512655fc62cbe3ceb3c64938b282fcc2a98a00221ad46eefe76d9a3a17975aedd7d605521c473d2b7d04a447b4521a868c946d424db918706c7ddf8f2bb0aaea8b93808b92a489b7d1ff070000af1b1b027f6bed31b0011a389ad48bce73eb82092b462975f73f71f81592bad57278ecec665b928429fe63361ca6c5ec40fa490f04d330e58add1aca36ea6d112f0bcd84a4eea097713d551b4369d62a3ebf108a7c041bee33d2e67118c0dc58530b157a2934199c0608f3a615a3cda1f93f382ac3c022a0e341210283c0f435074dfdc25051415936a692435b7f9cbef6e73f9bed1798da2b83047203b2fd64f869e99c1f8c878fed462d9894d2c9e2742954d6a1db87eb983de9ab62bd1a4c14df79e0596761c6d482c25c688fa31bdf939bd23a82d59e1c5f4a8cb961769d839763b172d58bd3fc01b0a41067d704da744bf1192e1db18b5c3149e8d7f007c3ab10db511b9119919f69642f52df528103faf84291013e81930da0710695b2adf326bd037477dad23b0ce234befdef23bd135cb3ae05198742987fe511a06286ad95d49fa0356f14f42baf9f4116f51f8cab5b49e83294866a27dc4d7e5497ebe6d0f0200faca864e61743c09408b2658f20ce67bbea2ce86cc7e20897b59645168af25a391aab732f305a077dcd20a24bda00fa68dd664c36f7b02d0fc3d29c64642f37472cce6dff80f983c537971829d694997250423719c254299b336ff5790b64e7232c2fcc4eaa9b1ce004300e9ff19a6895fd2eb271ed88e189d32d7cae13652c2adad08206b51e2c36be7cefdaa38994b1a5a61578a3cd947d1ddad1b81d97415315a9e8e88926b8f0e833b303b1b22dacb3babfbb8af549add31754c31ca08c7f04c1cf39ee9d350fdaecee1557985fbcb943c130b2976d72558efe6767a94e2feed76d5ba09da2886458f0a41ac324128a9a5734782203854ebb5172935f18e05042312db9613629bcd4b49db1b0505244bdc59001788ac593889994ca42aac729936ce88135e6bba8b6343bed40f8c89275cf617b00f8038a45e92f171ed0f179bb233ce6b5b12a3828eef1c83b129f60e1aa43b52541888b52414996349a9589cd2a3d2ecca43693b1896dfadae5f40ddd5571793a009aee7129a342068008184b4db3b46141ebaaee34d545b448087d48ca14bc49017ccf98a873df158d47ae0a9f7e6240ec2004acc817e5b52c131cf81d123d60c79377d4cbf1ed5d14ebc6ffcf9e346a4eb00f99ecd68578081b221f0755f467bdc8c9ca084e5fe452c13257c65893640a42fe298aff170cbab606f2b1e2a791b6d0a516e44dd564abfb03915e034473731f17674cf1dbf88f6bc0a2c33428b1a4c82bfa5547aa512257e8f76ab9b7be7cff3d6d5bd5a0ad7768c419b729fbdee9949a2be5aa8675b05c68f4fb7df6509f9839f959dd5ac6bd11086edaafe741ff9a5cccae5819a58990f4f8cd9013a546513433b62861daf42f9e3b33ba5efc346021bf9af634dde20200a3226bfc6b9539b499e458d39c0efdd539ed988db45ca9c9113b6bccf6e158cb4fe42f79eb8148a99d06a7f3d899527e4523c854f7d95e7147e4e1da3adfc7468bed971ea247ebc0a7a1199b8879f4f0f70e6f90ced3e4ad3d4c5dc30e5a92ee4f9cb5695a9e7b45b9a4acd7f496f86748d06a2528e1271dcfe1a797595fcf60eedb3b0860829f03581996ff03105fb6c24ce8f88e2147366b2b69916777932c8fdcb1d25dc17eb41910ade00a0edc9ea9271d512531d28d3bd4c27eefdc6540327557c69d664dedb2655839f880b0a4c028749ffad5ed548b6bed3d73a60d54399c93101e6bbc6e116a60086af7ce4dba89ce099e6ad9d9cec713180ba21e000a23b5ef44b7dc1655fa88362ca574f27a049d6bf46e1f7e9dc9fb76a38e87b8f975d34e3fdf94d2b70203a6df95423a76939955bb730c9aeae69ddc8e6e2220a9835195f82e6c10fbb4dfbcbf2eeca59cfd67d16b8ae788e94be3201c9092403daac2d1d1ba7dd3e21391110c16d8dab96458ff6ad66d14ed2c84c2653b450306c632ab1249e6d4e5e7c75dc36c7bc77e01199bd0f4fa74cf4906f314efd65f86618153473e30e12342b1e19a839ab334e5d1198f268a48bd67709133cb41336102bb815b682ffb183becce38a5e358f1151ce97d6e0b64d1ff3bbce5f3844202c36de71319ec55a07c46e5ccde67af176ec445b4e796b6c35815b22ac1dfc5b873408d859da74734a3672ee27367377a341f93d9077ebd19feda32d9799d53cbcff55d360e69eef7fbed0b8ca718d87b24c134b597f592a95d154dd93b61800f1ca930708a3a0806a63ff5d5576bd06dd69b0ca83f51124877d0bd0c5e5363e14ec9584f2baaf1e9bc9e3cd890c707f9d26757f0cf40411e7f2e1966cb2dd637772d7b848f0e4ddf87f365e228bee8de4480b27f0b1b95205d5bb8ba8b26ce1a2a8471ba2ab8c7c1013d8bb307b5151fbbe2bcb4a215e9e58f6c09dfce6df5f150262bec6e2d8005bf3c2c71ea4fea4e2bb80b6b44ed693f64282b338903cc28e3638285fedcc0d2452d0806d2332c1e7c6b1d72647d67ff3ecc44aa478feabcfb085a505880090eae5d600bf78bc9402206339bb0c7703920c0075c89edd6c566be572ae31cf721560b47b499add1fbbdfa26c62b03ab05c7760ddace916296f5c2f8e13284c5b897684109d19226ba05810a474dcce11886a0febd44c3d61044a975e67707d27d5319ef80178208532606a66ea42633271661122f53956473ee4086d58d993cb8c10db6d2604101247756c24d3b9112f4bf1d35a058bb583d9ab88d4d6af2b871aecb7ed8630e77631358f081b5e39783812f293050041ce73df718189dedf80a0120ff491c7830c6c30ba4fece81be9212d514072a4fa8e9b90226205970722ca4a06d2e3a4f36773a2c49566be5a31d96b2a9d084d34dc8ef70669142ae845a132ea3a330a9103d033a393c739a31eba931f7133fdc5ce2d048917c581737026cec013abe8ba85720ceed52431e09c65afceea0a5af0dc0792b058a982a3e67eabbfa50dc92fe0d9ea0af4e81afcaab8575cff1213f566b6e63f7f91e79dc974e0829dd6c906eb218c00ba6e193434780c476b8046395e151bd1b1a6e015fc78127fa4ca19b2cff7f43c270f528844c6f7b054a90527e7be89fae09bdfdec77a4ab65099f1772509224cd4badbb242fa76fa85f6197d9a661cd9e7d3a2f426bd8dd2bc6f0c62d6ba71c2ca7cc5322be08baf857feef4e95e7e859df0b77391b87ca77f3b0a7f43e8f330d1c61468578b73cc6132ded6a6b82313bef91cf875c5bf855086a60000000000f32a7a55a2166b0869af208aaab2408a6249413c71c0d7111269a61642e26a769f4a0f128d6a3e163292b889bdbb4d56ac2569cfcd17fe153f12516cbee98cd0b33ebcc36af53c8515093c6e36e936acf8aecdc717cc06a8662a5dc8b7afff480f26c3f12b20bfb85b787f24debf9468f49e857396362012f0ff8c2fe1f1d917ba701d82d1b38e808247aa3d6d724a2e64ad86dccf700569631d89c5ea6c5d537d0fed1887dea642d1a201792007b32991bf800f10ce7399e46cbb9aa3f757e2915542d552b51b976a739ba7dcd124fe27b586b642b026c3beb64ec7d30d006608a807ee0cd6de344a66cb98199e142331a7aa2021031ff6541676f8a4a1b7e737c40bab4cbddbf08672d6d7d45a35ebc4b2172d3e24227e4343667a73908a95da3c446443735a6220f339ce9ea96a8518220ec30c9ff5ab2722652a13eddf4d54c6d95105d8d7b2bda1b1956f1f4ec1a8b6fadc50986605cc9efb1058adc59d34e0e54184537cb6ca8359eb64546659ebe642a1d338c7e4931da6e61cef1a111f6f31bf566ca732f60caf9c80c44dff4ea097bcfd7326fa24576d717a3b7f3cd7eeeed5dbff2fe4d4cb53ce2209945af5496610d8b370476456bea15e27cfb6298d70d53e272087c9e471c85a0e7870bbbfef00b395235dbf323099a258a07a29308dd1809daa2995bccc9e8d3d90ad1c9e5017bdc00b0d4b100a25276b802053e340d37e5ca3baddebc50e6cbcbb58b13199c4fca84052093610b266b7fa59ee7ca15d34392e423f7876a298f3fd110b1264dcf3a5b4bb9c6b1b46d0000004888c0e5919f2115a7fa69e69d4eea342a0d56b9537a03c7080ee2fb808a6f9e974ca6c75e98c3093af0010878df0ca46bfefc8eb7e618c1eeac12c490502b8393fd1effae269a83ccbc35562892cf191db5a264baefc23b4d79bc49d065d8cb6ffa27daf631ad4f0437b6caa9088bd549450dda415712d59925da1da71e220692d1a81723d826f8ab4d2c299a8547f0000000fcce5567a63cc96ddc2cd2f1a2ee3354723e8556bd69f4b7db87255e854b8529e64ab5c60e6cd81489782c7298d9b6cae3cb8c16b1550eef6a87"], 0x2000, 0xe00) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$UI_DEV_DESTROY(r1, 0x5502) [ 1691.836769] syz-executor.5 invoked oom-killer: gfp_mask=0x604050(GFP_NOFS|__GFP_COMP|__GFP_RECLAIMABLE), nodemask=(null), order=0, oom_score_adj=1000 21:40:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xfffffff0}, 0x0) [ 1691.899109] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1691.922755] CPU: 1 PID: 19980 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1691.930677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1691.940043] Call Trace: [ 1691.942659] dump_stack+0x197/0x210 [ 1691.946310] dump_header+0x15e/0xa55 [ 1691.950044] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1691.955173] ? ___ratelimit+0x60/0x595 [ 1691.959091] ? do_raw_spin_unlock+0x181/0x270 [ 1691.963612] oom_kill_process.cold+0x10/0x6ef [ 1691.968130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1691.973685] ? task_will_free_mem+0x139/0x6e0 [ 1691.978233] ? find_held_lock+0x35/0x130 [ 1691.982325] out_of_memory+0x362/0x1330 [ 1691.986324] ? lock_downgrade+0x880/0x880 [ 1691.990490] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1691.995605] ? oom_killer_disable+0x280/0x280 [ 1692.000121] ? find_held_lock+0x35/0x130 [ 1692.004209] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1692.009072] ? memcg_event_wake+0x230/0x230 [ 1692.013589] ? do_raw_spin_unlock+0x181/0x270 [ 1692.018100] ? _raw_spin_unlock+0x2d/0x50 [ 1692.022278] try_charge+0xec5/0x1490 [ 1692.026020] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1692.030897] ? rcu_read_lock_sched_held+0x110/0x130 [ 1692.035930] ? __alloc_pages_nodemask+0x632/0x750 [ 1692.040796] memcg_kmem_charge_memcg+0x83/0x170 [ 1692.045477] ? mark_held_locks+0xb1/0x100 [ 1692.049643] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1692.054155] ? cache_grow_begin+0x597/0x8c0 [ 1692.058498] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1692.063102] ? trace_hardirqs_on+0x67/0x220 [ 1692.067443] cache_grow_begin+0x3fa/0x8c0 [ 1692.071607] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1692.077161] ? __cpuset_node_allowed+0x136/0x540 [ 1692.081931] fallback_alloc+0x1fd/0x2d0 [ 1692.085927] ____cache_alloc_node+0x1be/0x1e0 [ 1692.090447] kmem_cache_alloc+0x1f3/0x700 [ 1692.094619] ? lock_downgrade+0x880/0x880 [ 1692.098786] ? ratelimit_state_init+0xb0/0xb0 [ 1692.103294] ext4_alloc_inode+0x1f/0x630 [ 1692.107365] ? ratelimit_state_init+0xb0/0xb0 [ 1692.111872] alloc_inode+0x64/0x190 [ 1692.115516] iget_locked+0x196/0x4a0 [ 1692.119247] __ext4_iget+0x27b/0x3f80 [ 1692.123084] ? ext4_get_projid+0x190/0x190 [ 1692.127350] ? kasan_check_read+0x11/0x20 [ 1692.131522] ext4_lookup+0x389/0x6b0 [ 1692.135250] ? ext4_cross_rename+0x1330/0x1330 [ 1692.139845] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1692.144871] ? d_lookup+0x19e/0x260 [ 1692.148512] ? ext4_cross_rename+0x1330/0x1330 [ 1692.153106] lookup_open+0x6cd/0x1ad0 [ 1692.156926] ? vfs_link+0xb60/0xb60 [ 1692.160606] path_openat+0x1e5d/0x44a0 [ 1692.164504] ? kernel_text_address+0x73/0xf0 [ 1692.168924] ? unwind_get_return_address+0x61/0xa0 [ 1692.173887] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 1692.178583] ? save_stack+0xa9/0xd0 [ 1692.182230] ? save_stack+0x45/0xd0 [ 1692.185871] ? kasan_kmalloc+0xce/0xf0 [ 1692.189766] ? kmem_cache_alloc_trace+0x152/0x760 [ 1692.194613] ? acct_on+0x5f/0x790 [ 1692.198088] do_filp_open+0x1a1/0x280 [ 1692.201903] ? may_open_dev+0x100/0x100 [ 1692.205903] ? fs_reclaim_acquire+0x20/0x20 [ 1692.210240] ? __lock_is_held+0xb6/0x140 [ 1692.214324] ? __lock_is_held+0xb6/0x140 [ 1692.218400] file_open_name+0x2c5/0x3b0 [ 1692.222385] ? vfs_open+0xd0/0xd0 [ 1692.225848] ? rcu_read_lock_sched_held+0x110/0x130 [ 1692.230877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1692.236429] ? strncpy_from_user+0x21b/0x2d0 [ 1692.240860] acct_on+0x7f/0x790 [ 1692.244152] __x64_sys_acct+0xae/0x200 [ 1692.248052] do_syscall_64+0xfd/0x620 [ 1692.251868] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1692.257068] RIP: 0033:0x45b3b9 [ 1692.260274] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1692.279178] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1692.286911] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1692.294188] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140 21:40:31 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080), &(0x7f00000000c0)=0x4) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x7bd701, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000000)={0x31, 0x1b, 0x6, 0x1, "3e2b3feda22398866cbeb7aab3029479c4aaed4841010c9eef5af9beb1548b8e"}) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$NBD_DISCONNECT(r2, 0xab08) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, 0x0, 0x0, 0x0) mkdirat$cgroup(r3, 0x0, 0x1ff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) setsockopt$CAN_RAW_JOIN_FILTERS(r4, 0x65, 0x6, &(0x7f0000000200)=0x1, 0x4) r5 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ocfs2_control\x00', 0xfdfa74a1dca09a9b, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r5, 0xc0585605, &(0x7f0000000180)={0x1, 0x0, {0x0, 0xfff, 0x3003, 0x7, 0x1, 0x7, 0x1, 0x4}}) 21:40:32 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080), &(0x7f00000000c0)=0x4) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300000000000000060000000400000000000000000000000900000000003000060000000300000000000000000000000000000000000000ffffffcb752731d790b899e156f40a22897f03000000000000000000000000000000000400000000000000000000000000000000000000000000000000001f0000000100000000000000000000004000000000000000000000000000000008000000000000000100000009000000"]) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x129001, 0x0) ioctl$NBD_DISCONNECT(r1, 0xab08) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000100)) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/fscreate\x00') preadv(r3, 0x0, 0x0, 0x0) mkdirat$cgroup(r3, 0x0, 0x1ff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) 21:40:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x1a0ffffffff}, 0x0) [ 1692.301568] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1692.308846] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1692.316130] R13: 000000000000001c R14: 00000000004c174b R15: 000000000075bf2c [ 1692.389772] Task in /syz5 killed as a result of limit of /syz5 [ 1692.395891] memory: usage 307200kB, limit 307200kB, failcnt 617 [ 1692.401956] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1692.409137] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1692.416412] Memory cgroup stats for /syz5: cache:76KB rss:254956KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254988KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1692.439692] Memory cgroup out of memory: Kill process 19829 (syz-executor.5) score 1113 or sacrifice child [ 1692.450973] Killed process 19829 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35796kB, shmem-rss:0kB 21:40:32 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1692.480975] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1692.489173] Process accounting resumed [ 1692.496423] Process accounting resumed 21:40:32 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x21) 21:40:32 executing program 0: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000140)=0x8) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 21:40:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x2a0ffffffff}, 0x0) 21:40:32 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1692.750879] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:32 executing program 0: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f00000000c0)) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) acct(&(0x7f0000000140)='./file0\x00') mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:32 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) 21:40:32 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'veth0_to_team\x00', {0x2, 0x4e23, @local}}) msgsnd(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="0100000000000000a2439b3bb10d9f7a46a2550657be7f2a12c05febc68693f0deccf23361ba7d1ee0f0687c05a5f1a97a3d6d1ab2b1e0dec64d98dcfe121fcc242071c603f53cadbae796d86def1e7a5a67b19dfbc3aa21a14c8ca81de700359da3fe360f5c58749eb6635216e60a0a994b77f48f5b821eed42ce0b33fd978fa3e599e7527075d5d3227b92f25fbf1b5dd7606e1302f46898805730ae1d6856d91f22bd63958d9cbcf7b39e284ef44eaf33f0e2b6a3172933f0188c3a709fec947c7fb93573a9d21e7752ecc929fccba44f011eaaa5274450a2098e07959b28f87c3180d824bc08310147038391e73107a424fb02fa95def4ac0d9466bdcb6887f1f53b4a16ffdc4a51ae3d24a0463c13a04106a175939151ee776f4460f3f7e8b6da21305bcef9b93bb4bea964a1ff2898905dc4f6e8379f1ebd477f689b06f8cf87dcd4219a8621e628bb7a5f7d7ab959e0c14cc990103134e3f55501c58c57fb011b15df475961bad4e6f9e2294a10babd37c7ae4f02233cf2c4d3ad47195424c05ee5e27332160c3acbd1f6cb28abe4c2a2499146b1a870598478904cf46727072f02a4c6bd866dc9dd1acd2d18a19370de789ef3284361ff834e2a80fc5eb3e8ae4611ce88ee18c592e8baa5cd636a145a493dd4835eff97dc0f00b403aa806105013ece26669a6291b4e93cb7205f69a026ec56869155f7205c07630954f1a53c9b7417340d7f9a0ca3ce546e5c61aa194543634515543e6943767a003737600571adf966b99ce5b02432d2a9dddfdc2b7eafa89ce065c38e9a69b769c3b8a3b6942c322536f163d8584f5ec163935a05cd27f9b2a35258065a1a1dfb9740584cb759e93fcc6bcdce5f514b26f5be587b820b6f594f2c9b3730a1cf3ae749870d3ac8aad0e2a2a09f7b7b0ea1de3ed54aef38bcfde3450e64e5da5dc4a168962a22afba852522906a407b8688a1210f9d087093e437e0d47b7b1591d73a42e0fc872f01463e296b0a1d99a1758cb935069c89dfdabcecaf5436ce548c1fd3dfea2d6cb86775bebeb339e6612317ac74ac9e8196ffd58402b96bd40bf91bb5ed065d1ea0f4aedf4946d090f745bff808cf708c8da46f7d1f87a01f4e0ea4cf0b7c37bd964f0f3f510a0d927799abdc5ea55514b7886e4e370ea9a1645281029ce45c80f7ac20714cf4963f8db26bbe4139c68cf3bdcc604a42990b7993364f1fd637d64498951afb5c239c0dd3ea9da6d058842c5fc4b7162c6c57518d5135bdbf2e03b3ce9b60c9322cfede32bead5986f24f4a3ea7984a02eb7600d95b6cd660777742c3891d3fbb1e106af9a75b5693b0db26e71cc13b7da29d000069ffc2447add1a0a1f8c35d3c99ee891e320c421c61aeb71855e4159ff5a6e2c671da8c3aaabb3b8d8001a91f6d6b019919293c5b7d76e38374385dac84b1edc776e643f1c6c9e621c8798edad8d8b9465a45146e355ad639770508d55f9a8a74fe03e157bbc3410084146edb178b92954ba0c40f44fa71c600bc29521190de260e3243a1e22d0e0ecf8e55884b2eba3c2d1b20788011792a9fcf949e2a411fae9f7c27646462600609ab4b99efab693d97ab364ec8c15addc0b94fc935bfd124598970d8af469dc83f68abf0a4c347c0c01dd5aa093c64268041732f6e5a295c7e2e07ebce3b32396f4f60c667ed006a783658904cad0491ea33b3a525f69b6b10044965f1ca8f4456e0c617260f6fceb746e1c93a679523ac15b70bb1226f6ccabca940368ba8bec006ce3373e30b91c9fd9a6a6f0ba179db25ede325f6ddb3c414d19ead967d878b3ca0e7bea5bbbe4a40f88d722b9bf3332187027f06e881c94a697840cc1b7803111c5190f2eaf43d8c01996d30c8458a357c17273b6b30e5a55466ce5adce8ed780e17a230fa2258a4bc104df733a9ff100e071a6b5674b5d6239f33f09dbace16a758466e5c465ada180e9c25e6d063354444fbd73a4ad02f69acb961003742bdd20bb6e822da770baa268594f1f7cd92c7886245adc400de819d88cf8897b11e0bbd8a892ca9eb43224400824a60bb0a07f83e1369018df120756c65a9c604962656419ff5fd76033545458d19d1a8c7b6cac5d9b79b8c4ee4832a9339d1f477415b203f4886e9a44e4a42532bce44ea761243703575a38188c25f300501ee9b44335dd6e7def9c59143692d4fdf411c18499b3306dabfc53c4bba72c7b26910760a61305e10f108151a8e0b56db2707e4715c28a1120883c96ccec9c6bc58420448961688daabd9ee935eb87294a24ec459edb203531cbaa0545e4219690ae054111e4afb16dffcf0496512655fc62cbe3ceb3c64938b282fcc2a98a00221ad46eefe76d9a3a17975aedd7d605521c473d2b7d04a447b4521a868c946d424db918706c7ddf8f2bb0aaea8b93808b92a489b7d1ff070000af1b1b027f6bed31b0011a389ad48bce73eb82092b462975f73f71f81592bad57278ecec665b928469fe63361ca6c5ec40fa490f04d330e58add1aca36ea6d112f0bcd84a4eea097713d551b4369d62a3ebf108a7c041bee33d2e67118c0dc58530b157a2934199c0608f3a615a3cda1f93f382ac3c022a0e341210283c0f435074dfdc25051415936a692435b7f9cbef6e73f9bed1798da2b83047203b2fd64f869e99c1f8c878fed462d9894d2c9e2742954d6a1db87eb983de9ab62bd1a4c14df79e0596761c6d482c25c688fa31bdf939bd23a82d59e1c5f4a8cb961769d839763b172d58bd3fc01b0a41067d704da744bf1192e1db18b5c3149e8d7f007c3ab10db511b9119919f69642f52df528103faf84291013e81930da0710695b2adf326bd037477dad23b0ce234befdef23bd135cb3ae05198742987fe511a06286ad95d49fa0356f14f42baf9f4116f51f8cab5b49e83294866a27dc4d7e5497ebe6d0f0200faca864e61743c09408b2658f20ce67bbea2ce86cc7e20897b59645168af25a391aab732f305a077dcd20a24bda00fa68dd664c36f7b02d0fc3d29c64642f37472cce6dff80f983c537971829d694997250423719c254299b336ff5790b64e7232c2fcc4eaa9b1ce004300e9ff19a6895fd2eb271ed88e189d32d7cae13652c2adad08206b51e2c36be7cefdaa38994b1a5a61578a3cd947d1ddad1b81d97415315a9e8e88926b8f0e833b303b1b22dacb3babfbb8af549add31754c31ca08c7f04c1cf39ee9d350fdaecee1557985fbcb943c130b2976d72558efe6767a94e2feed76d5ba09da2886458f0a41ac324128a9a5734782203854ebb5172935f18e05042312db9613629bcd4b49db1b0505244bdc59001788ac593889994ca42aac729936ce88135e6bba8b6343bed40f8c89275cf617b00f8038a45e92f171ed0f179bb233ce6b5b12a3828eef1c83b129f60e1aa43b52541888b52414996349a9589cd2a3d2ecca43693b1896dfadae5f40ddd5571793a009aee7129a342068008184b4db3b46141ebaaee34d545b448087d48ca14bc49017ccf98a873df158d47ae0a9f7e6240ec2004acc817e5b52c131cf81d123d60c79377d4cbf1ed5d14ebc6ffcf9e346a4eb00f99ecd68578081b221f0755f467bdc8c9ca084e5fe452c13257c65893640a42fe298aff170cbab606f2b1e2a791b6d0a516e44dd564abfb03915e034473731f17674cf1dbf88f6bc0a2c33428b1a4c82bfa5547aa512257e8f76ab9b7be7cff3d6d5bd5a0ad7768c419b729fbdee9949a2be5aa8675b05c68f4fb7df6509f9839f959dd5ac6bd11086edaafe741ff9a5cccae5819a58990f4f8cd9013a546513433b62861daf42f9e3b33ba5efc346021bf9af634dde20200a3226bfc6b9539b499e458d39c0efdd539ed988db45ca9c9113b6bccf6e158cb4fe42f79eb8148a99d06a7f3d899527e4523c854f7d95e7147e4e1da3adfc7468bed971ea247ebc0a7a1199b8879f4f0f70e6f90ced3e4ad3d4c5dc30e5a92ee4f9cb5695a9e7b45b9a4acd7f496f86748d06a2528e1271dcfe1a797595fcf60eedb3b0860829f03581996ff03105fb6c24ce8f88e2147366b2b69916777932c8fdcb1d25dc17eb41910ade00a0edc9ea9271d512531d28d3bd4c27eefdc6540327557c69d664dedb2655839f880b0a4c028749ffad5ed548b6bed3d73a60d54399c93101e6bbc6e116a60086af7ce4dba89ce099e6ad9d9cec713180ba21e000a23b5ef44b7dc1655fa88362ca574f27a049d6bf46e1f7e9dc9fb76a38e87b8f975d34e3fdf94d2b70203a6df95423a76939955bb730c9aeae69ddc8e6e2220a9835195f82e6c10fbb4dfbcbf2eeca59cfd67d16b8ae788e94be3201c9092403daac2d1d1ba7dd3e21391110c16d8dab96458ff6ad66d14ed2c84c2653b450306c632ab1249e6d4e5e7c75dc36c7bc77e01199bd0f4fa74cf4906f314efd65f86618153473e30e12342b1e19a839ab334e5d1198f268a48bd67709133cb41336102bb815b682ffb183becce38a5e358f1151ce97d6e0b64d1ff3bbce5f3844202c36de71319ec55a07c46e5ccde67af176ec445b4e796b6c35815b22ac1dfc5b873408d859da74734a3672ee27367377a341f93d9077ebd19feda32d9799d53cbcff55d360e69eef7fbed0b8ca718d87b24c134b597f592a95d154dd93b61800f1ca930708a3a0806a63ff5d5576bd06dd69b0ca83f51124877d0bd0c5e5363e14ec9584f2baaf1e9bc9e3cd890c707f9d26757f0cf40411e7f2e1966cb2dd637772d7b848f0e4ddf87f365e228bee8de4480b27f0b1b95205d5bb8ba8b26ce1a2a8471ba2ab8c7c1013d8bb307b5151fbbe2bcb4a215e9e58f6c09dfce6df5f150262bec6e2d8005bf3c2c71ea4fea4e2bb80b6b44ed693f64282b338903cc28e3638285fedcc0d2452d0806d2332c1e7c6b1d72647d67ff3ecc44aa478feabcfb085a505880090eae5d600bf78bc9402206339bb0c7703920c0075c89edd6c566be572ae31cf721560b47b499add1fbbdfa26c62b03ab05c7760ddace916296f5c2f8e13284c5b897684109d19226ba05810a474dcce11886a0febd44c3d61044a975e67707d27d5319ef80178208532606a66ea42633271661122f53956473ee4086d58d993cb8c10db6d2604101247756c24d3b9112f4bf1d35a058bb583d9ab88d4d6af2b871aecb7ed8630e77631358f081b5e39783812f293050041ce73df718189dedf80a0120ff491c7830c6c30ba4fece81be9212d514072a4fa8e9b90226205970722ca4a06d2e3a4f36773a2c49566be5a31d96b2a9d084d34dc8ef70669142ae845a132ea3a330a9103d033a393c739a31eba931f7133fdc5ce2d048917c581737026cec013abe8ba85720ceed52431e09c65afceea0a5af0dc0792b058a982a3e67eabbfa50dc92fe0d9ea0af4e81afcaab8575cff1213f566b6e63f7f91e79dc974e0829dd6c906eb218c00ba6e193434780c476b8046395e151bd1b1a6e015fc78127fa4ca19b2cff7f43c270f528844c6f7b054a90527e7be89fae09bdfdec77a4ab65099f1772509224cd4badbb242fa76fa85f6197d9a661cd9e7d3a2f426bd8dd2bc6f0c62d6ba71c2ca7cc5322be08baf857feef4e95e7e859df0b77391b87ca77f3b0a7f43e8f330d1c61468578b73cc6132ded6a6b82313bef91cf875c5bf855086a60000000000f32a7a55a2166b0869af208aaab2408a6249413c71c0d7111269a61642e26a769f4a0f128d6a3e163292b889bdbb4d56ac2569cfcd17fe153f12516cbee98cd0b33ebcc36af53c8515093c6e36e936acf8aecdc717cc06a8662a5dc8b7afff480f26c3f12b20bfb85b787f24debf9468f49e857396362012f0ff8c2fe1f1d917ba701d82d1b38e808247aa3d6d724a2e64ad86dccf700569631d89c5ea6c5d537d0fed1887dea642d1a201792007b32991bf800f10ce7399e46cbb9aa3f757e2915542d552b51b976a739ba7dcd124fe27b586b642b026c3beb64ec7d30d006608a807ee0cd6de344a66cb98199e142331a7aa2021031ff6541676f8a4a1b7e737c40bab4cbddbf08672d6d7d45a35ebc4b2172d3e24227e4343667a73908a95da3c446443735a6220f339ce9ea96a8518220ec30c9ff5ab2722652a13eddf4d54c6d95105d8d7b2bda1b1956f1f4ec1a8b6fadc50986605cc9efb1058adc59d34e0e54184537cb6ca8359eb64546659ebe642a1d338c7e4931da6e61cef1a111f6f31bf566ca732f60caf9c80c44dff4ea097bcfd7326fa24576d717a3b7f3cd7eeeed5dbff2fe4d4cb53ce2209945af5496610d8b370476456bea15e27cfb6298d70d53e272087c9e471c85a0e7870bbbfef00b395235dbf323099a258a07a29308dd1809daa2995bccc9e8d3d90ad1c9e5017bdc00b0d4b100a25276b802053e340d37e5ca3baddebc50e6cbcbb58b13199c4fca84052093610b266b7fa59ee7ca15d34392e423f7876a298f3fd110b1264dcf3a5b4bb9c6b1b46d0000004888c0e5919f2115a7fa69e69d4eea342a0d56b9537a03c7080ee2fb808a6f9e974ca6c75e98c3093af0010878df0ca46bfefc8eb7e618c1eeac12c490502b8393fd1effae269a83ccbc35562892cf191db5a264baefc23b4d79bc49d065d8cb6ffa27daf631ad4f0437b6caa9088bd549450dda415712d59925da1da71e220692d1a81723d826f8ab4d2c299a8547f0000000fcce5567a63cc96ddc2cd2f1a2ee3354723e8556bd69f4b7db87255e854b8529e64ab5c60e6cd81489782c7298d9b6cae3cb8c16b1550eef6a87"], 0x2000, 0xe00) 21:40:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x4a0ffffffff}, 0x0) 21:40:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x3000000000000}, 0x0) [ 1693.003198] overlayfs: missing 'lowerdir' [ 1693.014405] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:33 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) 21:40:33 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x40030000000000}, 0x0) [ 1693.205123] Process accounting resumed 21:40:33 executing program 0: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f00000000c0)) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) acct(&(0x7f0000000140)='./file0\x00') mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) [ 1693.228020] overlayfs: missing 'lowerdir' [ 1693.406001] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1693.455066] Process accounting resumed 21:40:33 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x22) 21:40:33 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) 21:40:33 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x8000a0ffffffff}, 0x0) 21:40:33 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010914000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1693.753700] overlayfs: missing 'lowerdir' 21:40:33 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@workdir={'workdir', 0x3d, './file0'}}]}) 21:40:33 executing program 1: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x22}]}) [ 1693.784971] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:33 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xf0ffffffffffff}, 0x0) [ 1693.880745] overlayfs: './file0' not a directory 21:40:33 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:33 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@workdir={'workdir', 0x3d, './file0'}}]}) 21:40:33 executing program 1 (fault-call:4 fault-nth:0): r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1693.957580] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x100000000000000}, 0x0) [ 1694.042649] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1694.115885] overlayfs: './file0' not a directory 21:40:34 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x23) 21:40:34 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@workdir={'workdir', 0x3d, './file0'}}]}) 21:40:34 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:34 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x200000000000000}, 0x0) 21:40:34 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000080)={0x800, 0xd, 0x4, 0x20000, 0x9, {0x0, 0x2710}, {0x2, 0x2, 0x8, 0x5, 0x0, 0x7f, "1a6c39a1"}, 0x40, 0x1, @offset=0x3, 0x3, 0x0, r0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000480)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000009c0)={0x80, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ALLOWEDIPS={0x2c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x8, 0x2, @local}, {0x5}}]}]}]}]}]}, 0x80}}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x814, r3, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x7a0, 0x8, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x200, @local, 0x1}}]}, {0x6d8, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x3, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x20}}, 0x9}}, @WGPEER_A_ALLOWEDIPS={0x22c, 0x9, 0x0, 0x1, [{0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x23}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0xf}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x7d}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="6adce03ca7a173c0db35e45b54e3f3b2"}, {0x5, 0x3, 0x14}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="5fd2f41df28ced4af84ad7a9154668b2"}, {0x5, 0x3, 0x54}}]}, {0xe8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2c}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x51}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="9c72fb2ab4d549877b335742d4a706f4"}, {0x5, 0x3, 0x28}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x4}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x30}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0xa}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x68}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x33}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x20}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x50}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x4a}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @remote}}, @WGPEER_A_ALLOWEDIPS={0x230, 0x9, 0x0, 0x1, [{0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x72}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x80}, {0x5, 0x3, 0x7}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="09946ceacdc2e00f9782a2bf859f8bec"}, {0x5, 0x3, 0x77}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x34}}, {0x5, 0x3, 0x6e}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x16}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x80}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x10000}, {0x5, 0x3, 0x18}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}, {0x5, 0x3, 0x11}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x36}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x74}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x7}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x34}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr="0489d3667772866580794e483bc5d598"}, {0x5, 0x3, 0x4}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3e}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1d}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x224, 0x9, 0x0, 0x1, [{0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3a}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x14}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1c}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0xa}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @empty}}, {0x5, 0x3, 0x21}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x6b}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x4}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0xd}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x7f}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, {0x5, 0x3, 0x20}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x6c}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x25}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x15}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x43}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x74}}]}]}]}, {0x60, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "70e564b8f0350a0c7b449c3ec4a80f9ef3e08af8e890623d946a35a9626bb38b"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @rand_addr=0x7b0}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}]}]}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a='\xa0\\\xa8Ol\x9c\x8e8S\xe2\xfdzp\xae\x0f\xb2\x0f\xa1R`\f\xb0\bE\x17O\b\ao\x8dxC'}]}, 0x814}, 0x1, 0x0, 0x0, 0x801}, 0x800) 21:40:34 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$LOOP_CLR_FD(r0, 0x4c01) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x1002, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c6f7765726469723d2e6f901cbd9ac22f66"]) clone(0x4409e200, &(0x7f0000000080)="8317d737eeffebea93f795804eeeb415096e98b59e69202de2ea96df3e06e23b1797bbd0", &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000240)="78db67b5e0ca10bf22d9d2ea98589e5e364e738876aafb0b8b1667ab309913dd6afa5ecf07e617b6c1bb485528f82b8ba118207b75a637ee4f5c2f417500df00bac5f6810037e0d81e336b72c1e30965bcec0163c38bbf1919a44d11a7c79870ed1f4c8a1cf3deef54e328443302046273098df149eca866da95ba2a027293f769e990e893ed5b6bf80490f2ca700f77e204e6a300c00920c13388c4a2cc9ec2f04c58fe353e35743a5c75707398c074769f58271da1ca770602923aab911958e58ba67587aa0830cba4b6b8bc2ced7b45d5b7270485c0f83fed7c4177fee58cce05021dc2755426f437398af148087d36f26bc9ca041a5e9944e2cbc9b6ac0d2d123c39a6224f5e58d252a18ae62d1d5c15541be7a7edfe6ea904341fd78461c63ce7213a735c52c92ace17d1eef711fc097bed0df616b8f57ad99e599a3a85a9cb2c21acebc69397aa88f7630471ac9f0ba17eb3a8553108592d223aa7dcd384ebbef36b03211dc1f3aaa606241ae488e5b5cefbdd2ef262488e55fc1fb8535ed49f8abb2fc57d9bb2b3cd3b94a588977c8432946e6b72738a4564d63b567330d33af0af7b04a65f85db976296ad28bbd9ddba3ccaa86a1d9cc729fbbb81cba0d329d287262941e9a188bfb2c2ed85bef49b11b10b8fa34bcf980d81901269410532d1b538721840b00606fcd277b35c74569e86e8a9831722069aa9378050d6f227290d572c746b57c41cccb8c261804eece3926c3d0c5c45844bd08738ef6d3cafe8dc79cbce6b069f0e038fcebb29b815e7465ff6742a0019cd03bc81efa77d5869a222ff8550aa1943be877d241c880a3204e8025e4f67c2291f96f5e98706c08249c367770adb44c57ad9051321f874359d670fac33299edb3f190285dfe6b5bdb51293f0aeaa9db64e27ab596b7f501531f31e14dacaf328ce1a945f4e8dfd846a74468aa6defd0648e0a112603137fd7b6f951e4aac96835efa069a470863faae1bb9fd4e46e1fa2b001ef5d52dc572bf308c03d6a3cc8a3146ba576e4fdd2efe0c7688a8dcc2637e9108f46d27a93292be59334bc874a8d39a956800b4738bdcbb5de3df8d9379326aabf6ef2f1a45cad8ce3376fe9270aee511a8ec27c4748e9b9c09b113fe4077be037ec52564b36e9c710abce848160ce81c9dc02bd6d75d9a85ebac638b0a160b3ab8e11246226ebd8199ca3376e2f96a95aa3658c2b05553475b31a1084d104cb351ffdc21a82937c2d5210f10639dff3acc500819afa8fabad9d7014170c9372bfe8e5ad4c2b3cbcb896a8849f75188ad542597a1fd00f887b5bf62c1562d3fc7336af00cb02dbfa54fe4d30137ad25b325fe1e25a2019d8c5611f5539da779de8f80fdd65fd7dc0d1c45dc9cdd1ae4537dc975b880a284ae28b68971071fd6cf51d3f381719d6a7fea13ed41989fd50439c8a81858ae9665b8b82660d73e80c35041dd6faf5685267a80a7b78f35b4354cca1801a26bf319b7d4ffbd44339c6bcf9c873875801e3fe8d849217fd18a274484f7f719ebe1b4b1bbc2ee44e9849c781217c95cc0061d9d0eb2fe3542975c10ab093b53799b31ecf08e4f429bbbcc15f9233c541c925fa4a0b5edd9d5493c218eaec5fe21f5062edcc01d13f36bbb638465f05f0e9f6ee4d9f0cf442c4b26d27ce7c377e5b3511b3484cb077eceadc9dd2fc9a5e60356d71d828ce1ed22294f3a2b7255749437b02b28997b10b238d51d7253c20a1149c080b0d093b6a9febe7535ba8c716bccbcc7e393ea05c53ebffc1a8ae974c09988f2a9b23f21b3361ddfd178ece5e3f525c910f48a7940e7646bffa693c843b5af654fa9bfd1451b0b58a4d81eca108274c161a2e38f53a90b798f8bc0d2f8f7f05ba089ee8bedf3d91f7ab63782f7a6e7c59baca011d97f956c2d2a89d84514007a306bc1de7eec9c2d85a3a5181de9fd2ba12b309fee8e4b40c54e062c48cea8eb82fffd28ac63b83cbd98cbf0b99b11b79ef56597d8c80146f261349b9300c21624d72afc10097c8f5b3d4df9948a1a4865fbe650660308e5c2093134664c1b4faa66c4721478e4229fdf1ef82e5e887826cf9c2ea173282b5cd39c8d376a59c03b8c367b4b7e89de3622fcbdc4ea20c1c1209acbe1a88d184af86e583df4374410dbe573b21a63569d188ae2fb7658eab400e07ee8e7a10deb82a5ab8b32d9f9cb48a1af2c65e58390a2a731559ac6a5b9ec5138b0d49b082f03b0fad82cc8515d3ebcc7e3d0738031102d448120ad7acda8a8c55a3ec7cda0eb53a102e1bad507344c751513473d8486d9203dfecd26da07a941a2cf2d7a9d34f92a3e9869a4e23061e5d53a58644168baf94500a3a7a8c73299947c0040753318e930a2745ad81ec6f0bf1d4cf93e0b4d154f45bb840468c0ae98881b9358b7fe53173298cd469a3e7dac77af12211683cc65533caa9eed027f3e2972085ef4fcb158d2fe3d66ffa5e56ac202d6f15bf59293654619de4f7fa236af03efce96309b2ba8c41191054de6f1b42474dcc1dd21a95829bb0f1859b3217bf8932043fe8e39d293db7795ee02a83722cc8041f63ae33c5e0292465954e8028358d753acb97a151a76754ca3fa376e4ad1c3bb751bc794f3ace548438206a3cd8d0a1b85eedd0913572d0dc95cfb771e98458dd1379727abcac991ad8c5d7a7e47e4184f1dd5ed631dd09ad9ef5dad27d252bbfe09adb359ca46c6c0b58ee1b4e8f0023ab2f0365b44319752208d6d9b7bf7adb50f8f17680f07792fa06f54897a23c7e4932a50bfecefc6473f9b35b6a036fed01b3d145d39f8773a2c0bf8b774612743cb9b0e3ebfaa9c16aee3f7662fa12ae5b64c6a899d33cc967eae6b09f43825f68892557b6af1084c90abb23f5e2c1c8fc52646f0290c7756b3eafa99e77e0df5446dc5a8d422d38b6d2c069d98733e3b2decc14bb9aa13c38f76d0637fa01dce2da43dfc998ec9c1a4d372e1ba7ad41071a39bd7dc96101784a3c48794ca3213b210ffd80487cabbf59d6af96aa695fd806436f4c7570d8cb2449c85091beb395d6a702176126a41daf143fe0ee98c49a4b79b921d0a21d389c4f9b656d502b6d6367604b709038da4850161e5f91e46bbd39eb029ecd95cad5f553b3c664a4eb7f14aed6f4453ee45b3b6920d00fce72191f7769af39908e90ec8b053d52f290eb4a6b8406a5a5c1067645df9dc1b2189cb3eb5e786dc36aa2ae437dc62ba131559c1c462bbfabc559bfa654700853b46cd4ed980d3b2b7e518c74597162a6fa7f7be1337c44bf5022b990cbafe01da5b98a97046c22453c9979e0efc8c70f094ffebffb2b850f92d5178a655da96af6193eb56dae90e6cf854d761b050ab6f3c1967ac68e2e3f70939c8396355a853bd0b39bae71de17ddd7196fd1aaea5233753f8116b5c461034e96669064a12251c99c872b4bd6bbf2add759bd6629645c3bad2110869ad1c0af80eca79124b1e7d6a2a23e9ff4d869447538f6c017e0c24c5e6f5de37b53658257dee80c93882e6df9d14b601f1df4bc031fd76254f19bd0ff5154734cd896596369a020ed439d6c20e71ff062b0feaf11b4d4dfb17ce12bf2782e67ed9fdc418c55f2e8918caa32dc1d1ccdceb9b2baa2474880fe41865968d3ac9461af1521ace687b95e746acbb55f80caeff7701fae30e6de242cc7569d7681ae3d8d237c0fdcdb02671273dff8988337e4fcea7995b6dde7bd01e42b60e5648e3359e18aa93368dcce07196820a90b9e03897e103d2b0b7704becc083b30dddbaa84fa9e30e2e7158ead210f99fb1bc7f1fd586044de50a241840ca599662007d7f10929cbe3016aa7207e85f92aea8198132c0cf7fa395ac26fe2f7c422eaab4bb4224fe41be3501feff715bb9ad4debc3677af5aa86096b0295ec560014272142cbd18fbf40e7026ef4d158a212206908564d5e4c8d7005c4aa704dc6c57b0294cf95ec5301466b42d3a1b070506ec0db865c195302c679d8d0bbed1a311520ca304ee23c327585f706aa5d0d272e634e04001bca223dabbef6fb53749663660a0fdf6557dceb8903cb98b41fbeeff71a83fd1cf8d9306a398780fec3ec442d3ba569a2fea36e64b616ec90908e29fa9b1ab6dfef2b4cb83b88695496415504d53ac27a108dafb94ba6846af3fad0010e71e647f20abae1497ed1fbf8516a0c794d27ffaba2c0a0d47ad3b5b0714b0fe977656afd6e81c21aae214f0cfa908c108a6b8809e3f83dffe40a68372a4c8b3198b3bafc5b6cdb253652696c250a93fbf851e15eb1d11b911f2fb4c9b4d292e06da8472a95a27e4732aea46aab7ccd85124f5c29c69fbb2442159a70b0c4c8892817e87cbf02c478669988a54e8724f633abd907d4cbfffbbeaf5901d132060016f180e0b358c59fb4169f72545cfbecb49a36b5cd3011e595b809c5739d8e76f401fbb3a5d70257158abf37053dc9f4de9cc37c26634934ddb442cf90c82fc9674f8e1787b2537d1bad7aca59d544eced3585476bc033ffe843be4da2ef547cd635a6887e6ff186c1105cd30edea9d44532e415a2312c08867d5b832bd0badb20e7826c891d90be1630e10bf95580ad0221f9a08b3a6234b0312be0c6dbc924f18e3e38c0544429bf67bd7614e4f4dadb7cc2e86db456ad352ff11a29a42a6882fc9ec768d5e95b5b79c616ca3251a373096777413f15853091405213c4fd0046e2cfffbe72c6ba53bf58c91b647f0bad2758a6b2c101c4e9c25236f33a4b8c712856601140ce95e814b06e28f275d2d2a5b0c1c7b5c6b9710db8b192bd64523912e7c326d3f5bc55e27fce4076315e0be155fcf91119d6f9c5fa10a6c6185050f8f0c542a03b19f0cacf73e5b1935f18498cc08c0daa592778baa2f8bc2348ec08ffa785177f2afa3bb755b009f9645c3c8c82740772bc1e752f1ac205f82cd1612abe460d6bb389844147c7590b5f44c3e526dbeed4a7aba6c07035f3f09b64e11124ed4376ea9d04c76c35cab003e76c9fcbe8799feaae2a5bb84616f265c1226fcda34efdd57f30274285361d778f81a7418808a9632e112a3862d91cc808dd06d5f80459c4a67f9e3be39fd5886cceebb2f8fb72aac4bcf68215a69618be6723b4128de63716532f7740863543dd538708312cd1edc49dde6540bbd3e27b19d0456445fdf9681577632e604377a1963cae63e2f738d2ef532f9308ff5a76f35d14febe8a806f826b4998cabd4bfc2a00c590429bf9c849cca0a6ecb1a95198293f1851ad5e70c7eb0efef3a9d8e222becdd896fc14e204012bf23e7fee6557ef325a765f8846deac35588cf9d7c995dd51218f414868cb54d20ff62272afd2da6dd92e6bef5425701a4579dfddd0e9297ce521435f2d5c516a5b8a4787388df51d3bd90060fb0afd6997efeb3898a53811fed0578353dab453133f113e5e12ee315f18c7bf94101c238de2861eea027e92105a3809f6d2606416acc3c717aa07ac063c25311182330b670981719481509168683a1c66076e581c6aefb8407c1bf0de1b872c668bb4a897915e47ebe291128479cb2d8ba9688b282b6189597195fa20299c4bf72ab96e941313ad82ce9a0fd6ff827343c2b85e83e4562f74528a11055ed7840e79b8f5921bbe834f015af1f5df0b1e6b28787ecc6345e2eacae6e5a0ce5352f761d341a1239d8bd0ba53e943744d594d41ee52fb70dc4acfb95a20f15ca83112373f3a83a2563abc3c92677a838893680ec769d769c2cce6d091ae94644b3e9be5b1027355eea3c3c50f6925") 21:40:34 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1694.693980] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x300000000000000}, 0x0) [ 1694.755531] overlayfs: './file0' not a directory 21:40:34 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@nfs_export_off='nfs_export=off'}]}) 21:40:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x400000000000000}, 0x0) [ 1694.866085] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1694.893660] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:34 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1694.967262] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1694.997429] overlayfs: missing 'workdir' [ 1695.015159] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1695.022793] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1695.036476] CPU: 0 PID: 20098 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1695.044371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1695.053851] Call Trace: [ 1695.056454] dump_stack+0x197/0x210 [ 1695.060103] dump_header+0x15e/0xa55 [ 1695.063836] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1695.068951] ? ___ratelimit+0x60/0x595 [ 1695.072848] ? do_raw_spin_unlock+0x181/0x270 [ 1695.077362] oom_kill_process.cold+0x10/0x6ef [ 1695.081880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1695.087430] ? task_will_free_mem+0x139/0x6e0 [ 1695.091946] out_of_memory+0x362/0x1330 [ 1695.095936] ? lock_downgrade+0x880/0x880 [ 1695.100095] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1695.105208] ? oom_killer_disable+0x280/0x280 [ 1695.109715] ? find_held_lock+0x35/0x130 [ 1695.113811] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1695.118670] ? memcg_event_wake+0x230/0x230 [ 1695.123007] ? do_raw_spin_unlock+0x181/0x270 [ 1695.127514] ? _raw_spin_unlock+0x2d/0x50 [ 1695.131672] try_charge+0xec5/0x1490 [ 1695.135406] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1695.140762] ? lock_downgrade+0x880/0x880 [ 1695.144930] ? kasan_check_read+0x11/0x20 [ 1695.149102] memcg_kmem_charge_memcg+0x83/0x170 [ 1695.153784] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1695.158298] ? __isolate_free_page+0x4c0/0x4c0 [ 1695.162895] memcg_kmem_charge+0x13b/0x370 [ 1695.167147] __alloc_pages_nodemask+0x3c3/0x750 [ 1695.171840] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1695.176880] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1695.181471] ? trace_hardirqs_on+0x67/0x220 [ 1695.185820] copy_process.part.0+0x3d6/0x7a60 [ 1695.190326] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1695.195438] ? delayacct_end+0x5c/0x100 [ 1695.199434] ? __delayacct_freepages_end+0xe0/0x140 [ 1695.204468] ? __lock_acquire+0x6ee/0x49c0 [ 1695.208722] ? __cleanup_sighand+0x70/0x70 [ 1695.212970] ? mark_held_locks+0x100/0x100 [ 1695.217239] _do_fork+0x257/0xfd0 [ 1695.220706] ? fork_idle+0x1d0/0x1d0 [ 1695.224437] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1695.230326] ? kasan_check_read+0x11/0x20 [ 1695.234485] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1695.239250] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1695.244013] ? do_syscall_64+0x26/0x620 [ 1695.247993] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1695.253372] ? do_syscall_64+0x26/0x620 [ 1695.257365] __x64_sys_clone+0xbf/0x150 [ 1695.261357] do_syscall_64+0xfd/0x620 [ 1695.265172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1695.270368] RIP: 0033:0x45dd89 [ 1695.273570] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1695.292474] RSP: 002b:00007ffdf9f71018 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1695.300189] RAX: ffffffffffffffda RBX: 00007f67b8298700 RCX: 000000000045dd89 [ 1695.307464] RDX: 00007f67b82989d0 RSI: 00007f67b8297db0 RDI: 00000000003d0f00 21:40:35 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1695.314734] RBP: 00007ffdf9f71230 R08: 00007f67b8298700 R09: 00007f67b8298700 [ 1695.322007] R10: 00007f67b82989d0 R11: 0000000000000202 R12: 0000000000000000 [ 1695.329276] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 [ 1695.341165] Task in /syz5 killed as a result of limit of /syz5 [ 1695.347953] memory: usage 307176kB, limit 307200kB, failcnt 646 [ 1695.354163] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1695.361000] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1695.367407] Memory cgroup stats for /syz5: cache:76KB rss:254920KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254988KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1695.391624] Memory cgroup out of memory: Kill process 17074 (syz-executor.5) score 1113 or sacrifice child [ 1695.402110] Killed process 17074 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1695.402742] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1695.414484] oom_reaper: reaped process 17074 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 1695.432544] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1695.449302] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1695.457158] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1695.462652] CPU: 0 PID: 20099 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1695.470537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1695.479892] Call Trace: [ 1695.482505] dump_stack+0x197/0x210 [ 1695.486173] dump_header+0x15e/0xa55 [ 1695.489913] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1695.495031] ? ___ratelimit+0x60/0x595 [ 1695.498925] ? do_raw_spin_unlock+0x181/0x270 [ 1695.503432] oom_kill_process.cold+0x10/0x6ef [ 1695.507946] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1695.513497] ? task_will_free_mem+0x139/0x6e0 [ 1695.518009] out_of_memory+0x362/0x1330 [ 1695.522030] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1695.527158] ? oom_killer_disable+0x280/0x280 [ 1695.531656] ? find_held_lock+0x35/0x130 [ 1695.535740] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1695.540591] ? memcg_event_wake+0x230/0x230 [ 1695.544928] ? do_raw_spin_unlock+0x181/0x270 [ 1695.549429] ? _raw_spin_unlock+0x2d/0x50 [ 