ 2718.909900]  __x64_sys_socket+0x73/0xb0
[ 2718.909910]  do_syscall_64+0xfd/0x620
[ 2718.909920]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 2718.909934] RIP: 0033:0x4592c9
[ 2718.909954] Code: Bad RIP value.
[ 2718.909959] RSP: 002b:00007fc8928dbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 2718.909970] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9
[ 2718.909975] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 000000000000001d
[ 2718.909980] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 2718.909986] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc8928dc6d4
[ 2718.909991] R13: 00000000004c7ceb R14: 00000000004de1e0 R15: 00000000ffffffff
[ 2718.910016] 
[ 2718.910016] Showing all locks held in the system:
[ 2718.910028] 1 lock held by khungtaskd/1031:
[ 2718.910031]  #0: 000000005a3b1f60 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[ 2718.910073] 5 locks held by kworker/u4:5/2853:
[ 2718.910096] 1 lock held by rsyslogd/7520:
[ 2718.910102] 2 locks held by getty/7642:
[ 2718.910104]  #0: 00000000332284e4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910126]  #1: 000000000e312107 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910169] 2 locks held by getty/7643:
[ 2718.910172]  #0: 00000000324b1c60 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910192]  #1: 000000004d72bd36 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910214] 2 locks held by getty/7644:
[ 2718.910217]  #0: 0000000020fb6396 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910237]  #1: 000000001ae8f955 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910259] 2 locks held by getty/7645:
[ 2718.910262]  #0: 000000003812e150 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910282]  #1: 0000000087abe9a3 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910304] 2 locks held by getty/7646:
[ 2718.910307]  #0: 000000004e54ac82 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910326]  #1: 00000000321afd3a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910349] 2 locks held by getty/7647:
[ 2718.910351]  #0: 000000008cccd308 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910371]  #1: 00000000bf858259 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910393] 2 locks held by getty/7648:
[ 2718.910396]  #0: 000000005c6d1317 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 2718.910416]  #1: 0000000094488a82 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[ 2718.910471] 1 lock held by syz-executor.2/30605:
[ 2718.910473]  #0: 000000003cd584f3 (pernet_ops_rwsem){++++}, at: register_netdevice_notifier+0x7e/0x630
[ 2718.910494] 
[ 2718.910497] =============================================
[ 2718.910497] 
[ 2718.910502] NMI backtrace for cpu 1
[ 2718.910512] CPU: 1 PID: 1031 Comm: khungtaskd Not tainted 4.19.55 #27
[ 2718.910517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2718.910519] Call Trace:
[ 2718.910532]  dump_stack+0x172/0x1f0
[ 2718.910544]  nmi_cpu_backtrace.cold+0x63/0xa4
[ 2718.910569]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[ 2718.910584]  nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[ 2719.333981]  arch_trigger_cpumask_backtrace+0x14/0x20
[ 2719.339243]  watchdog+0x9df/0xee0
[ 2719.342684]  kthread+0x354/0x420
[ 2719.346051]  ? reset_hung_task_detector+0x30/0x30
[ 2719.350894]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 2719.356424]  ret_from_fork+0x24/0x30
[ 2719.360376] Sending NMI from CPU 1 to CPUs 0:
[ 2719.365330] NMI backtrace for cpu 0
[ 2719.365335] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 4.19.55 #27
[ 2719.365340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2719.365343] Workqueue: bat_events batadv_nc_worker
[ 2719.365348] RIP: 0010:__lock_acquire+0x77f/0x48f0
[ 2719.365357] Code: 70 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 62 2f 00 00 4d 8b a6 70 08 00 00 45 31 ed 45 85 c9 41 0f 94 c5 <48> b8 00 00 00 00 00 fc ff df 4c 89 d2 48 c1 ea 03 80 3c 02 00 0f
[ 2719.365360] RSP: 0018:ffff8880aa21fa80 EFLAGS: 00000002
[ 2719.365365] RAX: dffffc0000000000 RBX: 000000000000002b RCX: 1ffff11015440d56
[ 2719.365369] RDX: 1ffff11015440d46 RSI: ffff8880aa206a90 RDI: ffffffff89e7fc10
[ 2719.365373] RBP: ffff8880aa21fc50 R08: 0000000000000000 R09: 0000000000000002
[ 2719.365376] R10: ffff8880aa206a90 R11: 000000000000002b R12: 89e34b0d3b60dae4
[ 2719.365380] R13: 0000000000000000 R14: ffff8880aa2061c0 R15: ffff8880aa206aa8
[ 2719.365385] FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[ 2719.365388] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2719.365392] CR2: 00007fe93fcf1000 CR3: 0000000091f8e000 CR4: 00000000001406f0
[ 2719.365396] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2719.365399] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2719.365402] Call Trace:
[ 2719.365404]  ? add_timer+0x463/0xbe0
[ 2719.365407]  ? __lock_acquire+0x6eb/0x48f0
[ 2719.365409]  ? mark_held_locks+0x100/0x100
[ 2719.365412]  ? mark_held_locks+0x100/0x100
[ 2719.365415]  ? lock_downgrade+0x810/0x810
[ 2719.365417]  ? batadv_nc_worker+0x1fa/0x760
[ 2719.365420]  ? find_held_lock+0x35/0x130
[ 2719.365422]  ? batadv_nc_worker+0x1fa/0x760
[ 2719.365425]  lock_acquire+0x16f/0x3f0
[ 2719.365427]  ? batadv_nc_worker+0xe3/0x760
[ 2719.365430]  batadv_nc_worker+0x117/0x760
[ 2719.365433]  ? batadv_nc_worker+0xe3/0x760
[ 2719.365435]  process_one_work+0x989/0x1750
[ 2719.365438]  ? pwq_dec_nr_in_flight+0x320/0x320
[ 2719.365441]  ? lock_acquire+0x16f/0x3f0
[ 2719.365443]  ? kasan_check_write+0x14/0x20
[ 2719.365446]  ? do_raw_spin_lock+0xc8/0x240
[ 2719.365448]  worker_thread+0x98/0xe40
[ 2719.365450]  kthread+0x354/0x420
[ 2719.365453]  ? process_one_work+0x1750/0x1750
[ 2719.365456]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 2719.365459]  ret_from_fork+0x24/0x30
[ 2719.366103] Kernel panic - not syncing: hung_task: blocked tasks
[ 2719.591162] CPU: 1 PID: 1031 Comm: khungtaskd Not tainted 4.19.55 #27
[ 2719.597720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2719.607055] Call Trace:
[ 2719.609637]  dump_stack+0x172/0x1f0
[ 2719.613248]  panic+0x263/0x507
[ 2719.616469]  ? __warn_printk+0xf3/0xf3
[ 2719.620341]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[ 2719.625259]  ? ___preempt_schedule+0x16/0x18
[ 2719.629651]  ? nmi_trigger_cpumask_backtrace+0x165/0x1f8
[ 2719.635084]  ? nmi_trigger_cpumask_backtrace+0x1c1/0x1f8
[ 2719.640636]  ? nmi_trigger_cpumask_backtrace+0x1cb/0x1f8
[ 2719.646083]  ? nmi_trigger_cpumask_backtrace+0x165/0x1f8
[ 2719.651634]  watchdog+0x9f0/0xee0
[ 2719.655084]  kthread+0x354/0x420
[ 2719.658435]  ? reset_hung_task_detector+0x30/0x30
[ 2719.663256]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 2719.668790]  ret_from_fork+0x24/0x30
[ 2719.673782] Kernel Offset: disabled
[ 2719.677403] Rebooting in 86400 seconds..