1695.553587] try_charge+0xc6e/0x1490 [ 1695.557321] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1695.562180] ? lock_downgrade+0x880/0x880 [ 1695.566341] ? kasan_check_read+0x11/0x20 [ 1695.570503] memcg_kmem_charge_memcg+0x83/0x170 [ 1695.575189] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1695.579703] ? __isolate_free_page+0x4c0/0x4c0 [ 1695.584298] memcg_kmem_charge+0x13b/0x370 [ 1695.588547] __alloc_pages_nodemask+0x3c3/0x750 [ 1695.593233] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1695.598268] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1695.602857] ? trace_hardirqs_on+0x67/0x220 [ 1695.607202] copy_process.part.0+0x3d6/0x7a60 [ 1695.611716] ? mark_held_locks+0x100/0x100 [ 1695.615978] ? __might_fault+0x12b/0x1e0 [ 1695.620067] ? __cleanup_sighand+0x70/0x70 [ 1695.624317] ? lock_downgrade+0x880/0x880 [ 1695.628493] _do_fork+0x257/0xfd0 [ 1695.631968] ? fork_idle+0x1d0/0x1d0 [ 1695.635705] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1695.640492] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1695.645258] ? do_syscall_64+0x26/0x620 [ 1695.649250] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1695.654622] ? do_syscall_64+0x26/0x620 [ 1695.658610] __x64_sys_clone+0xbf/0x150 [ 1695.662596] do_syscall_64+0xfd/0x620 [ 1695.666414] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1695.671609] RIP: 0033:0x45b3b9 [ 1695.674827] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1695.693731] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1695.701451] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1695.708728] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1695.715998] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 1695.723271] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1695.730544] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075bf2c [ 1695.754136] Task in /syz5 killed as a result of limit of /syz5 [ 1695.760151] memory: usage 304800kB, limit 307200kB, failcnt 646 [ 1695.773616] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1695.780482] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:35 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x24) 21:40:35 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@nfs_export_off='nfs_export=off'}]}) 21:40:35 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xe, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x500000000000000}, 0x0) 21:40:35 executing program 0: clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1695.803711] Memory cgroup stats for /syz5: cache:76KB rss:252844KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:252832KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1695.873496] Memory cgroup out of memory: Kill process 17103 (syz-executor.5) score 1113 or sacrifice child [ 1695.907717] Killed process 17103 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB 21:40:35 executing program 0: clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:35 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x333, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000080)) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT]) 21:40:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x600000000000000}, 0x0) [ 1695.924902] oom_reaper: reaped process 17103 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 1695.937399] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 [ 1695.968133] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1696.003664] CPU: 1 PID: 8043 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1696.011485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1696.020841] Call Trace: [ 1696.023449] dump_stack+0x197/0x210 [ 1696.027091] dump_header+0x15e/0xa55 [ 1696.030815] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1696.035926] ? ___ratelimit+0x60/0x595 [ 1696.039823] ? do_raw_spin_unlock+0x181/0x270 [ 1696.044336] oom_kill_process.cold+0x10/0x6ef [ 1696.048868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1696.054420] ? task_will_free_mem+0x139/0x6e0 [ 1696.058936] out_of_memory+0x362/0x1330 [ 1696.062932] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1696.068039] ? oom_killer_disable+0x280/0x280 [ 1696.072537] ? find_held_lock+0x35/0x130 [ 1696.076615] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1696.081470] ? memcg_event_wake+0x230/0x230 [ 1696.085804] ? do_raw_spin_unlock+0x181/0x270 [ 1696.090309] ? _raw_spin_unlock+0x2d/0x50 [ 1696.094469] try_charge+0xec5/0x1490 [ 1696.098203] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1696.103058] ? lock_downgrade+0x880/0x880 [ 1696.107228] ? kasan_check_read+0x11/0x20 [ 1696.111394] memcg_kmem_charge_memcg+0x83/0x170 [ 1696.116070] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1696.120579] ? __isolate_free_page+0x4c0/0x4c0 [ 1696.125171] memcg_kmem_charge+0x13b/0x370 [ 1696.129423] __alloc_pages_nodemask+0x3c3/0x750 [ 1696.134118] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1696.139153] ? find_held_lock+0x35/0x130 [ 1696.143226] ? copy_page_range+0x13b3/0x2030 [ 1696.147644] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1696.153191] alloc_pages_current+0x107/0x210 [ 1696.157619] pte_alloc_one+0x1b/0x1a0 [ 1696.161428] __pte_alloc+0x2a/0x360 [ 1696.165064] copy_page_range+0x16d0/0x2030 [ 1696.169339] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 1696.174204] ? __vma_link_rb+0x279/0x370 [ 1696.178293] copy_process.part.0+0x56f9/0x7a60 [ 1696.182925] ? __cleanup_sighand+0x70/0x70 [ 1696.187198] _do_fork+0x257/0xfd0 [ 1696.190668] ? fork_idle+0x1d0/0x1d0 [ 1696.194402] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1696.199166] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1696.203930] ? do_syscall_64+0x26/0x620 [ 1696.207912] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1696.213277] ? do_syscall_64+0x26/0x620 [ 1696.217267] __x64_sys_clone+0xbf/0x150 [ 1696.221253] do_syscall_64+0xfd/0x620 [ 1696.225069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1696.230258] RIP: 0033:0x45998a [ 1696.233455] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1696.252360] RSP: 002b:00007ffee160f2e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1696.260071] RAX: ffffffffffffffda RBX: 00007ffee160f2e0 RCX: 000000000045998a 21:40:36 executing program 0: clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:36 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x800000000000000}, 0x0) [ 1696.267350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1696.274621] RBP: 00007ffee160f320 R08: 0000000000000001 R09: 000000000152c940 [ 1696.281894] R10: 000000000152cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1696.289171] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffee160f370 21:40:36 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getuid() mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@euid_eq={'euid', 0x3d, r0}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x329e00, 0x0) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000140)=""/4) modify_ldt$write(0x1, &(0x7f0000000280)={0x5024, 0x20001000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x10) init_module(&(0x7f0000000180)='system\x00', 0xffe9d, &(0x7f0000000340)='/defAA4\x9b') ioctl$KDGKBLED(r1, 0x4b64, &(0x7f00000002c0)) linkat(r1, &(0x7f0000000200)='./file0\x00', r1, &(0x7f0000000240)='./file0\x00', 0x400) 21:40:36 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1696.469222] Task in /syz4 killed as a result of limit of /syz4 [ 1696.479564] memory: usage 307200kB, limit 307200kB, failcnt 3513 [ 1696.486001] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1696.494163] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1696.502221] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1696.508657] Memory cgroup stats for /syz4: cache:84KB rss:223240KB rss_huge:184320KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:223236KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1696.518249] audit: type=1400 audit(1581370836.448:4068): avc: denied { module_load } for pid=20141 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=system permissive=1 [ 1696.529806] Memory cgroup out of memory: Kill process 15761 (syz-executor.4) score 124 or sacrifice child [ 1696.563492] Killed process 15761 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB [ 1696.565635] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1696.621232] overlayfs: missing 'workdir' 21:40:36 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x25) 21:40:36 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x900000000000000}, 0x0) 21:40:36 executing program 0: mknod$loop(0x0, 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:36 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3) recvmmsg(r0, &(0x7f0000000080), 0x0, 0x1, &(0x7f00000000c0)) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000002c0)={r2, 0xfd9}, 0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={r2, 0xffc0000, 0x98}, 0x10) 21:40:36 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@xino_on='xino=on'}, {@nfs_export_off='nfs_export=off'}]}) [ 1696.767401] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 [ 1696.782067] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1696.823796] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1696.829330] CPU: 1 PID: 8043 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1696.837143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1696.847022] Call Trace: [ 1696.849625] dump_stack+0x197/0x210 [ 1696.853278] dump_header+0x15e/0xa55 [ 1696.857005] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1696.862120] ? ___ratelimit+0x60/0x595 [ 1696.866015] ? do_raw_spin_unlock+0x181/0x270 [ 1696.870527] oom_kill_process.cold+0x10/0x6ef [ 1696.875042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1696.880589] ? task_will_free_mem+0x139/0x6e0 [ 1696.885104] out_of_memory+0x362/0x1330 [ 1696.889095] ? lock_downgrade+0x880/0x880 [ 1696.893253] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1696.898366] ? oom_killer_disable+0x280/0x280 [ 1696.902863] ? find_held_lock+0x35/0x130 [ 1696.906953] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1696.911808] ? memcg_event_wake+0x230/0x230 [ 1696.916143] ? do_raw_spin_unlock+0x181/0x270 [ 1696.920652] ? _raw_spin_unlock+0x2d/0x50 [ 1696.924812] try_charge+0xec5/0x1490 [ 1696.928543] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1696.933401] ? lock_downgrade+0x880/0x880 [ 1696.937557] ? kasan_check_read+0x11/0x20 [ 1696.941720] memcg_kmem_charge_memcg+0x83/0x170 [ 1696.946397] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1696.950904] ? __isolate_free_page+0x4c0/0x4c0 [ 1696.955496] memcg_kmem_charge+0x13b/0x370 [ 1696.959744] __alloc_pages_nodemask+0x3c3/0x750 [ 1696.964416] ? save_stack+0xa9/0xd0 [ 1696.968062] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1696.973085] ? copy_process.part.0+0x3509/0x7a60 [ 1696.977854] ? mark_held_locks+0x100/0x100 [ 1696.982099] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1696.987651] alloc_pages_current+0x107/0x210 [ 1696.992076] pte_alloc_one+0x1b/0x1a0 [ 1696.995884] __pte_alloc+0x2a/0x360 [ 1696.999528] copy_page_range+0x16d0/0x2030 [ 1697.003808] ? vma_compute_subtree_gap+0x158/0x230 [ 1697.008765] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 1697.013646] ? __vma_link_rb+0x279/0x370 [ 1697.017732] copy_process.part.0+0x56f9/0x7a60 [ 1697.022464] ? __cleanup_sighand+0x70/0x70 [ 1697.026751] _do_fork+0x257/0xfd0 [ 1697.030223] ? fork_idle+0x1d0/0x1d0 [ 1697.033961] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1697.039133] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1697.043902] ? do_syscall_64+0x26/0x620 [ 1697.047889] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1697.053259] ? do_syscall_64+0x26/0x620 [ 1697.057263] __x64_sys_clone+0xbf/0x150 [ 1697.061260] do_syscall_64+0xfd/0x620 [ 1697.065078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1697.070279] RIP: 0033:0x45998a [ 1697.073479] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1697.092387] RSP: 002b:00007ffee160f2e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1697.100105] RAX: ffffffffffffffda RBX: 00007ffee160f2e0 RCX: 000000000045998a [ 1697.107377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1697.114762] RBP: 00007ffee160f320 R08: 0000000000000001 R09: 000000000152c940 21:40:36 executing program 0: mknod$loop(0x0, 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:36 executing program 0: mknod$loop(0x0, 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xa00000000000000}, 0x0) 21:40:37 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x2000, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@default_permissions='default_permissions'}]}) utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x6, 0x66ab}) [ 1697.122036] R10: 000000000152cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1697.129306] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffee160f370 21:40:37 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x420d01, 0x0) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0)) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="686f7765726669723d2e2f66696c653008003cadc4a5eb60e5b6113d5678aba564c4d5806da1e6057abaa857c418cb160b8dad26ceecb09a39456469e65b8cb88dd8f13b68f2cbc5d5049eb56d9742eaa8e81b96dc66cebdce72b943bde0c3462939c9b5480ce04e639ff6091e2ae1c5dd38d61cfcf90f3967adbb9a37f68fa058c5a3fda1dd69e4c71122ff7d6efd0c57ec78d24b714c6e15841e57e1e6f9792a2c8ddcb9827748e2526f7803de0f80b323dfffb4044058329788d6e13527467d3111d1426a13a32f424609dec7aad2444b795890e19d356e434dfda62b9bd3842b67ca954a4bd51c7e7a4451b4bdd64e87901f75e75b4e0905377639f208b3d93f957a746e342f25743a50f7"]) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000140)) r1 = getuid() syz_mount_image$jfs(&(0x7f0000000180)='jfs\x00', &(0x7f00000001c0)='./file0\x00', 0x7, 0x1, &(0x7f0000000280)=[{&(0x7f0000000200)="0baeef98711c3a5dfd4ec737951441ccd1db1ad84ba37a79fffb0f2799db3a021cd48c9265ec32a2456d471aff4239470e0412789c5d70e6df6286dd1c1393dfd189585a422f69a4ffd5ed695bec42bbf70b", 0x52, 0x6f}], 0x800, &(0x7f0000000480)={[{@umask={'umask', 0x3d, 0x5}}, {@uid={'uid', 0x3d, r1}}], [{@dont_hash='dont_hash'}, {@smackfshat={'smackfshat', 0x3d, 'overlay\x00'}}, {@subj_user={'subj_user', 0x3d, 'overlay\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x64, 0x61, 0x39, 0x35, 0x36, 0x61, 0x61], 0x2d, [0x63, 0x62, 0x61, 0x32], 0x2d, [0x65, 0x5, 0x33, 0x30], 0x2d, [0x34, 0x36, 0x32, 0x63], 0x2d, [0x65, 0x30, 0x61, 0x33, 0x31, 0x61, 0x63, 0x37]}}}]}) 21:40:37 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x1a0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:37 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c76776501006872bdf82f66696c65305c43"]) [ 1697.253971] overlayfs: unrecognized mount option "howerfir=./file0" or missing value [ 1697.323067] Task in /syz4 killed as a result of limit of /syz4 [ 1697.350927] memory: usage 307200kB, limit 307200kB, failcnt 3537 [ 1697.370678] overlayfs: unrecognized mount option "lvwe" or missing value [ 1697.378009] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1697.391394] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1697.398345] Memory cgroup stats for /syz4: cache:84KB rss:223136KB rss_huge:184320KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:223240KB inactive_file:4KB active_file:12KB unevictable:0KB [ 1697.424673] Memory cgroup out of memory: Kill process 15994 (syz-executor.4) score 124 or sacrifice child [ 1697.428519] overlayfs: unrecognized mount option "lvwe" or missing value [ 1697.439258] Killed process 15994 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB [ 1697.536477] overlayfs: missing 'workdir' 21:40:37 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x26) 21:40:37 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xb00000000000000}, 0x0) 21:40:37 executing program 5: mknod$loop(&(0x7f0000000080)='./file1\x00', 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[]) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)={0x5, 0x5, 0x4, 0x100, 0xfffffffb, {r1, r2/1000+30000}, {0x1, 0x2, 0x1f, 0xff, 0x0, 0x4, "3b8dfd97"}, 0x101, 0x1, @planes=&(0x7f00000000c0)={0x40, 0x2, @mem_offset=0x7, 0xfffffc01}, 0x8fb, 0x0, 0xffffffffffffffff}) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x101681, 0x48) fanotify_mark(r3, 0x53, 0x48000023, r5, &(0x7f00000001c0)='./file1\x00') 21:40:37 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1697.754619] overlayfs: './file0' not a directory 21:40:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xe00000000000000}, 0x0) 21:40:37 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$KVM_NMI(r1, 0xae9a) 21:40:37 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1697.802568] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:37 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xf00000000000000}, 0x0) [ 1697.906696] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:37 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x2a0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:37 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) r3 = openat(r2, &(0x7f0000000680)='./file0\x00', 0x86000, 0x60) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f00000016c0)={r1, r3, 0x1, 0x1000, &(0x7f00000006c0)="c314f97fa8e6c964de5df66348fc83156efe63572c9a7b74e93b36c5d3c4e8ccdbd608932687c7f6b2848e1ef88a4e920d55740a0b39d3adb9288fcf980db8436aa54a69092d628d8d3fc6fff2893fe913ce2cfa9c8f87bfde684c49c3330c449ab3a86ebfb469a6cd046b07771bf1f34731498a11b74447a5e11cc20dcbdd013912fb73fd99110070da0fd4b8cfada34344432b1ca519e2d70f01100f60482b71ab58009c8e8d96c0fdb2175c15d0163f18accb2c8ebe1a8af1ef4f50044b5a92b47b6fb1b60f3ea1f79a4764e37d1eefa76c305526da7cef9661cd1715fbaa4227dc0a8ab9eb3b70e4de52b026d8031c7f677d7d094811f074565901df9d930066e396c6d14061d94fe8ef5d2becc7f154e022bee08aa86a92628a239dd6fa66593c48689597945983635e5fbc5138014ddde7c3d42bbf236a4951d1065cd723dde23d1d771a43bb38ea21b9935fb8d75d99bd05b53822e017d7ddf71056c44df1f57d23759e67ef93940d23689383e5bb2998534228b2b0538db451da7304a40915b7f17c2442183d2359810b478fe20575aa52554514db8fc335931855fcf0370d0937adefc6e6fcf1d2cb7a7d18a00faa5e505e0aed5cc2f3e8e456a73eee60ff9b7730fae02ed8d1671b911d3dc1387ea613ee57cfc8d147dcaa39101df5b0b30cb25a58abf94f9474b9340f8a7330a25845d9f0271f73e349a817fb68d252e8bb407f3486bf403a74423b6b49be913cb6d8947819d268543eeb1ca5b0c3d125e677212380d61dbae34561e77338b90fe4245d5adfa08247e6d0eff8e5f3b25d2ab1cc5c3284c382e4e4fd210a2472a86fc9a075e1e3b4fe070b863022ccd1dd42a4cf1a167fd67a20d97a25c4c2b04922179fea87a2255868d20b356e59ee4e4f1f1a39db363e71863fa06d815a191320f1c42add6aa70dbc66394fb1352d6f7fd8b4e3d253a28eb5bfd20169ca1d31aa99be6dce2e3346b506d8bf18cc497d6a13ba05d7f2c8ca6a04d549ee6f38ea1152bb789fc14a9adf33f892564fbcac7c4025eec7a9d8a6ffac58dd546238dcd0b1cb3c2fbbfa60a3d502608135cb303fe7d36fb024d28b405f792d3a807f1d1549fe9abe78af8f8a798d95fefd3a00ed6de8d21a106cb0b921693a94572f027b0c529e131738ebd1f9400c2a9b14c4999d0f99cac37ed5f80da8f314645b2fda34fade4da6da1c83c38290217008096e4109024e31cca35c32f84d2176acf49b232e7785a9e1609dbdaf758c1efef8b1b7ae33430a0584b725234336bc37d512244bda5d468090438d9c77915e3c5630980b08e51555c9c750c5f2270fceeb753511d7c3e92b7f86c515964e5ac09a541f37255d61c341691d995ba5d3f6e2d1ad3b6cb52b7f7d1b4478daeef884efdb8d76fe90dde5a41bea7b88755cc567fed28539c9576c0e39180254cd8b6f42147da091232caccc2b1e531a0090e02a809ef2c1cc7317bb709606b71c9b801a954643dfc8964a16aa1c96ca57367ce013dbc4b79bec58495af2328730450b3bb4d565fe9762abada40509cb7f5b3d6d09728e36b93ea7c77e0f0810c5664d16705a68809e8de14f5ebf2fcb4fb2acbee203b922d4b7860a8f78d8a810f39c936cbd46ae4ea363c5a6ffa523ae452de31c0f118ed3c652ec54a71d0937e8196287df817e5e20c8647441aea69c0407ac20d00eedec9a145cd54d81e7bef8ec118f4450285699644b5801ebd959ffa4e2b1f30abfc883ba2b13755307b593224602ebe617a3f49d05bdbbb2f934080ba5e0a0b8546838eba10a553a2cbda2cb453fb3b5578d6ce622cd0c196b1febbd1adcd2eb6fc0577261d303dd6be74a0e4b3d3ba3c9b3953e82bf45e0f5275485916d51bee3a01330294aa3aeed1a13e3f82038ca8c61739257f5b3d086e96821dbec7f1295b991c34f83a6658a014b8b7d55dce23e5b8bcae726f73d4390458463606ff427f84d1c6bc8ec542ec989b39a2ccad6d43341673f2bf8b36d0040f517a0be5b59c6878f34bee70bd0bec20ac7812ba9dc52519c4bf9fc9a316e9218f39781bece24393d4c28f6d1d017a40d76ed29d25d1fb83d708fcd9aa25e6bed8834bdbcd5d137fa0209087677f858f8559960274dcace07715037b98ac4ed68346a4dc5435d2384e09259334358715e3c3eeca89e69be01b2f1d047613c8c8d417a518a7841b8eb6ce8e2a368c6df86123a14f848d18398dc7f6c5f833fdd2cdff879a759f5321359c73720ceedac44611fe44f4ec085b84c14c52b2449e07be1caa67294e4ce82cc6ff7079d1259aa35598d1135c1665eee6dd7c1661be2750c1b479dafb273473a7e2daf5ade115f19a9a34ebdbd4264c7875fb7ac65456ac676f18272c08b8ac1325e80e3b20b7baaed05bdf2bc7135333ac7b28b2bfc3013390f62621bf9191a5b020d5f98bca9894eff025c5b05899c0b58c22182c463ef79a64ca714a5c2cde86776aa96faff59467b6c0b7934fda001ae2b25bd263c1465abeefb141dbb5c186e41f073dd4ff014ebcc23642588f92140ffd047601d7f0d4cd994387d1bd6ff72b8065a299d1d85ca79e012a604446dd3bcfc676bc2380644d4c1cb8bafab52d374141661232fcbde904b4d9238d015793154d6f9522401d838b886ab27c3a14ef2e9c61525bb9480feff00caf04fd889632789cf73860845fcd28c34c831f24b43a9b1292db347bf115144f0f606805e23d7ae64a2cd6b6786eed1ee6cae6a364cd1c0483e8aff407de3e553e3807402e4694bd3e76829009a768480c0b9da9f52b3d6b77985f01c4ebeeee5e1401298459ea51c1f09f84226fbaa7871518860868baa365f8fba507b80e97be5eec69bd476eb8c129f18a2d532920869bb870c7ee9e7c7edbd400e88404db069b559b39faf828cd1e672d2baf05ca171b1f0f310177554d60aa8e0a9f84d76eeaaa49915177247b2d2da41a04a180ca80d4ce44bb4555fc15c982d919e90d3fc00e30b5d38017f968e7c9022ed6fd273ca2949bc8ac635359011aa76a176885d1994e9af2f7654569f0c1ef83fb7ec37d8327bf12a070fe2ad9a018dcd562511479d51ce8287dd09252def180684584abd3ea02d1184f2c5c2b1bab64774893a8074965a95b23b29093171d462b2671f53787ca0f7c2f60940f53b365cdce26e2e909c066d964cc395cd8ecc0032351f606dc2f224af0436c9ac4600e43e0f3ff9b1400cebd014fcd5813cc23b0c743c184c467e8781663600a5d59592a4c83ca3833a97aae518db27cca371a33a66cbc4b76613376b2b151fe6742f16f6e53e7d09b21493dbd84450b1f587bd9e0f43d6121a44ac1271a1f84e474d197f15ada9bb780908db917426088729a6bc4c2f156e24fbd115516faa7a48b48613f7cb950b291903ebe3b542ddea3fae1f925f5d8c4cf009581471db6a85ff0ae5bb30a5abee785995c948e8f16ec3595906d1631b1165e4e3ab0cd404bd3b6699bc2860376ff4040ad617c79ae9733df29c4ddbce667f21aad7f6bd892f70d52da2b7f8dcdca32ac7367d1285f20ec290a4136179d346b797c3000b54dedf11f1283c9fbe9199a18852d1a1313335d2d2aabdaa30fd12cc330e9ffc16ff20a88eeff4b11a31afca5b68cf6000404c191265811743d6ee6e615f9ecc431a6160881ca7dd5cfd04b8548b340d620d6fd98e6837c7dd8f3dbfc93a68fea12c75713883fe0972e7902f382411ba9b237adf22e9d135b63a61f1d0c84eb53590c87756250188c80ed47e5de638e17d3439112885a8bb891c408e58c2ed5d2286e38c240e3d03f7a16362510be64c1d0bd017178ec97d89f7a3cdb95626e116830d542c5506b46f794a67637a39896426abaa380c8752a9f3faba3a40672872108beac650b5e1c57e95f575017603dc826f28c1647ae974cd06ab3aa9e3181313c064e8a1ecb1b24855cd95a0e92dfb6de564693ce67a40eca21d944e14835ce77aa95c0c2b32408a93c4085c18d06deb61d210ae426d2ebb2872c064a9c49c369c28fc819311b44a4484ba25f46b5a101b9496a87c15a04f22b3bd8a54e15362f2ade8ce61e907e97a0ed3c610e93b636881e5759c4a4ff16f12966f25b78f30b61ea85e8c556f4ee44709acef1a58a73303dd22e9b9eedb4640a972061e56ac4a30f76702b26d9eb01c679c139f52aa44829c68e4501e3b4e75d4f20435936a254f2dc43884f693ff7e5e2e7d2e683f29caa05c6b75d96a4a5fb8d324b4d219adbfa203a1937cc2f7e59eef834413b1bfab7c25ae412db588ee09e7dce188db8c55e4f20926d7ed279c748291d587d76d196ab90507c3182d3978a274eeea36d37e20929c1dea34f1adf4ac15af6ccf256d46a9e8f998c0ac3e9bfe19a100dec08e75c7a71e49d2e5efa83e762fb7aaf92dcd10e20ce5fa02db48ba3148493a210dbcd2483ba639f1ab068e2b85148835c457a67891e619b6ad1d73c326e85b0bf770da27b67cffbbca7b65cf26f7db4ac8842a76d02b5dbd45a7a7783335ba07bc1f850046b7f3949acbde80682cc586d9982f2edf41ab5d7a57cf9ab4ccc71b7d059a715637ae6b869ae6ac9f590e4a4738fef9efbf5884d046ade3b2be31b680f0a1e43484aee9a746f0b5a1e80c2ad6444abe2aafbc5150a78c4da6cbf73ee3b9b929a5e39118d9f9f033faec58f2a4e3ad70921d7bbae0f39b63a758952b9a6f716e74800d8090b3b22cd91596e10c8ba8e44511e4ef2bee5bd587bff7b9ebbefb8aae782eb6223f1201f5236f0782f2efb01bec4f7d20988b568a42770ee1ceb9c195553bc8977c32e82db62f9e8a49a34c8827495786f91b11886d8f3291d182d9b91c7adebe0a35443112492e1ca6b3475672a4717c2e242a6b5c94044649173b2a1a6fe2786a9b13d243514f9d649b9aa096d9a7512520c0d3cb1e736ea7fa1835c9bcb9314167b8d618344900f2a2e5c148a6c101f5c09e3cd00f2df2a6c554693da39f8e7c36c83c59f23494a2da5bd310cbee93194c0f0b4e333c213d46fc2cc85fd9b8ecbb2b9f500f79db4c9d0a47e03107ecccfd26c76411a81f681b3266261df9190e70c9cce7815fcbf6dae647dfcb6d3864d866fff2c35583102c3b600809ca8d1b719fe8397ea236106c3db863001cc0091cf38ad1b0c5eb74fc16880914ecf2a22a60dd61af90799bd4c184ae8274413af020d3638aaebe1ce5c036bd19f64b320fca7e5792fc783aba7c7179c9b87abd24d6440fd3d8a3e34dd2902858941abaa553e11656c1d1562c2421241c4b2a339ce45d0c645e0c6fadd740d98885ade051a6d45c00e3cb151f8cff4f8069d7a4048ea131232cbada1a5861c003713c67c5e695181ad8b11c1c9580c6fbe94636f469fdf761ae5319a22012c6a465ba7199b53cd0d40cd5506c263ed726da3188876ff7676c8c7f76bdf441f64cb8a1d3799d7fd5af58e11e620af1beaaee40c6f22388fd9e014f6ddb0f6bf5c872b329197a4f0b1d999acece57eb1d5a59721968176bdf78625cf0391121497bda16b13c16e0e3c354a898e48f3403c3f4df8e05d1b9738c49ffea094942922e1328f367ca356945963967002ad21bac44e4a607968975117ebb74c468f59f2febf88cbf1afab41755ca939469bfe0a6782da6113096582538908a18c1795cecb4c75c1bc99a8cabefa7afbc35ff89300e7ec8f2d913648f91b54eeed8a9792e3e740ce835a1ea6040d26d2270cb0532809f619131432a1c6121c85846b0efa97354e249c7ad4f46fe13efb442b7ec6ef58bda", 0x1f, 0xb9, 0x401, 0x6a, 0xa41e, 0x2, 0x7, 'syz0\x00'}) r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x200000, 0x0) recvmsg$can_bcm(r4, &(0x7f0000000640)={&(0x7f0000000200)=@pppol2tp, 0x80, &(0x7f0000000540)=[{&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000002c0)=""/245, 0xf5}, {&(0x7f00000003c0)=""/16, 0x10}, {&(0x7f0000000400)=""/29, 0x1d}, {&(0x7f0000000440)=""/197, 0xc5}], 0x6, &(0x7f00000005c0)=""/94, 0x5e}, 0x12100) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@smackfsroot={'smackfsroot', 0x3d, '&cgroupsystemkeyringeth1'}}, {@seclabel='seclabel'}, {@smackfstransmute={'smackfstransmute', 0x3d, 'overlay\x00'}}, {@dont_measure='dont_measure'}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@appraise='appraise'}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@fsname={'fsname'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}]}) [ 1697.961965] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1697.973114] overlayfs: './file0' not a directory [ 1697.993934] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1698.176266] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1698.195935] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1698.201621] CPU: 1 PID: 20225 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1698.209508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1698.218866] Call Trace: [ 1698.221469] dump_stack+0x197/0x210 [ 1698.225113] dump_header+0x15e/0xa55 [ 1698.228835] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1698.233946] ? ___ratelimit+0x60/0x595 [ 1698.237844] ? do_raw_spin_unlock+0x181/0x270 [ 1698.242968] oom_kill_process.cold+0x10/0x6ef [ 1698.247475] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1698.253018] ? task_will_free_mem+0x139/0x6e0 [ 1698.257618] out_of_memory+0x362/0x1330 [ 1698.261624] ? lock_downgrade+0x880/0x880 [ 1698.265794] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1698.270905] ? oom_killer_disable+0x280/0x280 [ 1698.275405] ? find_held_lock+0x35/0x130 [ 1698.279487] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1698.284337] ? memcg_event_wake+0x230/0x230 [ 1698.288670] ? do_raw_spin_unlock+0x181/0x270 [ 1698.293176] ? _raw_spin_unlock+0x2d/0x50 [ 1698.297333] try_charge+0xec5/0x1490 [ 1698.301058] ? lock_downgrade+0x880/0x880 [ 1698.305224] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1698.310074] ? rcu_read_unlock+0x33/0x60 [ 1698.314145] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1698.319006] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1698.325083] mem_cgroup_try_charge+0x259/0x6b0 [ 1698.329685] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1698.334631] wp_page_copy+0x430/0x16a0 [ 1698.338546] ? follow_pfn+0x2a0/0x2a0 [ 1698.342361] ? do_raw_spin_unlock+0x181/0x270 [ 1698.346864] do_wp_page+0x57d/0x10b0 [ 1698.350588] ? lock_acquire+0x16f/0x3f0 [ 1698.354568] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 1698.359243] ? kasan_check_write+0x14/0x20 [ 1698.363479] ? do_raw_spin_lock+0xd7/0x250 [ 1698.367725] __handle_mm_fault+0x2305/0x3f80 [ 1698.372148] ? copy_page_range+0x2030/0x2030 [ 1698.376587] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1698.381265] handle_mm_fault+0x1b5/0x690 [ 1698.385344] __do_page_fault+0x62a/0xe90 [ 1698.389420] ? vmalloc_fault+0x740/0x740 [ 1698.393487] ? trace_hardirqs_off_caller+0x65/0x220 [ 1698.398515] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1698.403452] ? page_fault+0x8/0x30 [ 1698.407006] do_page_fault+0x71/0x57d [ 1698.410927] ? page_fault+0x8/0x30 [ 1698.414477] page_fault+0x1e/0x30 [ 1698.417933] RIP: 0033:0x410408 [ 1698.421129] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf eb 0c 4c 00 31 c0 e8 a3 1a ff ff 31 ff e8 ec 16 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d 3e 22 86 00 [ 1698.440032] RSP: 002b:00007ffdf9f71080 EFLAGS: 00010246 [ 1698.445395] RAX: 00000000828150be RBX: 000000000f45c8d7 RCX: 0000001b33b20000 [ 1698.452670] RDX: 0000000000000000 RSI: 00000000000010be RDI: ffffffff828150be [ 1698.459938] RBP: 000000000000001e R08: 00000000828150be R09: 00000000828150c2 [ 1698.467213] R10: 00007ffdf9f71220 R11: 0000000000000246 R12: 000000000075bfa8 [ 1698.474485] R13: 0000000080000000 R14: 00007f67ba2ba008 R15: 000000000000001e [ 1698.481783] ? xfs_dir2_sf_verify+0x28e/0x760 [ 1698.500341] Task in /syz5 killed as a result of limit of /syz5 [ 1698.511324] memory: usage 307200kB, limit 307200kB, failcnt 684 [ 1698.518417] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1698.530090] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1698.537486] Memory cgroup stats for /syz5: cache:76KB rss:254876KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254956KB inactive_file:4KB active_file:0KB unevictable:0KB [ 1698.564809] Memory cgroup out of memory: Kill process 20210 (syz-executor.5) score 1113 or sacrifice child [ 1698.578623] Killed process 20210 (syz-executor.5) total-vm:74900kB, anon-rss:2224kB, file-rss:35796kB, shmem-rss:0kB 21:40:38 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x27) 21:40:38 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:38 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on='metacopy=on'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x1000000000000000}, 0x0) 21:40:38 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a0, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1698.670961] overlayfs: unrecognized mount option "smackfstransmute=overlay" or missing value 21:40:38 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c65305c0032a42ac8ae1f36e45b8c24c882483ed7e0cbfa204bf712462d4507687b5854ae"]) 21:40:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x3f00000000000000}, 0x0) 21:40:38 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1698.751891] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1698.765180] overlayfs: './file0' not a directory 21:40:38 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1698.831128] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1698.866804] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1698.917641] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1698.930857] CPU: 1 PID: 20243 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1698.938762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1698.948109] Call Trace: [ 1698.950713] dump_stack+0x197/0x210 [ 1698.954355] dump_header+0x15e/0xa55 [ 1698.958078] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1698.963201] ? ___ratelimit+0x60/0x595 [ 1698.967097] ? do_raw_spin_unlock+0x181/0x270 [ 1698.971606] oom_kill_process.cold+0x10/0x6ef [ 1698.976115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1698.981660] ? task_will_free_mem+0x139/0x6e0 [ 1698.986177] out_of_memory+0x362/0x1330 [ 1698.990161] ? lock_downgrade+0x880/0x880 [ 1698.994316] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1698.999437] ? oom_killer_disable+0x280/0x280 [ 1699.003935] ? find_held_lock+0x35/0x130 [ 1699.008022] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1699.012872] ? memcg_event_wake+0x230/0x230 [ 1699.017203] ? do_raw_spin_unlock+0x181/0x270 [ 1699.021705] ? _raw_spin_unlock+0x2d/0x50 [ 1699.025863] try_charge+0xec5/0x1490 [ 1699.029600] ? lock_downgrade+0x880/0x880 [ 1699.033764] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1699.038616] ? rcu_read_unlock+0x33/0x60 [ 1699.042686] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1699.047544] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1699.053745] mem_cgroup_try_charge+0x259/0x6b0 [ 1699.058348] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1699.063293] __handle_mm_fault+0x1e50/0x3f80 [ 1699.067713] ? copy_page_range+0x2030/0x2030 [ 1699.072153] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1699.076837] handle_mm_fault+0x1b5/0x690 [ 1699.080911] __do_page_fault+0x62a/0xe90 [ 1699.084988] ? vmalloc_fault+0x740/0x740 [ 1699.089059] ? trace_hardirqs_off_caller+0x65/0x220 [ 1699.094084] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1699.099019] ? page_fault+0x8/0x30 [ 1699.102583] do_page_fault+0x71/0x57d [ 1699.106393] ? page_fault+0x8/0x30 [ 1699.109941] page_fault+0x1e/0x30 [ 1699.113397] RIP: 0033:0x45dd6d [ 1699.116602] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 1699.135511] RSP: 002b:00007ffdf9f71018 EFLAGS: 00010202 [ 1699.140877] RAX: ffffffffffffffea RBX: 00007f67b8298700 RCX: 00007f67b8298700 [ 1699.148158] RDX: 00000000003d0f00 RSI: 00007f67b8297db0 RDI: 0000000000411fa0 [ 1699.155438] RBP: 00007ffdf9f71230 R08: 00007f67b82989d0 R09: 00007f67b8298700 21:40:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x6000000000000000}, 0x0) [ 1699.162718] R10: 00007f67b8297dc0 R11: 0000000000000246 R12: 0000000000000000 [ 1699.170084] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 [ 1699.184773] Task in /syz5 killed as a result of limit of /syz5 [ 1699.190769] memory: usage 307200kB, limit 307200kB, failcnt 707 [ 1699.205917] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:39 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:39 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1699.221771] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1699.235935] Memory cgroup stats for /syz5: cache:76KB rss:254920KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254972KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1699.298493] Memory cgroup out of memory: Kill process 17155 (syz-executor.5) score 1113 or sacrifice child [ 1699.321208] Killed process 17155 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1699.392887] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 [ 1699.414719] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1699.426939] CPU: 0 PID: 8043 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1699.434751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1699.437155] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1699.444105] Call Trace: [ 1699.444129] dump_stack+0x197/0x210 [ 1699.444151] dump_header+0x15e/0xa55 [ 1699.444176] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1699.444194] ? ___ratelimit+0x60/0x595 [ 1699.444207] ? do_raw_spin_unlock+0x181/0x270 [ 1699.444226] oom_kill_process.cold+0x10/0x6ef [ 1699.444242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1699.444259] ? task_will_free_mem+0x139/0x6e0 [ 1699.489646] out_of_memory+0x362/0x1330 [ 1699.493650] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1699.498756] ? oom_killer_disable+0x280/0x280 [ 1699.503255] ? find_held_lock+0x35/0x130 [ 1699.507340] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1699.512196] ? memcg_event_wake+0x230/0x230 [ 1699.516533] ? do_raw_spin_unlock+0x181/0x270 [ 1699.521037] ? _raw_spin_unlock+0x2d/0x50 [ 1699.525193] try_charge+0xec5/0x1490 [ 1699.528921] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1699.533774] ? lock_downgrade+0x880/0x880 [ 1699.537930] ? kasan_check_read+0x11/0x20 [ 1699.542096] memcg_kmem_charge_memcg+0x83/0x170 [ 1699.546779] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1699.551284] ? __isolate_free_page+0x4c0/0x4c0 [ 1699.555879] memcg_kmem_charge+0x13b/0x370 [ 1699.560125] __alloc_pages_nodemask+0x3c3/0x750 [ 1699.564804] ? should_fail+0x14d/0x85c [ 1699.568703] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1699.573760] ? find_held_lock+0x35/0x130 [ 1699.577860] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1699.583408] alloc_pages_current+0x107/0x210 [ 1699.587834] pte_alloc_one+0x1b/0x1a0 [ 1699.591643] __pte_alloc+0x2a/0x360 [ 1699.595278] copy_page_range+0x16d0/0x2030 [ 1699.599551] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 1699.604404] ? __vma_link_rb+0x279/0x370 [ 1699.608480] copy_process.part.0+0x56f9/0x7a60 [ 1699.613108] ? __cleanup_sighand+0x70/0x70 [ 1699.617383] _do_fork+0x257/0xfd0 [ 1699.620852] ? fork_idle+0x1d0/0x1d0 [ 1699.624586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1699.629347] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1699.634114] ? do_syscall_64+0x26/0x620 [ 1699.638096] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1699.643463] ? do_syscall_64+0x26/0x620 [ 1699.647449] __x64_sys_clone+0xbf/0x150 [ 1699.651431] do_syscall_64+0xfd/0x620 [ 1699.655267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1699.660456] RIP: 0033:0x45998a [ 1699.663662] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1699.682572] RSP: 002b:00007ffee160f2e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1699.690287] RAX: ffffffffffffffda RBX: 00007ffee160f2e0 RCX: 000000000045998a [ 1699.697567] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1699.704931] RBP: 00007ffee160f320 R08: 0000000000000001 R09: 000000000152c940 [ 1699.712203] R10: 000000000152cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1699.719486] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffee160f370 [ 1699.731366] Task in /syz4 killed as a result of limit of /syz4 [ 1699.737510] memory: usage 307200kB, limit 307200kB, failcnt 3614 [ 1699.744423] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1699.751268] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1699.757803] Memory cgroup stats for /syz4: cache:84KB rss:223256KB rss_huge:184320KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:223240KB inactive_file:4KB active_file:4KB unevictable:0KB 21:40:39 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x28) 21:40:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x831a000000000000}, 0x0) 21:40:39 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x6a0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:39 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:39 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="6c6f7765726469c28d280def405852489c00008c", @ANYRES16, @ANYBLOB="4aebaa7902c9c6a91d72d3cc991a5707ef9145e99ed3644c9d6ffbd12eefb87dee2d243a6a0b8c70f3f318807c418d927031a66007cc6fca60527232a8fc98e32d4574c303232040b299239a4c3b45b5734899ebeeb84dec7a6acd3bd4a6f0c6a6d411ad526ec0c7f41c40711bd5dc8106ca813e0f58d35c68f16f6468fb1f27", @ANYBLOB="586a489a7abc3f4059f4b5744707ce8866b4bf1b3df292437da56f5ee08c25de2a854c464bdb75c49c9ecd26b675f59c8f1e8f430609d24625289ace9d3c6fd408d7ca6cee3c773e0cf23c1fb156d92b4a6d021fcfbb0860403ea4f673e1cf573d22c51be93c47f17fb391907ba972da92599675bd8d7e8d355854c76db1cf496b7438c838d4c748d0d2a0302b602daffe229aae56de2136c8ab272029c0621e8fe889ddad8e2f9d0ffa21", @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r2], @ANYRES64=r1, @ANYBLOB]) 21:40:39 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) [ 1699.786003] Memory cgroup out of memory: Kill process 16035 (syz-executor.4) score 124 or sacrifice child [ 1699.803475] Killed process 16035 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB 21:40:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x9effffff00000000}, 0x0) [ 1699.860224] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1699.885355] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1699.923639] CPU: 0 PID: 20247 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1699.931565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1699.940922] Call Trace: [ 1699.943545] dump_stack+0x197/0x210 [ 1699.947190] dump_header+0x15e/0xa55 [ 1699.950920] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1699.956036] ? ___ratelimit+0x60/0x595 [ 1699.959936] ? do_raw_spin_unlock+0x181/0x270 [ 1699.964447] oom_kill_process.cold+0x10/0x6ef [ 1699.968969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1699.974511] ? task_will_free_mem+0x139/0x6e0 [ 1699.979028] out_of_memory+0x362/0x1330 [ 1699.983021] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1699.988137] ? oom_killer_disable+0x280/0x280 [ 1699.992644] ? find_held_lock+0x35/0x130 [ 1699.996730] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1700.001583] ? memcg_event_wake+0x230/0x230 [ 1700.005921] ? do_raw_spin_unlock+0x181/0x270 [ 1700.010430] ? _raw_spin_unlock+0x2d/0x50 [ 1700.014587] try_charge+0xc6e/0x1490 [ 1700.018326] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1700.023182] ? lock_downgrade+0x880/0x880 [ 1700.027347] ? kasan_check_read+0x11/0x20 [ 1700.031513] memcg_kmem_charge_memcg+0x83/0x170 [ 1700.036197] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1700.040709] ? __isolate_free_page+0x4c0/0x4c0 [ 1700.045303] memcg_kmem_charge+0x13b/0x370 [ 1700.049552] __alloc_pages_nodemask+0x3c3/0x750 [ 1700.054239] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1700.059269] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1700.063857] ? trace_hardirqs_on+0x67/0x220 [ 1700.068194] copy_process.part.0+0x3d6/0x7a60 [ 1700.072702] ? mark_held_locks+0x100/0x100 [ 1700.076961] ? __might_fault+0x12b/0x1e0 [ 1700.081045] ? __cleanup_sighand+0x70/0x70 [ 1700.085295] ? lock_downgrade+0x880/0x880 [ 1700.089472] _do_fork+0x257/0xfd0 [ 1700.092941] ? fork_idle+0x1d0/0x1d0 [ 1700.095881] overlayfs: './file0' not a directory [ 1700.096671] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1700.106163] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1700.110925] ? do_syscall_64+0x26/0x620 [ 1700.114913] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1700.120289] ? do_syscall_64+0x26/0x620 21:40:40 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:40 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [], 0x2}) 21:40:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xf0ffffff00000000}, 0x0) [ 1700.124283] __x64_sys_clone+0xbf/0x150 [ 1700.128271] do_syscall_64+0xfd/0x620 [ 1700.132089] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1700.137284] RIP: 0033:0x45b3b9 [ 1700.140487] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1700.159395] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1700.167114] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 21:40:40 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) [ 1700.174395] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1700.181674] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 1700.188953] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1700.196233] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075bf2c 21:40:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffff7f00000000}, 0x0) [ 1700.227453] overlayfs: unrecognized mount option "lowerdiÂ( ï@XRHœ" or missing value [ 1700.237235] Task in /syz5 killed as a result of limit of /syz5 [ 1700.244748] memory: usage 305152kB, limit 307200kB, failcnt 708 [ 1700.251389] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1700.258610] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1700.265150] Memory cgroup stats for /syz5: cache:76KB rss:252768KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:252940KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1700.292009] overlayfs: './file0' not a directory [ 1700.299218] Memory cgroup out of memory: Kill process 20247 (syz-executor.5) score 1113 or sacrifice child [ 1700.309518] Killed process 20247 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35800kB, shmem-rss:0kB [ 1700.322155] oom_reaper: reaped process 20247 (syz-executor.5), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 1700.369388] overlayfs: missing 'lowerdir' [ 1700.465819] overlayfs: unrecognized mount option "lowerdiÂ( ï@XRHœ" or missing value 21:40:40 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x29) 21:40:40 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:40 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xe00, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:40 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) 21:40:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffffff00000000}, 0x0) 21:40:40 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/mls\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="c18f27bd69810000000020000000"], 0x14}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newtfilter={0x7c, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0xa}, {}, {0xb}}, [@filter_kind_options=@f_flower={{0xb, 0x1, 'flower\x00'}, {0x4c, 0x2, [@TCA_FLOWER_KEY_ETH_SRC={0xa, 0x6, @broadcast}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5}, @TCA_FLOWER_KEY_SCTP_SRC={0x6}, @TCA_FLOWER_KEY_ENC_IP_TTL_MASK={0x5, 0x53, 0x6}, @TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @broadcast}, @TCA_FLOWER_KEY_ARP_SIP={0x8}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8, 0x1c, 0xff}]}}]}, 0x7c}}, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r7}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x20044804}, 0x840) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000080)=0x3, 0x4) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x82000, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:40 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) [ 1700.790601] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1700.814034] overlayfs: missing 'lowerdir' [ 1700.831617] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffffffa0008000}, 0x0) 21:40:40 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) 21:40:40 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000080)={0xa3, 0x58, &(0x7f0000000140)="67635b2582e17704d175c8441cb2673f01a1120bdcc21456da2923f7b285ca05205ee2772100d14e7937425f2641b71bf8c5e5f217b3c2ec87cac4b7a8c6eb97fea02ec4085052495da3f162d6a22069870f484361d8e9ebc34e6b4eb390878c2fc7b2135500b845dc8df6c0f83160af05061cc3f63f6dfba80885a25fa3168c45aae1c88b25c43a6290c9a9f21f10ea40638188fe5810696e06865dc118c2", {0x5, 0x8, 0x42303159, 0x8, 0x5, 0x81, 0x3, 0x2}}) [ 1700.949969] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1700.973667] overlayfs: missing 'lowerdir' [ 1700.981153] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:40 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@default_permissions='default_permissions'}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffffffa0010000}, 0x0) [ 1700.994238] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1701.108369] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1701.160658] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:41 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2a) 21:40:41 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000000c0)=0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r3) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000240)={0x7, 0x1, {r1}, {r3}, 0x6, 0x7ff}) r5 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r6) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@func={'func', 0x3d, 'FILE_MMAP'}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@uid_lt={'uid<', r4}}, {@obj_type={'obj_type', 0x3d, 'nodevvmnet1vboxnet1-'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '-keyringGPL\x1a'}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@euid_gt={'euid>', r6}}]}) 21:40:41 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[], [], 0x2}) 21:40:41 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x3f00, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:41 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffffffa0020000}, 0x0) [ 1701.786969] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1701.797919] overlayfs: unrecognized mount option "" or missing value [ 1701.823376] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 21:40:41 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[], [], 0x2}) 21:40:41 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xffffffffa0040000}, 0x0) [ 1701.840188] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1701.895600] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1701.913494] CPU: 0 PID: 20362 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1701.921431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1701.930790] Call Trace: [ 1701.933400] dump_stack+0x197/0x210 [ 1701.937045] dump_header+0x15e/0xa55 [ 1701.940778] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1701.945896] ? ___ratelimit+0x60/0x595 [ 1701.949798] ? do_raw_spin_unlock+0x181/0x270 [ 1701.954316] oom_kill_process.cold+0x10/0x6ef [ 1701.958834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1701.964387] ? task_will_free_mem+0x139/0x6e0 [ 1701.968912] out_of_memory+0x362/0x1330 [ 1701.972903] ? lock_downgrade+0x880/0x880 [ 1701.977061] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1701.982178] ? oom_killer_disable+0x280/0x280 [ 1701.986685] ? find_held_lock+0x35/0x130 [ 1701.990771] mem_cgroup_out_of_memory+0x1d2/0x240 21:40:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0xfffffffffffff000}, 0x0) [ 1701.995631] ? memcg_event_wake+0x230/0x230 [ 1701.999969] ? do_raw_spin_unlock+0x181/0x270 [ 1702.004488] ? _raw_spin_unlock+0x2d/0x50 [ 1702.008654] try_charge+0xec5/0x1490 [ 1702.012396] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1702.017265] ? lock_downgrade+0x880/0x880 [ 1702.021429] ? kasan_check_read+0x11/0x20 [ 1702.025604] memcg_kmem_charge_memcg+0x83/0x170 [ 1702.030290] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1702.034595] overlayfs: unrecognized mount option "" or missing value [ 1702.034797] ? __isolate_free_page+0x4c0/0x4c0 [ 1702.045951] memcg_kmem_charge+0x13b/0x370 [ 1702.050199] __alloc_pages_nodemask+0x3c3/0x750 [ 1702.054884] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1702.059894] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1702.064485] ? trace_hardirqs_on+0x67/0x220 [ 1702.068811] copy_process.part.0+0x3d6/0x7a60 [ 1702.073306] ? mark_held_locks+0x100/0x100 [ 1702.077545] ? __might_fault+0x12b/0x1e0 [ 1702.081624] ? __cleanup_sighand+0x70/0x70 [ 1702.085865] ? lock_downgrade+0x880/0x880 [ 1702.090026] _do_fork+0x257/0xfd0 [ 1702.093476] ? fork_idle+0x1d0/0x1d0 [ 1702.097190] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1702.101941] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1702.106690] ? do_syscall_64+0x26/0x620 [ 1702.110664] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1702.116021] ? do_syscall_64+0x26/0x620 [ 1702.119993] __x64_sys_clone+0xbf/0x150 [ 1702.123964] do_syscall_64+0xfd/0x620 [ 1702.127758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1702.132934] RIP: 0033:0x45b3b9 [ 1702.136120] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1702.155017] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1702.162721] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1702.169977] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1702.177243] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 1702.184504] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 21:40:42 executing program 0: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[], [], 0x2}) [ 1702.191761] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075bf2c [ 1702.205681] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1702.216883] Task in /syz5 killed as a result of limit of /syz5 [ 1702.221971] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1702.233795] memory: usage 307180kB, limit 307200kB, failcnt 735 21:40:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x2}, 0x0) [ 1702.256196] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1702.270922] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1702.279213] Memory cgroup stats for /syz5: cache:76KB rss:254836KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254976KB inactive_file:4KB active_file:0KB unevictable:0KB [ 1702.325382] overlayfs: unrecognized mount option "" or missing value [ 1702.349235] Memory cgroup out of memory: Kill process 17312 (syz-executor.5) score 1113 or sacrifice child [ 1702.393952] Killed process 17312 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1702.411416] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1702.411698] oom_reaper: reaped process 17312 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 1702.430312] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1702.451264] CPU: 1 PID: 20351 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1702.459163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1702.468514] Call Trace: [ 1702.471130] dump_stack+0x197/0x210 [ 1702.474777] dump_header+0x15e/0xa55 [ 1702.478505] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1702.483616] ? ___ratelimit+0x60/0x595 [ 1702.487507] ? do_raw_spin_unlock+0x181/0x270 [ 1702.492020] oom_kill_process.cold+0x10/0x6ef [ 1702.496528] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1702.502070] ? task_will_free_mem+0x139/0x6e0 [ 1702.506578] out_of_memory+0x362/0x1330 [ 1702.510566] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1702.515681] ? oom_killer_disable+0x280/0x280 [ 1702.520184] ? find_held_lock+0x35/0x130 [ 1702.524266] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1702.529119] ? memcg_event_wake+0x230/0x230 [ 1702.533455] ? do_raw_spin_unlock+0x181/0x270 [ 1702.537957] ? _raw_spin_unlock+0x2d/0x50 [ 1702.542118] try_charge+0xc6e/0x1490 [ 1702.545847] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1702.550708] ? lock_downgrade+0x880/0x880 [ 1702.554866] ? kasan_check_read+0x11/0x20 [ 1702.559034] memcg_kmem_charge_memcg+0x83/0x170 [ 1702.563711] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1702.568218] ? __isolate_free_page+0x4c0/0x4c0 [ 1702.572811] memcg_kmem_charge+0x13b/0x370 [ 1702.577063] __alloc_pages_nodemask+0x3c3/0x750 [ 1702.581749] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1702.586780] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1702.591371] ? trace_hardirqs_on+0x67/0x220 [ 1702.595712] copy_process.part.0+0x3d6/0x7a60 [ 1702.600215] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1702.605330] ? delayacct_end+0x5c/0x100 [ 1702.609316] ? __delayacct_freepages_end+0xe0/0x140 [ 1702.614346] ? __lock_acquire+0x6ee/0x49c0 [ 1702.618608] ? __cleanup_sighand+0x70/0x70 [ 1702.622854] ? mark_held_locks+0x100/0x100 [ 1702.627135] _do_fork+0x257/0xfd0 [ 1702.630608] ? fork_idle+0x1d0/0x1d0 [ 1702.634345] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1702.640239] ? kasan_check_read+0x11/0x20 [ 1702.644394] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1702.649157] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1702.653921] ? do_syscall_64+0x26/0x620 [ 1702.657901] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1702.663270] ? do_syscall_64+0x26/0x620 [ 1702.667256] __x64_sys_clone+0xbf/0x150 [ 1702.671247] do_syscall_64+0xfd/0x620 [ 1702.675060] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1702.680252] RIP: 0033:0x45dd89 [ 1702.683449] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1702.702348] RSP: 002b:00007ffdf9f71018 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1702.710057] RAX: ffffffffffffffda RBX: 00007f67b8298700 RCX: 000000000045dd89 [ 1702.717327] RDX: 00007f67b82989d0 RSI: 00007f67b8297db0 RDI: 00000000003d0f00 [ 1702.724596] RBP: 00007ffdf9f71230 R08: 00007f67b8298700 R09: 00007f67b8298700 [ 1702.731866] R10: 00007f67b82989d0 R11: 0000000000000202 R12: 0000000000000000 [ 1702.739138] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 [ 1702.767399] Task in /syz5 killed as a result of limit of /syz5 [ 1702.773504] memory: usage 305008kB, limit 307200kB, failcnt 735 [ 1702.785695] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1702.799195] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:42 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2b) [ 1702.806673] Memory cgroup stats for /syz5: cache:76KB rss:252768KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:252808KB inactive_file:4KB active_file:0KB unevictable:0KB [ 1702.835026] Memory cgroup out of memory: Kill process 17335 (syz-executor.5) score 1113 or sacrifice child [ 1702.852095] Killed process 17335 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB 21:40:42 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:42 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:42 executing program 0: r0 = socket(0x1e, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000080)={'lo\x00', @ifru_ivalue}) 21:40:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3}, 0x0) 21:40:42 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x29, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f00000001c0)={0x400, 0x9}, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r3, 0x4008af23, &(0x7f0000000140)={0x0, 0x100000}) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000000180)={0x4, [0x81, 0x8, 0x8000, 0x5]}) r5 = dup3(r1, r2, 0x80000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r5, 0x402c5342, &(0x7f0000000080)={0x8001, 0x224a, 0x3, {0x3, 0x5}, 0x4, 0x20}) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6c256f77e788648072225f2f66696c65305c911c35431c8626c8765c6b9649621e9ceb72262061280ea2820e6ca8312aa89d1069c74e0f57fbba255f0cb1fd85ee6b6c8e55bda145326d3f0213346d3ff0565bc13e753bbf55d49c6c169ef7950537fe1ea5b1a06720f5e38ddeba44507e312bfdf7e51a1e47fc68263fb8237aee136ccfdba6ad4e427596d4a24a09af0d0f163174a026d34a0fccc4fdc394581fff5338db78f41c0a4edac57841dc20308653753136499c9ae43685d49a77be0a10ecf6409dc1afc416cc60bf81decd5360c39de22f6a6fd438f2369715a42e9df4c16286d8f0e2ba9e1d126a0415c3aacdc10074972c186dbf15613ce28d22fcd527514ae2c80592f1b7ecea829850a6643a71260fd8ee46cff3f7e525e7959c35360e2bc063ff3d8921e7d5136863c06db1d8bcab570b7f91d3ea401e69d7d0413d4b240c0af5125b80c4afc04357683e7d"]) 21:40:42 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x4}, 0x0) [ 1702.957165] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1702.970418] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:43 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) sendmsg$inet6(r3, &(0x7f0000002380)={&(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback={0xfc00000000000000}}, 0x1c, 0x0}, 0x0) [ 1703.019760] audit: type=1400 audit(1581370842.958:4069): avc: denied { map } for pid=20405 comm="syz-executor.5" path="/dev/dri/card1" dev="devtmpfs" ino=338 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dri_device_t:s0 tclass=chr_file permissive=1 21:40:43 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:43 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x5}, 0x0) [ 1703.105951] overlayfs: unrecognized mount option "l%owçˆd€r"_/file0\‘5C†&Èv\k–Ibœër& a(¢‚l¨1*¨iÇNWûº%_ ±ý…îklŽU½¡E2m?4m?ðV[Á>u;¿UÔœlž÷•7þ¥± g õãÞºDP~1+ý÷åGüh&?¸#zîlÏÛ¦­NBu–Ô¢J ¯ 1t &ÓJÌÄýÔXÿS8Ûxô [ 1703.105951] NÚÅxAÜ 0†Su16Iœšä6…Ôšw¾ [ 1703.105951] ìö@Á¯ÄÌ`¿ÞÍS`Ãâ/joÔ8ò6—¤.ôÁb†Øð⺞jêÍÁ" or missing value 21:40:43 executing program 0: syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) syz_open_dev$sndtimer(0x0, 0x0, 0x0) [ 1703.252744] syz-executor.4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1703.310260] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1703.330289] CPU: 0 PID: 20421 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1703.338200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1703.347557] Call Trace: [ 1703.350161] dump_stack+0x197/0x210 [ 1703.353805] dump_header+0x15e/0xa55 [ 1703.357534] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1703.362640] ? ___ratelimit+0x60/0x595 [ 1703.366521] ? do_raw_spin_unlock+0x181/0x270 [ 1703.371028] oom_kill_process.cold+0x10/0x6ef [ 1703.375542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1703.381095] ? task_will_free_mem+0x139/0x6e0 [ 1703.385619] out_of_memory+0x362/0x1330 [ 1703.389624] ? lock_downgrade+0x880/0x880 [ 1703.393785] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1703.398902] ? oom_killer_disable+0x280/0x280 [ 1703.403406] ? find_held_lock+0x35/0x130 [ 1703.407502] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1703.412363] ? memcg_event_wake+0x230/0x230 [ 1703.416700] ? do_raw_spin_unlock+0x181/0x270 [ 1703.421203] ? _raw_spin_unlock+0x2d/0x50 [ 1703.425371] try_charge+0xec5/0x1490 [ 1703.429145] ? lock_downgrade+0x880/0x880 [ 1703.433333] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1703.438191] ? rcu_read_unlock+0x33/0x60 [ 1703.442265] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1703.447122] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1703.453208] mem_cgroup_try_charge+0x259/0x6b0 [ 1703.457805] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1703.462746] wp_page_copy+0x430/0x16a0 [ 1703.466651] ? follow_pfn+0x2a0/0x2a0 [ 1703.470462] ? do_raw_spin_unlock+0x181/0x270 [ 1703.474967] do_wp_page+0x57d/0x10b0 [ 1703.478715] ? lock_acquire+0x16f/0x3f0 [ 1703.482805] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 1703.487489] ? kasan_check_write+0x14/0x20 [ 1703.491732] ? do_raw_spin_lock+0xd7/0x250 [ 1703.495986] __handle_mm_fault+0x2305/0x3f80 [ 1703.500409] ? copy_page_range+0x2030/0x2030 [ 1703.504841] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1703.509524] handle_mm_fault+0x1b5/0x690 [ 1703.513606] __do_page_fault+0x62a/0xe90 [ 1703.517681] ? vmalloc_fault+0x740/0x740 [ 1703.521756] ? trace_hardirqs_off_caller+0x65/0x220 [ 1703.526785] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1703.531726] ? page_fault+0x8/0x30 [ 1703.535287] do_page_fault+0x71/0x57d [ 1703.539098] ? page_fault+0x8/0x30 [ 1703.542655] page_fault+0x1e/0x30 [ 1703.546114] RIP: 0033:0x410408 [ 1703.549313] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf eb 0c 4c 00 31 c0 e8 a3 1a ff ff 31 ff e8 ec 16 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d 3e 22 86 00 [ 1703.568215] RSP: 002b:00007ffee160f0b0 EFLAGS: 00010246 [ 1703.573579] RAX: 0000000074fe6d88 RBX: 000000006ec302a0 RCX: 0000001b33520000 [ 1703.580853] RDX: 0000000000000000 RSI: 0000000000000d88 RDI: ffffffff74fe6d88 [ 1703.588134] RBP: 0000000000000008 R08: 0000000074fe6d88 R09: 0000000074fe6d8c [ 1703.595408] R10: 00007ffee160f250 R11: 0000000000000246 R12: 000000000075bfa8 [ 1703.602685] R13: 0000000080000000 R14: 00007f024352e008 R15: 0000000000000008 [ 1703.613125] Task in /syz4 killed as a result of limit of /syz4 [ 1703.619499] memory: usage 307184kB, limit 307200kB, failcnt 3637 [ 1703.626147] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1703.633053] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1703.639852] Memory cgroup stats for /syz4: cache:84KB rss:221776KB rss_huge:182272KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:221948KB inactive_file:4KB active_file:8KB unevictable:0KB 21:40:43 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2c) 21:40:43 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = getuid() quotactl(0x8, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f0000000140)="87549f994b4361c2cd038a4bd0bd4e0d04c41987172b05ce1b5b4e5879a4c7db741420ada8280b454d71d971ad8bfe13a7a48d86cc30285b26da5bc7b6") clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6c6f7765726469728049bb3d1df306f9a800edf850f870573d2e2f66696c65305c00"]) 21:40:43 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x6}, 0x0) 21:40:43 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)={[{@default_permissions='default_permissions'}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@nfs_export_off='nfs_export=off'}]}) 21:40:43 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a00, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:43 executing program 0: r0 = gettid() process_vm_writev(r0, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) [ 1703.661219] Memory cgroup out of memory: Kill process 16462 (syz-executor.4) score 124 or sacrifice child [ 1703.671438] Killed process 16462 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB [ 1703.701145] overlayfs: missing 'lowerdir' [ 1703.768896] overlayfs: unrecognized mount option "lowerdir€I»=óù¨" or missing value 21:40:43 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[{0x10}], 0x10}, 0x1) 21:40:43 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x8}, 0x0) [ 1703.816194] overlayfs: unrecognized mount option "lowerdir€I»=óù¨" or missing value 21:40:43 executing program 4: r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$read(0xb, r1, &(0x7f0000000180)=""/4096, 0x1000) [ 1703.868199] overlayfs: missing 'lowerdir' 21:40:43 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES64]) 21:40:43 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x9}, 0x0) 21:40:43 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x1000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x3, 0x300) bind$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="a300080000b8"}, 0x3f58456029cff09) [ 1703.981029] overlayfs: unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value [ 1704.036924] overlayfs: unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value [ 1704.095615] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1704.133748] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1704.143432] CPU: 0 PID: 20458 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1704.151335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1704.160692] Call Trace: [ 1704.163300] dump_stack+0x197/0x210 [ 1704.166945] dump_header+0x15e/0xa55 [ 1704.170701] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1704.175819] ? ___ratelimit+0x60/0x595 [ 1704.179716] ? do_raw_spin_unlock+0x181/0x270 [ 1704.184228] oom_kill_process.cold+0x10/0x6ef [ 1704.188737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1704.194290] ? task_will_free_mem+0x139/0x6e0 [ 1704.198800] out_of_memory+0x362/0x1330 [ 1704.202786] ? lock_downgrade+0x880/0x880 [ 1704.206940] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1704.212052] ? oom_killer_disable+0x280/0x280 [ 1704.216560] ? find_held_lock+0x35/0x130 [ 1704.220652] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1704.225510] ? memcg_event_wake+0x230/0x230 [ 1704.229850] ? do_raw_spin_unlock+0x181/0x270 [ 1704.234365] ? _raw_spin_unlock+0x2d/0x50 [ 1704.238527] try_charge+0xec5/0x1490 [ 1704.242287] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1704.247143] ? lock_downgrade+0x880/0x880 [ 1704.251306] ? kasan_check_read+0x11/0x20 [ 1704.255469] memcg_kmem_charge_memcg+0x83/0x170 [ 1704.260145] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1704.264660] ? __isolate_free_page+0x4c0/0x4c0 [ 1704.269258] memcg_kmem_charge+0x13b/0x370 [ 1704.273507] __alloc_pages_nodemask+0x3c3/0x750 [ 1704.278302] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1704.283337] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1704.287927] ? trace_hardirqs_on+0x67/0x220 [ 1704.292266] copy_process.part.0+0x3d6/0x7a60 [ 1704.296769] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1704.301888] ? delayacct_end+0x5c/0x100 [ 1704.305879] ? __delayacct_freepages_end+0xe0/0x140 [ 1704.310907] ? __lock_acquire+0x6ee/0x49c0 [ 1704.315165] ? __cleanup_sighand+0x70/0x70 [ 1704.319411] ? mark_held_locks+0x100/0x100 [ 1704.323679] _do_fork+0x257/0xfd0 [ 1704.327150] ? fork_idle+0x1d0/0x1d0 [ 1704.330881] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1704.336773] ? kasan_check_read+0x11/0x20 [ 1704.340930] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1704.345702] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1704.350476] ? do_syscall_64+0x26/0x620 [ 1704.354467] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1704.359834] ? do_syscall_64+0x26/0x620 [ 1704.363823] __x64_sys_clone+0xbf/0x150 [ 1704.367807] do_syscall_64+0xfd/0x620 [ 1704.371633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1704.376824] RIP: 0033:0x45dd89 [ 1704.380025] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1704.398952] RSP: 002b:00007ffee160f048 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1704.406675] RAX: ffffffffffffffda RBX: 00007f024152d700 RCX: 000000000045dd89 [ 1704.413948] RDX: 00007f024152d9d0 RSI: 00007f024152cdb0 RDI: 00000000003d0f00 [ 1704.421222] RBP: 00007ffee160f260 R08: 00007f024152d700 R09: 00007f024152d700 [ 1704.428496] R10: 00007f024152d9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1704.435776] R13: 00007ffee160f0ff R14: 00007f024152d9c0 R15: 000000000075bf2c [ 1704.451174] Task in /syz4 killed as a result of limit of /syz4 [ 1704.458308] memory: usage 307196kB, limit 307200kB, failcnt 3675 [ 1704.465054] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1704.472048] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1704.481025] Memory cgroup stats for /syz4: cache:84KB rss:221880KB rss_huge:182272KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:221924KB inactive_file:8KB active_file:8KB unevictable:0KB [ 1704.502437] Memory cgroup out of memory: Kill process 20152 (syz-executor.4) score 124 or sacrifice child [ 1704.514052] Killed process 20152 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB 21:40:44 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2d) 21:40:44 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mknod(&(0x7f0000000080)='./file0\x00', 0x8000, 0x53) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:44 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa}, 0x0) 21:40:44 executing program 0: socket$inet(0x2, 0x4000000000000001, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) inotify_init1(0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pselect6(0x40, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) 21:40:44 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xe000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:44 executing program 4: r0 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/create\x00', 0x2, 0x0) write$selinux_create(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="73792574656d5f753a6f626a655f743a733020756e636f6e66696e65645f753a73797374656d5f863a696e736d6f645f743a73302d73303a63302e633130b2332030"], 0x42) 21:40:44 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xb}, 0x0) 21:40:44 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x220000, 0x0) setns(r0, 0x0) [ 1704.769147] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:44 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c65300100"]) r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa) r1 = socket(0x10, 0x2, 0x0) socket$kcm(0x29, 0x2, 0x0) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f00000001c0)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r2) r3 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r3, r5, r7) lchown(&(0x7f0000000240)='./file0\x00', r2, r7) getgroups(0x2, &(0x7f0000000140)=[0x0, 0x0]) keyctl$chown(0x4, r0, r2, r8) 21:40:44 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x3f000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:44 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xe}, 0x0) 21:40:44 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x0, 0x4}, 0x4) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) tkill(r2, 0x3c) [ 1704.983359] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1705.026475] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:45 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2e) 21:40:45 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/163, 0xa3}, {&(0x7f00000003c0)=""/151, 0x97}], 0x2, 0x1) preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r3, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={r3, r4, 0x0, 0x4, &(0x7f00000001c0)='\xb9)}\x00', 0xffffffffffffffff}, 0x30) r6 = syz_open_procfs(r5, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) ioctl$PPPIOCSFLAGS(r6, 0x40047459, &(0x7f0000000080)=0x2800) r7 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x400, 0x10) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r7, 0xc0145401, &(0x7f0000000480)={0x3, 0x1, 0x5, 0x0, 0x7}) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r8, &(0x7f00000017c0), 0x333, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf}, 0x0) 21:40:45 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x40000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:45 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_netdev_private(r0, 0x891e, &(0x7f0000000780)="f0972e473a") 21:40:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x10}, 0x0) 21:40:45 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000180)={0xf000000, 0x1, 0x8, r0, 0x0, &(0x7f0000000140)={0x99096d, 0x7, [], @ptr=0x3}}) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000001c0)) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 21:40:45 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x2, 0x0, 0x4, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x50}}, 0x0) 21:40:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x60}, 0x0) [ 1705.992396] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1706.042748] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1706.056251] CPU: 0 PID: 20546 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1706.064176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.073536] Call Trace: [ 1706.076138] dump_stack+0x197/0x210 [ 1706.079789] dump_header+0x15e/0xa55 [ 1706.083525] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1706.088641] ? ___ratelimit+0x60/0x595 21:40:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf0}, 0x0) [ 1706.092537] ? do_raw_spin_unlock+0x181/0x270 [ 1706.097053] oom_kill_process.cold+0x10/0x6ef [ 1706.101565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1706.107120] ? task_will_free_mem+0x139/0x6e0 [ 1706.111644] out_of_memory+0x362/0x1330 [ 1706.115641] ? lock_downgrade+0x880/0x880 [ 1706.119804] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1706.124926] ? oom_killer_disable+0x280/0x280 [ 1706.129437] ? find_held_lock+0x35/0x130 [ 1706.133525] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1706.138389] ? memcg_event_wake+0x230/0x230 21:40:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x1a0}, 0x0) [ 1706.142727] ? do_raw_spin_unlock+0x181/0x270 [ 1706.147236] ? _raw_spin_unlock+0x2d/0x50 [ 1706.151400] try_charge+0xec5/0x1490 [ 1706.155143] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1706.160007] ? lock_downgrade+0x880/0x880 [ 1706.164171] ? kasan_check_read+0x11/0x20 [ 1706.168338] memcg_kmem_charge_memcg+0x83/0x170 [ 1706.173127] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1706.177635] ? __isolate_free_page+0x4c0/0x4c0 [ 1706.182239] memcg_kmem_charge+0x13b/0x370 [ 1706.186502] __alloc_pages_nodemask+0x3c3/0x750 [ 1706.191193] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1706.196244] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1706.200845] ? trace_hardirqs_on+0x67/0x220 [ 1706.205198] copy_process.part.0+0x3d6/0x7a60 [ 1706.209819] ? mark_held_locks+0x100/0x100 [ 1706.214086] ? __might_fault+0x12b/0x1e0 [ 1706.218183] ? __cleanup_sighand+0x70/0x70 [ 1706.222446] ? lock_downgrade+0x880/0x880 [ 1706.226638] _do_fork+0x257/0xfd0 [ 1706.230117] ? fork_idle+0x1d0/0x1d0 [ 1706.233868] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1706.238647] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1706.243426] ? do_syscall_64+0x26/0x620 [ 1706.247419] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1706.253000] ? do_syscall_64+0x26/0x620 [ 1706.256999] __x64_sys_clone+0xbf/0x150 [ 1706.261003] do_syscall_64+0xfd/0x620 [ 1706.264829] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1706.270029] RIP: 0033:0x45b3b9 [ 1706.273232] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:40:46 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0) dup2(r0, r1) [ 1706.292145] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1706.299873] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1706.307153] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1706.314429] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 1706.321707] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1706.328988] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075bf2c [ 1706.450369] Task in /syz5 killed as a result of limit of /syz5 [ 1706.465224] memory: usage 307144kB, limit 307200kB, failcnt 818 [ 1706.471654] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1706.482009] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1706.493761] Memory cgroup stats for /syz5: cache:76KB rss:255208KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:255216KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1706.517334] Memory cgroup out of memory: Kill process 20415 (syz-executor.5) score 1113 or sacrifice child [ 1706.527662] Killed process 20415 (syz-executor.5) total-vm:74756kB, anon-rss:2216kB, file-rss:35804kB, shmem-rss:0kB [ 1706.556209] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1706.568227] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1706.574071] CPU: 0 PID: 20544 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1706.581968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.591331] Call Trace: [ 1706.593950] dump_stack+0x197/0x210 [ 1706.597611] dump_header+0x15e/0xa55 [ 1706.601351] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1706.606467] ? ___ratelimit+0x60/0x595 [ 1706.610363] ? do_raw_spin_unlock+0x181/0x270 [ 1706.614876] oom_kill_process.cold+0x10/0x6ef [ 1706.619382] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1706.624935] ? task_will_free_mem+0x139/0x6e0 [ 1706.629448] out_of_memory+0x362/0x1330 [ 1706.633445] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1706.638567] ? oom_killer_disable+0x280/0x280 [ 1706.643072] ? find_held_lock+0x35/0x130 [ 1706.647172] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1706.652037] ? memcg_event_wake+0x230/0x230 [ 1706.656378] ? do_raw_spin_unlock+0x181/0x270 [ 1706.660889] ? _raw_spin_unlock+0x2d/0x50 [ 1706.665051] try_charge+0xc6e/0x1490 [ 1706.668777] ? lock_downgrade+0x880/0x880 [ 1706.672965] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1706.677872] ? rcu_read_unlock+0x33/0x60 [ 1706.681977] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1706.686852] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1706.692932] mem_cgroup_try_charge+0x259/0x6b0 [ 1706.697541] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1706.702488] __handle_mm_fault+0x1e50/0x3f80 [ 1706.706914] ? copy_page_range+0x2030/0x2030 [ 1706.711365] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1706.716061] handle_mm_fault+0x1b5/0x690 [ 1706.720149] __do_page_fault+0x62a/0xe90 [ 1706.724232] ? vmalloc_fault+0x740/0x740 [ 1706.728304] ? trace_hardirqs_off_caller+0x65/0x220 [ 1706.733321] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1706.738263] ? page_fault+0x8/0x30 [ 1706.741832] do_page_fault+0x71/0x57d [ 1706.745642] ? page_fault+0x8/0x30 [ 1706.749189] page_fault+0x1e/0x30 [ 1706.752641] RIP: 0033:0x45dd6d [ 1706.755841] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 1706.774746] RSP: 002b:00007ffdf9f71018 EFLAGS: 00010202 [ 1706.780116] RAX: ffffffffffffffea RBX: 00007f67b8298700 RCX: 00007f67b8298700 [ 1706.787391] RDX: 00000000003d0f00 RSI: 00007f67b8297db0 RDI: 0000000000411fa0 [ 1706.794665] RBP: 00007ffdf9f71230 R08: 00007f67b82989d0 R09: 00007f67b8298700 21:40:46 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x2f) 21:40:46 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x2a0}, 0x0) 21:40:46 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) write$tun(r0, &(0x7f0000000200)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x30, 0x29, 0x0, @empty, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "fc1cc7", 0x0, 0x0, 0x0, @empty, @dev}}}}}}, 0x62) 21:40:46 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0xc8002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) write$tun(r0, &(0x7f0000000180)={@void, @val, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2c, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0xe0000000}, {0x0, 0x0, 0x8}}}}, 0x26) [ 1706.801938] R10: 00007f67b8297dc0 R11: 0000000000000246 R12: 0000000000000000 [ 1706.809213] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 [ 1706.834811] Task in /syz5 killed as a result of limit of /syz5 [ 1706.841032] memory: usage 304812kB, limit 307200kB, failcnt 818 [ 1706.873004] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1706.890174] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:46 executing program 4: clone(0x1000000210007fb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="8c"], 0x8) [ 1706.907720] Memory cgroup stats for /syz5: cache:76KB rss:253104KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:253048KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1706.967560] Memory cgroup out of memory: Kill process 17384 (syz-executor.5) score 1113 or sacrifice child [ 1706.998294] Killed process 17384 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1707.096232] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:47 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000180)={{r1}, 0x7, 0x200020000000}) preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000140)=&(0x7f00000000c0)) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='lowerdir\x00./file0\\\x00']) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0xde4, 0x40002) [ 1707.150238] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1707.188147] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 21:40:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x300}, 0x0) 21:40:47 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xa0010000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:47 executing program 4: clone(0x1000000210007fb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup3(r1, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$selinux_load(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="8c"], 0x8) [ 1707.224165] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1707.235437] CPU: 1 PID: 8043 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1707.243354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1707.252705] Call Trace: [ 1707.255303] dump_stack+0x197/0x210 [ 1707.258949] dump_header+0x15e/0xa55 [ 1707.262679] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1707.267802] ? ___ratelimit+0x60/0x595 [ 1707.271692] ? do_raw_spin_unlock+0x181/0x270 [ 1707.276206] oom_kill_process.cold+0x10/0x6ef [ 1707.280722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1707.286268] ? task_will_free_mem+0x139/0x6e0 [ 1707.290801] out_of_memory+0x362/0x1330 [ 1707.294794] ? lock_downgrade+0x880/0x880 [ 1707.298955] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1707.304071] ? oom_killer_disable+0x280/0x280 [ 1707.308575] ? find_held_lock+0x35/0x130 [ 1707.312672] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1707.317528] ? memcg_event_wake+0x230/0x230 [ 1707.321929] ? do_raw_spin_unlock+0x181/0x270 [ 1707.326441] ? _raw_spin_unlock+0x2d/0x50 [ 1707.330608] try_charge+0xec5/0x1490 [ 1707.334356] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1707.339216] ? lock_downgrade+0x880/0x880 [ 1707.343377] ? kasan_check_read+0x11/0x20 [ 1707.347548] memcg_kmem_charge_memcg+0x83/0x170 [ 1707.352231] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1707.356747] ? __isolate_free_page+0x4c0/0x4c0 [ 1707.361344] memcg_kmem_charge+0x13b/0x370 [ 1707.365603] __alloc_pages_nodemask+0x3c3/0x750 [ 1707.370290] ? should_fail+0x14d/0x85c [ 1707.374192] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1707.379214] ? find_held_lock+0x35/0x130 [ 1707.383301] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1707.388855] alloc_pages_current+0x107/0x210 [ 1707.395283] pte_alloc_one+0x1b/0x1a0 [ 1707.399099] __pte_alloc+0x2a/0x360 [ 1707.402743] copy_page_range+0x16d0/0x2030 [ 1707.407019] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 1707.411878] ? __vma_link_rb+0x279/0x370 [ 1707.415966] copy_process.part.0+0x56f9/0x7a60 [ 1707.420599] ? __cleanup_sighand+0x70/0x70 [ 1707.422919] overlayfs: unrecognized mount option "lowerdir" or missing value [ 1707.424868] _do_fork+0x257/0xfd0 [ 1707.424890] ? fork_idle+0x1d0/0x1d0 [ 1707.439237] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1707.444099] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1707.448867] ? do_syscall_64+0x26/0x620 [ 1707.452852] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.458225] ? do_syscall_64+0x26/0x620 [ 1707.462326] __x64_sys_clone+0xbf/0x150 [ 1707.466315] do_syscall_64+0xfd/0x620 [ 1707.470130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.475326] RIP: 0033:0x45998a [ 1707.478642] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1707.497548] RSP: 002b:00007ffee160f2e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1707.505265] RAX: ffffffffffffffda RBX: 00007ffee160f2e0 RCX: 000000000045998a [ 1707.512538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 21:40:47 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x3, 0x7, 0x3, 0x3, 0x9, "e102bcaa6308d34195f99248b78fdb38e9fc72"}) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x4a0}, 0x0) [ 1707.519924] RBP: 00007ffee160f320 R08: 0000000000000001 R09: 000000000152c940 [ 1707.527208] R10: 000000000152cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1707.534493] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffee160f370 [ 1707.548062] Task in /syz4 killed as a result of limit of /syz4 [ 1707.574562] memory: usage 307200kB, limit 307200kB, failcnt 3751 [ 1707.581585] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1707.598369] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1707.605062] Memory cgroup stats for /syz4: cache:84KB rss:221860KB rss_huge:182272KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:221888KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1707.626342] Memory cgroup out of memory: Kill process 20450 (syz-executor.4) score 124 or sacrifice child [ 1707.642839] Killed process 20450 (syz-executor.4) total-vm:74636kB, anon-rss:2204kB, file-rss:35800kB, shmem-rss:0kB 21:40:47 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x30) 21:40:47 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) write$FUSE_BMAP(r0, &(0x7f0000000dc0)={0x18, 0x0, 0x7, {0x80000001}}, 0x18) r1 = accept4(0xffffffffffffffff, &(0x7f0000000780)=@isdn, &(0x7f0000000480)=0x80, 0x80800) recvmsg$can_bcm(r1, &(0x7f0000000a40)={&(0x7f0000000800)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000880)=""/195, 0xc3}], 0x1, &(0x7f00000009c0)=""/127, 0x7f}, 0x2140) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000c80)=0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000cc0)="d1144f1ef09bb1f92e6a939e5f427429719f4840d3a02a321f245fbe99f5382c07667d9781bf1cd50369e4cfbfc39c9ff9d8a9c293050265cb7cc3884674c18c5829fa6bad2ba1305a4c83054ab261c4a210ed157b54367fd24278a157286a07a5b1b43d29a21a2cf4207891f1673d8e94427eb642515b574c9383a3340b3fed2c5164750f7c2aec62baa3200f27049f39f313e269713a1d2c1029b13fa1437ecb6bf010dabbbf06cd2c3452743ef32efbb5d41286f7b1c4447c97d26cba3ae69930c099061a5b0a1748f3ce1e1a54782fb0090848f77601720e24b211e71f") r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000a80)={{0x6c, @rand_addr=0xdd, 0x4e24, 0x0, 'fo\x00', 0x5, 0x3, 0x54}, {@dev={0xac, 0x14, 0x14, 0x15}, 0x4e21, 0x0, 0x3, 0x1f, 0x6c39}}, 0x44) r5 = open(&(0x7f0000000080)='./file0/file0\x00', 0xb00, 0xb) sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x70, 0x7, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x70}, 0x1, 0x0, 0x0, 0x81}, 0x4000084) recvmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/169, 0xa9}, {&(0x7f0000000200)=""/133, 0x85}, {&(0x7f00000002c0)=""/232, 0xe8}, {&(0x7f00000003c0)=""/187, 0xbb}, {&(0x7f00000000c0)=""/37, 0x25}, {&(0x7f0000000480)}, {&(0x7f00000004c0)=""/210, 0xd2}], 0x7, &(0x7f0000000640)=""/249, 0xf9}, 0x2022) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="6c6f7765cb9f07e908ace72fee90aa0b726469723d2e2f305c910000000000000000"]) 21:40:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x500}, 0x0) [ 1707.837575] overlayfs: unrecognized mount option "loweËŸé¬ç/îª rdir=./0\‘" or missing value [ 1707.890697] overlayfs: unrecognized mount option "loweËŸé¬ç/îª rdir=./0\‘" or missing value 21:40:48 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5452, &(0x7f0000000000)={{0x3}}) 21:40:48 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xa0020000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x600}, 0x0) 21:40:48 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x200000, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7b}) 21:40:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000000)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020409ed01000270fff8", 0x16}], 0x818000, 0x0) r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000001cc0)={0x8, {'\x00', 0xd}}, 0x1006) [ 1708.163081] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1708.193728] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1708.203301] CPU: 0 PID: 20618 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1708.211201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1708.220560] Call Trace: [ 1708.223166] dump_stack+0x197/0x210 [ 1708.226812] dump_header+0x15e/0xa55 [ 1708.230541] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1708.235649] ? ___ratelimit+0x60/0x595 [ 1708.239541] ? do_raw_spin_unlock+0x181/0x270 [ 1708.244049] oom_kill_process.cold+0x10/0x6ef [ 1708.248558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1708.254104] ? task_will_free_mem+0x139/0x6e0 [ 1708.258619] out_of_memory+0x362/0x1330 [ 1708.262612] ? lock_downgrade+0x880/0x880 [ 1708.266788] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1708.271900] ? oom_killer_disable+0x280/0x280 [ 1708.276401] ? find_held_lock+0x35/0x130 [ 1708.280490] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1708.285358] ? memcg_event_wake+0x230/0x230 [ 1708.289700] ? do_raw_spin_unlock+0x181/0x270 [ 1708.294202] ? _raw_spin_unlock+0x2d/0x50 [ 1708.298367] try_charge+0xec5/0x1490 [ 1708.302092] ? lock_downgrade+0x880/0x880 [ 1708.306259] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 21:40:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x900}, 0x0) [ 1708.311124] ? rcu_read_unlock+0x33/0x60 [ 1708.315199] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1708.320062] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1708.326148] mem_cgroup_try_charge+0x259/0x6b0 [ 1708.330756] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1708.335725] wp_page_copy+0x430/0x16a0 [ 1708.339634] ? follow_pfn+0x2a0/0x2a0 [ 1708.343454] ? do_raw_spin_unlock+0x181/0x270 [ 1708.347964] do_wp_page+0x57d/0x10b0 [ 1708.351697] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 1708.356375] ? kasan_check_write+0x14/0x20 [ 1708.360616] ? do_raw_spin_lock+0xd7/0x250 [ 1708.364870] __handle_mm_fault+0x2305/0x3f80 [ 1708.369293] ? copy_page_range+0x2030/0x2030 [ 1708.373739] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1708.378535] handle_mm_fault+0x1b5/0x690 [ 1708.382609] __do_page_fault+0x62a/0xe90 [ 1708.386760] ? vmalloc_fault+0x740/0x740 [ 1708.390848] ? trace_hardirqs_off_caller+0x65/0x220 [ 1708.395873] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1708.400816] ? page_fault+0x8/0x30 [ 1708.404376] do_page_fault+0x71/0x57d [ 1708.408191] ? page_fault+0x8/0x30 [ 1708.411745] page_fault+0x1e/0x30 [ 1708.415199] RIP: 0033:0x459a65 [ 1708.418397] Code: 55 2c 00 00 00 00 00 c7 05 44 55 2c 00 01 00 00 00 74 23 66 90 48 8b 03 48 8b 50 18 48 85 d2 74 05 ff d2 48 8b 03 48 8b 5b 08 40 28 01 00 00 00 48 85 db 75 df c7 05 05 d7 81 00 00 00 00 00 [ 1708.437298] RSP: 002b:00007ffdf9f712b0 EFLAGS: 00010202 [ 1708.442662] RAX: 0000000000c771a8 RBX: 0000000000000000 RCX: 0000000000c72680 [ 1708.449941] RDX: 0000000000000001 RSI: 000000000071de90 RDI: 0000000001f4bc20 [ 1708.457212] RBP: 00007ffdf9f712f0 R08: 0000000000000001 R09: 0000000001f4b940 21:40:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa00}, 0x0) [ 1708.464487] R10: 0000000001f4bc10 R11: 0000000000000202 R12: 0000000000000001 [ 1708.471760] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdf9f71340 [ 1708.481730] Task in /syz5 killed as a result of limit of /syz5 21:40:48 executing program 0: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYPTR=&(0x7f0000000100)=ANY=[], @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYPTR64, @ANYRES16], @ANYRESHEX, @ANYPTR64], 0x3c) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7}) sendfile(r0, r0, &(0x7f0000000240), 0x7fff) 21:40:48 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00') read$usbfs(r0, 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/76, 0x4c}], 0x1, 0x2) [ 1708.493821] audit: type=1804 audit(1581370848.428:4070): pid=20622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3186/file0" dev="sda1" ino=16951 res=1 [ 1708.497598] memory: usage 307200kB, limit 307200kB, failcnt 850 [ 1708.540168] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1708.556425] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1708.572667] Memory cgroup stats for /syz5: cache:76KB rss:255048KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:255280KB inactive_file:0KB active_file:4KB unevictable:0KB 21:40:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xb00}, 0x0) [ 1708.613854] Memory cgroup out of memory: Kill process 20609 (syz-executor.5) score 1113 or sacrifice child [ 1708.638118] Killed process 20609 (syz-executor.5) total-vm:74900kB, anon-rss:2224kB, file-rss:35796kB, shmem-rss:0kB [ 1708.719277] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1708.738990] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1708.760525] CPU: 1 PID: 8048 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1708.768340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1708.777731] Call Trace: [ 1708.780337] dump_stack+0x197/0x210 [ 1708.783978] dump_header+0x15e/0xa55 [ 1708.787803] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1708.792921] ? ___ratelimit+0x60/0x595 [ 1708.796825] ? do_raw_spin_unlock+0x181/0x270 [ 1708.801344] oom_kill_process.cold+0x10/0x6ef [ 1708.805858] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1708.811402] ? task_will_free_mem+0x139/0x6e0 [ 1708.815914] out_of_memory+0x362/0x1330 [ 1708.819905] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1708.825022] ? oom_killer_disable+0x280/0x280 [ 1708.829526] ? find_held_lock+0x35/0x130 [ 1708.833613] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1708.838474] ? memcg_event_wake+0x230/0x230 [ 1708.842814] ? do_raw_spin_unlock+0x181/0x270 [ 1708.847320] ? _raw_spin_unlock+0x2d/0x50 [ 1708.851478] try_charge+0xc6e/0x1490 [ 1708.855202] ? lock_downgrade+0x880/0x880 [ 1708.859373] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1708.864225] ? rcu_read_unlock+0x33/0x60 [ 1708.868299] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1708.873156] ? mark_held_locks+0x100/0x100 [ 1708.877409] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1708.883496] mem_cgroup_try_charge+0x259/0x6b0 [ 1708.888093] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1708.893038] wp_page_copy+0x430/0x16a0 [ 1708.896945] ? follow_pfn+0x2a0/0x2a0 [ 1708.900761] ? do_raw_spin_unlock+0x181/0x270 [ 1708.905269] do_wp_page+0x57d/0x10b0 [ 1708.908996] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 1708.913729] ? kasan_check_write+0x14/0x20 [ 1708.917979] ? do_raw_spin_lock+0xd7/0x250 [ 1708.922230] __handle_mm_fault+0x2305/0x3f80 [ 1708.926658] ? copy_page_range+0x2030/0x2030 [ 1708.931102] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1708.935789] handle_mm_fault+0x1b5/0x690 [ 1708.939867] __do_page_fault+0x62a/0xe90 [ 1708.944043] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1708.949948] ? vmalloc_fault+0x740/0x740 [ 1708.954021] ? trace_hardirqs_off_caller+0x65/0x220 [ 1708.959052] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1708.963990] ? page_fault+0x8/0x30 [ 1708.967549] do_page_fault+0x71/0x57d [ 1708.971369] ? page_fault+0x8/0x30 [ 1708.974918] page_fault+0x1e/0x30 [ 1708.978382] RIP: 0033:0x459aea [ 1708.981596] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba [ 1709.000507] RSP: 002b:00007ffdf9f712b0 EFLAGS: 00010246 [ 1709.005873] RAX: 0000000000000000 RBX: 00007ffdf9f712b0 RCX: 000000000045998a [ 1709.013147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000c771a8 [ 1709.020422] RBP: 00007ffdf9f712f0 R08: 0000000000000001 R09: 0000000001f4b940 [ 1709.027696] R10: 0000000001f4bc10 R11: 0000000000000246 R12: 00000000000000ca [ 1709.034971] R13: 0000000000003b39 R14: 0000000000000000 R15: 00007ffdf9f71340 21:40:49 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x31) 21:40:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)={0x2, 0x400000000000003, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote}}, @sadb_key={0x1, 0x9}]}, 0x78}}, 0x0) 21:40:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xe00}, 0x0) 21:40:49 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xa0040000, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1709.117647] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1709.118037] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf00}, 0x0) [ 1709.248237] Task in /syz5 killed as a result of limit of /syz5 [ 1709.295034] memory: usage 304676kB, limit 307200kB, failcnt 853 [ 1709.326623] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1709.333420] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1709.343347] Memory cgroup stats for /syz5: cache:76KB rss:253076KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:253076KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1709.371351] Memory cgroup out of memory: Kill process 20591 (syz-executor.5) score 1113 or sacrifice child [ 1709.381647] Killed process 20591 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35796kB, shmem-rss:0kB 21:40:49 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) getsockopt$sock_buf(r0, 0x1, 0x22, 0x0, &(0x7f0000000bc0)) 21:40:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x1a83}, 0x0) 21:40:49 executing program 0: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580)='TIPCv2\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000380)={0x18, r0, 0xf591d3ee456bd401, 0x0, 0x0, {0x4}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) 21:40:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3f00}, 0x0) 21:40:49 executing program 4: unshare(0x2040400) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffff, 0x0) 21:40:49 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_netdev_private(r0, 0x8929, &(0x7f0000000780)="f0972e473a") 21:40:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x6000}, 0x0) 21:40:50 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x32) 21:40:50 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_netdev_private(r0, 0x891f, &(0x7f0000000780)="f0972e473a") 21:40:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x831a}, 0x0) 21:40:50 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:40:50 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xa0060000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:50 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000480)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, r2, 0x6d5dc517961f184f, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x10000}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x6c}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7f}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4c88}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x810) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x5c, r2, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3f}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xc82}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfff}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x8}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x0, 0x8, 0x101]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x80000000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x48001) 21:40:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf000}, 0x0) 21:40:50 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0xc8002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800000010005fba000000000000000000400000", @ANYRES32=0x0, @ANYBLOB="030000000000000008001b0000000000"], 0x28}}, 0x0) write$tun(r0, &(0x7f0000000180)={@void, @val, @mpls={[], @ipv4=@udp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x400, {[@timestamp={0x44, 0x4, 0x80, 0x3}]}}, {0x0, 0x0, 0x8}}}}, 0x2a) [ 1710.134712] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x30000}, 0x0) [ 1710.230633] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1710.237095] device Y­4`Ò˜ left promiscuous mode 21:40:50 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x1a0ffffffff, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1710.276967] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 21:40:50 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@random={'system.', 'overlay\x00'}, &(0x7f0000000240)=""/96, 0x60) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) creat(&(0x7f00000000c0)='./file0/file0\x00', 0x0) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2}) [ 1710.318190] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1710.369558] 8021q: adding VLAN 0 to HW filter on device @ 21:40:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x34000}, 0x0) [ 1710.443807] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1710.471498] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1710.499084] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1710.562395] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1710.623796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 21:40:50 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x33) 21:40:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x400300}, 0x0) 21:40:50 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c6f7765726469721d2e2f66696c65305c00"]) r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) bind$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = accept4$llc(0xffffffffffffffff, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000240)=0x10, 0x800) write$binfmt_misc(r2, &(0x7f0000000280)={'syz0', "6ff469efc5ca98912a4b68916a9400eaa2a5605fa18a9183f81df267b786ee825ce69b929a3ab06e574c8c0e00a4631a93cbe0d54e95bc0e862c53b0585b2095a9d6481c99363cc332b7af700b3da45d5a0ee854b19554a0ac909d4eb72f711b92a88f1ac4658a5bdebca75a8d954d8ba9fb701d63d283d67d35"}, 0x7e) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f00000000c0)={0x7, 0x7}, 0x2) 21:40:51 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:40:51 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x5, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 21:40:51 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x2a0ffffffff, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x8000a0}, 0x0) 21:40:51 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='sessionid\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getresuid(&(0x7f0000000180), &(0x7f00000001c0)=0x0, &(0x7f0000000240)) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$packet(r3, 0x0, 0x0, 0x40000000, 0x0, 0x26) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) recvfrom$netrom(r0, &(0x7f0000000400)=""/123, 0x7b, 0x161, &(0x7f0000000480)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @default]}, 0x48) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f00000003c0)=0x3, 0x4) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='fuseblk\x00', 0x1, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@default_permissions='default_permissions'}], [{@seclabel='seclabel'}, {@dont_appraise='dont_appraise'}, {@appraise_type='appraise_type=imasig'}]}}) [ 1711.062947] overlayfs: unrecognized mount option "lowerdir./file0\" or missing value 21:40:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb", 0xd4}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:40:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf0ffff}, 0x0) [ 1711.271556] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1711.306060] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1711.326507] CPU: 0 PID: 20754 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1711.334420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.343778] Call Trace: [ 1711.346379] dump_stack+0x197/0x210 [ 1711.350025] dump_header+0x15e/0xa55 [ 1711.353753] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1711.358865] ? ___ratelimit+0x60/0x595 [ 1711.362761] ? do_raw_spin_unlock+0x181/0x270 [ 1711.367270] oom_kill_process.cold+0x10/0x6ef [ 1711.371785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1711.377361] ? task_will_free_mem+0x139/0x6e0 [ 1711.381879] out_of_memory+0x362/0x1330 [ 1711.385864] ? lock_downgrade+0x880/0x880 [ 1711.390023] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1711.395133] ? oom_killer_disable+0x280/0x280 [ 1711.399641] ? find_held_lock+0x35/0x130 [ 1711.403720] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1711.408572] ? memcg_event_wake+0x230/0x230 [ 1711.412912] ? do_raw_spin_unlock+0x181/0x270 [ 1711.417434] ? _raw_spin_unlock+0x2d/0x50 [ 1711.421597] try_charge+0xec5/0x1490 [ 1711.425340] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1711.430200] ? lock_downgrade+0x880/0x880 [ 1711.434359] ? kasan_check_read+0x11/0x20 [ 1711.438526] memcg_kmem_charge_memcg+0x83/0x170 [ 1711.443208] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1711.447718] ? __isolate_free_page+0x4c0/0x4c0 [ 1711.452317] memcg_kmem_charge+0x13b/0x370 [ 1711.456568] __alloc_pages_nodemask+0x3c3/0x750 [ 1711.461254] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1711.466289] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1711.470879] ? trace_hardirqs_on+0x67/0x220 [ 1711.475229] copy_process.part.0+0x3d6/0x7a60 [ 1711.479752] ? mark_held_locks+0x100/0x100 [ 1711.484017] ? __might_fault+0x12b/0x1e0 [ 1711.488106] ? __cleanup_sighand+0x70/0x70 [ 1711.492357] ? lock_downgrade+0x880/0x880 [ 1711.496537] _do_fork+0x257/0xfd0 [ 1711.500015] ? fork_idle+0x1d0/0x1d0 [ 1711.503750] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1711.508510] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1711.513277] ? do_syscall_64+0x26/0x620 [ 1711.517259] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1711.522635] ? do_syscall_64+0x26/0x620 [ 1711.526630] __x64_sys_clone+0xbf/0x150 [ 1711.530629] do_syscall_64+0xfd/0x620 [ 1711.534446] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1711.539645] RIP: 0033:0x45b3b9 [ 1711.542844] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1711.561762] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1711.569491] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 21:40:51 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a0ffffffff, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x1000000}, 0x0) [ 1711.576763] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1711.584037] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 1711.591311] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1711.598584] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075bf2c [ 1711.633915] Task in /syz5 killed as a result of limit of /syz5 [ 1711.648159] memory: usage 307164kB, limit 307200kB, failcnt 891 [ 1711.670689] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:51 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff}) close(0xffffffffffffffff) socket$can_raw(0x1d, 0x3, 0x1) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x5, 0x1f, 0x40, 0x1, 0x3, 0x0, 0x0, 0x46, 0x40, 0x68, 0x8000, 0x786, 0x38, 0x1, 0x4, 0x2}, [{0x6474e551, 0x80, 0x3, 0x1f, 0x7ff, 0x0, 0x2, 0xcb}, {0x6, 0x1, 0x43f0, 0x3, 0x3, 0x7ff, 0x0, 0x101}], "e81bd603e1a5d153b323c04cd7f0fc0f1c8b46c69bd718b96e1062be968609f0b167d4809939c51711ac51005d462ebd74d360331ad1cc11f6606e3eb884188fdf079e", [[], [], []]}, 0x3f3) r2 = socket$inet6(0xa, 0x3, 0x9) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x5) [ 1711.699997] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1711.722960] Memory cgroup stats for /syz5: cache:76KB rss:255148KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:255332KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1711.781699] Memory cgroup out of memory: Kill process 17434 (syz-executor.5) score 1113 or sacrifice child [ 1711.798827] Killed process 17434 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1711.844885] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1711.867485] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1711.887793] CPU: 0 PID: 20753 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1711.895706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.905061] Call Trace: [ 1711.907662] dump_stack+0x197/0x210 [ 1711.911306] dump_header+0x15e/0xa55 [ 1711.915043] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1711.920157] ? ___ratelimit+0x60/0x595 [ 1711.924055] ? do_raw_spin_unlock+0x181/0x270 [ 1711.928563] oom_kill_process.cold+0x10/0x6ef [ 1711.933072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1711.938619] ? task_will_free_mem+0x139/0x6e0 [ 1711.943134] out_of_memory+0x362/0x1330 [ 1711.947126] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1711.952249] ? oom_killer_disable+0x280/0x280 [ 1711.956749] ? find_held_lock+0x35/0x130 [ 1711.960842] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1711.965699] ? memcg_event_wake+0x230/0x230 [ 1711.970036] ? do_raw_spin_unlock+0x181/0x270 [ 1711.974556] ? _raw_spin_unlock+0x2d/0x50 [ 1711.978717] try_charge+0xc6e/0x1490 [ 1711.982439] ? lock_downgrade+0x880/0x880 [ 1711.986608] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1711.991473] ? rcu_read_unlock+0x33/0x60 [ 1711.995546] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1712.000405] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1712.006486] mem_cgroup_try_charge+0x259/0x6b0 [ 1712.011088] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1712.016029] __handle_mm_fault+0x1e50/0x3f80 [ 1712.020454] ? copy_page_range+0x2030/0x2030 [ 1712.024902] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1712.029586] handle_mm_fault+0x1b5/0x690 [ 1712.033663] __do_page_fault+0x62a/0xe90 [ 1712.037746] ? vmalloc_fault+0x740/0x740 [ 1712.041820] ? trace_hardirqs_off_caller+0x65/0x220 [ 1712.046849] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1712.051797] ? page_fault+0x8/0x30 [ 1712.055353] do_page_fault+0x71/0x57d [ 1712.059163] ? page_fault+0x8/0x30 [ 1712.062713] page_fault+0x1e/0x30 [ 1712.066172] RIP: 0033:0x45dd6d [ 1712.069371] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 1712.088280] RSP: 002b:00007ffdf9f71018 EFLAGS: 00010202 [ 1712.093650] RAX: ffffffffffffffea RBX: 00007f67b8298700 RCX: 00007f67b8298700 [ 1712.100954] RDX: 00000000003d0f00 RSI: 00007f67b8297db0 RDI: 0000000000411fa0 [ 1712.108227] RBP: 00007ffdf9f71230 R08: 00007f67b82989d0 R09: 00007f67b8298700 [ 1712.115507] R10: 00007f67b8297dc0 R11: 0000000000000246 R12: 0000000000000000 [ 1712.122781] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 21:40:52 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x34) 21:40:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x2000000}, 0x0) 21:40:52 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:40:52 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x6a0ffffffff, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3000000}, 0x0) 21:40:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x4000000}, 0x0) [ 1712.604078] Task in /syz5 killed as a result of limit of /syz5 [ 1712.610130] memory: usage 304832kB, limit 307200kB, failcnt 891 [ 1712.616291] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1712.623090] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1712.629406] Memory cgroup stats for /syz5: cache:76KB rss:253064KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:253164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1712.650488] Memory cgroup out of memory: Kill process 17630 (syz-executor.5) score 1113 or sacrifice child [ 1712.660448] Killed process 17630 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1712.695038] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1712.955266] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:53 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)={[{@metacopy_on='metacopy=on', 0x5c}]}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000180)={0xf000000, 0x7fffffff, 0x5, r0, 0x0, &(0x7f0000000140)={0x9e0907, 0x4c, [], @p_u8=&(0x7f00000000c0)=0x4}}) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000002c0)={r3, 0xfd9}, 0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f00000001c0)={r3, 0x1000, "efc06030fccd6be23e80978c9c543b8ce9c1cc507ae6690c44d81d0efb5183e3e82ca143cd2801e91b265f9b7e4a935bed33af04069753605e1f28e272bf7851e255e1b8cc3d316ff231fcb0ade497d400e234b01d43b519fbbb60f7be53e57d033a7fffba09554649e358a35ee1bb0b1ffadbf96f150b2a77482b60401c8758d20cb21cfe5336c26247de1d76de6bff9a0d822fa14135208b84c47a3f0f22f89e2eb3e8fb3c7e4ac69468236aeb1d178b1fab9c6363c01a0a74a9a24d565e5d93feab78b58db4036145bcce970d6daed304a5a2e08b5b1d60a13c007adc8805a0d9041f842752692dd717b9ff4dd01cf783e1a531dd70da58025df5eed08fea0504ebb55481de8238c42f7338849831ad6b71eca8badd9e9734f63e6b699af27e84bea806fe3146b5692e1bbe3bcd08386305193e5162bc5489d3a5ffdabfa11ab4422de639fa9a725a7e6675415d1f43ca5362117cddd827750b04670f2b7ab74f4eb7b65ae1a050c2de2c21d2df30777efdea603807a8ca4dd19a2d5c15e14a4a02677ecfea58411e8d52168352e221b73a7d3e20b0a46f5ec9810a78a1756fe641d516c21478047f2b764faeba20f02cd627c0533ffdebf27db01800a083664a3d233415782fa50b304d58a9bed9a682aabdced7624965f5fbf79de73f412f9d84f1600a0dc163ca209dbd078551a398a47889957578be6c59057034fff6d7d39687fd556cf42287004bed0170c7d568c480bda29a369543d33928f767323446b42e5848cc2be08ecab6c5b189cf4804c5b1b34cd866903cea8190f62b459ac82dfd861bd9e75529e6a77f4b8a83cd6452a8dc4fdc484f7ab6f8233b164ddfa4fb502f7d5f1b59bf01a758a39c153b83a0c89d1f6726786dd0da7ea4b6c85c19c1ca13622222ce29e850e4c1b70214f94e09ffd13048776a0100118fd53538026f07ba7090a2d66b0e7666a14ca158a3965f18ccdc10336576e9c9352cbe5a6f2c9030169a89e04495dc92d40cc07d4243ad38403ff077d16b716ae00190e5589ea8110599c491431272d509e7d94eb2cd2532962a9946274560ade0ff237f56819fb508df3c0c268fc3f08d4c8b15836ff9eabe6f7669cc2a4ea14b5e04c681e17a0e71a5fc7b51126b4696a53a36d9e995b9b4662ccd1c8e44934eb72aa94d244ad905b6063ea8f5e9cf611322c97c6d5fdaf6f531e9b31fd4770e359087b919a62abbd1150c7eedee7cbc6cc3b85190a30b0c1cf64f50fd6d11f3961a99fa2ca6c6ce661c8fa6898e164badef2c6232001b751e76aca1cee72aa462d2b757273542f96ca3a3f6d176416fae19008c6480849748b717e1707686911c03f1a65a4db9fa6c2cd2129298bca965a43c575a8cc837be64d6b1dfc238a7b5570b7faac17c2298800e052382f4bdc3224820d5dcc8c1a908235ac41cea777e56c09087e4e8470e2f18719e940f6801f050567d41f3f405cb2e8ad7a8c49110b3d553a6a40e63ed1581991983f760240486703faf5170ba0bf17748b05386d7d4d8bacb499fc775c9f7eeba4c4c189f5ac34dc6aedf4e7d747297ad661ece57eaf560036bb546eb18b9eafe0cd5e8d60af94c3ad648c4f16758e0b716e5e3eea1096d80e9ecd738fc851906c31e9bc3df1f5fabdff29f34f65979281a85419147b75960b91bf55c749f92494e32b5273036090003841e41bb1d59eff4b258bc8ebdfbdc94fee3b3a2771989c91923a65887926ff76c2120e59aa2ec103d7271c2bdfe226defea5a8c8ebe02c483f0aaca515988a993ac6b10ea10053512c9f2fc25b8278f4d5863807431d02bbe3719d6fa57efa0b0c45741958f5a67ca3c265b5f7ce6ad588d7de610c4666a7cd0528ef61900dfe44e5365e7ed0a8464f9f10a5d251850b5ea354c4e03e91eb93a5f2686a5dffedfca60bbf13c4e672d4c3c1fb044ed7bb7bf8a8a9a015a9ef46b5a6d6e6559ed2924bd54e4e4389f5834ec9c8bdac64948eec06cb86a4bfead8b1e257af303399d53030518145e9911d5c56c2c44a984e5a8a5729e4e62f77b98645bc425b93aaf11274627bf66c15d6746afea50af2abe56334e3a0b486cb11f1b75df4e9fe7a11ada03f275879abcb03e4052b33835c6d23eaf8c2431025bea619d24f0ff3de30d61062e5ca62c68e6c36121788fcba2ff500e07bb8747a4c0e2f3888a39ac2796107b62e4a857bcdb3b0a7d54a4a99a1df12953272716102fe063b3ba09afe516f25498ef869f1231285e0ea0db7c017dce626a0b70ff42271c392a3202e1115ef358a61320d495389020b60e89c845edfa782d8fd15ed02e3c8c762d86e170bd8ab91472aa1f30041e30c015096850163a3feefe6730ff7c39730dca8a18ba03f9b1e3011a9e84845ff6df453ca301131cfbf3d360aab2b12f89baf2f389d3631d170a4cb581c6d2835abbc7906e819b2ae03125cb3ca933723ffb2427f8efb0be8c2ef1222e4f9fc025e35f378bbed916601df938a6367f8f5e9ffe932bd5fbc99728b43eb743ed3118f785a91b333f81019978abd8e18f16f96b227c14eae4bb6d68f6b0399f604fa0ee641e3790db388895ebadc17a6333c29cec4c10caba028ccc3f37648982f19e62d527f89a40a280129ab30a8fbcfc79b897496f296d8eb972704082c9352442f152c24f3a75df678a773edf0cae0e8b77a5ae398c9c2f8f0787f79b9af6899c095cdbde6feda39a7d7adc26f082931449c0f4eeb6a47c212cf983cb2af0879698251a3f03f04f48b5cd1fd4d8e4aae69cbf441c6d61cf0e37423a8df7eed1e0cea76eaa485eedb71965eaa9ec2040f2bf15b5b9933ff00fc56ac5247196d0fe1ac26e6fe7b01c76f679f0cfb96ec53b18e699d5dfc2df2e747b934a7bfbebbba2498379d47a6e67e68bacb94fa748f63db0c0592c5a86a9c000390840273e00491a4d3b6b1d32f578b0626158bbd62eee8d4cc0516ade2bfd1c866972b8a48676d52213e3086a8fb0fd41934eea1f168f62130b06fb47d1ddb9c61bf1521e1ef24762ec6e797c9575f9b8e443ac28accc2bfeeae54bf1414b32cffbba47b98ce01b4e49567ec582b62f9e08ca7a5a3d56130cc1f561413c8a0419ee5818e0a1b5243df66c8506e72d9df8c5f3472ab1c99b072c9ef649f65bd5a2b50c690460f52588890967dafc9e08a00bbb337a470d5488de67d217012ac4841aae0a500007c97d06d0cd7ede0d2c9ac5a0aa09ddc9a4da2972e1620078101875531965a58055899be8fbbdd301d42645fbab85a5ae95d257dcf19278b49b0c728cd30104bece1f41f4573bb7cf8c3ce33bb3673a2570133ceb29a961e79adeb20119e1b98e26190b9a67cafb2435c2bce8011643850a00f70eaca09243efb585808003169b387d464b87fde0498892a8ab074c89406f5c4cd12ae7e48c25325845924c1611eb628ec51ed3862df8f4495eee0a56782c2c1904590b92c2ed93278abc19bd137e0ba70197e254d63d0fa9ab54929839ff936763fa3e78576d1fc1fa17891c048bea41a27d5ed46e99b5ae641af57c06a45f142538f7e28495a33a0245cf84a4e933f7cb0b6d947c07ea749d411f9ac1fbb834aa4cefabd791f8c5b62741a203e4e3de19c22917ce97e4f159fe000165c471f7fcb80af5163c621d33cd8b534d1c401ab5c9a8abdd9e44f893ccc5c1197388b281e466002194b0ae790cb181fc94e0faec08a0a0dbd7699821c654faa028fbf8ce7a963e77b7803eb8d4bdb98c0883d4727c14861ef0a8052dc97641c75b91aaa1d130bde08390d2d0ea0896a48daac76a041f5f95ef878b131bc03ba45dabb4f9a449d0a3b46266010374812c9a400f226ee8bc8f0481e112aad2a81f268911a34969bf0d9d5900fcca7285e09beb02e1e090b3711051626e23c455470276d08d93bfa9063d946ff61ea6d59855edb693ebbbad11239e6eb55c832597b1aa28590d47f79995f5428d7ee3d4befef124b9b0331c48d057ec0ce1d90a3d0b1082d563b984ed714df15b5e5ff527ed4e7b5fd7b4a8fdb6481e51ae1499a7d5faa8edcdcbd36f62b9f203e3cccc8a967a5880ffc3742dbc5a515883ea7a26d7bd52dc4e0918b1f34cbdb1866bd44f2ac3e3f48c4d98139efd7bea3d7a6c4f5f605fc504f4c8212a6235d82fcd340fe69d8601dc88004a1d66cc8637242d06b8ca95f1146507fa74a188a4f5d54f61be69461bc49f6e0665704b681846f98b2c924ebbc2012cab4489026215c06ee19c6dd499a029b2479f4505084853b3f43ce8bd2dc8c51dd9a46897f4bb39d541aa913cee6019eda2fb87f35d00741f02c46ef1109e7d7d9ba54b292acf1996a4a358acc03b621e35a83fa1971f171dd45266551ff7298b8a6792510395fddd96284db2003337281ea220b10b50da6599860274b456ba393ea1f14a642132b983dbcdc6b45a6147da5ad65734237d8ec843cb25a570aa9a05258211799a25ed5e0ab5d7150566d7b096e5a6bcb187d199c121c09cfe8164d576bb30487691c7888f7915296eb0d2676623f6019ef0e6a897991e6b67ddaa95facbe0d838b920c2e7b3b79e91b441de640cc24ff8ef75785db737c0b203162686a4291f26d1d3020f0104cbd0481f1c5449b7cbd85787c972460ea6ca5d0a35d87215ef10dff8419e0452c14c285a0c602f7cb2b5f6de33ed5e8be03731bda1056289f6d281a1ba42d3905ff85b0d811c875dd3fc7739bc2db5fbf529fa6fbb8fa83b6b0aa4f7b8bf554735b0ab9a9bdcca0074c8eb45e00df8da46bfdd3d66b31216cfb22572ba863d95606f04cb5cdc0fa7a6e747ca6a2e0426d4fb52fbddd09d64d518f83c8cba6784d6d98df36a5c118ef252a463f96f8c8a3acf8a5449fd8740051ba7aebee83d819750a77f1b1d950dde5d0f389d833766e2f4422034205926dace6b7b7d23f01a1e2edc0a67ef4c2464c2b2dff87f3a8f06a7aa65352b22be49bbcd3f9f3b40abc30e4a17b523028e679a922032626ec708c0986a4a7f8922e6990d666e67f948eb2fcaa7289ca4f94d133ee6b00c34f566275323cfaee8d3718805589c9c337a4f7fa538221250cba13dcc0dcd4c918f52602506520b1ee973936a58d52a024f9b1fdc420f0094b184bfbd9834a17d820ffacd843f0473bfbbae9d2cf07249e63b60ac8039eda7701744d2273729784d34deed9f70a7053976c07eeb6dc3dac462361987a31c713583ec35cc8ff30f877cff65175afcae1524f0303b8b46228cbe71f7a8f769af9291e0814035c05cf1d7518ae5200c67f92e111793146b49ecc1443b1c7a0b778e49585c33be4948958ac8c9e12fe901c5be8ab011e9ae564f946c7f5bfb1ad2de70d08c6701c1fbddaa4572208d70534b04f8621ab0ac789835b992ffd16d758ac0d780b6fe078665afc8d960a2f47c7c31073400cd63c3d3871b693287db7138cc61fd7db554d4f32d5296ccbfc63b70f17311cf1ccf515c609b80425b9cc2eac1ca1b34cb1c38a819f92a121b821683c164b7ff3738f33ecf3855dae46e802674b28dd1194ffd291e6d1d4e859c769e4299e68c6a0bb9d8468feb6fbbf705d936edf93a1823bed0ee5da6d4174c58dd3f28e4ee8be43a4537279a01f325fd23dd0f3610488321684c9baf5d5c097f7f45b6523cc77356bc60db1de6c230b30ee175db82c118911de7143f18ec186f4da74194e8ee26cd1e6f17bc343e4178f41863eda9817639901e1fc1c858825ad7fa177f4a4f3e42932d52c58d3d237e32a91431ff9de8135b8c77d9c7202a944f582c52fe"}, &(0x7f0000001200)=0x1008) 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x5000000}, 0x0) 21:40:53 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x7ffffffff000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:53 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000000000000609eef7b0003000000000000000000000000000000000000ff02000000000000000001020090780000000060fc1cc7000000000000000000008000e1fffffffffffffffe83000000000000ac0000000000000000"], 0x64) 21:40:53 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x35) 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x6000000}, 0x0) 21:40:53 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xf0ffffff7f0000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:53 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f43696c65305c00414fee18e13fe4e62d800701c9a30a7a30"]) [ 1713.264809] overlayfs: unrecognized mount option "metacopy=on\" or missing value 21:40:53 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x8000000}, 0x0) 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x9000000}, 0x0) 21:40:53 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000002580)) syz_mount_image$ocfs2(&(0x7f0000000180)='ocfs2\x00', &(0x7f00000001c0)='./file0\x00', 0xffff, 0x7, &(0x7f0000002480)=[{&(0x7f0000000240)="0b2a6e4dca4ca9c4a53f60d56718db0ea6b3d9fb9b0b386b963e7bdae1786ca146cf641b7259f0cba0b6d5abfddd9cfdc1188f08674a4005abd90567e4b9d27b3c2782916a5cc8f91be84a037997c417de8a653fc18a9a4e7b8e8ec86a2acf5f6048459bddf454019be3355e4df33adc0d24dcfdad491dd42f1631ec579ce4489e79f0a303f70216c8b8310815ebb77c57b50bac2f1ae5b838e59aa51dac43c0a7456ae7d4d49fc79454d398b9dda7b46011472184ac6d5d6d022a51b4d76bf0f6d0dbd6568736f98c7cb830880a8b8000a15fb4d3aadd7498f7bc420d599b6d9e44f0aa23cc13aff8d637376f808003852f91222a13ecb14443472c3cac6bcc0017cbce3fb575cf55e300fa060e52acf7c17e4241f79f409065069b45598cedddc3832a57fba6b8adf1db3ec4a24388d611eb9dc38c521addbb38eb2fbf4153fcf9518347368396df9047858d596b5f4c567680bb88c9e547a085c1a1bc30aaa449951f17071a86bd378693a1a117c99a796b036ccb51fbd6b22f8d3c8c1b1ecb99091643e471b7d5233c2e0f34ac1b59e7fd110c4f92b17324c2b1885ba20ab91e28616890f6029ffb164eb3fe221e43685efc05bce8dfe0816c42e5601f3c9d4e37143ff4c42991ab43a245cc3a58997747146775a7f7c2e5ff130783210acb50e0a14701fca301d51a3b74b76dcc6c3b2c0305b043ec761801cb87c8acd3015e1eb3c7be9fbef294325f0d7b9052f9801ebe98b9e7f66db48c9ab4f9a7f34ab0b87ddb426f098c7f275b3e50dc20310f4f198474f3ac836fd69ae74872741272d64fc19b70f36d8c7ab34fc6be8bbb08657fddae59deba685e89773cd37789baa340cc654d6f25a776edda7dcad75e7d44302b5073b0c53811670c0e425e98ff94de5d5c97f2b1ab5e2d6bd88add375aa2706184e91c91da8a20e7e2b0e942dc78676dd548ae9abe283b494c7381941e5ee9eb03de71902dc38078825e826788043bf159bd84c215e0b9351f3d2d61794be45e5dc8f340c3989a3f2a15d9d28a1b4a0b698b6fb0f4ee15ffbeff78bfd6fc0fbc2dba35899c7a38e8b8771512d72300d8a578d84049b0baa92f7d0ce44880a35f341b0dc11ce5e636786c8623d5577545ceb3747326e415a43f7aa895a9658c28b9b7070049c234b5dabd7a6422ba73e59723eb83baa7451a684bf8a4a4950163ad4cb537b4b9b760bb93bfa286d6a435537eafc1bb626498c9e8cb3807fde4376ca5ddd52c43bc46666ba89be1a79c2cd20921a2a076d60a4f97186f849c586ab07674ade9978decac2b86d688ddeaa6e41ac9add86018795341fc3fb85c34f037bb904f1f80c9f779f717ca2a3e75f0068a9ba917c16521904cf9fcd38b700743549437f2a31c46513d08c66a908fc9cf159e177cf1a8cfeb456fc0cf9b28999e1bff9372a67671a1c8b897e737649fb32f59309fea2e360ad6ba7d70d428bcc0845859ac8c961bc96c1a5a1c5dbf97235eadb805bf2bb271d105fe6ae9beeaedc6765a7339eb98c54a45f8754bad8e255cb9dd1b8437eb22a72ab69125bf2429849a0484862e0dc73b4d56c3575cbf036c3e4a6913c633f00d8c3fc1446f5e1c4aec634e55165e3fbd337bf085d827a775325dfc88820d22869cb8ebfb2c10207e8c91783b5e1e7cc3a98b46d35ef3dba3e301289de754ab38e68e3b07bb99ffc2d5310b62d7544dcacab7e3f929993da7e138c50c5a47c25055940f5b69c564b64fd4ba7ecd7364eee4f891b1e9cc9e35063f95200ff4d02e756269daf113b3eba679a19dd98a7fd4874b393609fde24db5bdbbaeefc2e4235dd7f5d123687d24c087f32062b1958d3e4382acc5827a45476e3966c2b558f6cd94a601bb1d60179e7051a0fe55c84aa39019b4f528765c776a488838aa983e091bf48407da485ae55557536cef6337b902d992fd649c01c4e3b53f2f5e8ad32095d766b691db102d5b304f4a3e9f77316196368a3e1291be124764fa56d8e752dce07dad91dfae767b20313d5dca9debbe725fe1c3340b014638bd56c66a74684d2147370b3f91da98badffda2e76ada6d65e03c0f17af8490936ffaa13d1803d2b4c831953f1b7c0d7b8253c1b26bec373cab873bcf8558f04b91881d0b7d5e6995ea1c994313e2f0d7230cbb205705fd405481d52d7c997fd9ba172ccb7c1440a86d2741b9739cd53e85a568b9fced87166bc129f319cdd7485942f2fd8e8911cef2b308d70e7d3a1255ac13f360bd372436ca8a32fe2e1b62f96fe99a370a722b424e944475f0e911bffada7251d6f1535924ba09a18a843f858a76c61eb52ad6024fbee9f55b716f4b5af8caa52e3cf296fed9ef88c9321a5b02bc10a5769b4b5520770488eb314c33fcbfa11de0c7278d0bd2ed988b9200571d6004f5537ce432830b48ce1086cd67cb1e02b7cb2ba47d073a777edb44ab8112eeb074a99bb1d43f59590412d2e6aace3a5e7093f4578df0d80a71797995fe8f75474f24d73268bca7ba5b16d12ca9af04e1b409a43cf3def73d27150a8dbe77b8f306e64005fced819803ada4e2b10e64f79633f839d10765e89aab62e298cd68b90f90fde27f3126e043ee885516cca6e1e2871bc3b8bf523ddd4e135a21497d4268c3261216497e76d878d0b93b83efbe228344a9354031e1f933ab970081defecf29ccc276c2a1dfca287ea5a2362004046237d79b84c904306394d73100b3ef973ad53daeb45ef08ef91ad218b0ca06b3358f50407e97d37cf334ba85dd95feaa39d44b2f67532dd3ede3e66c478198bdf72d0fe1961f0d0cb2c5c6fdc556f2234da2915b0fe24aa5d90c93f6bfb166e1d640d23b1251ea17175936e001a622b04d7471051fd08681ed99aad25b5a13330e9636142cf1b3bca24f8f8370197949022aec74ff1e8818bfd0e98b615f22ce734b21420b05301c934114dd524c7dfa68e8c16a67478065a727e435597fd4a646cda969bb00ac38333919de34d7243f4b1d05df51026520cd253667dd69d44765037b93ec77fa0f57518ad0684f6cd2622cb1d176f9a47ecf71313d693bdaec573f3784a0b5bbada271d7e79534af8d16312a8aa45bd8816a76ea8445f413accf5e0b0838e65d1faa5b1442024b02112660d29fd4c20cc36504f3b46050e7d49c8d2e6fea71f5b7572d6971e30da04de8cd2f5ea08014687e211021f68ffc205f40398f34ff6a14d7f46895b2cf56dc7d2195f3b317d9d549648d33a0a2c4027775027cd70c681213edf0c7325f4f66aff2c9b91f74bfc3426fb65aa172d14574a7a8f4ae779c645c6b51fb7a12d3cc6a2520609b650942ef79ebe217b0bd11eebf76b24372b8fade3d2573aaa1cff87d79356611755bc20960e2c9e3158c2de48811e3d68e297a2a5be4ae1fd070ba886bff6814857aa8b43903993560e59fcb9cfeb9365e934fe0b10afea6234b6be939bf69ab80f8a936f888a48e761636a9d9e9e9dde2392694c5973401885cd6d3e1755486aebed5ef63979731c06d8655d09612d0b6bb406ffd0475925e2010a05f03f011c93c1d35fccf9f91e8120285bf69b328a4b078fd555311d4e52736f59deeedee258d642eaa0c1960b9838b6ccd62138a8793cd0a03e96ac99e4dfed7c3a56acf05e056f6f95a3749ca1d4693bfd45fd92c817189086c7bb193961ee80602b7d6f91c7670ef6111ace1f3a90c3c6133b1867d209c265aec893a610a855fc49582caf3a693881081cebdd4dd8fb48d6257c431fe1299e353e25c5e8f57d1fc10015fa7e84a13e7460d429fe406aaad0b6d44a10ee9c91655e5b25a4e888c076500b7c43b76c5e6647e7bc9923892a37a6957b92ce24fd6bc7cb2b56154afb93aec4202074ccb2c749ed5d0c2da4e7561cc81be1627793300e79d93d0b207a10c0b74348ab1a13a6eb16d4b7750d8e4a4a5cd77de8f0de464d441752833b04a0e0f00261beee8d99905e792f69501a626d34b4437bf42ec0f6463caaaec3e6c37d5964bf9d1fdb74abab073e98b05338fdbc4bc37835f6a3e45e9180614c21d74e0ed95ff939929630aadb3f55e219637b6410df46ad98514e002bd71cba22f144a8b5cc684295afa8e4e3dd88087dc9ca2eadc0794845043e11d2484cf586dadd61788746dc8f484c5b4a2d33700c5aa889ec303539c0f6158e10e090a260a497077879187d4ac2e06a2c3490dfe3e4ad8b9b1a2789c3991054d74460b6ef9b4f0c51ac38cc519b9d208e09aea65928fc916bd2c6231794c450f90582ddab789e64629724f2a136860cc3d5e6db1c0d76b9ec4143cbca0e191fcd834b110418f249d76add618b173daea771f021c9927f04826bbe0851cdb2161be65d80a552dd59221339b57da1ed0d2e9207a82513ced91d6bbf6d6724aa9dac114498ff6445918e2f23452fffc2657eb9ec57e76451990659255e7abfe4831e3a9934c0f845d43a53c9e77f2e6cd648e2a3e2db5b99bde5866c96e932399db4c149b25f2aba18240d200efbc9a0eff64b843a3b846d95888117cda43a5175bd28ada39b79ba4a41434f3b5adbc424c8b1b466b59bccfed9723b7e1c1356967ad49a9d294c014cb60442b891e074fda2a03fa99d0507921c32c5c6f18fc163198386be67694ef70fe07404977878ee5f49602dbe624ce8855133b667ff81bbb1bc6eb7416c18f2fda3bd922201e5c5a8e11c7548aabe6ddca59fdacd52d26904ccccebb578669f24f73860dfabab1f12499b44e6c22ae93a848adcf57c1bc64a39c271b8e5cb1211c885c314424b8f45211ed2d339c11d1f672ff19b6d33d9c801f4e0f8c854640ac547a2f81b0e6da2879aa3a73e3d0a17b657f8a865749980e7a68ab648b50e7d82a6381b94ed30dc5d71aceb5ce705ebac3316b2e01832605787a611899346f571caba63d4e53cb5130ac70716ddcb1987e0d78c98ebf00bd56bd7680a4472bb31c4c11dc4f83a63f2ed0856f36aaf1d3f4c87ccc0024735ffa5c6847a767019631f450f4deb0b804cf383091fe32b27452a34fabd0689ceffebc0d24569c551adce7e795869bde0528c529bfef7a40d152d812b3266cd0a19a7fc0097b7000a0561e1766a736062a3631614a209c261eb2a4ff5940ca414a51746cd85369d705f873c137b88ef9c3114de8f3f9fb76365845fc13d520912803212fbc573a887ecd8ab08c91bdb5bc823be8367ccd6cfb8dda970aa312a440018300674875f2d517bc59a9572a33b889fdb9e8511c27a2cf00d6cc622994220e6711130ee65250ee16316854596fc5caf7f0a632299a01ac0456a486803775e57dbbf5ceb181ee37f5005f97f24d2afc8472301c82a0917d8be035752bd0bbdb53c33111b8ebc4d4e38416daff882ca39e15af21fff013120c38f60c3a8242de09f0cc35a347e76708500ced1df4b8356a16c9f3443379d2bea91dfeed4927aefb59ead4bada85fddcf719030197d49b334f11829d342cfdc637137cd8ce3f951ca7f539919b2e5ffb1b86e825bed84d2c5a91a6dbbeeb415ff3ba5373a9c0ae8564a98229d5b2107b651b702fafa2f057acdaa33504e27c7a60deb2210a818a3d936ea06e1de0819ad451bc94363ef54fef2315db1e3a83e6131b65bbcdcfdfa48b169a7339b0fe0144fa85567ba60f3c9aad25dfddc55008cd04a5f1d98e13da8376ec73d6ee7cdb85078a61a8b0201ff09fc5702de66dc27c57a82f01c893a7e9fd80035bcaf5ff442f0882f1a8d5aa0991a16f73aff63f11869a010501a604b7aee390570dbeb94a8749d88cb3ee4f", 0x1000, 0x1}, {&(0x7f0000001240)="e0d2dfcbeeda4b75abeaba111ff850c6e49bf9a0a52c77f8346b9095c58ecf4e7aa8f73e77609231047bf678833366214dbb15c334dd9e77c6aea628ec05eed2afa7ecef8514bc945b51b12dfcf69bd228f579553178d286d8455324c3fb288a232e8c8840d04922b060284aa3d65a0093e00714b94c40b3eb88b30ac78dcf8481f4151cfddf88b26127428cede017ae441ecbaa5f7ede1dc79885114c2eda6521a9a603167f7fc83ef9f2e7ad5eaa5000945ec25bad5bcafb110044596e63c813e628192fa2a934df703815b74544a3c66bd381dce88ac54c8f3b1aa8a52acbcccba6589da5ff0fe6bd1777f4c061c527a866df09", 0xf5, 0xc50}, {&(0x7f0000001340)="11155dd0", 0xfffffffffffffcf1, 0xff}, {&(0x7f0000001380)="2ad573baf53f69d11918d7cfe7dc06", 0xf, 0x5}, {&(0x7f00000013c0)="fcfaffffffcb3b657c47b383", 0xc, 0x10000}, {&(0x7f0000001400)="4677bca76792e4496fd46df623bb9509e43d4a26aa2444f56075c85a7c45f3669f5827cedfc2190eff48f804813c328e1f156c7d72c1e3c57fd0d32138a75de0e3f8e15d5be1c245a5f6edcba008dd", 0x4f, 0x8001}, {&(0x7f0000001480)="4ad82176a1fe713f531f2d6482711baee7c2b90c5b178449cab96fd775189c28eb8fdb25b0de4780ccdd38995d69b26e613aeffe9d65a2bd506d97f923449c1333f2c92bb7e2d08e4facc72f506329ae5358a32b0fc750fdd444b43ca993e3f754b9106a922b4e58b998daaa7c0e985dae6c0ddf961de832b1316e9120490ab93c114335364de899d2e1ab7fb9e55c0a987ca67520d62293151935b2d44c07ebbc2f7fa1c4592b85fcc94a08e8f5972c4d7655ffbde28da0dbf9650b21c53bcb8535c94dc8028783e42fb2f611653664edb13badf575e6989317515c397058de9cce9772ad787ba9efb14671f8683a66f8e6f221dc4d6a91bd8170a80b010aaf4b93c89c738cf7624f966a8806be1fca15e5ab4a6b1a54a2b826a505aad595dea90f4ddc3be89fc51a13db20379d6340fe46906f06b7f300cc0c902322117479fc31be71f3b281a09dd820f92066d089f44ba10e49828c300d2ec98fc7d6743a58e44e9f3f28e2677c530df3359c7b9156ff0910fef0eda9051562d5bb7c52f2cb123521c6bf3617d45b658f18595ec2ff81b40aa10acfc4815da6f80ef4ff05afc2477241c72fc03815281c70ecc3fbac1ef4a64a2b39354cccc2e2b3d2ce15be51876b5d8eea0eee4d2a0f506ad466a1f9f0bf8c32d4a09bbbff9ad217a2e814638de2c6069a57f89be20cc1b5bad868fe816a03306f424cf3e28e24945fa3fd3e594d64a49db0097928d83bf04b7a83b88aec580896dc9f99bd15ad4bb4803fdd40278f5f81f4fbdff485c8c3e49427a213ce196d76beda87914de21a63e311d267c8166397d6f8ae6aeb05e4561a6fe9fd5f79d0ed5b76ca8d2deced851b6216c1420cbac2e04f3a924b00e2855cfc11f1a9b6c472ad20eb2a830cd1c466213224b9ef4570b9863daebf3f6debb32cbb10d286687c87856c5489d4b46c92b5c8ad6bec72981e70498cf75b38a2535d53ed573992c40305ed51d2b054e418b5bc8887d29883f2cd26763ef04c2f7d82cc311e8845c09b405dde4a595a241177e42f270d75cba781463ab8802f213a65bbd9aeb8e99ab0712e4eb759c9a17608e8a046c32fb56b0b96fbca83bcc1ad1a533e162ff24579aa6f854a9d76bbd1af4d0552eedf8b7a0c5290ce7ae3afa2327b8a359d76f8140b4d3b2ef620a28163be15c1479516657021f889b61c815bc903f3441681f55557685676ed0f94a1ae388670ec71323df2e05394ec0cb89a010d602d5d615d7a06f5403c2195c12e6b49ee2d9255898cc0fc0c62206f12c2acb2a12b71e3453dc61761d0d1b4e7e8e5eb2c03850709195fa66574f0a43e61dd56d6f6ee78a2a54c3ad853ced073fa38acf22d801cf9405712e1866e2be53b18bfcd8777bf4189072ffc32bb423efb8fb7edf8ddbf5d94f6a6edf7a3b81d23932cefd031dc394d04283e49ac8034d1fcad2d1a75e7a9d3c5994bbfa41dc54d94fd8eeb71fc640137ce78af9c52d17ffea2bf9ba5190133c6d47fd5b572dd5dca9f0d9285c27f26360bed62e61dccc405c05e513b37cef1b0ee59fde3b0f90b80e52819f1b7d7625852af1d1e16c07f9a225158e9b432fece80419266388917593824de78824dd2d7aff601dfa08df7784135f08dde555959fb7b0900062ae8d17f18089b08146413524aee7d83532394147bb88e09b93eeb310367b527ce57d1e24aa6d373637fe4edd4516275c0a0779f98e3b1b158f2e0df85d936532c700c2956a9f2f2c91a2c8295ed583292066d3d78bdcce879c8c7b6ef3ca0a6f56ab7a08973615a46e3004a30c1ab104ad2ec4098db43c9fba99690209a824fd39224ea0467ac39ebafc0176bfc1388357a0a1d846183f4ee3128ae0c68fbcccf534b30c148e165b54191a51fd830d9845442f9c61a075069016d71c46d910757317fdf6e173ad5e73f20ffa6b3c6852602f3212bec48a723e3f9541d33d9dfc3dad3d939804a2e2ddc6d54cade08220a39655f8b13bd04fd5924677e71e48f42bf730376d26785f360a69529712aa2878ea7e640609db16e85860cdb000affdf1c2788589139835e11a742a7f07749c97c8f5853371706b055603881c05e1a10c1add8ccf6440f2b5fe7211ca76ef78198bafb57e8ff7c7e8a1638e5b65d6af43eb80f68eaa0122640df2987c0f0878fdb55e4a30f7b6a74a68a66be2066e9712829c3378754e56f48e36fe4ee6bf54a0b3e17188483a57a43c1a19ed928f8c34e39d7a4fc21c57ef66124e0c8aa39c85f0a38289f083ffaabe87e9cc3904dfd188131caf7f7419e6d29acbb70edc5d954deadf9e3ffe4a8add96cbe4ad08cd2bbff820c9ce8aca95bb17103b986ab5ec27d9375df9a4c61f4b1ec297f51e680d4d872f210d53d2a336511c9648eb053487fd154b2093577a44f00930d2224ad0873d00032177514c7d83629f917cb7f7a3f78e041456b822d91e8d40d29006123b5b336cbb964d8870556396161eb128802e3c95ad59a68855a632b1dae99e05317d204f2f114e092dc6126623ab08e895233c7f6f359501271e2903ce8bede61bda08a7782dee958935fb82096268ae9c7c1a7e838acd7502769481a419766563594c00a764dc0a6c5578ff60bbaff308bb29471e59b8d45ac5161816fa0a480ff94ac89f94e23fbf6183f48d4db20e958190d0dc1f2ea34fe49473dc0c058fd3fe315a51dea9369c44468d2d20606dcd984e38f91d7ddd209bedafe8656fea9f23edb56454f8df399d0c55a59d63bc2ce9f8dfa613f3e98a4297e5b6ce5e2d327eee88f87f07598a3f5b359924926a1299ebc48da3a580e1bf56a02d9daa6525379f82b6f7348ef815cc7dd303339c68240c6f3cfb6bdfdef83c81df0a3aa858b79b530e0c8fa0e1a84d555c03627883a5732a1a45f99679eb862316219cdb511abc5017a516bf75419d30786b23b6eb910d7a17d33344a90151f163ba7e838c294b8ebf7630cbf724411b712c32f20528c7cbf86f5d7d7dfaa0eec6100f8b840f49d34830cdb6d6e33115109fe7bfa65a3a427f46df5ad62b539a632460349ad8fa161f2303acea4e238b2330acc96145768984b972d550b621e90cb955440b47e8104540fcd3ff6ea8684384eb509e21bdde3963ffb7571369455a756eebcf49896843bffad6844609a6c21453ac18021d1e774309e4e04613f84e664052623353ba5f483950a7f1faff1ad379c23e5c8589377d167f9dcabdb18c3b008123975509c30faea220fb9e856ce43eb2a56e02bbe66576c4a0fad91f77a6e3e9b593a8a4916b827719ec7b279fde1940c2ef1ec0b6dfc7ffce02926fd08e8d5f021efdc910655bb3aa0c97680014d2feb1b8bee8d8560e867229d61bf50f31647f2567f6ed36788b338060d489cf08a4bec07ea908ed41e4d50fe70fa10e75f399aef1a2606dec6890c1ad6d0cdbc2fca0b5478d90eca816238ecfd794a9a60022ad561dfe60c3ef3ad9a592a4acac6e0f348ef669fe2547a90586bf525dccfb59e8ea5d632b93bf28eb17e6830c84046d601a657762634abb28b9e5a2c794279a495c6eed2079a62926c33128bec41deaa06c4cd7dd2559ec8591d3547ace18f62c11f9de304c400caa10534effe73d6b1c66fb1dc6f928f4c8e14543cb11712183f6fb3afdbef0f3fc2072340a00f6739168264846fc6426709ca8b53a334e786271c5c7eb5eb0058a707573042ae5831e8e3ac48c353aabd68e76624acd2bb64d0bcce56806e03ebf7f322f6787b509f25f723ce6dcf266b9a386f6269a69bf6b10964e2f9cc73662305f7ac4b56184a7291985a3a28569e2c311177b5f4f15ec340703c1a89f3a749a3103c7abab38fa795e8d4bde31d9dbb86bb2a438306d4907d73727b4fc3aea1a974f3a1d6345842b6994427679da7c757b0ae3311eed677639988b1f4d88eea3dd264f91057d00c2e1286ff5da5c5b1fcfea8df2df55c2c0b19dc4a114c894ede5684fcb6c4aa3fa4b6ddde7a36365ff6ad8bddbb676f484aaab189d7d7efe6fa369976729733ea27e4e44d29f3717f47ed8845c6329c74bb77e81979466116fa78c3efc619b0dfba932ee5afc7ab34c0cb073954e8cd828514a732e66263a5bfb6aa0fd6299c908f2226c3cb7eb17cef6d903413d58a296f0edcf5df6dee1e133551f676d48de3bc766161f6ac9c8d200edf813c7807270397ed1574c92014ad335ea7a0107d4d51c6d02581ac900909f40353c1ad090e15684f5c711c23ab0423abb48e6f0ebf210c4891c89fc11f9cb95c52db71247369bc780ab074b87d97256ddefe1d424f50716309132cc48c63886cc5fb3b2d32eb141fc4f20a3f1fdb47c96ec0213e4c93abfb31c5a1a4f544043253b254525016d77019d009e7b5c72775cb24916915a0c1d0e53589638d4027b0dcef172dfad9f9eb7eb0bc60a591d2daca2471396141394a3db842a07f4c4125a47f28dbd07d9d98f3e67a69b169afca7a0f06ae3c34618339c132f078fafb67c122ef680c443ffd15d20b41b99f300e9f9b4deb0d8ef37ea3384677b9a967d885defdfbaa403b2c4c624f54a4e451508eda6e60ebd34b5b41bf3232087ad1df306305e0391ba7473f296da4832bff6d7fa360d20131e4d61e83ddb65c1b668d515085201724040614042ec3c7164905b26a25e3b50bc3f7a0614fa1e98e0fda62d05ce183bf8d8cedfcba76679ca00226788ae2c21ac0d202e290c6c6da068a4c7595b2bcbf06264bf473434e6937a509870a9708ea5bffd7b778d13f66765a87b9fb09ccaf2872c5bdc474a15fa520c034c0235c0d5ff94923766e5da439b208bf819d447a1e845c8a42917fd6d03edc6829687f865a7c13291dd95f5ef48c85e27f4ef9e7e5eb5b11b119eaae9471da5956d98ff0288d2709448a88a72876d5d238c2a784760df7ea9a5c71326c579f9f8fdcb63e6e20db140d84146feb8ba476a7f0e6ff7a7e42a323d8f1be24e1b659ff956f5b416a12bddbe993f1bb3380542e8a420f0ed9b58c71fbca916c5d0326dd69dd8e8565fdc1a0bbe4d5f6cb422b724de74df8d86c6982634f1cecb67b724da9324a8fb30e998dc4805ca0f3c3d38299f82b691d431f063bcae986bb19bb8354d3c80797eeeab692e007c68a817bab7d00c56265b04c6ff56965d35558a4fc4a5a3d123286f28150d729cc6b1cfb61f20f712d24eb54639549a46da8722afecd30f0765049fd2f37d5830924f030bb7a7e56f6744d1d11d2a186d3bfb1174b95eebbb7ca20e5743f59125f7061f18651b289dca63de469e91c5a82f29a460c9a04e0cfb3c6398a19a8b35711d6c87a605954d76106567dbeedc33a669bab25e4254783b43f75939bd3ec26e603a5c20bd9af59573d1dfe9489c4ff5bcfce403b18368db111fb032ba43269f23c012287a918bad2c74c15459f362584a5b18c5e2133a93a989f9b8ade20fc1d19815286c5da91cedd7b3e11ef7fc91f9624a683cadc0188a020d662563176d80b9fdc9b78d7ce1c9b1cae7da9290d79f5a65f6188c3bd02c7ffee598478403525b5857f09e8caff2f4168e9ed782bf2e3a7de240dd0432f067c1a2970502fba1d08dcba8c3616c144bc417da10d2912abfbc7c464d955ce2bc5ee513818e15b79ac211744172e7d88e559159fff321fa52115e35e118225cab452c68d560d8bb21be4511422642b3e08ca0aef79f2337a0030fae6b4d0ea8a242fdd1ce150bf481afa1fcb0a32dfc6f18e7e4a675e003f597f52fb023c806082a8863cb13ad42e0890e7c08e43859bab58755d11890992ccdd", 0x1000, 0x2}], 0x800000, &(0x7f0000002540)='ppp1$$.(vboxnet0\x00') clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000025c0)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f26ec4df5f9193df36d5286887166696c65305400"]) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) getsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f00000000c0), &(0x7f0000000140)=0x4) [ 1713.535999] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa000000}, 0x0) 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xb000000}, 0x0) [ 1713.840489] syz-executor.5 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=1000 21:40:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xe000000}, 0x0) [ 1713.915813] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1713.941526] CPU: 1 PID: 20835 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1713.949445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1713.958805] Call Trace: [ 1713.961412] dump_stack+0x197/0x210 [ 1713.965067] dump_header+0x15e/0xa55 [ 1713.968805] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 1713.973923] ? ___ratelimit+0x60/0x595 [ 1713.977829] ? do_raw_spin_unlock+0x181/0x270 [ 1713.982346] oom_kill_process.cold+0x10/0x6ef [ 1713.986866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1713.992430] ? task_will_free_mem+0x139/0x6e0 [ 1713.996954] out_of_memory+0x362/0x1330 [ 1714.000950] ? lock_downgrade+0x880/0x880 [ 1714.005112] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1714.010226] ? oom_killer_disable+0x280/0x280 [ 1714.014738] ? find_held_lock+0x35/0x130 [ 1714.018825] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1714.023678] ? memcg_event_wake+0x230/0x230 [ 1714.028025] ? do_raw_spin_unlock+0x181/0x270 [ 1714.032533] ? _raw_spin_unlock+0x2d/0x50 [ 1714.036701] try_charge+0xec5/0x1490 [ 1714.040440] ? lock_downgrade+0x880/0x880 [ 1714.044616] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1714.049473] ? rcu_read_unlock+0x33/0x60 [ 1714.053550] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1714.058415] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1714.064492] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1714.069523] ? __vm_enough_memory+0x324/0x5a0 [ 1714.074047] mem_cgroup_try_charge+0x259/0x6b0 [ 1714.078656] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1714.083603] shmem_getpage_gfp+0x69a/0x3930 [ 1714.087956] ? shmem_writepage+0xf60/0xf60 [ 1714.092199] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1714.097745] ? balance_dirty_pages_ratelimited+0x168/0x1ee0 [ 1714.103466] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1714.109019] ? iov_iter_fault_in_readable+0x22c/0x450 [ 1714.114225] shmem_write_begin+0x10b/0x1e0 [ 1714.118482] generic_perform_write+0x22a/0x520 [ 1714.123088] ? page_endio+0x780/0x780 [ 1714.126900] ? current_time+0x140/0x140 [ 1714.130890] ? lock_acquire+0x16f/0x3f0 [ 1714.134875] __generic_file_write_iter+0x25e/0x630 [ 1714.139821] generic_file_write_iter+0x383/0x72f [ 1714.144600] __vfs_write+0x587/0x810 [ 1714.148327] ? kernel_read+0x120/0x120 [ 1714.152243] ? rcu_read_lock_sched_held+0x110/0x130 [ 1714.157286] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1714.162062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1714.167619] ? __sb_start_write+0x1a9/0x360 [ 1714.171958] vfs_write+0x20c/0x560 [ 1714.175531] ksys_pwrite64+0x183/0x1c0 [ 1714.179435] ? __ia32_sys_pread64+0xf0/0xf0 [ 1714.183778] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1714.188545] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1714.193305] ? do_syscall_64+0x26/0x620 [ 1714.197292] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1714.202675] ? do_syscall_64+0x26/0x620 [ 1714.206681] __x64_sys_pwrite64+0x97/0xf0 [ 1714.210846] do_syscall_64+0xfd/0x620 [ 1714.214663] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1714.219859] RIP: 0033:0x4151b7 [ 1714.223060] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1714.241969] RSP: 002b:00007f67b82b8a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1714.249687] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 00000000004151b7 [ 1714.256990] RDX: 0000000008100000 RSI: 0000000020001340 RDI: 0000000000000004 [ 1714.264266] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 0000000000000000 [ 1714.271541] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000ffffffff [ 1714.278815] R13: 0000000000000bb1 R14: 00000000004cc8e6 R15: 000000000075bf2c [ 1714.497720] Task in /syz5 killed as a result of limit of /syz5 [ 1714.507446] memory: usage 307200kB, limit 307200kB, failcnt 926 [ 1714.526808] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1714.538347] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:54 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:40:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf000000}, 0x0) 21:40:54 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x100000000000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:54 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x36) 21:40:54 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) [ 1714.544785] Memory cgroup stats for /syz5: cache:472KB rss:255236KB rss_huge:237568KB shmem:396KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:556KB active_anon:255216KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1714.566467] Memory cgroup out of memory: Kill process 17646 (syz-executor.5) score 1113 or sacrifice child [ 1714.577354] Killed process 17646 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB 21:40:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x10000000}, 0x0) [ 1714.693182] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1714.729009] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1714.743679] CPU: 0 PID: 20832 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1714.751584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1714.760935] Call Trace: [ 1714.763552] dump_stack+0x197/0x210 [ 1714.767193] dump_header+0x15e/0xa55 [ 1714.770923] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1714.776042] ? ___ratelimit+0x60/0x595 [ 1714.779934] ? do_raw_spin_unlock+0x181/0x270 [ 1714.784443] oom_kill_process.cold+0x10/0x6ef [ 1714.788950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1714.794491] ? task_will_free_mem+0x139/0x6e0 [ 1714.799003] out_of_memory+0x362/0x1330 [ 1714.802991] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1714.808106] ? oom_killer_disable+0x280/0x280 [ 1714.812609] ? find_held_lock+0x35/0x130 [ 1714.816695] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1714.821552] ? memcg_event_wake+0x230/0x230 [ 1714.825892] ? do_raw_spin_unlock+0x181/0x270 [ 1714.830398] ? _raw_spin_unlock+0x2d/0x50 [ 1714.834558] try_charge+0xc6e/0x1490 [ 1714.838279] ? lock_downgrade+0x880/0x880 [ 1714.842443] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1714.847291] ? rcu_read_unlock+0x33/0x60 [ 1714.851364] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1714.856224] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1714.862302] mem_cgroup_try_charge+0x259/0x6b0 [ 1714.866897] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1714.871850] __handle_mm_fault+0x1e50/0x3f80 [ 1714.876274] ? copy_page_range+0x2030/0x2030 [ 1714.880722] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1714.885403] handle_mm_fault+0x1b5/0x690 [ 1714.889495] __do_page_fault+0x62a/0xe90 [ 1714.893576] ? vmalloc_fault+0x740/0x740 [ 1714.897646] ? trace_hardirqs_off_caller+0x65/0x220 [ 1714.902672] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1714.907608] ? page_fault+0x8/0x30 [ 1714.911163] do_page_fault+0x71/0x57d [ 1714.914981] ? page_fault+0x8/0x30 [ 1714.918529] page_fault+0x1e/0x30 [ 1714.921982] RIP: 0033:0x412baf [ 1714.925180] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 21:40:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3f000000}, 0x0) [ 1714.944082] RSP: 002b:00007ffdf9f71060 EFLAGS: 00010206 [ 1714.949447] RAX: 00007f67b8278000 RBX: 0000000000020000 RCX: 000000000045b40a [ 1714.956718] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 1714.963989] RBP: 00007ffdf9f71140 R08: ffffffffffffffff R09: 0000000000000000 [ 1714.971257] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdf9f71230 [ 1714.978617] R13: 00007f67b8298700 R14: 0000000000000001 R15: 000000000075bfd4 [ 1715.013629] Task in /syz5 killed as a result of limit of /syz5 [ 1715.026614] memory: usage 307196kB, limit 307200kB, failcnt 940 [ 1715.054161] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 21:40:55 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x60000000}, 0x0) [ 1715.101610] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1715.133066] Memory cgroup stats for /syz5: cache:2716KB rss:253004KB rss_huge:235520KB shmem:2772KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:2876KB active_anon:253048KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1715.197242] Memory cgroup out of memory: Kill process 17694 (syz-executor.5) score 1113 or sacrifice child [ 1715.215473] Killed process 17694 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1715.232776] oom_reaper: reaped process 17694 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 1715.282112] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1715.333126] syz-executor.5 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=1000 [ 1715.358302] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1715.378312] CPU: 0 PID: 20835 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1715.386330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1715.395685] Call Trace: [ 1715.398298] dump_stack+0x197/0x210 [ 1715.401945] dump_header+0x15e/0xa55 [ 1715.405672] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1715.410789] ? ___ratelimit+0x60/0x595 [ 1715.414681] ? do_raw_spin_unlock+0x181/0x270 [ 1715.419198] oom_kill_process.cold+0x10/0x6ef [ 1715.423709] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1715.429255] ? task_will_free_mem+0x139/0x6e0 [ 1715.433770] out_of_memory+0x362/0x1330 [ 1715.437755] ? lock_downgrade+0x880/0x880 [ 1715.441912] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1715.447021] ? oom_killer_disable+0x280/0x280 [ 1715.451523] ? find_held_lock+0x35/0x130 [ 1715.455610] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1715.460456] ? memcg_event_wake+0x230/0x230 [ 1715.464797] ? do_raw_spin_unlock+0x181/0x270 [ 1715.469302] ? _raw_spin_unlock+0x2d/0x50 [ 1715.473457] try_charge+0xec5/0x1490 [ 1715.477178] ? lock_downgrade+0x880/0x880 [ 1715.481344] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1715.486199] ? rcu_read_unlock+0x33/0x60 [ 1715.490267] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1715.495124] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1715.501191] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1715.506210] ? __vm_enough_memory+0x324/0x5a0 [ 1715.510721] mem_cgroup_try_charge+0x259/0x6b0 [ 1715.515321] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1715.520260] shmem_getpage_gfp+0x69a/0x3930 [ 1715.524612] ? shmem_writepage+0xf60/0xf60 [ 1715.528850] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1715.534394] ? balance_dirty_pages_ratelimited+0x168/0x1ee0 [ 1715.540115] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1715.545668] ? iov_iter_fault_in_readable+0x22c/0x450 [ 1715.550876] shmem_write_begin+0x10b/0x1e0 [ 1715.555126] generic_perform_write+0x22a/0x520 [ 1715.559729] ? page_endio+0x780/0x780 [ 1715.563534] ? current_time+0x140/0x140 [ 1715.567521] ? lock_acquire+0x16f/0x3f0 [ 1715.571506] __generic_file_write_iter+0x25e/0x630 [ 1715.576453] generic_file_write_iter+0x383/0x72f [ 1715.581224] __vfs_write+0x587/0x810 [ 1715.584947] ? kernel_read+0x120/0x120 [ 1715.588863] ? rcu_read_lock_sched_held+0x110/0x130 [ 1715.593889] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1715.598652] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1715.604199] ? __sb_start_write+0x1a9/0x360 [ 1715.608530] vfs_write+0x20c/0x560 [ 1715.612087] ksys_pwrite64+0x183/0x1c0 [ 1715.616020] ? __ia32_sys_pread64+0xf0/0xf0 [ 1715.620368] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1715.625139] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1715.629904] ? do_syscall_64+0x26/0x620 [ 1715.633903] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1715.639272] ? do_syscall_64+0x26/0x620 [ 1715.643261] __x64_sys_pwrite64+0x97/0xf0 [ 1715.647421] do_syscall_64+0xfd/0x620 [ 1715.651238] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1715.656432] RIP: 0033:0x4151b7 [ 1715.659632] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1715.678536] RSP: 002b:00007f67b82b8a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1715.686256] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 00000000004151b7 [ 1715.693531] RDX: 0000000008100000 RSI: 0000000020001340 RDI: 0000000000000004 [ 1715.700803] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 0000000000000000 [ 1715.708169] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000ffffffff [ 1715.715448] R13: 0000000000000bb1 R14: 00000000004cc8e6 R15: 000000000075bf2c [ 1715.753635] Task in /syz5 killed as a result of limit of /syz5 [ 1715.765967] memory: usage 307200kB, limit 307200kB, failcnt 1025 [ 1715.772261] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1715.779752] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1715.786687] Memory cgroup stats for /syz5: cache:5224KB rss:250924KB rss_huge:233472KB shmem:5148KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:5340KB active_anon:250908KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1715.808982] Memory cgroup out of memory: Kill process 17714 (syz-executor.5) score 1113 or sacrifice child [ 1715.833937] Killed process 17714 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1715.861292] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1715.871548] syz-executor.5 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=1000 [ 1715.895432] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1715.901183] CPU: 0 PID: 20863 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1715.909074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1715.918432] Call Trace: [ 1715.921035] dump_stack+0x197/0x210 [ 1715.924683] dump_header+0x15e/0xa55 [ 1715.928408] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1715.933528] ? ___ratelimit+0x60/0x595 [ 1715.937427] ? do_raw_spin_unlock+0x181/0x270 [ 1715.941948] oom_kill_process.cold+0x10/0x6ef [ 1715.946462] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1715.952007] ? task_will_free_mem+0x139/0x6e0 [ 1715.956523] out_of_memory+0x362/0x1330 [ 1715.960520] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1715.965638] ? oom_killer_disable+0x280/0x280 [ 1715.970141] ? find_held_lock+0x35/0x130 [ 1715.974222] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1715.979076] ? memcg_event_wake+0x230/0x230 [ 1715.983414] ? do_raw_spin_unlock+0x181/0x270 [ 1715.987919] ? _raw_spin_unlock+0x2d/0x50 [ 1715.992092] try_charge+0xc6e/0x1490 [ 1715.995822] ? lock_downgrade+0x880/0x880 [ 1715.999988] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1716.004839] ? rcu_read_unlock+0x33/0x60 [ 1716.008909] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1716.013766] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1716.019835] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1716.024862] ? __vm_enough_memory+0x324/0x5a0 [ 1716.029380] mem_cgroup_try_charge+0x259/0x6b0 [ 1716.033978] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1716.038915] shmem_getpage_gfp+0x69a/0x3930 [ 1716.043257] ? current_time+0x6f/0x140 [ 1716.047158] ? shmem_writepage+0xf60/0xf60 [ 1716.051396] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1716.056939] ? balance_dirty_pages_ratelimited+0x168/0x1ee0 [ 1716.062663] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1716.068212] ? iov_iter_fault_in_readable+0x22c/0x450 [ 1716.073425] shmem_write_begin+0x10b/0x1e0 [ 1716.077677] generic_perform_write+0x22a/0x520 [ 1716.082292] ? page_endio+0x780/0x780 [ 1716.086105] ? current_time+0x140/0x140 [ 1716.090093] ? lock_acquire+0x16f/0x3f0 [ 1716.094098] __generic_file_write_iter+0x25e/0x630 [ 1716.099040] generic_file_write_iter+0x383/0x72f [ 1716.103819] __vfs_write+0x587/0x810 [ 1716.107550] ? kernel_read+0x120/0x120 [ 1716.111467] ? rcu_read_lock_sched_held+0x110/0x130 [ 1716.116489] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1716.121253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1716.126801] ? __sb_start_write+0x1a9/0x360 [ 1716.131134] vfs_write+0x20c/0x560 [ 1716.134693] ksys_pwrite64+0x183/0x1c0 [ 1716.138591] ? __ia32_sys_pread64+0xf0/0xf0 [ 1716.142919] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1716.147687] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1716.152454] ? do_syscall_64+0x26/0x620 [ 1716.156435] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1716.161804] ? do_syscall_64+0x26/0x620 [ 1716.165794] __x64_sys_pwrite64+0x97/0xf0 [ 1716.169954] do_syscall_64+0xfd/0x620 [ 1716.173775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1716.178975] RIP: 0033:0x4151b7 [ 1716.182184] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1716.201094] RSP: 002b:00007f67b8276a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1716.208824] RAX: ffffffffffffffda RBX: 00007f67b82776d4 RCX: 00000000004151b7 [ 1716.216100] RDX: 0000000008100000 RSI: 0000000020001340 RDI: 0000000000000004 [ 1716.223378] RBP: 000000000075c070 R08: fe03f80fe03f80ff R09: 0000000000000000 [ 1716.230649] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000ffffffff [ 1716.237929] R13: 0000000000000bb1 R14: 00000000004cc8e6 R15: 000000000075c07c [ 1716.265881] Task in /syz5 killed as a result of limit of /syz5 [ 1716.271902] memory: usage 299520kB, limit 307200kB, failcnt 1025 [ 1716.278713] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1716.286427] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1716.292578] Memory cgroup stats for /syz5: cache:0KB rss:248776KB rss_huge:231424KB shmem:56KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:80KB active_anon:248740KB inactive_file:0KB active_file:0KB unevictable:0KB 21:40:56 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x2, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:56 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xe00000000000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x831a0000}, 0x0) 21:40:56 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x37) 21:40:56 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:40:56 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) [ 1716.314734] Memory cgroup out of memory: Kill process 17719 (syz-executor.5) score 1113 or sacrifice child [ 1716.325913] Killed process 17719 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1716.339568] oom_reaper: reaped process 17719 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 21:40:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x9effffff}, 0x0) [ 1716.501022] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1716.559791] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa0008000}, 0x0) 21:40:56 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000080)=0x1f, 0x4) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa0010000}, 0x0) 21:40:56 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)) [ 1716.755609] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa0020000}, 0x0) 21:40:56 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x3f00000000000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1716.985177] overlayfs: missing 'lowerdir' 21:40:56 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) mkdirat(r0, &(0x7f00000000c0)='./file0\x00', 0x80) clone(0x24a82800, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x1240810, &(0x7f0000000200)) 21:40:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa0040000}, 0x0) 21:40:57 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x38) 21:40:57 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:40:57 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) 21:40:57 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0xffff) preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@initdev}}, &(0x7f0000000080)=0xe8) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000340)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@smackfstransmute={'smackfstransmute', 0x3d, '\b\xbe\xdcy\xd4\x8d\x8007J\x9a\x8c\xc4\xa6\xff\xd5\x9c4\xfcK\xff\x90\a#(\xb1s\xf4\xe6&y\xa8{le\xe1\xd2\xe4\x03\xcd\"\x16,\xef\f)\x06^b\xe9\xabu'}}, {@fowner_eq={'fowner', 0x3d, r2}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@euid_gt={'euid>', r2}}]}) 21:40:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf0ffffff}, 0x0) 21:40:57 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xfffff000}, 0x0) [ 1717.375386] overlayfs: unrecognized mount option "ï )^bé«u" or missing value [ 1717.414755] overlayfs: unrecognized mount option "ï )^bé«u" or missing value 21:40:57 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6d6f7f6572e469723d48306243292e7c0000"]) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x101, 0x60) 21:40:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffff7f}, 0x0) [ 1717.610671] overlayfs: unrecognized mount option "moeräir=H0bC).|" or missing value 21:40:57 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6c6f7765e57972646916125bee72b320630000000000000000f4ffffffffffffffd2eea5ed76c17984d92f3c3f51b5fe6b56dfb6b038666d120d233403d0b7632303f49a0f8750b8e836dec92693580bb097f2104feeaac71b43074f93f9b5099fd5504a7a4f8fb6bbf916894a4a36a184a1459f355bb94ada03dd2d82d71e459456d6770d3edfce047cdee5d1c97ca743d949516962fb0e3cd95a11e48120eeb29f7c5df0a8c7d5bd9314f8cff576f047c3a112559a9e80ebe5d2d9f87df2dc7c8cf6b4"]) 21:40:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffff9e}, 0x0) 21:40:57 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket(0x10, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000140)=0xc) setreuid(0x0, r2) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@fowner_eq={'fowner', 0x3d, r2}}, {@permit_directio='permit_directio'}, {@fsuuid={'fsuuid', 0x3d, {[0x65, 0x65, 0x63, 0x160666c07fa3f738, 0x31, 0x35, 0x34, 0x36], 0x2d, [0x66, 0x30, 0x37, 0x32], 0x2d, [0x63, 0x63, 0x36, 0x36], 0x2d, [0x39, 0x61, 0x61, 0x63], 0x2d, [0x35, 0x69, 0x37, 0x38, 0x61, 0x31, 0x65, 0x32]}}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}) [ 1717.919918] overlayfs: unrecognized mount option "loweåyrdi[îr³ c" or missing value [ 1718.052352] overlayfs: unrecognized mount option "permit_directio" or missing value [ 1718.070841] overlayfs: unrecognized mount option "permit_directio" or missing value 21:40:58 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x39) 21:40:58 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x4a00000000000000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:58 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:40:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xfffffff0}, 0x0) 21:40:58 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:40:58 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = accept4$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000300)=0x1c, 0x80800) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000340)=0x7, 0x4) getgroups(0x1, &(0x7f00000000c0)=[r0]) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(0xffffffffffffffff, 0xc0884123, &(0x7f0000000140)={0x0, "b451579952b33e457a66d2a436077dce0e3d9924a120d3654bfd7a2f069dc9c2b04872a2a42a81e8dc9c0a3ec056485aa8a4c38e020974f8cdd01d1cc5a4fc17", {0x401, 0x101}}) 21:40:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x1a0ffffffff}, 0x0) 21:40:58 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xffffffffa0010000, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1718.437394] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1718.490123] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:58 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:40:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x2a0ffffffff}, 0x0) [ 1718.674932] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1718.709531] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x4a0ffffffff}, 0x0) 21:40:58 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x40, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r1, r3, r5) setgroups(0x2, &(0x7f00000000c0)=[r0, r5]) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) [ 1718.928120] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1718.990972] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:59 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x3a) 21:40:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3000000000000}, 0x0) 21:40:59 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:40:59 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xffffffffa0020000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:40:59 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c65305c00b58f811e044ad9710965f3f7da28bbe43cfaf5966b60e64c070ca42583f6e47658c7f9b671152fcc4afa9579dea9c74f9c1e9794ecbf75c619e7e4eedfd0b5d1e269388c1a26d1769cc1a56af6ac96abc6a369b04178f483e0a83acf7ecd536eb2b66a865dba9c26478ea6e36213ff6be536f0c8cf34208164c21e8ed3d40ad18dabdc5eb04b0f62f1c1eea42031f391e79398f267759bb4ad372476e9b10fb222dea471849327600822b1631b99024f59f0aeb9c2036a7ddf4d"]) 21:40:59 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:40:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x40030000000000}, 0x0) 21:40:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x8000a0ffffffff}, 0x0) [ 1719.660946] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1719.741544] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf0ffffffffffff}, 0x0) 21:40:59 executing program 5: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/mls\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000180)={0x10}) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$TIOCL_SETVESABLANK(r1, 0x541c, &(0x7f0000000040)) 21:40:59 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000140)=0x6d6e8fcb, 0x4) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0xfff, 0x2}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) [ 1719.894946] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:40:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x100000000000000}, 0x0) [ 1720.027788] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1720.067900] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:00 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x3b) 21:41:00 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x200000000000000}, 0x0) 21:41:00 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:41:00 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xffffffffa0040000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:41:00 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) syz_mount_image$cifs(&(0x7f0000000080)='cifs\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000180)=[{&(0x7f0000000140)="1b13965b762e6018ca061b3f33206df412103bffd0d052155fd45d808c", 0x1d, 0x9}], 0x1000000, &(0x7f0000000240)='em0systemtrusted:$^wlan0GPL&posix_acl_accessnodevbdevlo\'vboxnet0vboxnet0wlan0\\\x00') 21:41:00 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x300000000000000}, 0x0) 21:41:00 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:00 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000140)=""/181) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='lowerdir=./fil[0\\\x00']) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0xffffffffffff0000, 0x20040) 21:41:00 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x400000000000000}, 0x0) [ 1720.763131] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:00 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x500000000000000}, 0x0) [ 1720.905798] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:00 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x0, 0x200000000000000) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000140)={0x401, 0x8, 0x4, 0x40, 0x4, {0x0, 0x2710}, {0x1, 0xc, 0x3, 0xe2, 0x3, 0x2, "c65a8e5c"}, 0x4, 0x1, @userptr=0x3, 0x4, 0x0, 0xffffffffffffffff}) execveat(r1, &(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000240)='em1,(system\x00', &(0x7f0000000280)='overlay\x00', &(0x7f0000000040)='user.wlan0system.vboxnet1\x00', &(0x7f0000000300)='.\x00', &(0x7f0000000340)='lowerdir', &(0x7f0000000200)='\x04\xe0%\x87', &(0x7f00000003c0)='lowerdir', &(0x7f0000000400)='J[&em1\x00', &(0x7f0000000440)='lowerdir', &(0x7f0000000480)='lowerdir'], &(0x7f00000007c0)=[&(0x7f0000000540)='@@\x00', &(0x7f0000000880)='\x1d\xe5overl\xe1\xd8\xc8\x1d\x0f\xe5\x95\xd0\xc4\xd5N\x15s\x1c\x12\xb82f>\xdc\x97\xd2B\xf8c\xd6FU\xd0lE:D\xa3\xef\x8fD\x88\xe1PK\xdfP\xeeFx\x83\x04\x03\x0f\xf4\x19}\xb6', &(0x7f00000005c0)='lowerdir', &(0x7f0000000600)='overlay\x00', &(0x7f0000000640)=')}\x00', &(0x7f0000000680)='security.ima\x00', &(0x7f00000006c0)='trustedcgroup\x00', &(0x7f0000000700)='security.ima\x00', &(0x7f0000000740)='\x00', &(0x7f0000000780)='bdev(selinux[}nodev@posix_acl_accesssecurityppp0\x00'], 0x100) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_ima(r2, &(0x7f0000000080)='security.ima\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB], 0xa, 0x1) mount$overlay(0x0, &(0x7f0000000840)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x2800, &(0x7f0000000200)=ANY=[]) [ 1720.964621] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:00 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x600000000000000}, 0x0) 21:41:01 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x3c) 21:41:01 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0xffffffffa0060000, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:41:01 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x800000000000000}, 0x0) 21:41:01 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000080)={0x5, 0x2000, 0x2, 0x20, 0x40, 0x9, 0x6}) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c03000000"]) 21:41:01 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xe, 0x0, 0x0) tkill(r0, 0x16) 21:41:01 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x900000000000000}, 0x0) [ 1721.818331] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:01 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a, 0x0, 0x0) tkill(r0, 0x16) [ 1721.865031] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1721.915608] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1721.935628] CPU: 0 PID: 21078 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1721.943545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1721.952904] Call Trace: [ 1721.955502] dump_stack+0x197/0x210 [ 1721.959154] dump_header+0x15e/0xa55 [ 1721.962883] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1721.968004] ? ___ratelimit+0x60/0x595 [ 1721.971907] ? do_raw_spin_unlock+0x181/0x270 [ 1721.976426] oom_kill_process.cold+0x10/0x6ef [ 1721.980942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1721.986489] ? task_will_free_mem+0x139/0x6e0 [ 1721.991012] out_of_memory+0x362/0x1330 [ 1721.995013] ? lock_downgrade+0x880/0x880 [ 1721.999181] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1722.004299] ? oom_killer_disable+0x280/0x280 [ 1722.008807] ? find_held_lock+0x35/0x130 [ 1722.012897] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1722.017762] ? memcg_event_wake+0x230/0x230 [ 1722.022101] ? do_raw_spin_unlock+0x181/0x270 [ 1722.026617] ? _raw_spin_unlock+0x2d/0x50 [ 1722.030779] try_charge+0xec5/0x1490 [ 1722.034518] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1722.039378] ? lock_downgrade+0x880/0x880 [ 1722.043541] ? kasan_check_read+0x11/0x20 [ 1722.047720] memcg_kmem_charge_memcg+0x83/0x170 [ 1722.052415] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1722.056930] ? __isolate_free_page+0x4c0/0x4c0 [ 1722.061524] memcg_kmem_charge+0x13b/0x370 [ 1722.065773] __alloc_pages_nodemask+0x3c3/0x750 [ 1722.070456] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1722.075486] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1722.080078] ? trace_hardirqs_on+0x67/0x220 [ 1722.084416] copy_process.part.0+0x3d6/0x7a60 [ 1722.088927] ? mark_held_locks+0x100/0x100 [ 1722.093182] ? __might_fault+0x12b/0x1e0 [ 1722.097275] ? __cleanup_sighand+0x70/0x70 [ 1722.101521] ? lock_downgrade+0x880/0x880 [ 1722.105698] _do_fork+0x257/0xfd0 [ 1722.109177] ? fork_idle+0x1d0/0x1d0 [ 1722.112929] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1722.117708] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1722.122476] ? do_syscall_64+0x26/0x620 [ 1722.126462] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.131841] ? do_syscall_64+0x26/0x620 [ 1722.135839] __x64_sys_clone+0xbf/0x150 [ 1722.139832] do_syscall_64+0xfd/0x620 [ 1722.143657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.148851] RIP: 0033:0x45b3b9 21:41:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xa00000000000000}, 0x0) [ 1722.152053] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1722.170962] RSP: 002b:00007f67b8276c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1722.178682] RAX: ffffffffffffffda RBX: 00007f67b82776d4 RCX: 000000000045b3b9 [ 1722.185968] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000002000100 [ 1722.193249] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 1722.200524] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1722.207800] R13: 0000000000000070 R14: 00000000004c1c3a R15: 000000000075c07c [ 1722.221241] Task in /syz5 killed as a result of limit of /syz5 [ 1722.227895] memory: usage 307100kB, limit 307200kB, failcnt 1052 [ 1722.238558] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1722.246664] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:41:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xb00000000000000}, 0x0) 21:41:02 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x3d) [ 1722.253112] Memory cgroup stats for /syz5: cache:100KB rss:255528KB rss_huge:237568KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:255624KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1722.290045] Memory cgroup out of memory: Kill process 20948 (syz-executor.5) score 1120 or sacrifice child [ 1722.310273] Killed process 20948 (syz-executor.5) total-vm:74768kB, anon-rss:4264kB, file-rss:35792kB, shmem-rss:0kB 21:41:02 executing program 5: recvfrom$l2tp6(0xffffffffffffffff, &(0x7f0000000080)=""/79, 0x4f, 0x1, 0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='com.apple.system.Security\x00', &(0x7f00000001c0)=""/10, 0xa) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:41:02 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x1a0, 0x0, 0x0) tkill(r0, 0x16) [ 1722.363202] syz-executor.4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1722.423278] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1722.435897] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1722.449862] CPU: 1 PID: 21077 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1722.457760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1722.461384] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1722.467139] Call Trace: [ 1722.467164] dump_stack+0x197/0x210 [ 1722.467204] dump_header+0x15e/0xa55 [ 1722.467223] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1722.467238] ? ___ratelimit+0x60/0x595 [ 1722.467255] ? do_raw_spin_unlock+0x181/0x270 [ 1722.498131] oom_kill_process.cold+0x10/0x6ef [ 1722.502629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1722.508173] ? task_will_free_mem+0x139/0x6e0 [ 1722.512697] out_of_memory+0x362/0x1330 [ 1722.516691] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1722.521812] ? oom_killer_disable+0x280/0x280 [ 1722.526313] ? find_held_lock+0x35/0x130 [ 1722.530394] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1722.535244] ? memcg_event_wake+0x230/0x230 [ 1722.539591] ? do_raw_spin_unlock+0x181/0x270 [ 1722.544101] ? _raw_spin_unlock+0x2d/0x50 [ 1722.548259] try_charge+0xec5/0x1490 [ 1722.552003] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1722.556865] ? lock_downgrade+0x880/0x880 [ 1722.561031] ? kasan_check_read+0x11/0x20 [ 1722.565194] memcg_kmem_charge_memcg+0x83/0x170 [ 1722.569877] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1722.574397] ? __isolate_free_page+0x4c0/0x4c0 [ 1722.579000] memcg_kmem_charge+0x13b/0x370 [ 1722.583256] __alloc_pages_nodemask+0x3c3/0x750 [ 1722.587946] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1722.592978] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1722.597576] ? trace_hardirqs_on+0x67/0x220 [ 1722.601917] copy_process.part.0+0x3d6/0x7a60 [ 1722.606424] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1722.611536] ? delayacct_end+0x5c/0x100 [ 1722.615529] ? __delayacct_freepages_end+0xe0/0x140 [ 1722.620562] ? __lock_acquire+0x6ee/0x49c0 [ 1722.624822] ? __cleanup_sighand+0x70/0x70 [ 1722.629075] ? mark_held_locks+0x100/0x100 [ 1722.633347] _do_fork+0x257/0xfd0 [ 1722.636825] ? fork_idle+0x1d0/0x1d0 [ 1722.640561] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1722.646455] ? kasan_check_read+0x11/0x20 [ 1722.650623] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1722.655397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1722.660161] ? do_syscall_64+0x26/0x620 [ 1722.664145] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.669532] ? do_syscall_64+0x26/0x620 [ 1722.673531] __x64_sys_clone+0xbf/0x150 [ 1722.677526] do_syscall_64+0xfd/0x620 [ 1722.681348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.686543] RIP: 0033:0x45dd89 [ 1722.689742] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1722.708646] RSP: 002b:00007ffee160f048 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1722.716364] RAX: ffffffffffffffda RBX: 00007f024150b700 RCX: 000000000045dd89 [ 1722.723644] RDX: 00007f024150b9d0 RSI: 00007f024150adb0 RDI: 00000000003d0f00 [ 1722.730924] RBP: 00007ffee160f260 R08: 00007f024150b700 R09: 00007f024150b700 [ 1722.738214] R10: 00007f024150b9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1722.745493] R13: 00007ffee160f0ff R14: 00007f024150b9c0 R15: 000000000075bfd4 [ 1722.757595] Task in /syz4 killed as a result of limit of /syz4 [ 1722.763694] memory: usage 307200kB, limit 307200kB, failcnt 7331 [ 1722.769846] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1722.776683] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1722.782830] Memory cgroup stats for /syz4: cache:0KB rss:219952KB rss_huge:180224KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:219968KB inactive_file:112KB active_file:0KB unevictable:0KB [ 1722.803850] Memory cgroup out of memory: Kill process 20578 (syz-executor.4) score 124 or sacrifice child [ 1722.819453] Killed process 20578 (syz-executor.4) total-vm:74768kB, anon-rss:2212kB, file-rss:35792kB, shmem-rss:0kB [ 1722.854846] syz-executor.4 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 1722.888737] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1722.895833] CPU: 1 PID: 21079 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1722.903834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1722.913196] Call Trace: [ 1722.915808] dump_stack+0x197/0x210 [ 1722.919469] dump_header+0x15e/0xa55 [ 1722.923214] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1722.928331] ? ___ratelimit+0x60/0x595 [ 1722.932232] ? do_raw_spin_unlock+0x181/0x270 [ 1722.936752] oom_kill_process.cold+0x10/0x6ef [ 1722.941263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1722.946817] ? task_will_free_mem+0x139/0x6e0 [ 1722.951338] out_of_memory+0x362/0x1330 [ 1722.955332] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1722.960454] ? oom_killer_disable+0x280/0x280 [ 1722.964975] ? find_held_lock+0x35/0x130 [ 1722.969074] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1722.973939] ? memcg_event_wake+0x230/0x230 [ 1722.978282] ? do_raw_spin_unlock+0x181/0x270 [ 1722.982803] ? _raw_spin_unlock+0x2d/0x50 [ 1722.987043] try_charge+0xc6e/0x1490 [ 1722.990795] ? lock_downgrade+0x880/0x880 [ 1722.994976] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1722.999836] ? rcu_read_unlock+0x33/0x60 [ 1723.003919] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1723.008786] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1723.014869] ? __lock_is_held+0xb6/0x140 [ 1723.018956] mem_cgroup_try_charge+0x259/0x6b0 [ 1723.023557] __add_to_page_cache_locked+0x334/0xd10 [ 1723.028591] ? find_lock_entry+0x5f0/0x5f0 [ 1723.032849] add_to_page_cache_lru+0x1c9/0x860 [ 1723.037453] ? add_to_page_cache_locked+0x40/0x40 [ 1723.042321] ? __page_cache_alloc+0x131/0x450 [ 1723.046840] pagecache_get_page+0x364/0xcf0 [ 1723.051192] grab_cache_page_write_begin+0x7b/0xb0 [ 1723.056145] ext4_da_write_begin+0x2d7/0x1180 [ 1723.060670] ? iov_iter_fault_in_readable+0x1ba/0x450 [ 1723.065875] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1723.071433] ? ext4_write_begin+0x1790/0x1790 [ 1723.075947] ? copy_page_from_iter+0x7f0/0x7f0 [ 1723.080554] generic_perform_write+0x22a/0x520 [ 1723.085162] ? page_endio+0x780/0x780 [ 1723.088979] ? current_time+0x140/0x140 [ 1723.092976] ? lock_acquire+0x16f/0x3f0 [ 1723.096967] ? ext4_file_write_iter+0x23f/0x1060 [ 1723.101739] __generic_file_write_iter+0x25e/0x630 [ 1723.106700] ext4_file_write_iter+0x32b/0x1060 [ 1723.111303] ? find_held_lock+0x35/0x130 [ 1723.115391] ? ext4_file_mmap+0x410/0x410 [ 1723.119559] ? lock_downgrade+0x880/0x880 [ 1723.123722] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1723.128487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1723.134045] ? __sb_start_write+0x1a9/0x360 [ 1723.138394] aio_write+0x346/0x530 [ 1723.141951] ? aio_read+0x3b0/0x3b0 [ 1723.145596] ? __might_fault+0x12b/0x1e0 [ 1723.149674] ? __might_fault+0x12b/0x1e0 [ 1723.153756] ? lock_downgrade+0x880/0x880 [ 1723.157948] io_submit_one+0x104d/0x2ed0 [ 1723.162029] ? lookup_ioctx+0x1d7/0x830 [ 1723.166037] ? aio_complete_rw+0xf20/0xf20 [ 1723.170294] ? __might_fault+0x12b/0x1e0 [ 1723.174409] __x64_sys_io_submit+0x1aa/0x520 [ 1723.178833] ? __x64_sys_io_submit+0x1aa/0x520 [ 1723.183436] ? __ia32_sys_io_destroy+0x420/0x420 [ 1723.188218] ? do_syscall_64+0x26/0x620 [ 1723.192213] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1723.197713] ? do_syscall_64+0x26/0x620 [ 1723.201710] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1723.206315] do_syscall_64+0xfd/0x620 [ 1723.210133] ? do_syscall_64+0xfd/0x620 [ 1723.214126] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1723.219322] RIP: 0033:0x45b3b9 [ 1723.222533] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1723.241442] RSP: 002b:00007f024152cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 1723.249222] RAX: ffffffffffffffda RBX: 00007f024152d6d4 RCX: 000000000045b3b9 [ 1723.256510] RDX: 0000000020000540 RSI: 00000000200002f1 RDI: 00007f024150c000 [ 1723.263791] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1723.271068] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1723.278353] R13: 00000000000001f4 R14: 00000000004c2d48 R15: 000000000075bf2c [ 1723.294953] Task in /syz4 killed as a result of limit of /syz4 [ 1723.302288] memory: usage 305032kB, limit 307200kB, failcnt 7331 [ 1723.323293] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1723.330159] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1723.342154] Memory cgroup stats for /syz4: cache:0KB rss:217720KB rss_huge:178176KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:217808KB inactive_file:112KB active_file:0KB unevictable:0KB [ 1723.369353] Memory cgroup out of memory: Kill process 4258 (syz-executor.4) score 124 or sacrifice child [ 1723.380355] Killed process 4258 (syz-executor.4) total-vm:74768kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB [ 1723.399157] oom_reaper: reaped process 4258 (syz-executor.4), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB 21:41:03 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) sendto$l2tp(r0, &(0x7f0000000240)="1ce010e36e857f1ddf21b824169b80d2dfa38e9d5d90bf3c730d260c8555455ffdf3f35f684da1934cf082122bd76ee9ad9a98da9b8541c1071878a988d601447813e873330226833974697de0e083565d8cfe4a2a44cadffcc59375cefe95f576d1762cb4f4c5647c23f10befbb5250c551113f57037efdc6f3e1b3a7ea6f349ee7e0f055710d6a3a29777bbcddc34dea31d1a5fce3f94dff1d9867e895f0abd8228f9e6e120e6074615c67f7d82244f036d2cc59db80c771788be1f42bad01454b144febbc5b6255c73d6b8182e575f66ef2f43327dc1cae88cb8b9d2febe6bbc956a3e99d", 0xe6, 0x24040080, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) 21:41:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xe00000000000000}, 0x0) 21:41:03 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:03 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x3e) 21:41:03 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:03 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0xe, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8801}, 0x0) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x2094420, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:41:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf00000000000000}, 0x0) [ 1723.525172] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1723.545838] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x1000000000000000}, 0x0) 21:41:03 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getresuid(&(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000240)=0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='overlay\x00', 0x20004e, &(0x7f00000002c0)={[{@xino_auto='xino=auto', 0x5c}], [{@smackfsdef={'smackfsdef', 0x3d, 'lowerdir\xad\xbb\xea>\xd3\a6k\x1d\xd9\xf3Yzn\xece\xa1b\x92\x8c-\x15\x7f\x9cp\x94\x8d\xca\xe2ldX5*\x0eadl\n$\xe8Go\x7f\xbcD\xa5\xacFU\x19'}}, {@fowner_lt={'fowner<', r0}}]}) 21:41:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x3f00000000000000}, 0x0) 21:41:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x6000000000000000}, 0x0) [ 1723.877572] overlayfs: unrecognized mount option "xino=auto\smackfsdef=lowerdir­»ê>Ó6kÙóYznìe¡b’Œ-œp”ÊâldX5*adl [ 1723.877572] $èGo¼D¥¬FU" or missing value [ 1724.788596] NOHZ: local_softirq_pending 08 21:41:05 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x2a0, 0x0, 0x0) tkill(r0, 0x16) 21:41:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x831a000000000000}, 0x0) 21:41:05 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x200008) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00') r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) read$snddsp(r3, &(0x7f0000000440)=""/142, 0x8e) lseek(r2, 0x800000, 0x0) r4 = creat(&(0x7f0000000700)='./bus\x00', 0x0) sendfile(r4, r2, 0x0, 0x8000fffffffe) r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x121001, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000140)={0x7, 0xffff, {}, {0xee00}, 0x400000000000000, 0x4}) r6 = socket$packet(0x11, 0x3, 0x300) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r7, &(0x7f00000017c0), 0x333, 0x0) ioctl$MON_IOCX_GET(r7, 0x40189206, &(0x7f0000000600)={&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000500)=""/231, 0xe7}) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000900)='/selinux/commit_pending_bools\x00', 0x1, 0x0) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r9, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000980)={0x980000, 0xb4, 0x3ff, r9, 0x0, &(0x7f0000000940)={0x990af7, 0x5, [], @value=0x8}}) recvfrom$packet(r10, 0x0, 0x0, 0x2023, 0x0, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r11, &(0x7f00000017c0), 0x333, 0x0) ioctl$IOC_PR_RELEASE(r11, 0x401070ca, &(0x7f00000002c0)={0x6, 0x5, 0x1}) fstat(r6, &(0x7f0000000180)) r12 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r12, &(0x7f00000017c0), 0x333, 0x0) setsockopt$TIPC_IMPORTANCE(r12, 0x10f, 0x7f, &(0x7f0000000400)=0x2, 0x4) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r5, 0x28, 0x1, &(0x7f0000000240), 0x8) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r13 = gettid() ptrace$setopts(0x4206, r13, 0x0, 0x0) tkill(r13, 0x3c) ptrace$cont(0x18, r13, 0x0, 0x0) ptrace$setregs(0xd, r13, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r13, 0x0, 0x0) process_vm_writev(r13, &(0x7f0000000380)=[{&(0x7f0000000300)=""/93, 0x5d}, {&(0x7f0000000640)=""/125, 0x7d}], 0x2, &(0x7f00000008c0)=[{&(0x7f0000000740)=""/221, 0xdd}, {&(0x7f00000009c0)=""/21, 0x15}, {&(0x7f0000000840)=""/118, 0x76}], 0x3, 0x0) 21:41:05 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:05 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x41) 21:41:05 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x9effffff00000000}, 0x0) [ 1725.678001] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xf0ffffff00000000}, 0x0) 21:41:05 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a0, 0x0, 0x0) tkill(r0, 0x16) 21:41:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffff7f00000000}, 0x0) 21:41:05 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x80000, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@ccm_128={{0x303}, "d72cfec9fec6af27", "397d12edd3d6bde49d32a18f0bfc2633", "fd53e80e", "232428a0ff7789db"}, 0x28) bind(r0, &(0x7f0000000140)=@ax25={{0x3, @default}, [@null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x80) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) 21:41:05 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x6a0, 0x0, 0x0) tkill(r0, 0x16) 21:41:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffffff00000000}, 0x0) 21:41:05 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6c6f7765726469723d35a965e02fb3563481"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, &(0x7f00000000c0)=0x86) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x420800, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) r3 = accept$alg(r2, 0x0, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000080)) ioctl$SNDRV_PCM_IOCTL_PREPARE(r1, 0x4140, 0x0) [ 1725.953762] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1725.986486] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:06 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffffffa0008000}, 0x0) [ 1726.131643] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1726.164488] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:06 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:06 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x42) 21:41:06 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:06 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xe00, 0x0, 0x0) tkill(r0, 0x16) 21:41:06 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r1) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000080)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@fowner_lt={'fowner<', r1}}, {@seclabel='seclabel'}]}) 21:41:06 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffffffa0010000}, 0x0) 21:41:06 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffffffa0020000}, 0x0) 21:41:06 executing program 5: mknod$loop(&(0x7f0000000000)='./file2\x00', 0x80, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]}) r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nvme-fabrics\x00', 0x40200, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x5) setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000140)={'L-', 0xf470}, 0x16, 0x2) 21:41:06 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x3f00, 0x0, 0x0) tkill(r0, 0x16) 21:41:06 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xffffffffa0040000}, 0x0) 21:41:06 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:06 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r1, r3, r5) chown(&(0x7f0000000080)='./file0\x00', r0, r5) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c65305c0080733a1f1cde39f48d8e8fb66e91e0cc94997144341f629fd747e95db45b4715c666d9b833ef30e449aced6da4201dbb3bd5ff239fcb5baf005ef4c05a2568cfe9155ffba8e1319e46ad83fb4b9af857f7a52949c043bbd38b4ebf573b6c0cacec8fe0bf78dcf9c63ccd53736d3c88c8e1c2059333f80867eda523cf2eaf4f44fc9d3ec4e0e538e1d976b90878a3d10bd484de367d1e6f7e72fe28157288952afe9fc8a54b74fefc52c34407b440a4ba54090d809be02e58e30f166577f401e40bbb3e0adf56c694c859699a1b971af712aa187ef77117a1eb2871cb9eaf67c90b030962a02d2cea24ce66a54fd014a2bcd9f7832e603801a312e5c9e5e3af1c7b05da0f7ca46dcd94c691f6fb82c1a9724e9132f41bcdc9c7fc6137ff8e07e93a584ef75d7fe36b9ba0314fdcab64571c0e1e253982f5ec4598da60ef795814d15b8e3029aa082cbc0215c3c645169f8ec6168145"]) [ 1726.784805] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent 21:41:07 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:07 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x43) 21:41:07 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4000, 0x0, 0x0) tkill(r0, 0x16) 21:41:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0xfffffffffffff000}, 0x0) 21:41:07 executing program 5: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x2, 0x0, r0, 0x0}]) io_getevents(r1, 0x8f, 0x1, &(0x7f0000000080)=[{}], &(0x7f00000000c0)={0x77359400}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6c6f77aee786d6c80fb21525a904f9ccb4b4a8647d0940b9e70a8d6c6ad83e4880b5533067a30dd88d61a9"]) 21:41:07 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1727.500616] overlayfs: unrecognized mount option "low®ç†ÖȲ%©ùÌ´´¨d} @¹ç [ 1727.500616] ljØ>H€µS0g£ Øa©" or missing value 21:41:07 executing program 4: io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:07 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:07 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a00, 0x0, 0x0) tkill(r0, 0x16) [ 1727.570218] overlayfs: unrecognized mount option "low®ç†ÖȲ%©ùÌ´´¨d} @¹ç [ 1727.570218] ljØ>H€µS0g£ Øa©" or missing value 21:41:07 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000140)=0xc00000) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x210000, 0x0) getsockopt$inet_buf(r1, 0x0, 0x2d, &(0x7f0000000240)=""/4096, &(0x7f00000000c0)=0x1000) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0000d8bc18000000000000d8000000"]) 21:41:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x2}, 0x0) 21:41:07 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) [ 1727.742112] overlayfs: missing 'lowerdir' 21:41:08 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x44) 21:41:08 executing program 5: syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='flush,']) 21:41:08 executing program 4: io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x3}, 0x0) 21:41:08 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x1000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:08 executing program 0: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) 21:41:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x0) [ 1728.434977] FAT-fs (loop5): bogus number of reserved sectors [ 1728.468558] FAT-fs (loop5): Can't find a valid FAT filesystem 21:41:08 executing program 4: io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 21:41:08 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xe000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:08 executing program 0: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) [ 1728.536195] FAT-fs (loop5): bogus number of reserved sectors [ 1728.564256] FAT-fs (loop5): Can't find a valid FAT filesystem 21:41:08 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x24, &(0x7f0000000240), 0x4) [ 1728.759807] syz-executor.5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 1728.822131] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1728.833667] CPU: 1 PID: 21293 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1728.841572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1728.850929] Call Trace: [ 1728.853532] dump_stack+0x197/0x210 [ 1728.857297] dump_header+0x15e/0xa55 [ 1728.861036] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1728.866257] ? ___ratelimit+0x60/0x595 [ 1728.870158] ? do_raw_spin_unlock+0x181/0x270 [ 1728.874678] oom_kill_process.cold+0x10/0x6ef [ 1728.879189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1728.884740] ? task_will_free_mem+0x139/0x6e0 [ 1728.889258] out_of_memory+0x362/0x1330 [ 1728.893245] ? lock_downgrade+0x880/0x880 [ 1728.897405] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1728.902520] ? oom_killer_disable+0x280/0x280 [ 1728.907020] ? find_held_lock+0x35/0x130 [ 1728.911108] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1728.916005] ? memcg_event_wake+0x230/0x230 [ 1728.920344] ? do_raw_spin_unlock+0x181/0x270 [ 1728.924851] ? _raw_spin_unlock+0x2d/0x50 [ 1728.929017] try_charge+0xec5/0x1490 [ 1728.932746] ? lock_downgrade+0x880/0x880 [ 1728.936914] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1728.941772] ? rcu_read_unlock+0x33/0x60 [ 1728.945849] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1728.950715] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1728.956798] mem_cgroup_try_charge+0x259/0x6b0 [ 1728.961404] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1728.966354] wp_page_copy+0x430/0x16a0 [ 1728.970262] ? follow_pfn+0x2a0/0x2a0 [ 1728.974076] ? do_raw_spin_unlock+0x181/0x270 [ 1728.978590] do_wp_page+0x57d/0x10b0 [ 1728.982324] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 1728.987002] ? kasan_check_write+0x14/0x20 [ 1728.991245] ? do_raw_spin_lock+0xd7/0x250 [ 1728.995500] __handle_mm_fault+0x2305/0x3f80 [ 1728.999920] ? copy_page_range+0x2030/0x2030 [ 1729.004363] ? count_memcg_event_mm+0x2b1/0x4d0 [ 1729.009048] handle_mm_fault+0x1b5/0x690 [ 1729.013214] __do_page_fault+0x62a/0xe90 [ 1729.017312] ? vmalloc_fault+0x740/0x740 [ 1729.021388] ? trace_hardirqs_off_caller+0x65/0x220 [ 1729.026410] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1729.031354] ? page_fault+0x8/0x30 [ 1729.034913] do_page_fault+0x71/0x57d [ 1729.038729] ? page_fault+0x8/0x30 [ 1729.042280] page_fault+0x1e/0x30 [ 1729.045746] RIP: 0033:0x40db78 [ 1729.048958] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 d8 2c 00 00 8b 05 92 a4 32 00 48 8b 15 03 4b 86 00 83 c0 01 <89> 05 82 a4 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f [ 1729.067868] RSP: 002b:00007ffdf9f710e0 EFLAGS: 00010202 [ 1729.073235] RAX: 0000000000000001 RBX: 0000001b32b20014 RCX: 0000001b33b20000 [ 1729.080513] RDX: 0000001b32b20000 RSI: 0000000000001709 RDI: ffffffffd92ad709 [ 1729.087790] RBP: 0000001b32b20018 R08: 00000000d92ad709 R09: 00000000d92ad70d [ 1729.095061] R10: 00007ffdf9f71220 R11: 0000000000000246 R12: 0000001b32b2001c [ 1729.102340] R13: 00000000001a60b5 R14: 000000000075bf20 R15: 000000000075bf2c [ 1729.112043] Task in /syz5 killed as a result of limit of /syz5 [ 1729.118615] memory: usage 307200kB, limit 307200kB, failcnt 1121 [ 1729.125311] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1729.132242] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1729.138972] Memory cgroup stats for /syz5: cache:100KB rss:254404KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254444KB inactive_file:12KB active_file:8KB unevictable:0KB [ 1729.160707] Memory cgroup out of memory: Kill process 20921 (syz-executor.5) score 1113 or sacrifice child [ 1729.177261] Killed process 20921 (syz-executor.5) total-vm:74900kB, anon-rss:2224kB, file-rss:35796kB, shmem-rss:0kB 21:41:09 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x45) 21:41:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x6}, 0x0) 21:41:09 executing program 4: r0 = creat(0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:09 executing program 0: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) 21:41:09 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x3f000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:09 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x8}, 0x0) 21:41:09 executing program 4: r0 = creat(0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:09 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x40000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:09 executing program 0: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x9}, 0x0) 21:41:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa}, 0x0) 21:41:10 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x46) 21:41:10 executing program 4: r0 = creat(0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:10 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xb}, 0x0) 21:41:10 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:10 executing program 0: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:12 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xe}, 0x0) 21:41:12 executing program 0: r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:12 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xa0010000, 0x0, 0x0) tkill(r0, 0x16) 21:41:12 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:12 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x47) 21:41:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf}, 0x0) 21:41:12 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:12 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xa0020000, 0x0, 0x0) tkill(r0, 0x16) 21:41:12 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x0) 21:41:12 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:12 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x60}, 0x0) 21:41:12 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:12 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:12 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xa0040000, 0x0, 0x0) tkill(r0, 0x16) 21:41:13 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x48) 21:41:13 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:13 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf0}, 0x0) 21:41:13 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:13 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xa0060000, 0x0, 0x0) tkill(r0, 0x16) 21:41:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x1a0}, 0x0) 21:41:13 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, 0x0) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:13 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:13 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:13 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x1a0ffffffff, 0x0, 0x0) tkill(r0, 0x16) 21:41:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x2a0}, 0x0) 21:41:14 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x49) 21:41:14 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:14 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:14 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x300}, 0x0) 21:41:14 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x2a0ffffffff, 0x0, 0x0) tkill(r0, 0x16) 21:41:14 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:14 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:14 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x4a0}, 0x0) 21:41:14 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a0ffffffff, 0x0, 0x0) tkill(r0, 0x16) 21:41:14 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:14 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x500}, 0x0) 21:41:14 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)) io_submit(0x0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:14 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:15 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4a) 21:41:15 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x6a0ffffffff, 0x0, 0x0) tkill(r0, 0x16) 21:41:17 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x600}, 0x0) 21:41:17 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:17 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:17 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x7ffffffff000, 0x0, 0x0) tkill(r0, 0x16) 21:41:17 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4b) 21:41:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x900}, 0x0) 21:41:17 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:17 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:17 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xf0ffffff7f0000, 0x0, 0x0) tkill(r0, 0x16) 21:41:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa00}, 0x0) 21:41:17 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) 21:41:17 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xb00}, 0x0) 21:41:17 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:17 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) 21:41:17 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x100000000000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:18 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4c) 21:41:18 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xe00}, 0x0) 21:41:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf00}, 0x0) 21:41:18 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xe00000000000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:18 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x1a83}, 0x0) 21:41:18 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x3f00}, 0x0) 21:41:18 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x0, &(0x7f0000000540)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:20 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x6000}, 0x0) 21:41:20 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x3f00000000000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:20 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x1, &(0x7f0000000540)=[0x0]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:20 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4d) 21:41:20 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) 21:41:20 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:20 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x831a}, 0x0) 21:41:20 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x1, &(0x7f0000000540)=[0x0]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:20 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf000}, 0x0) 21:41:21 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:21 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:21 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x1, &(0x7f0000000540)=[0x0]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x30000}, 0x0) 21:41:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x34000}, 0x0) 21:41:21 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:21 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4e) 21:41:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x400300}, 0x0) 21:41:21 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:21 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, 0x0) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:21 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x4a00000000000000, 0x0, 0x0) tkill(r0, 0x16) 21:41:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x8000a0}, 0x0) 21:41:24 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:24 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0) 21:41:24 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xffffffffa0010000, 0x0, 0x0) tkill(r0, 0x16) 21:41:24 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x4f) 21:41:24 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:24 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, 0x0) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:24 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x1000000}, 0x0) 21:41:24 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:24 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:24 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xffffffffa0020000, 0x0, 0x0) tkill(r0, 0x16) 21:41:24 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) 21:41:24 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x3000000}, 0x0) 21:41:24 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:24 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:24 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xffffffffa0040000, 0x0, 0x0) tkill(r0, 0x16) 21:41:25 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x50) 21:41:25 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 21:41:25 executing program 4: creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r0, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:25 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:25 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, 0x0) read(r0, &(0x7f0000000000)=""/50, 0x32) 21:41:25 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0xffffffffa0060000, 0x0, 0x0) tkill(r0, 0x16) 21:41:25 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x5000000}, 0x0) 21:41:25 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xe) tkill(r0, 0x16) 21:41:25 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:25 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x6000000}, 0x0) 21:41:25 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x8000000}, 0x0) 21:41:25 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x9000000}, 0x0) 21:41:26 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa000000}, 0x0) 21:41:26 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x51) 21:41:26 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) 21:41:28 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:28 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a) tkill(r0, 0x16) 21:41:28 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:28 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xb000000}, 0x0) 21:41:28 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) 21:41:28 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x52) 21:41:28 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xe000000}, 0x0) 21:41:28 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:28 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x1a0) tkill(r0, 0x16) 21:41:28 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf000000}, 0x0) 21:41:28 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x10000000}, 0x0) 21:41:28 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x2a0) tkill(r0, 0x16) 21:41:31 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(0xffffffffffffffff, &(0x7f0000000000)=""/50, 0x32) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x3f000000}, 0x0) 21:41:31 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:31 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a0) tkill(r0, 0x16) 21:41:31 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:31 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x53) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x60000000}, 0x0) 21:41:31 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x6a0) tkill(r0, 0x16) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x831a0000}, 0x0) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0x9effffff}, 0x0) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa0008000}, 0x0) 21:41:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa0010000}, 0x0) 21:41:31 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, 0x0, 0x0) 21:41:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa0020000}, 0x0) 21:41:32 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:32 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x54) 21:41:34 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:34 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xe00) tkill(r0, 0x16) 21:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xa0040000}, 0x0) 21:41:34 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, 0x0, 0x0) 21:41:34 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x55) 21:41:34 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xf0ffffff}, 0x0) 21:41:34 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x3f00) tkill(r0, 0x16) 21:41:34 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xfffff000}, 0x0) 21:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xffffff7f}, 0x0) 21:41:34 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xffffff9e}, 0x0) 21:41:35 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4000) tkill(r0, 0x16) 21:41:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xfffffff0}, 0x0) 21:41:35 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7}}) read(r0, 0x0, 0x0) 21:41:35 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x56) 21:41:35 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}, 0x1, 0x0, 0x0, 0xffffffff}, 0x0) 21:41:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x2) 21:41:35 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a00) tkill(r0, 0x16) 21:41:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3) 21:41:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x4) 21:41:37 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x5) 21:41:37 executing program 0: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000001c0)=""/136) 21:41:37 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x57) 21:41:37 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:37 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x1000000) tkill(r0, 0x16) 21:41:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x6) 21:41:38 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000002000e00000004000000800300000801000000000000d8010000d8010000d8010000b0020000b0020000b0020000b0020000b00200000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a80008010000000000000000000000000000000000000000000000006000484d41524b00000000000000000200000000000000080000000000000000ff010000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000ea0000000000000000000000fe880000000000000000000000000001fe8800000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000726f73653000000000000000000000006e657464657673696d300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d000000000000000000000000000000000000000000000000000280052454a4543540000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008d09a432d97a35100000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d8000000000000000000000700000000000000000000000000003000534554000000000000000000000000220000000000000000000000000002000006000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d000000c000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x0) 21:41:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x8) 21:41:38 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1758.197907] x_tables: duplicate underflow at hook 2 21:41:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x9) 21:41:38 executing program 0: r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000009400)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60940000004d8800fe800000000000000000000000000000ff02000000000000000000000000000100004e20001e9078e29607149378d33e1db1c73936c77abf25ae4fc4f5d282174ad17bb2401ea3f7fa9f11cf1ac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429"], 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000046, 0x0) [ 1758.351120] syz-executor.4 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 21:41:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa) [ 1758.417354] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1758.432303] CPU: 1 PID: 21858 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1758.440217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1758.449666] Call Trace: [ 1758.452270] dump_stack+0x197/0x210 [ 1758.455919] dump_header+0x15e/0xa55 [ 1758.459654] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1758.464775] ? ___ratelimit+0x60/0x595 [ 1758.468688] ? do_raw_spin_unlock+0x181/0x270 [ 1758.473207] oom_kill_process.cold+0x10/0x6ef [ 1758.477723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1758.483274] ? task_will_free_mem+0x139/0x6e0 [ 1758.487784] ? find_held_lock+0x35/0x130 [ 1758.491870] out_of_memory+0x362/0x1330 [ 1758.495864] ? lock_downgrade+0x880/0x880 [ 1758.500033] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1758.505154] ? oom_killer_disable+0x280/0x280 [ 1758.509660] ? find_held_lock+0x35/0x130 [ 1758.513752] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1758.518731] ? memcg_event_wake+0x230/0x230 [ 1758.523080] ? do_raw_spin_unlock+0x181/0x270 [ 1758.527598] ? _raw_spin_unlock+0x2d/0x50 [ 1758.531772] try_charge+0xec5/0x1490 [ 1758.535503] ? lock_downgrade+0x880/0x880 [ 1758.539674] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1758.544536] ? rcu_read_unlock+0x33/0x60 [ 1758.548619] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1758.553505] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1758.559586] ? __lock_is_held+0xb6/0x140 [ 1758.563668] mem_cgroup_try_charge+0x259/0x6b0 [ 1758.568296] __add_to_page_cache_locked+0x334/0xd10 [ 1758.573330] ? find_lock_entry+0x5f0/0x5f0 [ 1758.577593] add_to_page_cache_lru+0x1c9/0x860 [ 1758.582190] ? add_to_page_cache_locked+0x40/0x40 [ 1758.587053] ? __page_cache_alloc+0x131/0x450 [ 1758.591568] pagecache_get_page+0x364/0xcf0 [ 1758.595915] grab_cache_page_write_begin+0x7b/0xb0 [ 1758.600865] ext4_da_write_begin+0x2d7/0x1180 [ 1758.605386] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1758.610939] ? ext4_write_begin+0x1790/0x1790 [ 1758.615446] ? copy_page_from_iter+0x7f0/0x7f0 [ 1758.620060] generic_perform_write+0x22a/0x520 [ 1758.624658] ? page_endio+0x780/0x780 [ 1758.628468] ? current_time+0x140/0x140 [ 1758.632460] ? lock_acquire+0x16f/0x3f0 [ 1758.636448] ? ext4_file_write_iter+0x23f/0x1060 [ 1758.641223] __generic_file_write_iter+0x25e/0x630 [ 1758.646173] ext4_file_write_iter+0x32b/0x1060 [ 1758.650773] ? find_held_lock+0x35/0x130 [ 1758.654856] ? ext4_file_mmap+0x410/0x410 [ 1758.660499] ? lock_downgrade+0x880/0x880 21:41:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xb) [ 1758.664669] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1758.669441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1758.675013] ? __sb_start_write+0x1a9/0x360 [ 1758.679359] aio_write+0x346/0x530 [ 1758.682915] ? aio_read+0x3b0/0x3b0 [ 1758.686564] ? __might_fault+0x12b/0x1e0 [ 1758.690647] ? __might_fault+0x12b/0x1e0 [ 1758.694732] ? lock_downgrade+0x880/0x880 [ 1758.698925] io_submit_one+0x104d/0x2ed0 [ 1758.703011] ? lookup_ioctx+0x1d7/0x830 [ 1758.707019] ? aio_complete_rw+0xf20/0xf20 [ 1758.711269] ? __might_fault+0x12b/0x1e0 [ 1758.715377] __x64_sys_io_submit+0x1aa/0x520 [ 1758.719809] ? __x64_sys_io_submit+0x1aa/0x520 [ 1758.724421] ? __ia32_sys_io_destroy+0x420/0x420 [ 1758.729236] ? do_syscall_64+0x26/0x620 [ 1758.733244] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1758.738625] ? do_syscall_64+0x26/0x620 [ 1758.742618] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1758.747221] do_syscall_64+0xfd/0x620 [ 1758.751040] ? do_syscall_64+0xfd/0x620 [ 1758.755039] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1758.760266] RIP: 0033:0x45b3b9 [ 1758.763492] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1758.782402] RSP: 002b:00007f024152cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 1758.790127] RAX: ffffffffffffffda RBX: 00007f024152d6d4 RCX: 000000000045b3b9 [ 1758.797410] RDX: 0000000020000540 RSI: 00000000200002f1 RDI: 00007f024150c000 [ 1758.804688] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1758.811995] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1758.819276] R13: 00000000000001f4 R14: 00000000004c2d48 R15: 000000000075bf2c [ 1758.844365] Task in /syz4 killed as a result of limit of /syz4 21:41:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xe) [ 1758.868387] memory: usage 307136kB, limit 307200kB, failcnt 12629 [ 1758.875885] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1758.894072] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:41:38 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x58) [ 1758.900364] Memory cgroup stats for /syz4: cache:64KB rss:217548KB rss_huge:178176KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:217684KB inactive_file:100KB active_file:12KB unevictable:0KB [ 1758.994446] Memory cgroup out of memory: Kill process 4450 (syz-executor.4) score 124 or sacrifice child [ 1759.014189] Killed process 4450 (syz-executor.4) total-vm:74768kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB 21:41:39 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:41:39 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xe000000) tkill(r0, 0x16) 21:41:39 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', 0x0}) sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={[], [], @loopback}}, 0x1c, 0x0, 0x0, &(0x7f0000001640)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={[], [], @empty}, r4}}}], 0x28}, 0x0) 21:41:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf) 21:41:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x10) 21:41:41 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:41 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0xe, 0x4, 0x290, 0xc8, 0x0, 0x0, 0xc8, 0x160, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x4, 0x0, {[{{@uncond, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @REJECT={0x28, 'REJECT\x00'}}, {{@ip={@multicast1, @remote, 0x0, 0x0, 'gre0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x3}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) write$tun(r2, &(0x7f0000000080)={@void, @val, @ipv4=@generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @local}}}, 0x1e) bind$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r1, 0x0, r3, 0x0, 0x30005, 0x0) 21:41:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x60) 21:41:41 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x59) 21:41:41 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x3f000000) tkill(r0, 0x16) 21:41:41 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 1761.390292] x_tables: duplicate underflow at hook 2 21:41:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf0) [ 1761.465133] x_tables: duplicate underflow at hook 2 21:41:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x1a0) 21:41:41 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x40000000) tkill(r0, 0x16) 21:41:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x2a0) 21:41:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:42 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x300) 21:41:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:42 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5a) 21:41:42 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x4a0) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x500) 21:41:42 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a000000) tkill(r0, 0x16) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x600) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x900) 21:41:42 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xa0010000) tkill(r0, 0x16) 21:41:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa00) 21:41:43 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:43 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xb00) [ 1763.377085] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1763.413712] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1763.419567] CPU: 0 PID: 21987 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1763.427465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.436828] Call Trace: [ 1763.439436] dump_stack+0x197/0x210 [ 1763.443095] dump_header+0x15e/0xa55 [ 1763.446826] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1763.451945] ? ___ratelimit+0x60/0x595 [ 1763.455852] ? do_raw_spin_unlock+0x181/0x270 [ 1763.460375] oom_kill_process.cold+0x10/0x6ef [ 1763.464890] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1763.470439] ? task_will_free_mem+0x139/0x6e0 [ 1763.475052] ? find_held_lock+0x35/0x130 [ 1763.479139] out_of_memory+0x362/0x1330 [ 1763.483131] ? lock_downgrade+0x880/0x880 [ 1763.487291] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1763.492403] ? oom_killer_disable+0x280/0x280 [ 1763.497077] ? find_held_lock+0x35/0x130 [ 1763.501174] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1763.506043] ? memcg_event_wake+0x230/0x230 [ 1763.510395] ? do_raw_spin_unlock+0x181/0x270 [ 1763.514908] ? _raw_spin_unlock+0x2d/0x50 [ 1763.519079] try_charge+0xec5/0x1490 [ 1763.522816] ? lock_downgrade+0x880/0x880 [ 1763.526992] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1763.531849] ? rcu_read_unlock+0x33/0x60 [ 1763.536890] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1763.541758] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1763.547837] ? __lock_is_held+0xb6/0x140 [ 1763.551919] mem_cgroup_try_charge+0x259/0x6b0 [ 1763.556543] __add_to_page_cache_locked+0x334/0xd10 [ 1763.561595] ? find_lock_entry+0x5f0/0x5f0 [ 1763.565855] add_to_page_cache_lru+0x1c9/0x860 [ 1763.570451] ? add_to_page_cache_locked+0x40/0x40 [ 1763.575336] ? __page_cache_alloc+0x131/0x450 [ 1763.579852] pagecache_get_page+0x364/0xcf0 [ 1763.584201] grab_cache_page_write_begin+0x7b/0xb0 [ 1763.589149] ext4_da_write_begin+0x2d7/0x1180 [ 1763.593669] ? iov_iter_fault_in_readable+0x377/0x450 [ 1763.599834] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1763.605390] ? ext4_write_begin+0x1790/0x1790 [ 1763.610020] ? copy_page_from_iter+0x7f0/0x7f0 [ 1763.614637] generic_perform_write+0x22a/0x520 [ 1763.619255] ? page_endio+0x780/0x780 [ 1763.623077] ? current_time+0x140/0x140 [ 1763.627086] ? lock_acquire+0x16f/0x3f0 [ 1763.631096] ? ext4_file_write_iter+0x23f/0x1060 [ 1763.635872] __generic_file_write_iter+0x25e/0x630 [ 1763.640859] ext4_file_write_iter+0x32b/0x1060 [ 1763.645458] ? mark_held_locks+0x100/0x100 [ 1763.649723] ? ext4_file_mmap+0x410/0x410 [ 1763.653891] ? mark_held_locks+0x100/0x100 [ 1763.658141] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1763.663689] ? iov_iter_init+0xc6/0x1f0 [ 1763.667689] __vfs_write+0x587/0x810 [ 1763.671434] ? kernel_read+0x120/0x120 [ 1763.675360] ? rcu_read_lock_sched_held+0x110/0x130 [ 1763.680389] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1763.685154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1763.690811] ? __sb_start_write+0x1a9/0x360 [ 1763.695157] vfs_write+0x20c/0x560 [ 1763.698718] ksys_write+0x14f/0x2d0 [ 1763.702363] ? __ia32_sys_read+0xb0/0xb0 [ 1763.706452] ? do_syscall_64+0x26/0x620 [ 1763.710451] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1763.715837] ? do_syscall_64+0x26/0x620 [ 1763.719833] __x64_sys_write+0x73/0xb0 [ 1763.723736] do_syscall_64+0xfd/0x620 [ 1763.727563] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1763.732766] RIP: 0033:0x45b3b9 [ 1763.735987] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1763.754898] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1763.762622] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1763.769896] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1763.777173] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1763.784557] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1763.791832] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c [ 1763.804591] Task in /syz5 killed as a result of limit of /syz5 [ 1763.810687] memory: usage 307160kB, limit 307200kB, failcnt 3351 [ 1763.817229] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1763.824448] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1763.830973] Memory cgroup stats for /syz5: cache:0KB rss:254436KB rss_huge:235520KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:254576KB inactive_file:4KB active_file:4KB unevictable:0KB [ 1763.852386] Memory cgroup out of memory: Kill process 21929 (syz-executor.5) score 1114 or sacrifice child [ 1763.869655] Killed process 21929 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35876kB, shmem-rss:0kB [ 1763.912780] syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 1763.949777] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1763.961036] CPU: 0 PID: 21985 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1763.968937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.978292] Call Trace: [ 1763.980892] dump_stack+0x197/0x210 [ 1763.984541] dump_header+0x15e/0xa55 [ 1763.988353] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1763.993464] ? ___ratelimit+0x60/0x595 [ 1763.997469] ? do_raw_spin_unlock+0x181/0x270 [ 1764.001992] oom_kill_process.cold+0x10/0x6ef [ 1764.006509] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.012061] ? task_will_free_mem+0x139/0x6e0 [ 1764.016580] out_of_memory+0x362/0x1330 [ 1764.020578] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1764.025690] ? oom_killer_disable+0x280/0x280 [ 1764.030201] ? find_held_lock+0x35/0x130 [ 1764.034293] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1764.039157] ? memcg_event_wake+0x230/0x230 [ 1764.043495] ? do_raw_spin_unlock+0x181/0x270 [ 1764.047999] ? _raw_spin_unlock+0x2d/0x50 [ 1764.052165] try_charge+0xc6e/0x1490 [ 1764.055909] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1764.060766] ? lock_downgrade+0x880/0x880 [ 1764.064927] ? kasan_check_read+0x11/0x20 [ 1764.069088] memcg_kmem_charge_memcg+0x83/0x170 [ 1764.073768] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1764.078294] ? __isolate_free_page+0x4c0/0x4c0 [ 1764.082896] memcg_kmem_charge+0x13b/0x370 [ 1764.087150] __alloc_pages_nodemask+0x3c3/0x750 [ 1764.091833] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1764.096864] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1764.101452] ? trace_hardirqs_on+0x67/0x220 [ 1764.105793] copy_process.part.0+0x3d6/0x7a60 [ 1764.110320] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1764.115438] ? delayacct_end+0x5c/0x100 [ 1764.119432] ? __delayacct_freepages_end+0xe0/0x140 [ 1764.124471] ? __lock_acquire+0x6ee/0x49c0 [ 1764.128734] ? __cleanup_sighand+0x70/0x70 [ 1764.132978] ? mark_held_locks+0x100/0x100 [ 1764.137242] _do_fork+0x257/0xfd0 [ 1764.140712] ? fork_idle+0x1d0/0x1d0 [ 1764.144441] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 1764.150334] ? kasan_check_read+0x11/0x20 [ 1764.154495] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1764.159261] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1764.164034] ? do_syscall_64+0x26/0x620 [ 1764.168016] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1764.173395] ? do_syscall_64+0x26/0x620 [ 1764.177400] __x64_sys_clone+0xbf/0x150 [ 1764.181395] do_syscall_64+0xfd/0x620 [ 1764.185215] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1764.190410] RIP: 0033:0x45dd89 [ 1764.193614] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1764.212551] RSP: 002b:00007ffdf9f71018 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1764.220268] RAX: ffffffffffffffda RBX: 00007f67b8298700 RCX: 000000000045dd89 [ 1764.227569] RDX: 00007f67b82989d0 RSI: 00007f67b8297db0 RDI: 00000000003d0f00 [ 1764.234846] RBP: 00007ffdf9f71230 R08: 00007f67b8298700 R09: 00007f67b8298700 [ 1764.242120] R10: 00007f67b82989d0 R11: 0000000000000202 R12: 0000000000000000 [ 1764.249399] R13: 00007ffdf9f710cf R14: 00007f67b82989c0 R15: 000000000075bfd4 [ 1764.268424] Task in /syz5 killed as a result of limit of /syz5 [ 1764.279939] memory: usage 305840kB, limit 307200kB, failcnt 3351 [ 1764.287271] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1764.299151] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1764.306443] Memory cgroup stats for /syz5: cache:752KB rss:252332KB rss_huge:233472KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:252408KB inactive_file:888KB active_file:4KB unevictable:0KB [ 1764.328704] Memory cgroup out of memory: Kill process 20974 (syz-executor.5) score 1113 or sacrifice child [ 1764.338768] Killed process 20974 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35796kB, shmem-rss:0kB 21:41:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:45 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5b) 21:41:45 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xa0020000) tkill(r0, 0x16) 21:41:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xe00) 21:41:45 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:45 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:45 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf00) 21:41:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x1a83) 21:41:45 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3f00) 21:41:46 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5c) 21:41:46 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x6000) 21:41:46 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:46 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:46 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xa0040000) tkill(r0, 0x16) 21:41:46 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x831a) [ 1766.307261] ptrace attach of "/root/syz-executor.5"[22048] was attempted by "/root/syz-executor.5"[22049] 21:41:46 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf000) 21:41:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x30000) 21:41:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x34000) 21:41:47 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5d) 21:41:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x400300) 21:41:47 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:47 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:47 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xa0060000) tkill(r0, 0x16) 21:41:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x8000a0) [ 1767.235022] ptrace attach of "/root/syz-executor.5"[22078] was attempted by "/root/syz-executor.5"[22079] 21:41:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf0ffff) 21:41:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x1000000) 21:41:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x2000000) 21:41:49 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:49 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5e) 21:41:49 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x1a0ffffffff) tkill(r0, 0x16) 21:41:49 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:41:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3000000) [ 1769.740242] ptrace attach of "/root/syz-executor.5"[22106] was attempted by "/root/syz-executor.5"[22107] 21:41:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x4000000) 21:41:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x5000000) 21:41:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x6000000) 21:41:50 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x2a0ffffffff) tkill(r0, 0x16) 21:41:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x8000000) 21:41:52 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x9000000) 21:41:52 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:52 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x5f) 21:41:52 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:41:52 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a0ffffffff) tkill(r0, 0x16) 21:41:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa000000) 21:41:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xb000000) 21:41:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xe000000) 21:41:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf000000) 21:41:53 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x6a0ffffffff) tkill(r0, 0x16) 21:41:53 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x10000000) 21:41:55 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:55 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3f000000) 21:41:55 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x7ffffffff000) tkill(r0, 0x16) 21:41:55 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x60) 21:41:55 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:55 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:41:55 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x60000000) 21:41:56 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:56 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xf0ffffff7f0000) tkill(r0, 0x16) 21:41:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x831a0000) 21:41:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x9effffff) 21:41:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa0008000) 21:41:56 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x100000000000000) tkill(r0, 0x16) 21:41:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa0010000) 21:41:58 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:41:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa0020000) 21:41:58 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x61) 21:41:58 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:41:58 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:41:58 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000) tkill(r0, 0x16) 21:41:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa0040000) 21:41:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf0ffffff) 21:41:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xfffff000) 21:41:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffff7f) 21:41:59 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000) tkill(r0, 0x16) 21:41:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffff9e) [ 1779.865723] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1779.913836] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1779.919557] CPU: 0 PID: 22216 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1779.927449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1779.936809] Call Trace: [ 1779.939417] dump_stack+0x197/0x210 [ 1779.943069] dump_header+0x15e/0xa55 [ 1779.946806] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1779.951931] ? ___ratelimit+0x60/0x595 [ 1779.955833] ? do_raw_spin_unlock+0x181/0x270 [ 1779.960366] oom_kill_process.cold+0x10/0x6ef [ 1779.964883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.970437] ? task_will_free_mem+0x139/0x6e0 [ 1779.974951] ? find_held_lock+0x35/0x130 [ 1779.979047] out_of_memory+0x362/0x1330 [ 1779.983038] ? lock_downgrade+0x880/0x880 [ 1779.987245] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1779.992375] ? oom_killer_disable+0x280/0x280 [ 1779.996882] ? find_held_lock+0x35/0x130 [ 1780.000973] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1780.005837] ? memcg_event_wake+0x230/0x230 [ 1780.010184] ? do_raw_spin_unlock+0x181/0x270 [ 1780.014704] ? _raw_spin_unlock+0x2d/0x50 [ 1780.018872] try_charge+0xec5/0x1490 [ 1780.022601] ? lock_downgrade+0x880/0x880 [ 1780.026778] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1780.031637] ? rcu_read_unlock+0x33/0x60 [ 1780.035714] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1780.040851] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1780.046933] ? __lock_is_held+0xb6/0x140 [ 1780.051018] mem_cgroup_try_charge+0x259/0x6b0 [ 1780.055624] __add_to_page_cache_locked+0x334/0xd10 [ 1780.060656] ? find_lock_entry+0x5f0/0x5f0 [ 1780.064920] add_to_page_cache_lru+0x1c9/0x860 [ 1780.069520] ? add_to_page_cache_locked+0x40/0x40 [ 1780.074383] ? __page_cache_alloc+0x131/0x450 [ 1780.078897] pagecache_get_page+0x364/0xcf0 [ 1780.083234] grab_cache_page_write_begin+0x7b/0xb0 [ 1780.088180] ext4_da_write_begin+0x2d7/0x1180 [ 1780.092701] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1780.098258] ? ext4_write_begin+0x1790/0x1790 [ 1780.102770] ? copy_page_from_iter+0x7f0/0x7f0 [ 1780.107385] generic_perform_write+0x22a/0x520 [ 1780.112000] ? page_endio+0x780/0x780 [ 1780.115814] ? current_time+0x140/0x140 [ 1780.119807] ? lock_acquire+0x16f/0x3f0 [ 1780.123794] ? ext4_file_write_iter+0x23f/0x1060 [ 1780.128571] __generic_file_write_iter+0x25e/0x630 [ 1780.134231] ext4_file_write_iter+0x32b/0x1060 [ 1780.138826] ? mark_held_locks+0x100/0x100 [ 1780.143080] ? ext4_file_mmap+0x410/0x410 [ 1780.147278] ? mark_held_locks+0x100/0x100 [ 1780.151531] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1780.157091] ? iov_iter_init+0xc6/0x1f0 [ 1780.161101] __vfs_write+0x587/0x810 [ 1780.164833] ? kernel_read+0x120/0x120 [ 1780.168742] ? rcu_read_lock_sched_held+0x110/0x130 [ 1780.173779] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1780.178532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1780.184065] ? __sb_start_write+0x1a9/0x360 [ 1780.188381] vfs_write+0x20c/0x560 [ 1780.191931] ksys_write+0x14f/0x2d0 [ 1780.195584] ? __ia32_sys_read+0xb0/0xb0 [ 1780.199644] ? do_syscall_64+0x26/0x620 [ 1780.203610] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1780.208974] ? do_syscall_64+0x26/0x620 [ 1780.212952] __x64_sys_write+0x73/0xb0 [ 1780.216839] do_syscall_64+0xfd/0x620 [ 1780.220637] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1780.225865] RIP: 0033:0x45b3b9 [ 1780.229057] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1780.248592] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1780.256294] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1780.263561] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1780.270823] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1780.278083] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1780.285349] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c [ 1780.328122] Task in /syz5 killed as a result of limit of /syz5 [ 1780.345134] memory: usage 307168kB, limit 307200kB, failcnt 7490 [ 1780.351588] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1780.389889] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1780.401503] Memory cgroup stats for /syz5: cache:96KB rss:252964KB rss_huge:233472KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:253048KB inactive_file:16KB active_file:12KB unevictable:0KB [ 1780.429090] Memory cgroup out of memory: Kill process 22049 (syz-executor.5) score 1113 or sacrifice child [ 1780.439730] Killed process 22049 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35852kB, shmem-rss:0kB [ 1780.458568] oom_reaper: reaped process 22049 (syz-executor.5), now anon-rss:0kB, file-rss:34892kB, shmem-rss:0kB 21:42:02 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xfffffff0) 21:42:02 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x62) 21:42:02 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 21:42:02 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:02 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000) tkill(r0, 0x16) 21:42:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x1a0ffffffff) 21:42:02 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x2a0ffffffff) 21:42:02 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:02 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x4a0ffffffff) 21:42:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3000000000000) 21:42:02 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x4a00000000000000) tkill(r0, 0x16) 21:42:03 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x63) 21:42:03 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 21:42:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x40030000000000) 21:42:03 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x8000a0ffffffff) 21:42:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf0ffffffffffff) 21:42:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x100000000000000) 21:42:03 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x200000000000000) [ 1783.877331] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1783.933055] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1783.948556] CPU: 0 PID: 22296 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1783.956474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1783.965834] Call Trace: [ 1783.968518] dump_stack+0x197/0x210 [ 1783.972252] dump_header+0x15e/0xa55 [ 1783.975994] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1783.981123] ? ___ratelimit+0x60/0x595 [ 1783.985031] ? do_raw_spin_unlock+0x181/0x270 [ 1783.989556] oom_kill_process.cold+0x10/0x6ef [ 1783.994075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1783.999630] ? task_will_free_mem+0x139/0x6e0 [ 1784.004145] ? find_held_lock+0x35/0x130 [ 1784.008222] out_of_memory+0x362/0x1330 [ 1784.012211] ? lock_downgrade+0x880/0x880 [ 1784.016383] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1784.021728] ? oom_killer_disable+0x280/0x280 [ 1784.026233] ? find_held_lock+0x35/0x130 [ 1784.030329] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1784.035192] ? memcg_event_wake+0x230/0x230 [ 1784.039532] ? do_raw_spin_unlock+0x181/0x270 [ 1784.044047] ? _raw_spin_unlock+0x2d/0x50 [ 1784.048325] try_charge+0xec5/0x1490 [ 1784.052060] ? lock_downgrade+0x880/0x880 [ 1784.056234] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1784.061095] ? rcu_read_unlock+0x33/0x60 [ 1784.065168] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1784.070031] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1784.076105] ? __lock_is_held+0xb6/0x140 [ 1784.080185] mem_cgroup_try_charge+0x259/0x6b0 [ 1784.084786] __add_to_page_cache_locked+0x334/0xd10 [ 1784.089815] ? find_lock_entry+0x5f0/0x5f0 [ 1784.094075] add_to_page_cache_lru+0x1c9/0x860 [ 1784.098671] ? add_to_page_cache_locked+0x40/0x40 [ 1784.103543] ? __page_cache_alloc+0x131/0x450 [ 1784.108064] pagecache_get_page+0x364/0xcf0 [ 1784.112409] grab_cache_page_write_begin+0x7b/0xb0 [ 1784.117355] ext4_da_write_begin+0x2d7/0x1180 [ 1784.121875] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1784.127437] ? ext4_write_begin+0x1790/0x1790 [ 1784.131995] ? copy_page_from_iter+0x7f0/0x7f0 [ 1784.136613] generic_perform_write+0x22a/0x520 [ 1784.141229] ? page_endio+0x780/0x780 [ 1784.145047] ? current_time+0x140/0x140 [ 1784.149045] ? lock_acquire+0x16f/0x3f0 [ 1784.153041] ? ext4_file_write_iter+0x23f/0x1060 [ 1784.157820] __generic_file_write_iter+0x25e/0x630 [ 1784.162788] ext4_file_write_iter+0x32b/0x1060 [ 1784.167419] ? mark_held_locks+0x100/0x100 [ 1784.171690] ? ext4_file_mmap+0x410/0x410 [ 1784.175866] ? mark_held_locks+0x100/0x100 [ 1784.180123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1784.185680] ? iov_iter_init+0xc6/0x1f0 [ 1784.189674] __vfs_write+0x587/0x810 [ 1784.193406] ? kernel_read+0x120/0x120 [ 1784.197342] ? rcu_read_lock_sched_held+0x110/0x130 [ 1784.202496] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1784.207274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1784.212833] ? __sb_start_write+0x1a9/0x360 [ 1784.217178] vfs_write+0x20c/0x560 [ 1784.220741] ksys_write+0x14f/0x2d0 [ 1784.224395] ? __ia32_sys_read+0xb0/0xb0 [ 1784.228482] ? do_syscall_64+0x26/0x620 [ 1784.232481] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1784.237863] ? do_syscall_64+0x26/0x620 [ 1784.241866] __x64_sys_write+0x73/0xb0 [ 1784.245780] do_syscall_64+0xfd/0x620 [ 1784.249610] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1784.254809] RIP: 0033:0x45b3b9 [ 1784.258019] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1784.276930] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1784.284653] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1784.291942] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1784.299226] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1784.306625] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1784.313905] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c [ 1784.357111] Task in /syz5 killed as a result of limit of /syz5 [ 1784.369573] memory: usage 307168kB, limit 307200kB, failcnt 8989 [ 1784.376369] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1784.383360] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1784.395795] Memory cgroup stats for /syz5: cache:0KB rss:252772KB rss_huge:233472KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:252928KB inactive_file:80KB active_file:0KB unevictable:0KB [ 1784.423045] Memory cgroup out of memory: Kill process 17732 (syz-executor.5) score 1113 or sacrifice child [ 1784.433684] Killed process 17732 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1784.452273] oom_reaper: reaped process 17732 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 21:42:05 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x300000000000000) 21:42:05 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xffffffffa0010000) tkill(r0, 0x16) 21:42:05 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x64) 21:42:05 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r1, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x0, 0x0, 0x6}]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 21:42:05 executing program 5: write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:05 executing program 5: write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x400000000000000) 21:42:05 executing program 5: write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x500000000000000) 21:42:05 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xffffffffa0020000) tkill(r0, 0x16) 21:42:05 executing program 5: r0 = creat(0x0, 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1786.421993] syz-executor.4 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 1786.442239] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1786.448325] CPU: 0 PID: 22325 Comm: syz-executor.4 Not tainted 4.19.102-syzkaller #0 [ 1786.456227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1786.465591] Call Trace: [ 1786.468198] dump_stack+0x197/0x210 [ 1786.471848] dump_header+0x15e/0xa55 [ 1786.475579] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1786.480696] ? ___ratelimit+0x60/0x595 [ 1786.484595] ? do_raw_spin_unlock+0x181/0x270 [ 1786.489103] oom_kill_process.cold+0x10/0x6ef [ 1786.493617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1786.499170] ? task_will_free_mem+0x139/0x6e0 [ 1786.503676] ? find_held_lock+0x35/0x130 [ 1786.507753] out_of_memory+0x362/0x1330 [ 1786.511742] ? lock_downgrade+0x880/0x880 [ 1786.515902] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1786.521014] ? oom_killer_disable+0x280/0x280 [ 1786.525525] ? find_held_lock+0x35/0x130 [ 1786.529731] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1786.534586] ? memcg_event_wake+0x230/0x230 [ 1786.538930] ? do_raw_spin_unlock+0x181/0x270 [ 1786.543443] ? _raw_spin_unlock+0x2d/0x50 [ 1786.547609] try_charge+0xec5/0x1490 [ 1786.551341] ? lock_downgrade+0x880/0x880 [ 1786.555508] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1786.560361] ? rcu_read_unlock+0x33/0x60 [ 1786.564434] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1786.569291] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1786.575361] ? __lock_is_held+0xb6/0x140 [ 1786.579438] mem_cgroup_try_charge+0x259/0x6b0 [ 1786.584044] __add_to_page_cache_locked+0x334/0xd10 [ 1786.589076] ? find_lock_entry+0x5f0/0x5f0 [ 1786.593336] add_to_page_cache_lru+0x1c9/0x860 [ 1786.597937] ? add_to_page_cache_locked+0x40/0x40 [ 1786.602808] ? __page_cache_alloc+0x131/0x450 [ 1786.607334] pagecache_get_page+0x364/0xcf0 [ 1786.611672] grab_cache_page_write_begin+0x7b/0xb0 [ 1786.616619] ext4_da_write_begin+0x2d7/0x1180 [ 1786.621131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1786.626691] ? ext4_write_begin+0x1790/0x1790 [ 1786.631204] ? copy_page_from_iter+0x7f0/0x7f0 [ 1786.635809] generic_perform_write+0x22a/0x520 [ 1786.640416] ? page_endio+0x780/0x780 [ 1786.644226] ? current_time+0x140/0x140 [ 1786.648221] ? lock_acquire+0x16f/0x3f0 [ 1786.652208] ? ext4_file_write_iter+0x23f/0x1060 [ 1786.656978] __generic_file_write_iter+0x25e/0x630 [ 1786.661931] ext4_file_write_iter+0x32b/0x1060 [ 1786.666616] ? find_held_lock+0x35/0x130 [ 1786.670782] ? ext4_file_mmap+0x410/0x410 [ 1786.674948] ? lock_downgrade+0x880/0x880 [ 1786.679107] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1786.683869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1786.689422] ? __sb_start_write+0x1a9/0x360 [ 1786.693761] aio_write+0x346/0x530 [ 1786.697320] ? aio_read+0x3b0/0x3b0 [ 1786.700965] ? __might_fault+0x12b/0x1e0 [ 1786.705132] ? __might_fault+0x12b/0x1e0 [ 1786.709233] ? lock_downgrade+0x880/0x880 [ 1786.713421] io_submit_one+0x104d/0x2ed0 [ 1786.717498] ? lookup_ioctx+0x1d7/0x830 [ 1786.721496] ? aio_complete_rw+0xf20/0xf20 [ 1786.725744] ? __might_fault+0x12b/0x1e0 [ 1786.729847] __x64_sys_io_submit+0x1aa/0x520 [ 1786.734271] ? __x64_sys_io_submit+0x1aa/0x520 [ 1786.738867] ? __ia32_sys_io_destroy+0x420/0x420 [ 1786.743643] ? do_syscall_64+0x26/0x620 [ 1786.747625] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1786.752996] ? do_syscall_64+0x26/0x620 [ 1786.756979] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1786.761574] do_syscall_64+0xfd/0x620 [ 1786.765383] ? do_syscall_64+0xfd/0x620 [ 1786.769372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1786.774563] RIP: 0033:0x45b3b9 [ 1786.777775] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1786.796691] RSP: 002b:00007f024152cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 1786.804416] RAX: ffffffffffffffda RBX: 00007f024152d6d4 RCX: 000000000045b3b9 [ 1786.811701] RDX: 0000000020000540 RSI: 00000000200002f1 RDI: 00007f024150c000 [ 1786.818993] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1786.826280] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1786.833571] R13: 00000000000001f4 R14: 00000000004c2d48 R15: 000000000075bf2c [ 1786.846804] Task in /syz4 killed as a result of limit of /syz4 [ 1786.853111] memory: usage 306992kB, limit 307200kB, failcnt 22060 [ 1786.859970] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1786.867319] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1786.873960] Memory cgroup stats for /syz4: cache:88KB rss:215368KB rss_huge:176128KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:215516KB inactive_file:12KB active_file:8KB unevictable:0KB [ 1786.895437] Memory cgroup out of memory: Kill process 4559 (syz-executor.4) score 124 or sacrifice child [ 1786.905684] Killed process 4559 (syz-executor.4) total-vm:74768kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB 21:42:08 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x600000000000000) 21:42:08 executing program 5: r0 = creat(0x0, 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:08 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xffffffffa0040000) tkill(r0, 0x16) 21:42:08 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x65) 21:42:08 executing program 4: r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg(r0, &(0x7f0000000140)={&(0x7f00000003c0)=@in={0x2, 0x0, @loopback}, 0x80, 0x0}, 0x20000000) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000021000000000000000000001e9500000000000000a8828542471f38877c2c8c43863f"], &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00000002c0)=""/251}, 0x48) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1}) close(r2) 21:42:08 executing program 5: r0 = creat(0x0, 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x800000000000000) 21:42:08 executing program 5: creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:08 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0xffffffffa0060000) tkill(r0, 0x16) 21:42:08 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x900000000000000) 21:42:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:09 executing program 5: creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:09 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x154ab, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000050774010c00dfdbdf250001a381", @ANYRES32=0x0, @ANYBLOB="7fff0002810d00001c0012000b0001006d616373656300e10b00020005000200100000070a000540020000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d0100000000000000ecb85f7297cb172cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB="6326ffc30340a59af4c3650421f9a53779861026cd4f7ae2dcfdaef81c581d1b4223e49887ee68e87ed537d5b23278f5a773d3577c6015e7451adce957e1fac165be3eb34c5174f627927737456b54921f664921e1615264cc762c1897041559d7dc7e2109b0dff9eb9ca92da732cc5b460a46383502d39115895996c76ff3ce0392ed127d44dcfde97698dfe68efeb997445e598790400e81a0a90106099ffc4061064fb95ebf7e5d5f0594c09177280b0443767621957b58026d75a2af754500"/208], 0x50}}, 0x0) 21:42:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xa00000000000000) [ 1789.266597] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1789.326418] device tunl0 entered promiscuous mode [ 1789.355216] device macsec1 entered promiscuous mode [ 1789.397473] device tunl0 left promiscuous mode [ 1789.460947] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1789.489338] device tunl0 entered promiscuous mode [ 1789.499834] device macsec1 entered promiscuous mode [ 1789.509853] device tunl0 left promiscuous mode 21:42:09 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x66) 21:42:09 executing program 5: creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xb00000000000000) 21:42:09 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet(0x2, 0x80001, 0x0) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000240)=@get={0x1, &(0x7f0000000300)=""/140, 0x2}) 21:42:09 executing program 1: r0 = gettid() r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x13, 0x1, @thr={&(0x7f00000000c0)="3500e82bc40667dd036def0e0a0788416bcfd36dd121fd83c7563ede2e3099e34425fb81c385580b3ea5b6e08a1c2ebc920a8a2baaa2776bb3740ac4b689cb5496e84cafc7a2a483995572c9fda941f69100af42b65fc026972af9e87b4e5f92c61e15346fb35a4b43d940e9601ed380eca564438e1a2529f549158c06c80a4998975f", &(0x7f0000000200)="6f3a6ff5eb540cae475b35ffcbd352d05b4ffcf80dc9540bce0356d380d805dd6fcae1c7346bf30b091c62f11b978e853d139adc79a0fa1969a7d07e08cc0847fb3ea50b076ed1074900912bb59de00b883710d61859fe6481c7792c7b81394425f0996e02c22dc20a10eb0fc7eac07067b8e9"}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xe00000000000000) 21:42:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 21:42:09 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, 0x0, 0x0) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:09 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000002c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe) r3 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000300)="585ccbc4ed83b836c1a64749b66147f9cb451c91690000000042e3d75228897501f93191b076ac446ff0022b8753a1fa748c569f435fb3bae96efb748c4ec93c2db8eae321c7ccda650bd6a6129c2ee45cc9b3198a29e5c0cfc60000ce0637cef580b4ec24c53d86571ff5ff70e48884ca000018cea71fcf8a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff33c1e8e036e5031949762d009d308bd73f477252d0000000000004000"/192, 0xc0, r2) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)='\x00', 0x1, 0xfffffffffffffffd) r5 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r6 = add_key$user(&(0x7f0000000480)='user\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000600)='\b', 0x1, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r4, r3, r6}, &(0x7f0000000700)=""/243, 0xf3, &(0x7f0000000400)={&(0x7f0000000580)={'sm3\x00'}}) 21:42:09 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 21:42:10 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, 0x0, 0x0) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:10 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x67) 21:42:10 executing program 4: msgsnd(0x0, &(0x7f0000000340)={0x3}, 0x0, 0x0) 21:42:10 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf00000000000000) 21:42:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 21:42:10 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, 0x0, 0x0) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x1000000000000000) 21:42:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:13 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:13 executing program 4: syz_open_dev$char_usb(0xc, 0xb4, 0x5cb7) 21:42:13 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f00000001c0)={{0x77359400}, {0x77359400}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x200000, 0x0) connect$bt_sco(r3, &(0x7f0000000080), 0x8) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000200)=""/211, &(0x7f0000000180)=0xd3) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f0000000100), &(0x7f0000000140)=0x4) 21:42:13 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x68) 21:42:13 executing program 4: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r0, 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000000)="3f006671d7af52f647750500080089ea010000000000f109a708", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000003, 0xff], 0x1f004}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) close(r4) close(r4) setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f00000001c0)=0x5, 0x4) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000400)={[0x100000001, 0xffffffffffffffff, 0x0, 0x0, 0x20]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$nvram(0xffffffffffffff9c, 0x0, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r5, 0x8008ae9d, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) close(r3) sync() sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) 21:42:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x3f00000000000000) 21:42:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x6000000000000000) 21:42:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:13 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x831a000000000000) 21:42:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x9effffff00000000) 21:42:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) [ 1793.561554] ptrace attach of "/root/syz-executor.0"[22481] was attempted by "/root/syz-executor.0"[22482] [ 1793.684579] ptrace attach of "/root/syz-executor.0"[22492] was attempted by "/root/syz-executor.0"[22493] 21:42:16 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) recvfrom$llc(r3, &(0x7f0000000600)=""/253, 0xfd, 0x100, 0x0, 0x0) r4 = getpgid(r2) sched_getattr(r4, &(0x7f0000000000)={0x38}, 0x38, 0x0) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xf0ffffff00000000) 21:42:16 executing program 4: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r0, 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000000)="3f006671d7af52f647750500080089ea010000000000f109a708", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000003, 0xff], 0x1f004}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) close(r4) close(r4) setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f00000001c0)=0x5, 0x4) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000400)={[0x100000001, 0xffffffffffffffff, 0x0, 0x0, 0x20]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$nvram(0xffffffffffffff9c, 0x0, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r5, 0x8008ae9d, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) close(r3) sync() sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) 21:42:16 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:16 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x69) 21:42:16 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffff7f00000000) [ 1796.334102] ptrace attach of "/root/syz-executor.0"[22507] was attempted by "/root/syz-executor.0"[22508] 21:42:16 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:16 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x24, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f0000000200)) tkill(r0, 0x16) 21:42:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffffff00000000) 21:42:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffffffa0008000) 21:42:16 executing program 4: ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, 0x0) accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f00000000c0)=0x10, 0x80000) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="660f5a180f0095071d65dc110f0867f30fc7fb0f413a0f20e06635000010000f22e02d0e00f30f3266b8005800000f23c80f21f86635080030000f23f8"}], 0x1a7, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:42:16 executing program 4: syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{}], 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="a797f61b09327d1a4fc5e4ad", 0xc}, {&(0x7f0000000380)}, {0x0}, {&(0x7f0000000140)="d89d0696fde1550d", 0x8}, {0x0}], 0x5) unshare(0x50080) r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000200)=0x3) sendfile(r1, r2, 0x0, 0x8000fffffffe) r3 = open(&(0x7f0000002000)='./bus\x00', 0x8a940, 0x1bc) sendfile(r3, 0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCSFF(r3, 0x402c4580, &(0x7f0000000040)={0x0, 0x0, 0x3, {0x7, 0x3ff}, {0x6, 0xf73b}, @const={0x0, {0x7fff, 0x0, 0x63e0}}}) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f00000001c0)='veth1_virt_wifi\x00') r4 = syz_open_procfs(0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xfca8) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=0x4) 21:42:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffffffa0010000) [ 1796.984859] audit: type=1804 audit(1581370936.918:4071): pid=22534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3267/bus" dev="sda1" ino=16980 res=1 21:42:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffffffa0020000) [ 1797.084950] audit: type=1804 audit(1581370936.988:4072): pid=22537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3267/bus" dev="sda1" ino=16980 res=1 21:42:17 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6a) 21:42:17 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xffffffffa0040000) 21:42:17 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1797.708854] ptrace attach of "/root/syz-executor.5"[22552] was attempted by "/root/syz-executor.5"[22553] [ 1797.764873] audit: type=1804 audit(1581370937.708:4073): pid=22537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3267/bus" dev="sda1" ino=16980 res=1 [ 1797.851345] audit: type=1804 audit(1581370937.738:4074): pid=22554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3267/bus" dev="sda1" ino=16980 res=1 [ 1797.974680] audit: type=1804 audit(1581370937.788:4075): pid=22537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir006107762/syzkaller.I31Exa/3267/bus" dev="sda1" ino=16980 res=1 21:42:19 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:19 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000340)={0x0, 0xff00}) 21:42:19 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0xfffffffffffff000) 21:42:19 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6b) 21:42:19 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1799.737882] ptrace attach of "/root/syz-executor.5"[22571] was attempted by "/root/syz-executor.5"[22572] 21:42:19 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000340)={0x0, 0xff00}) 21:42:19 executing program 4: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_writev(r0, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x212, 0x0) 21:42:19 executing program 2: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r7, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="b80000000303030000000000000000000a0000070800034000001000080003400000000408000340000000030c00020000583f030a2789ed"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x40801) r8 = socket$packet(0x11, 0x3, 0x300) r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r12, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000002c00270d00000000f100000000ef281a", @ANYRES32=r12, @ANYBLOB="0000000000000000f1ff00000c0001007463696e646578000c0002000800040000000000"], 0x3c}}, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000001c0)=@can={0x1d, r12}, 0x80, &(0x7f0000000540)=[{&(0x7f00000002c0)="054b857c3ea444330ceb", 0xa}, {&(0x7f0000000300)="2b695d2a921c51", 0x7}, {&(0x7f0000000440)="9dd2399dfcccc23e1c3395b7646581c51ff299c0df09cceabf75e5fe8d2131b85e865bdb28f4ef0a48", 0x29}, {&(0x7f0000000500)="e9d44b6b235b6463", 0x8}], 0x4, &(0x7f0000000680)=[@mark={{0x14, 0x1, 0x24, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0xff}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}, @txtime={{0x18, 0x1, 0x3d, 0x7f}}], 0x60}, 0x40000) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) r13 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r13, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r13, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0", @ANYRES32=r5, @ANYRESDEC, @ANYPTR=&(0x7f0000000600)=ANY=[@ANYPTR, @ANYRESHEX=r0, @ANYPTR=&(0x7f0000000480)=ANY=[@ANYRESOCT=0x0, @ANYRES16=0x0, @ANYRESDEC, @ANYRESOCT=0x0], @ANYRESDEC=r3, @ANYPTR, @ANYRESOCT=r13, @ANYPTR64=&(0x7f00000005c0)=ANY=[@ANYRESOCT, @ANYPTR64=&(0x7f0000000200)=ANY=[]]], @ANYRESOCT=r6], 0x5}, 0x1, 0x0, 0x0, 0x8040}, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000140)={0x1, 0x8, [0x3, 0x8]}) openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20002, 0x0) 21:42:20 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, 0x0, &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:20 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6c) 21:42:20 executing program 4: 21:42:20 executing program 4: [ 1800.867147] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=52476 sclass=netlink_route_socket pig=22580 comm=syz-executor.2 21:42:22 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:22 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, 0x0, &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:22 executing program 4: 21:42:22 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r7, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r9, 0x0, 0x0, 0x0, 0x0, 0x0) r10 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r10, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r10, 0x0, 0x0, 0x0, 0x0, 0x0) r11 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r11, 0x0, 0x0, 0x0, 0x0, 0x0) r12 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r12, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r12, 0x0, 0x0, 0x0, 0x0, 0x0) r13 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r13, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r13, 0x0, 0x0, 0x0, 0x0, 0x0) r14 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r14, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r14, 0x0, 0x0, 0x0, 0x0, 0x0) r15 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r15, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r15, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003f00)=ANY=[@ANYBLOB="b513a37338b558040c0bebd9661119d814b97a1031a08342f8ee0f000000001cd4b071dd55a93479b0660a0c37fe2570eda346000fd6e3b52d6e7fe3df3fa8a0ef2a39fc4e4be896aec15ab55e635f763ec1662b744aadc256b0b41134010348ba008aad2d0c20aa8db712cac174e690aee94fa19cc493c989397555344cf92bcb1a8907c18a19c6ca5efc3b23809a71fd0a36c9904b9f", @ANYPTR, @ANYPTR=&(0x7f0000004040)=ANY=[@ANYRES16=r1, @ANYRESHEX=r0, @ANYBLOB="3eb0980155354578670a40684b026e895c13fba7321d76ebdcec40bccba4594a00781038", @ANYBLOB="e42d873f1b32307be993167664f0806de6cf9a55349d963462d9d5c8bbe9040f4559523904e810b822bb3285eb2f731b9afa00a4dfa65ce68d6b1981bd28ba8c75b9830eacc0ab513e5aa625419a685f9cb338e5e1c4bb0fc1daeabedfb768d4c02be95af0ac2b82b23fe26ceff9e8c1ee848366ba24617127336f71458cfead18cb84cd516712da746a2194534eda0c09d2f53efeb7cad9d84bd45590463a8c3551e78eb1", @ANYRESOCT=r2, @ANYRES64=r9, @ANYPTR64=&(0x7f00000055c0)=ANY=[@ANYPTR=&(0x7f00000041c0)=ANY=[@ANYRESHEX=r10, @ANYBLOB="cdababc24430f88cfc10190ddb096e8141a8037e44e764b737537eadcab3f9fc50591b84153281b355b20d6ea0711573a01f27bba71118094e87197708318f825717bd0b9c39413dd69936da48fc81efe43c257514a8f59495bc375e77b55967edc38f3bdf2180be62d39da576584fb1d43ba9fb8ca24c83fde34b656e5498cea22ccff1b1ffc87bf019531197ce0d2126b8bf6930abccde6242369d33c42d841d52311e6ddb72db9cc18e187f503507d2a33d2ec22e0b0d1c4ea09b110b5cdc38317a3759bc507f0b1d75c29a16e7472456c5", @ANYRES32=0x0, @ANYBLOB="b93a25638485c20bc57343a780ee897e7a4cd3a7d46badfd4ccbe41a551db5dd993f0fbe3830d8fae43bcc28565c9c20f5db6645d8d49a1a9b82c456bc77d195c783b5728220879f7e12c88b7980248d64249e6963ed86ab2675a58e793953d2459662b70cbd2a97a8c3a6af09d5a4", @ANYRES32=0x0, @ANYRES32, @ANYRESOCT=r5, @ANYRES64=r11, @ANYRESHEX=r3], @ANYRES64=r12, @ANYPTR64=&(0x7f0000004380)=ANY=[@ANYBLOB="89ec66447bf8e4844ce124399ba746271678c188f6680c659e004bfb2508790dfbc2e812c3fa5223429e265a09f3660647c72cdecdfb60ecb3e767f7b19888c87171b6fd69904dc145f53240ef96685ff0a0046835bcb6c90f7c80ba89bb1869406d2894e9f4a8b7d7c9413bc9cc5f9f8b218be605eb2c2033782b7b57d682c2d85cfbadf91ec1628acb898e40cc08318b531c9a28fda62a49bd68360c8668f1f68651c3006a2dcc1dbf1497e0bbf3a9b89496d3f69c802c4d43740ff28a2160821a94dc57c4cb1ee00316fd5378e5452c833621c860393a81556bc8f9b26f06b6235df2", @ANYRES32=0x0], @ANYBLOB="a8", @ANYBLOB="16174c7dfd018d9d25f3015a5f019451472d106eee19e90aed2860d796c0df4025ec960246ef7307845a522d264ce7ddb444d06cfa28b49497546aaa5a186da48e70ec2fb943d21fad964c3b38446fbf83650dbce7672b23af9a64484bef89680b5383b689d9247fdbd2d8", @ANYPTR64=&(0x7f0000003900)=ANY=[@ANYPTR64, @ANYBLOB="67713a29f492231048f02747326048269716839bfb1d28dffe5d62b86ea44862e134aa59b40704cac5d317b2882ba29348491195a0120116af434aec4367101a406dce093646ae86d6d8c798b455a489aef1046cadd967a167b60f0123c88836da3e10c6b4f30f27bff3e233aab267f3ae6601243696c0d06d91a4701e57c7a4774c36baf16104a8a6787bd8e1b3117dcc94c7595fe6619232c3b0dd166a4c0a241915c4935ef621984326bed18d4d3b0c258d3728", @ANYBLOB="32cdecb67991a45ad451c0d9b4d77925c5bd5ffb7d2a222782a5bd7ef2c9c3ad90dbbf", @ANYRES32=r13, @ANYRESHEX=r3, @ANYRES64], @ANYPTR=&(0x7f0000004580)=ANY=[@ANYPTR64, @ANYPTR64, @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYPTR, @ANYRES16=r14, @ANYBLOB="ff6b1ee2f38dde43af7577ecc25c4647a600817af3911241a23a24de03bcdab9571111cd8bd01c90656f964ed4dda4642dfeb2bf331412b635663076cedee090a747c97e8687cdea11fb064f3f66f8afeed16c0ee44b42d1f62e5e8c58b9da6fb8a053572a1f3a15f8b870064b4488e2a603a3868e0f29276e3fc76083db6b2ce40a926d8f88baf37309aae73f8a2f74da6ba8531bb79f7526abb3c22bd75f9b6e4579c988619dc9e5becfb8d907d5bfaee783145f0530cc561391f3c3b3acf1f50f0f0a6f31440a8f6de7d80741e417d3072d2c88031ed9266a1b3d3d9c799ee6a1e81abefcd2dd3971d798615b384a1bb659d8508c5f65809064e28ec991db2e4e5078d2beb223d8e9250f7a9f8d70827e22e80750be98f67dcc87657fec1b6426bd8ae2df5ce18190f083727ede974788bae51b97b07a47c7f8c4e2ac25f0956b042bb11363c8cf2fbc95e33e940fddf52170acafdb5af85534bd087700be1a9345d601320b13578500ddb21201abc83d3b44af46953548e9d0ea753dcf26bec8667b9ac6a0e1243e0a1da9b6f8397aeaf86b88097c257fd0727b550e2a5874d6b9e6c5c179b78afdf1b9102b321afad4b641ac3340ef0d4b9987c4ccb5b1a6f641a120520c2c3a4556bd4ad56644d33c7d8fb51577f2d032176a1147eae20780101b15fa9875e7f460c9fb74d1366eb0d1a93d9bbfd4dbe046c84b7cf83373a66189bef7665be6686ccce3153119b1a19f6d60d12bf301e3e798834196acc20d9817b8c605e050f1bb48986e549aa0d0481e6e12ff8e1a1c3a450bfe06a46a81f1899a9325ac17e9ad9b2bd09f812c6fb3357e6748bc7d9a7d7505b61d947bfbd714fd8af28ad06f42f61a4ebea6be9c0d38681473ad4d7c6304998ccc59bdd90bc714cbd6faa4de37a5c719a2fc257088998fad7dd54755b4d9fc8947a08144687ef255f38e21851fb2e24dbe182ae0e59e3207936fe6e9894972eb9bebbb4d2ce060e74839a77d51e5cb4dae5cb44a7dcfb149797b6b01a5d998b5024b4f66aa0c186f09ebfb7a1a57f540bbc54db0d42cd2b56fbe209ab68ca05b0f3f7be87a5a0adb64a493aa9820cf203ca71af6bbc08eeec4bd6f775b308090062728c1ab0e9ea4dcba61e8bbeeda67596ab4ef3a201ad79f2b4b6b2ef8e4120d3b3b88ea071a40ef38fff1b59ca14349215bc35a4116f9f9a63d7bcb3b64bdabcecf7de785f3308b20a6a3aaf81492279f139de4df65bc23e9079cf7a776066a23cc7b27f018c4f6f43d3effd582782314e177bf265fc4461ec29ca21a52ed0a3768299b39adf2764c0504eb971891992495a2b4142ecdb0ebe45542282ae20bd9ab70b7e7d03d1beaf5e7c73b5c74966328f792db27f61c91227868c6229b746c241bc61895512a9eb9761f4e8f91ef7d3547d13215959588bb6ef66f651f99309b069799ed4b6dfabb1154c7b7d37509143229278d4bca71ef2d315cec85d1e29e5c98db129a1afe03c534a506e7d4d964a65060241597aced7952cd36c54a60eac40b4f1bb34c871fac352a6db6487beb0d3228a2d915ca1845b901189977bdc7bc4c18397d55df0faa48af5196d75c6f6eea48571e238c038d3b2d39ab3fe9adabb59da56a9c74dbc3e48f16cba10af4159a95031852101178830ad4881c8e96d30159ba85715d077038ceeaf26e36a71c5e19a1f5aff3e78279f04d352615206db7b29f2158805b264c5c77e988ca76b9a91ffb44ea696658eb61c829cd533d33bea7a7fef1c16f5a1d2fe0c49899ddacb455c5132772f46d501cd8d73170c19ec6c4870923b60ddb20d8bd2437c41180a4c9a181bb53e3455bc6b253be315740138a0ed68472ef4112fdaa9be1862d1b2c49248c168600a89fcd5b083223400eb269cf2d01932707d0480ef28a9711bff1dd058a716d21d638d6857cf6c46365683d03077ea875b1658921544192b4827ddb06fd3bc4576bdac83f57beff1e1a7d88ed33d98574bf7c16959315f4d9e7cbcf744596e8df09bcc9a22306dd93de1cb4d6f2515102c714244e1ea97852f0141853b32caed9d3ac9d8c95c03eb48ea152492c165597917a8e8375d539b2054c1c6ec30b601c52cec263e10c54459daac2e3f23928a7662e6ed9ec3eafcafd5a1d6bed1cb35e11746f1ceafc01c278e662483b5f2c76df0568ad72fbc71376b3f49137f5070c50034abac8fde334c8677506bc6bb03aaa81b73a48b7e628ea1b3a812b67a7ea570834991e0806a1f333c29b4f2bcffc1ff72e5e4a86686b1140c8fe64b5bc011d773667a822259ea858df2972852c7f759defa9fb860af68d8cf688ce796ed5a70d520ef337dfee4c5e907621fb3e898c11e0af133122a56e7aa19e84e0c6fec78db2dbdff300b8e437e782c1ccb5941534297feb9ff2eac607bf8eebbd6a97bcc82cbec5db71349f094d95a8933b582182fd3363f22fad9ed7f8716db819e3d2bfb43ac35f82e467a2f2860b37e62301e2e58d04eb006adf33adda36034aa12b7103f7f57ad482cb5715a2dd4a232396e05f618b21a31d21928757f82f47aff0d0539ed3871c35ca285316eab8502e58ad7a334392749ddde763baf126d209260b49e0089bf41ae791c23872ecd7020787e8f931b8e5b25649f8d5c2c21f3d4d3cd00590ba470731d5c8d1211bc39822f6345a9f6c34a54372fa60e5c56872da3c5043672cde4a09189bcc0d4068afe7a4b8eeef7964fa1a96821d8ca7fce6285a6ce9e237713158d74ace9f1707cece0f9ba5657705bfaac23c71f42fee8cccebbaa675af035752030bc60d94331bfd46e981005890f4b27a0f4ad16ceba633e9c255f263104a2a27c42c4af22dd95fe9554750b7386ab03717381cf317f0dfca840894e17fdf869409a02b880512b550bf22a16ecdc597e3aac9cf8b23f6d0336cf422c9d532bf74dcb46d4dc6d8297f54c8730c3a2181e69717214ad4a2fd1b105b4098d811479fcb55f319cd383894e4361eb766f27404fdb054264ae87777a4d2f5337b5e99b8923434ef38ff42b5e9420158cdbebb256700c72928139b6db0fd5882a1fc0db979b7cc950013f3927798fa4e55c8664399c634b52abfb81c3dd7f6f51a572edd32d2485ca41cde57b9b66f4aa2827220d6af845c192545057744c78a16ae1889ebaef721ae642abc94b52c80a690e4488cd93f7b69da295054dcb8df47dd5242f130460ff578b71399d68615087fc4ccc5480c11f1f56612c4353b51701da197bad904d2872c24084a70a886cc45e74623f55e951fc2dae20f85fe12a26ccee479525c0ae44579cd66cfe751767309b8e5496c87319998deba1727f6f1a2c4746da24f076dd685e2a915474102b844f57a01583ebaf8aa3c8cdab1f33932498aa7dafb7749e1c9d6d92ff499519df020108a637b9e29cf9653bdc91e8d98e60e3c51b8175881c116a1f490cc1f7ee470736add9e9f271e3c737f34ef683c59287c0cb30bb83246a0156f8fdba870a027b2f494689af158ae5d4971b751d3583af2f7cb47f43c1b7a6016b0fb30592013e9d1745f9389a07afffce20bcab0a97f159a1aa72b517fe13e44561cda6274d5607ed743f61ed224fc7b0df84661570f9b656014dfc00402b72aac41111adfde09af08f35f5418deaec020abde1f49f30d318991b01d08c4630fdd8e0755e6dd2f4abf48b1172e3b225832f89ba19acde4303c9a609182ee260acf6060a1d9dbac8a9566f74ca00aeb3df6c721894d4e96a6895e507049695e2d487eb8d115f45376661f6e191435cbfbf8c9cb1011ccd47ed82954c7a9245ec7ca033f0f7e7e255d9b8dba559cd172e28c69de671eb0c56684abd7d8bc037392369be1dd4157d9d032fdf42faaea730ba20a394129325be7e3cd67dda641f05fa23e750cf9bf3bb921f35b90a9cb77b89851f83e1299cab5677573861c1713fa4a37d431f343464a4f4567e36dbdb834397073083fa6a8a8da7c5fd4768bda6cc5b07bb9822dbf1fc27a3925c57b467fb5c2ef29a4cb8c00d0b7578911ad94db40c63cc368d6cd4cacf26cda6d5da11cee256b5a98d80e765ab5c0692bc811a96e3b78606d6016f1412d8fc7a34623615b407d023994b5b15d1d931c55eb7a94c4c30d09cf7143f43ba9202b5358ef5c40ebea87b68f47b0814b64e7e77b05b24d6f3dd5c9f616410509c2eda6633c85bebba50384ec2074640863403846e6ba238e21235d99b11ea43fa4811448de248570cd2b67e831d4487cdebe05841967a5f3a82a6239bcbe6382f73773faffba7d30d75c1b3510f3d179741ca74abf0885b8d0ddae8604a854069c91c38f9647e9b2742e596f4ff9560778ad83832d4810e2e1142ff19a3c11756db783d3d54b231784d3f474258a67b6b6549f2591f67be51c103d8d9d01606341f80411a976e60b76e5427e70e7f4d843ebbbaba1f838c887df30f856e6ba50d3928d28431fa1b49dd07009c5760520ee94c95b71cfa26c5b5de04243bea4bc72abfb03ab9a3fa3e256fcdca2cc86ecc629f0b667cdeb4741d165e6d906f8326293230ad437abe910d8a2ae2753dc669a44dbcc6d0be61e5d7fdf3076b6db5c55044a2484dd8145176f71f33f3b7cf4afedeb727527a23e41e31fba5f97f3b695f3f3d07f12307004b9f637b795e8b84aa05cd1c2c9bebd3f55da4193ac808bcf11ee192c4c716420ef8d74ec88532cde58953622cde2ca90b585334081f74b372298f78fcf534a240a478bd87e0a795214f97432778a99247d932f2e467ec3475f2017de2a4874232faa08430476d3ea5d10170bf3aebb3c6a2989c8c02d5cbcb1a874e0db68acd1c685d8a1306219254a1e689409cf1c6d1ffe2f2988f03e46b30f0fdb26929296ff296d421475fc45835890dfeb617c664a2dca294fbff2c6348691d356f256a2d9a9735c33bcb99b8e5b35b34273234a7e38b99f68816b2d3e8bfe2ec94c6321961495e1d3d36f79aaefc4b848a18e4fe7e0b4e87be59d200246dacfb6128dc5f772676ae0e2579e7d6ef883cd826e46cdb00d79bd9eaaa5f0039857808463c0c342fbb6f7b5e4cb0857d5d350da93877d883f9390c8f7adf2a1745ba73daff5f79eb60788fdd6093ca6b15e34c3fb74874403493b0001b1c50ff92eb0a761f640b3a422ffc0f2dfeeaadf1f64e31951d2b5aeb0970a1365adeda75ef4a622e996da78821fc8a5094034d5bcf0be4ac100b82014b2a6d0d1a81df3b4b82153f0629323ba913ea793e5d8a106560bafa2d48cc66ea378b7f44a950207c6f6d762a9c89db11e2803de82df28890c1f7936d2d1ff5a1784904b29b69e5455f710f3ba88fe2fa5896f00f699fcced036a7c101d858538590451a74ae9a5ff8ec83e54bc383816f67abc610b9aea7bafd535f2add4c6e631345eac28742302fb69246e97bd760552338ef81bc71a43d9fe2e3a0f4b8b191540ae8162cdcb35596f203f871c77a0f8577e49965179bfee67f9315b2fd4efa3f93c9fd0d26c48fa5c8b46bbefc9832f44ba10d97d1c2ec6de7b7d0814650a38b9004ce07d72c90c80308df47a13703c3e96cfae40f7441bf36d86ec91af9796affc8a137c3a5103ae255088b909f1f2bf8e5cb1c506a3f5145d18391c16a38548606b3fcb7cb4fca2fde4cdccfcae57662140561a0f5b58132418b32915edf7ae4b587f6bf04f2b8f03fbcaa7330bc30aada69914ba82472642ff1eab18620e4cf220f0675226162cda6eb6e1b6cc881d6c973058e86c07452ce1216edd241622ee04da28c0499119f2d"], @ANYRESOCT=r15, @ANYRES16], @ANYBLOB="3bcb7fde06fb759e9e1dd9e905a5eeb84736bc3b7ee78a5c4a9b98400f5c614ea4fe0fff6ba56a3fda43816ccb5f8b2db238e539fc7c57427e7d48f7c0add042eb5b575c62b5f0e37336d9411d4f", @ANYPTR64=&(0x7f0000003a40)=ANY=[@ANYRES16=r4, @ANYRESDEC=r5]], @ANYPTR=&(0x7f0000003dc0)=ANY=[@ANYRESHEX=r4, @ANYPTR64=&(0x7f0000003fc0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRES64=r7, @ANYRESDEC=r8, @ANYRESOCT], @ANYPTR=&(0x7f0000003c40)=ANY=[@ANYBLOB="4bd0ea41fff0ce48c774eebf7d24042235804f37879d5c8310581f11f923f3b04307f267686b8a85bf4a8be33d00014bc1baff1bcbd36bbe0798167f70536434fc6989da7598447058a693097c17e405dc35c3ae29c8c368ebbca5d1b057222dc326119ac469ff2680d44f5fb8bc0cbffd200e51e8beed931cc3114e59c5ebf42d0625685bb8f6e09655659ef9d23aa74c40cd6e3b03284e22d419efd3bdc36ff5c687ae4cffbf0648782c768690016d87db84ef1e5d06ab60ed7ce58d086ffd87ceed181e4aeebf5594dd4683801e97e7570e97c523e7", @ANYBLOB="aab00e0089e5b1b86c46f2aaef8b72bead5ec4093468405cca493f1c435f6498e176b25023a1a49fb7c51d92c71bc4c4ff3969a9384367b39273776ffe537d43eb5efbf08bbb48", @ANYBLOB="a42cab370c972e544838f1abf93dfbe8d1e9de1c554c1810e9ac7cea2b9f2875f3b9d1a8cb73ba3ac6e1fc65d1f97ff6bb138226aa8091385c2b6e7dbfc8e4070ebb", @ANYRES64=r0], @ANYRES32], @ANYPTR64=&(0x7f0000003e00)=ANY=[@ANYBLOB="bcbe32bc1483accef62aa1574196e285246c9dc3c1adfcf880b37b000d8e4ac344c6ffc7bf054568574d3a47475af4b5a52cd47d3f206298c9cc2c55b61137d87fa14d44161271fd0b655ca77a97edfcbe2595aaf4e51aa776ab8d0d0d5bd5b0093bdc3c9b592c847a27b38af70f860323cf216a430d0e7fd56e928d53762675d680d15e3aa2ee15b0f7ce878c77bfa4ef4326501d6f5194a9e4488bce32cb1f9400857321beec6c7553448de6740d92d67f8e242e7a9b9637300d410e57ca22fc73bee36641478341c7d47764"]], 0x5}}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r16 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001840)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$KVM_GET_NESTED_STATE(r16, 0xc080aebe, &(0x7f0000001880)={{0x0, 0x0, 0x80}}) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000002c0)) r17 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x40040, 0x0) r18 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r18, &(0x7f00000017c0), 0x333, 0x0) r19 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r19, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r19, 0x0, 0x0, 0x0, 0x0, 0x0) readv(r19, &(0x7f00000017c0)=[{&(0x7f0000000300)=""/213, 0xd5}, {&(0x7f0000000400)=""/247, 0xf7}, {&(0x7f0000000500)=""/60, 0x3c}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/92, 0x5c}, {&(0x7f00000015c0)=""/143, 0x8f}, {&(0x7f0000001680)=""/142, 0x8e}, {&(0x7f0000001740)=""/83, 0x53}], 0x8) mmap$snddsp_status(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r18, 0x82000000) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r17, 0xc1205531, &(0x7f0000000100)={0x5, 0x2e, 0x0, 0x2, [], [], [], 0x923, 0xfffffffe, 0x800, 0x7, "d240e19888641805e3c55315fc55eb23"}) 21:42:22 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6d) 21:42:22 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') accept$alg(r2, 0x0, 0x0) preadv(r3, &(0x7f00000017c0), 0x333, 0x0) r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$TIOCGICOUNT(r4, 0x545d, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000100)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000000)={r5, 0x5, 0x8}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/timer\x00', 0x0, 0x0) 21:42:22 executing program 4: 21:42:22 executing program 4: 21:42:22 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, 0x0, &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:22 executing program 4: 21:42:22 executing program 4: clone(0x82a047fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = getpid() r2 = getpid() rt_tgsigqueueinfo(r2, r1, 0x16, &(0x7f0000000100)) r3 = socket$inet6(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x374) setresuid(0x0, r4, 0x0) ptrace(0x10, r0) 21:42:22 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:25 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 21:42:25 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:25 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x65, 0x65, 0x4, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0xc}, {0xc, 0x1}, {0xe, 0x1}]}, @datasec={0x2, 0x1, 0x0, 0xf, 0x1, [{0x4, 0x35}], "a2"}, @typedef={0x7, 0x0, 0x0, 0x8, 0x1}, @typedef={0x6, 0x0, 0x0, 0x8, 0x1}, @int={0x2, 0x0, 0x0, 0x1, 0x0, 0x2b, 0x0, 0x7b, 0x2}]}, {0x0, [0x0, 0x2e]}}, &(0x7f0000000180)=""/154, 0x84, 0x9a, 0x1}, 0x20) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000380)=0x8000, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm_plock\x00', 0x4081, 0x0) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000340)) 21:42:25 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6e) 21:42:25 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vcsu\x00', 0x8000, 0x0) ioctl$SNDCTL_DSP_GETFMTS(r1, 0x8004500b, &(0x7f0000000480)=0x6) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000)) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f00000002c0)=@req={0x401, 0xd551, 0x8001, 0xfff}, 0x10) recvfrom$packet(r2, 0x0, 0x0, 0x10001, 0x0, 0x48) tkill(r0, 0x16) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = dup3(0xffffffffffffffff, r4, 0x0) ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r2) r6 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control\x00', 0x20000, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f0000000100)={0x1, 0xb95c, 0xff, 0x8, 0x4, "81856fb06567324971c719e62ff88b7602a13a"}) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MON_GET(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00', @ANYRES16=r7, @ANYBLOB="0f070000000000000000070000000c0002800500020000000000"], 0x20}}, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="20082cbd7000fcdbdf2508edc86b471b20389b007f45552d8afb0a9ea4c145e76c03de36008f2192033c1bf0812a6acf74b7f73477a01aec8da637f0a3839d73803cd5fb2d892dfc2a5fcb714c92ff06a0b2d7ffe47d8390aed5b2ea8f15dd8729267521967a32461d18cbfc118ec23e9115d328c38c0168c5cd87207e98a12bbabb59727d3ffaa70550a18a34006de703e9"], 0x2c}}, 0x80) sendmsg$TIPC_NL_BEARER_ADD(r6, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="5cf9d1a6", @ANYRES16=r7, @ANYBLOB="00042cbd7000ffdbdf251500000004000680300005802c0002800800040009000000080002000004000008000300c00100000800010003000000080001000500000034000680080001000900000004000200040002000800010009000000040002000800010000100000040002000400020004000200e80001802c000280080002004100000008000400d900000008000300060000000800010006000000080001000a0000001c0002800800040005000000080004007f0000000800040002630000380004001400010002004e22e00000010000000000000000200002000a004e20000000fcc18da7d2525d5a8e3a680e2b37e405cccf0a0000380004001400010002004e23ac1e01010000000000000000200002000a004e22000000027de6d5cbd45e466198ad65dd91ed37c4020000000800030000800000130001006574683a6e657464657673696d3000000d0001007564703a73797a30000000001c0006800400020008000100010000000400020008000100cc6cba6f240002800c00038008000100fcffffff080001007c0d0000080001000400000004000400"], 0x1a4}, 0x1, 0x0, 0x0, 0xc004}, 0x40000) 21:42:25 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = epoll_create1(0x0) fcntl$lock(r2, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}) fcntl$lock(r2, 0x24, &(0x7f0000000080)={0x1}) 21:42:25 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x600243, 0x0) read$eventfd(r0, &(0x7f0000000100), 0x8) r1 = syz_open_dev$rtc(&(0x7f0000000140)='/dev/rtc#\x00', 0x7, 0x600000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000000, 0x10010, r1, 0x630aa000) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190544de323fd7b2c948f93dd5f300000600000000000a0000003c0001002c1001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d000e000500fe800000000000e9ffffff000000000014000400fe800000"], 0xc0}}, 0x0) 21:42:25 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:25 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote}}]}, 0x70}}, 0x0) [ 1805.988941] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:26 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r7, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYPTR64=&(0x7f0000000140)=ANY=[], @ANYRES64, @ANYPTR64=&(0x7f00000004c0)=ANY=[@ANYRES16=r4, @ANYRESDEC, @ANYRESHEX, @ANYPTR64=&(0x7f00000005c0)=ANY=[@ANYRES64=r5, @ANYRES16=0x0, @ANYRES32, @ANYRESOCT, @ANYRESHEX=0x0, @ANYBLOB], @ANYBLOB="e32eac72cdbe9917d6121edb15bdec357f6e157a468f053c077d9f56e794816c43ddc53feab8d30e0e4c568a7bc03f1678ca4eef63ee22f6ea4b0e143d9d8469d42fcf36b894a0a240ac443a405123b0d6fa123a93c6e68157b6cf09dd61fc6c778d9771f460bcac9fe3d5729dfffe8ee23b7b4739bf8f0881c6a0e50af48744d75429f4abb604e254c37dec8189e350064b2b7d22babcf998ba6f75eaa56da7d24c2a6c2838269eefa77ec2c023750575abc5a8dc4da87930b201221d26cc203734"], @ANYBLOB, @ANYRES16=r0, @ANYRES64=r3, @ANYBLOB="a31d64c7c02b1f51d3aef5ae313fd78d08a1376e3001ed72872b0dc8804417764a7dafc28eff73d1bc552620aecb8f1d5ecf2bc6fdd2143d766d382c93893675ed68fd7d735d30a4e2ec85d1fd1860239ef864d80a707b5729983472c90d32cc7909f8d808e4197851cd2f955568f1489fe00c4f8bf1557b26720b2d8015e6a65420e34250de199ef8b8ecc5a71b8a81e5e3418bbb2d57dd158b1b0b8d20d677eaa280c8c5e79b33f35052c3d1551a", @ANYRESOCT=r4], 0x8}}, 0x0) 21:42:26 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:26 executing program 4: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000440)='/dev/hwrng\x00', 0x0, 0x0) getpid() socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)) getpid() write(0xffffffffffffffff, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, 0x0) syz_open_procfs(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000a40)={0xa, 0x0, 0x0, @dev}, 0x1c) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) connect$inet6(0xffffffffffffffff, 0x0, 0x0) [ 1808.639011] NOHZ: local_softirq_pending 08 21:42:28 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 21:42:28 executing program 1: r0 = gettid() ptrace$cont(0x20, r0, 0x6, 0x80000001) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:28 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:28 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_open_procfs(0x0, 0x0) 21:42:28 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x6f) 21:42:28 executing program 2: r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x60001) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00') r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4068aea3, &(0x7f0000001500)={0x7b, 0x0, [0x800, 0x4, 0x1, 0x7fff]}) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00'}) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)={0x30, r1, 0x1, 0x70bd24, 0x25dfdc02, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x3}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000880}, 0x0) epoll_create1(0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000480)="f0fddc9a6026938b28ce5a78ea46ca3a4a1522227514a27561ce0d88eb641d463893a2baf4c5895f7ae5a2b97f45cd65e1d6c9df4f7d24ab4b0bbd2735218414633dc9dcfb4c3834bcb39fcf756fd9972209976ae7810df60024eb0e50b64021a72a92f944729ba60fb917b9050240ea83ea62d13e6a1599e0a130aeb0f928302c21eecef5f90125a3fb636e5be20b0de4c3c317f558a486e135acd6757899e140974de73ab023e57ffdcc3c96374c72f78c20405655ec76a7243a1f3ba82294684e48119bcb573189f345d53a7646b243d5d9658288968c516b6acac208bd758819cc09dd511d511c274aeb40cb5850ba562cd6c3c7fc64914c626e4ddc5371e6769df151e40bb7e3c6754e520380ff06e438188a6655a225f9ae2f5160ca530d9062f63a79d1360c1d3acfc8ef735b6368bc88ed1d4fe72779ce7aeee144e62ef50a8ce2ff62af50834a905f8b3bc4ebfe18740627eb377c0e71005a865e6f160f9f194f38159e7722f494086b0191c012b8316ed453193bfce3840d6ae558779c02c471cddb988e5e1d957881bfc5331a66f71516e6e9e8772cf51593374ce9981cba10ecada84810d53b2be5eae045a5d77710620f35b2d70509685e9fbfd798dc02e3b2870a07528ce34305bb4f445a1b4929146489bd3dc78f247333f2923ec6b24242519bcdd82f7bd9c4008c283a1962506d4f6b9d5dcbdac71646923cb43bbab1b7eeb75e4adcef92b6e8dc1c9e8cd7a0d042884709eac69ce5bdccd8ee1c427f1c21f47213ade26795621539abc58d63d1c546b9bfe357c6abdba744ad69a2bb2a696d4f157f4edbb375469e7f751ffef4f746b2f182ceb185ec2cc1c898789b9ab21405d7875b4625c1a8853932152ef1ae766d84aae0f825b2392462cdadf7f834ceffddb562cadbd0c62f417c5141967827a44b8552b7fc952302fcf762434e4aa29d8846a165ee2a5a558003033c1ee3aecc341e25f26b06910ad79f1ce9ab091eeeca900b0ba94822aa3a6a1a6cf84c68ac38013cdd6c36e770332811432a39088520ab2271308118b55656bc0be7c833d07aafa4f372a64124762153137353cf696999621213883d1e5cf492109d2e96db99691897b54b512a64b027a3f702cc7c8dde253ce29801a2b2539eca16a8735fddde6feb240beb2e06b5a2df8123e26e04aa24221efc96fd70842c69b78efbb9b184cc2b2f245cbd3c70c7030aacda0c283fd4d13285f310f9e023dff03cd80eb306d8bc1178cf39e8306c8e0027ba94a75373cf6b8015a1e0ebbbca46e05b47cd57a4440ec2ffbb3ace5f51a445c9aaeedbe5def3c080221b71fd892f85c7b10e89a128c35e4169f59a523b51bd5ad0c0c82691f3fdc6a4c3090ef03cc5441ad24f9e76f001c0bfacfedce74891dac6c9ce79bd9d316901d72b3d272913227fb116c0b6a87c6bb1d11067a8b98f1143a6b5da89de53ebe7fbed32b622a905a66e7302c0b1d360d6fb5fd74598a835e9687dad1e520590ab45aed93b0781c009431c039970d42a40696596e01cb1754b8f58b734ecb03425486905102fecc13f39df723a69b0384a382b35e4586eed4696a11683130b41fa491411984693f4e3f7eedcba8ffe5de12c3b604000e4afecbc966e6e1e27b27aff75943e5447e17977ff191eab12c5c30b82a6e534b42f71c71c3358b954617f3159cd5348ebf8ba2dbc8d6aca1f8249bb940c973c448a9f386ad0c6e96ce37b9b0bc943eac82ade7ba0c04c432d212972700007240ac522d034197a46b731013cfd4072606f35254c1c857653c13466f93a6e8b72ccb0aac5527bafe003d2ecb4d54c858b675b4561cca846906f5dc38617d6ddc04098d036797eab08d37d9a4016cbd09100546eeaa45a19553a75c3d356f103740f06e1b4668e331a888a809625707da94f82f0fb334c2ada2dd4aa479c7c7963fe552bd99bf185c3a7cf953ecb3bd312ee4a86afae38cccf6536a6aa71b7099a120f81c11d2bbe5290a11035cb0676e973438cca2b8193790956b82fa254156236b5e5249b22381b410f364838ec5e74306ee1f59448637c15129ef0f85dd80023f720fa028ebff0be2f7b29de73fdd414523da51026e23fb9a6ccac089aca6ba45cd232ee702ccd59cf01152d3b47e7805292797479273c46736bd09b4fe4b82a19240131fa7837d4e34fd8f6c39e113a7dbe34677a3e0d226dc88606109e43e5371c0d885d9c43571420cc950813a3055b6a1fd4f06fadc89329981dfe13626bc61e3c6362f84abe3c4dee117e1b17978eb8f7741c36b085395c91fdce290dba9328a5d5bd2a7dc514d09779539e2369a5c49edc5ca259237ecaf41610d37b48d7b2035ccd8bd15f107c5484acbf8a5b1b539ec4b69c927cd10a75cbac23275fbfd3e5825f6d43ad2e9e2135b284022376efc496d68ce8538c48617d1c44cd617604820c175c6fbe105bb20190a46bf407ef0fd7bc1dbe4e9f5cb6891f73e183010ed4147f4509f133a5414046ee114d1dd4d14b0d1c3f921dda84bc136ffc16f11aafadcc327c9ec5a4c59dee98d0b1e547e08e9cc597b91d9ee3e48e00e29bd9b629042e64abf19e09d3504afa666ec4b2bdced4a1ca64818690cc9c2d1e68272b9f384e3627decacf27d9905f839891123ac1dab5b97f2535875d9df1e7c741540a7224fd3a8271ee31de8359906800f5f54e1b4e9adb889ae76d5613dfbb3adb3e1c876476d7bebfe1bfe7a1d4cfb7c1575e7622c64723e4d3468721cf913cd0ba2cf8d1241dfd6730e6495573aa4fba0731ac3a9a1858753a9daf1682574e508bb61b9933b8e8ca139c502f3318e826b3bbd8e6c1a564bacc6a0a2bb67b75c90c3a950eae605ed428bd0008e62510cb3a55a7f84f60a963489656a925c7334170f384285e4ec86512711b87a06af8e7aef71049488e3cb59d2275eebbc7d1e0496f4e8c84c735467d56e2621534d97fc750e66d1d51bd4a116e1bb59fc340f6a12efba2fa996696b3cc1483ad71fba19f18608b7d9a4a9a6a77bd48899dbc9243353a12899ccefd2b4bfcae2b658675bc85b13120a74bf8f4427cc63fc8850e7d52eb5fa5aefb5430ef81f9183a2659b02e8c342d090157dcdfd3490c9aedf325b957c1e1029512f551629fb85e493344d663a8575e798e64fe0f561006d3f58fc45c2affafe9efee8d3cd27f271bec2ce75875bdb283dde12370cb780bcbec838046aa46d121b93e792a9586d2ce148ec3d7288a7f6ad4a0d4e02867a6f8f54e9ac3eba67effcb98fa1a58cc9cb6f7d7467f6d7bea972ae32fb5e8e9166f7af3c5537f0758e9efb72dc6e1e3c2b7e0b7058c0dda2324ebd09ccac3e61643ad934695f05e51f7ff8b585c2c03bd971242ae4a3a341774eb52c63b109a9f8baa4f6c4bdc29433e0f38590f8df96fe49d21e0fbd1cba63bb2e2ba4bde49041baf7aeae95c23beb11e493e3de334037b42dc52f4b5c326348c21cc1c9f624065c692ff65b313f8d828306c3f57e29dad28b5006e104006371c7092434966fab253a668d49d2ac94caa6de858a0bf10fbc844ab12f6058849d05d45a11b8eb9035909b44ccf4c7b71649cc9c4449b2fcc224bf9a20cf16ab5f4ffc69bf927c3a288408694fc4587e79bbae92a53d2b760ff26fad45d04fef43a6848109db01bec41aef3e0b32564b5aac7335fe801d23d2235cbac15256b13b659c2597d5c588bc31b4c133b6d39f84ca8d1a5b1e9f6e17d023a3fe55108b53f96e20182f336fe0705c6d7a889fd7c875c6d4edb7a938639a25fb6946b65f9db32ae48ca55cb4f2d0c706c7f9901edb909c41d60132383e2ff605707aee109c28d64f4dca675fa1c71d8f5ee4f29bce8583550ca105de105def28be24d5d92439fedb5c8f49f30f15def12f7ad0f0463676c416eafed706ed9579af44576c141ede9af9768441e791b2f0ab8a401dd7ac0de3fba55b513b48896e879d84dd24d447012d1df8923f2dca2ba840f867cab466265545770f6e75fa42eec5abf164c99ca3f3b59a5acf0c48225d40cedeee3c8a51a90c5cb07192806699d65a94196ce37ffd7f3cdbec0a37c75f3e6472552308358e0502b6d1a86f2759ebbd80d982189f90d57e2eb2f18c625e66350d34e3ab03ace1eaa2ed64e85335393202760b6115638f2e90d79fef6dfbdec5454b009f98f2b8d0cab0633997e46a2bdedbe56d388037656d016289551b659a6e0951be991f7993e873ccbbb122a06c4150faf9446eb699b0831722acfb4258c6ccb9cae7baf37d93c52d158c1de9ee8c1e71db34a8b72cb9dea59c3b4beb3f6940b7f2acde39be387fbcc0fe5ceded98dfe46dc7da1fabb7ba5b3ed49fb71b17602ba83c8f56e8db1d8f24ab2fa8a46a3ec3e89accc4e0ac49c50344259b5a76a8334f16aff4b556ef09cd7792b5c56bd4b2869c0a94ac82511cd74d6b519d70dde60927c9b06c0f00ab94689675d9c3c2419cb7d7fa3f3b4ada01beebb26a273c8824bdcccc4b7e1122aed2329e4578a3c964b4eeae90bebdcca2e3959b748caef9316fa580b2f0c4344ab0b0529000bae736376ec8319d0c75346d5eb809b09958ffb8471fa58d4d351687aa2be0fe676771c6c852e98468d02a2649b27834b717dfe6fc07ef0d4aa9028be3a1a1e689e79e479d17b870749c33dd75adf8ca1caac3a145daef6ad9c4bb0cb629fbdb92170740674599500f8d3c1fe34f89ac2e53497a78effdcc05a983fcf975804f516f0704cbc949f7e0fc80542600a8fa90b587ff85bb9bf799df4eb2987cf77e8576de389d2446acf891fa68f1d2c39d17d2a6823165e5d7dada7b6eeae03eb24524f72635c2429b3ccac73ca99eed94783867f1fd4ef99da1451ce08497a3cee0d92c286367170a8a69550c13017d33b52e2b1db13b6f02414e334cc9e02f9df982693edee25c9efafc0ba9ef24c4e533b32cb43c718f13357bac8e590c48d332a1f8809db54e588ec99774edef2925d2027b2ea8a2f5c6f941336f5f8bc4fe30283d33662aa8c69d3a070e6ab8f6fcf7297090f07de268d3ae341847a18cc4af79e343d8bb47e0dd6329d6625088053d40b016ca0b2e0d1cbb4e6eb04f80daa71797a831029070d338467f3f523c5cf91c56c208496d0f150688ae3e148cc76c7bea30b6a2656a9d260a8a9dd7e648268813bc725b6cb659b9905756df7b938175aa70a1ed1d902319bf0b2606079eddfd61768d2e9d602a6175f6e55df91c6860c334b6edeb3362b489328bdf1e4c023fffcc1d28be061447d0e7b1d87d41f63bca25a25dcdb02f189b9eae57510d83f2ba32ef4af15d4a9f54a22fc8e89736c07af4ae7bacd9ed373a8830b333856b676fb55cd9335f8b3d9bda133367dcff36b759dd3951b383ac34c90ad40863e77187d2c4191b6d0ae7fac7610ac9a1d42d50ef69321afeee181b92d04162162daf322a638e388525e3ead3f2534eef6cbf177879a39f86dd46e19821387447e2770e93b0100feb19e5b43a10e148b6349763e3d9b0b9d1ab58d40e4c36dea972201d201b961d4f3f5822c0a499a3886f2dd88af20bbb6c4395d97396d08b99f6caf01360afa92339b706a870b655690de4f22d4fc7267e5caab5abf79e4899c1f06058e052d58512a16711bf734da3b2d0689ce053c5a6981ea0d2ca757585249ccdfb9b8825989aaa87868edd19a6327b28fff531e63e2801dbfe310d6d60cfaeb26843a8194e1f0a27bf2fe482246e878fd31c63e3bdc8e049beeb80671cfb1a4478953c4ba2f1b6e90eb93a7201f", 0x1000, 0x10, &(0x7f0000001480)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x80) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe880000000000000000ffffff7f000000000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe803c4c1d68ed050000000000000000"], 0x1}}, 0x0) 21:42:28 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c0000000000119050000060000020000000000003d0001002c0001001400070016f8bad33edabcb8060000000000001014000408fe8000000001000000000000000000bb0c0002000500010000c1da7410e05c64a400020005000100000000002c0001001400030cfe88000000000000000000000000000114000400ff010000000000000000fb00000000000108000700000000002c000d000500e5800000000000e9ffffff000000000014000400fe8000000000000000001ca1000000e000dfd52a4afd308cd4c884a562b7c8a4036d3339cc1bdb771377bedbb705bf2d187ca01a73158f623210bc8739383ac3d5e55fa0e33a459b16aa7e2ad2e14043dce8da4b6d70fe74459aa1482f78bac4fb7d78b9eb053cfa10ee16d3e3111b6f1f8019befb4ece22a60b89009c5ac73f775b7c8bede77f4fa6b663fe25439d01c6bc8cac18e9769eb5ca92fa6a8cdff6f43e08abd3b52ea7d87a84b6f648925b7587b03ac256af97c0540e2228015ade8bb040d26b91e9f83e8a968e7d7fa78d8a52959aa24e83629c2dd41038a027a9ea1ebcac28875a0abe3737881c2b7dc27ce3d918130b72f65d4fb0f8bcb07d524dd2d253ef5ba06e55dccb5dde7334e8c1b325ffa1a276090d1a6efb130c0a2a9786b1c9e6b241d562a1ce83040a9c9609000000e187d3c78ca64a426b56a062e0ac36324c2edff57db07ce66ea1e96571d63a53bf280860bf40e006"], 0xc0}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) sendmsg$nl_crypto(r2, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f0000000740)=ANY=[@ANYBLOB="e8000000110000022dbd7000fcdbdf256d6f727573313238302d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002400000014000000000000000000000800010002000000ba8d1020761557fb2c19db1e87d7d41d50a8e362284fc9fc8a03dc66b1098305a9d5d34b3302d3c5626d570c04b04d4e947087a8feeca0970a5ff7b828d9049b7204bc0cbff89dd86a31688533a77de3d82d953e63f0867659a48df1946e9c3272305d5c2d35cc224a8ea72d0a97d5cc39129fc4ed584117bd6bc135d778fb3a5ebee52936e4a70d772386"], 0xe8}, 0x1, 0x0, 0x0, 0x8000}, 0x4800) preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ocfs2_control\x00', 0x100, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x21, 0x0, 0x0, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e22}]}, 0x1c}}, 0x0) sendmsg$FOU_CMD_GET(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r5, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = syz_open_dev$ndb(&(0x7f00000006c0)='/dev/nbd#\x00', 0x0, 0x400) ioctl$BLKROTATIONAL(r8, 0x127e, &(0x7f0000000700)) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r10, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, r5, 0x102, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_IFINDEX={0x8, 0xb, r10}, @FOU_ATTR_TYPE={0x5, 0x4, 0x5370d64a92b34a51}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x40040}, 0x20000000) [ 1808.990711] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1809.025367] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:29 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1809.055474] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.074876] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1809.083730] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1809.096721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.116349] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1809.126536] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.146379] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:29 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb88600000000000010f8ff0300fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000106000400ff01000000000000000000000000000100000000000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e067120550c8e67652cf9699a31ee6ca84558ac2cb9ee7a5f98e6d277d7a3d7ed3b4f77f07326816965def762f79a33393527aab608bbc4d0688273cd2f7c8ab4eaabe478f67f198cc0d3af991023a5afeafccf60a611b9d464dde9b3a7cdce8313f86099c126f664a6006eb0e9029eb9c040a2157312fa25d0349bc039b3526db4cdf6a31303bfe4c1b9780e84561238d87389b7004fdcf9a5b9125b98c49e0029ff1ec0f67b0ae013060e39941b40cb477b6c1534f698e7173d1e99d321cdf33e2d4046ff6e54b3bd7e8f0c740abc41132007b661c82f50f1df34e0c72d1d5d5c873f3720efc6e4ccf92"], 0xc0}}, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x80180, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r2, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f0000000040)='y\x00', 0x2, 0x1) getpeername$tipc(r1, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10) [ 1809.164223] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.199448] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.230455] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.266311] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1809.276456] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.289119] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1809.300341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.318136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.332790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22709 comm=syz-executor.4 [ 1809.553331] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1809.573672] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1809.579369] CPU: 1 PID: 22724 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1809.587262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1809.596619] Call Trace: [ 1809.599226] dump_stack+0x197/0x210 [ 1809.602877] dump_header+0x15e/0xa55 [ 1809.606612] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1809.611733] ? ___ratelimit+0x60/0x595 [ 1809.615633] ? do_raw_spin_unlock+0x181/0x270 [ 1809.620266] oom_kill_process.cold+0x10/0x6ef [ 1809.624808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.630394] ? task_will_free_mem+0x139/0x6e0 [ 1809.634918] ? find_held_lock+0x35/0x130 [ 1809.639004] out_of_memory+0x362/0x1330 [ 1809.642997] ? lock_downgrade+0x880/0x880 [ 1809.647157] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1809.652272] ? oom_killer_disable+0x280/0x280 [ 1809.656777] ? find_held_lock+0x35/0x130 [ 1809.660873] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1809.665746] ? memcg_event_wake+0x230/0x230 [ 1809.670086] ? do_raw_spin_unlock+0x181/0x270 [ 1809.674731] ? _raw_spin_unlock+0x2d/0x50 [ 1809.678942] try_charge+0xec5/0x1490 [ 1809.682697] ? lock_downgrade+0x880/0x880 [ 1809.686870] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1809.691734] ? rcu_read_unlock+0x33/0x60 [ 1809.695812] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1809.700680] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1809.706761] ? __lock_is_held+0xb6/0x140 [ 1809.710852] mem_cgroup_try_charge+0x259/0x6b0 [ 1809.715474] __add_to_page_cache_locked+0x334/0xd10 [ 1809.720518] ? find_lock_entry+0x5f0/0x5f0 [ 1809.724811] add_to_page_cache_lru+0x1c9/0x860 [ 1809.729431] ? add_to_page_cache_locked+0x40/0x40 [ 1809.734396] ? __page_cache_alloc+0x131/0x450 [ 1809.738909] pagecache_get_page+0x364/0xcf0 [ 1809.743258] grab_cache_page_write_begin+0x7b/0xb0 [ 1809.748313] ext4_da_write_begin+0x2d7/0x1180 [ 1809.752836] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1809.758396] ? ext4_write_begin+0x1790/0x1790 [ 1809.762904] ? copy_page_from_iter+0x7f0/0x7f0 [ 1809.767538] generic_perform_write+0x22a/0x520 [ 1809.772164] ? page_endio+0x780/0x780 [ 1809.775981] ? current_time+0x140/0x140 [ 1809.779974] ? lock_acquire+0x16f/0x3f0 [ 1809.783963] ? ext4_file_write_iter+0x23f/0x1060 [ 1809.788743] __generic_file_write_iter+0x25e/0x630 [ 1809.793715] ext4_file_write_iter+0x32b/0x1060 [ 1809.798311] ? mark_held_locks+0x100/0x100 [ 1809.802572] ? ext4_file_mmap+0x410/0x410 [ 1809.806747] ? mark_held_locks+0x100/0x100 [ 1809.811005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1809.816563] ? iov_iter_init+0xc6/0x1f0 [ 1809.820558] __vfs_write+0x587/0x810 [ 1809.824291] ? kernel_read+0x120/0x120 [ 1809.828216] ? rcu_read_lock_sched_held+0x110/0x130 [ 1809.833250] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1809.838090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.843646] ? __sb_start_write+0x1a9/0x360 [ 1809.847980] vfs_write+0x20c/0x560 [ 1809.851541] ksys_write+0x14f/0x2d0 [ 1809.855184] ? __ia32_sys_read+0xb0/0xb0 [ 1809.859261] ? do_syscall_64+0x26/0x620 [ 1809.863254] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1809.868629] ? do_syscall_64+0x26/0x620 [ 1809.872626] __x64_sys_write+0x73/0xb0 [ 1809.876530] do_syscall_64+0xfd/0x620 [ 1809.880348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1809.885544] RIP: 0033:0x45b3b9 21:42:29 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_open_procfs(0x0, 0x0) [ 1809.888746] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1809.907659] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1809.915395] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1809.922672] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1809.929972] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1809.937264] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1809.944545] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c [ 1809.956303] Task in /syz5 killed as a result of limit of /syz5 [ 1809.962604] memory: usage 307200kB, limit 307200kB, failcnt 12293 [ 1809.969460] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1809.978953] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1809.992515] Memory cgroup stats for /syz5: cache:76KB rss:251364KB rss_huge:231424KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:251380KB inactive_file:132KB active_file:0KB unevictable:0KB [ 1809.998239] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1810.024139] Memory cgroup out of memory: Kill process 17740 (syz-executor.5) score 1113 or sacrifice child [ 1810.036934] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1810.042263] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:30 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x70) [ 1810.047818] Killed process 17740 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1810.074035] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:30 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='veth1_macvtap\x00', 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) userfaultfd(0x800) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/commit_pending_bools\x00', 0x1, 0x0) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000580)='8', 0x1}], 0x1) ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000000080)=0xbb) ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f0000000000)={0xb, {0x5, 0x1f, 0xffffffff, 0xffffffff}, {0x6f4, 0x0, 0x1, 0x3}, {0x50, 0xe36}}) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0xab9535e9a6578fc1, 0x70bd27}, 0x14}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000000300)) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) prctl$PR_GET_KEEPCAPS(0x7) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r8, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x140020}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x88c1}, 0x400c004) 21:42:31 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 21:42:31 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_open_procfs(0x0, 0x0) 21:42:31 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:31 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x71) 21:42:31 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000200)={0x10000, 0x4, 0x4, 0x200000, 0x3, {}, {0x3, 0xc, 0x9, 0x80, 0x5, 0x5, "11cd951f"}, 0x1, 0x2, @fd=r2, 0x80000000, 0x0, r3}) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00') r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r9, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'veth0_macvtap\x00', r9}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000017c0)={@rand_addr, 0x0}, &(0x7f0000001800)=0x14) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$nl_route(0x10, 0x3, 0x0) r14 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r14, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r14, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r15, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001840)={0x0, @dev, @initdev}, &(0x7f0000001880)=0xc) sendmsg$BATADV_CMD_GET_GATEWAYS(r4, &(0x7f0000001980)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001940)={&(0x7f00000018c0)={0x58, r5, 0x100, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r11}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xda}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r15}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r16}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xa6}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x8040}, 0x80) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) r17 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r17, &(0x7f00000017c0), 0x333, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r17, 0x40106410, &(0x7f0000000080)={0x35, &(0x7f0000000000)="d33b16c3d05bcb6b5b98376ed2fd912a4b4be2ad95ac887ad68843464ce69091b4d5764c4777ea610cb7f885398d5ddc50cf11c840"}) [ 1812.071663] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1812.086940] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x600000, 0x0) ioctl$IMCLEAR_L2(r1, 0x80044946, &(0x7f0000000100)=0x9) 21:42:32 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000200)={0x0, 0x0, @pic={0x1, 0x8, 0x18, 0xdb, 0x9, 0x5, 0x4, 0xff, 0xba, 0x80, 0x1, 0xbb, 0x1, 0xee, 0x40, 0x40}}) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) accept4$x25(r2, 0x0, &(0x7f0000000080), 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000140)={r4, 0x1, 0x6, @dev={[], 0x13}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00'}) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000002c0)=@get={0x1, &(0x7f0000000180)=""/177, 0x200}) openat$zero(0xffffffffffffff9c, &(0x7f00000015c0)='/dev/zero\x00', 0x440, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001640)=ANY=[@ANYRESOCT=r0], 0x1}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={r1}) getpeername$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) [ 1812.562575] device batadv_slave_1 entered promiscuous mode 21:42:32 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_open_procfs(0x0, 0x0) 21:42:32 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:32 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x72) [ 1812.914150] device batadv_slave_1 left promiscuous mode [ 1812.955730] device batadv_slave_1 entered promiscuous mode [ 1813.007635] device batadv_slave_1 left promiscuous mode [ 1813.015622] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1813.024513] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:33 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_trie\x00') r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r6, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)=@newneigh={0x64, 0x1c, 0x100, 0x70bd25, 0x25dfdbff, {0xa, 0x0, 0x0, r6, 0x8, 0x10, 0x8}, [@NDA_DST_MAC={0xa, 0x1, @broadcast}, @NDA_CACHEINFO={0x14, 0x3, {0x54, 0x100, 0xffff, 0x80000000}}, @NDA_DST_IPV6={0x14, 0x1, @mcast1}, @NDA_LLADDR={0xa, 0x2, @random="594c50c49528"}, @NDA_SRC_VNI={0x8, 0xb, 0x7fff}]}, 0x64}, 0x1, 0x0, 0x0, 0x40800}, 0x4000800) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r8, &(0x7f00000017c0), 0x333, 0x0) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00)='nl80211\x00') sendmsg$NL80211_CMD_GET_STATION(r8, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, r9, 0x210, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x2000000) recvfrom$packet(r7, 0x0, 0x0, 0x0, 0x0, 0x0) preadv(r7, &(0x7f0000000900)=[{&(0x7f00000002c0)=""/196, 0xc4}, {&(0x7f0000000200)=""/46, 0x2e}, {&(0x7f00000003c0)=""/115, 0x73}, {&(0x7f0000000440)=""/105, 0x69}, {&(0x7f00000004c0)=""/222, 0xde}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/205, 0xcd}, {&(0x7f00000007c0)=""/84, 0x54}, {&(0x7f0000000840)=""/17, 0x11}, {&(0x7f0000000880)=""/78, 0x4e}], 0xa, 0x8) ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f00000000c0)=""/31) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[]}}, 0x0) 21:42:35 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:35 executing program 1: r0 = gettid() r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r1, 0x40184152, &(0x7f0000001400)={0x0, &(0x7f00000013c0)=[&(0x7f0000000100)="fdd3a8f98a695a92e0d8ad6ee1cc53148399c2fc98e0f6d8f3de2dcc56621e3d4c7e221f97ed04923ae3c68aa92f00fbb3680b2c7ace3ff647529f897524122fb2559871c9de930f19af6643853f34da1f3edf397fe32c", &(0x7f0000000200)="31337ca0b1bd780d72d4aa44c0fc7f0dc58ecd6476f4fc40cb3e41fa0ee7706f37d8dc0bb76106f2e4df54902f8a6fb2214ec277670f1d741ca2581a530e9d8f0821972b21f49008502f2ed45dc07df1cb19868a111331a0ec3bb47b35eb74ea800e6138e5450df39b9312a3eba1867971c75fb01d138da328deb50e518154d9743fdec2c208d0174ac3dba4bb8f4fb5d4462db60dc491c951f1", &(0x7f00000002c0)="613f649eca95056c3030063f78e84020d63d064030ef91a45c9026a12d395f79aeb3ca33328ec0f2e4cdfb3068de0b22c8eb527465ba4133790d5d992ea75816e898a27673d45ced1724cc3db5777869f88691f59bff2cf6d21830301d0068101df526c2b4e199a9394ce91839a6c8190ac22809f7510c3373e6e05627b2ae838e9c64a6036bd566f301d4242f23a17244c1f7f49221b1333452b8e3ca203c35840a8ae0be1bdc933f77728dd49dfa137862f19454bc4ed7dffdde6821f995daa52320108d534a556b6e5e2a35ceb76d4260b8cbbf92de304fd7bf50f151fa2dc8c1f1044e0b3133d100e4412c2fda6edf77ed3fa196119b8b3cec8d889c5f6bc6f90cf5f685f472f7fee274ee3ccd6cc301562662f18f79e22b9e29dac353928be1c4adf106ac0953ff02809327952a51d80d480e8056d67d3111dbf12e60692e4dc50a6b989e862725b3d65e08c67fdd119ac8454b562bf8c18fa8940b11af190a06d4e1f22684f4a5c02abb875afaf0f6a294a48135ae2dd20ee6b11a9da10ce9eff45f596f4a80f20900ee14b640be7163ef50326cd01a5b0c019efd6297ba97608169b733e0e689ea29aca9b34b4e3371ce66fe50b6b37e57ac0db8c92b8913942511f56d0c50ed6fb21265b99159b3e9aedef2ca3e52ab3a9c6c2fdc9eddb19891a7cb4a3f3642bc9ea48181849d7be33fc7c5724051461c87994682e80b6e7f0ed6cdb7062c948c1cbc5cf91fe8b7c5257b809608a497eb1e286972b8e1ad8164879bd7d586d5c6323c7daff51804538c0da123bf96f628e035a178177e2b4d4d27d1425ea7957bd5b696eaefb9e4220b3821a66317f076a59ea9dc27be41b0655e4ab8865cff000891d52ce7ec204b37c4739683151a47ed631b0109aeba2ad52365731a7b280276c5bc3d658d5e5e55afa08ce957dd8c37a8472b9fd961e8d6c4ac2083f4e699c27917665b1d4b8cfc8196ad06f917ba082a15bad14075f626afffa889029d969152d5d1d4edb21c8c761e28e1f230449765c0e9472ebd5aec19b358bd4027cf69c00da12160d5a52bb359ff7e91ee2587bfe0b6058f285ca25ba358b2b8c4d3f1249459fb4afc02d3ca25a597030afcae1552369e4308c85278c5d6027603c220ece0d7b4199a7941f766cb26ad4626b78336aa78b60a08a1973ed5f5bf7b38540f0f0f578e6b6aefe3386dce9a932303711501b1e9c5d918912c949d62fa6464e16c169f2914681256edc39ab1fa28dbcce567b7c9b1cd3c3d707cea82179bda15f94653e1bc033955793cf14c8d03f4a525266cb35269c9ee4d26b30e0bb3ea406ec609b073292d211ad71844848e2dce8bc6806624206eeea71aa1acba41768f8510aac7e3099ba7e5aed55b108347acf076debddda77be5e668a8d4fb3132ab1c01a8b992acaa1f858372194c286e6622a55cb9c0570fe2e73ae5087c18d131732b053901f6c2a1ac5a0c301070e1a9eebfe30edf2214c83831f58473bd0e13cfe48f522cb6a644420429adb0a02e4fc97fb566b22b200d41a6016869e4ca3905bb48f39a4ad0660a7f273bdc02d29a92f81bc50d7a41bc9a3e9a6227afe0606b35e968afea5599273439354d188dce5424f74dab79f0ad2dc34a70782c65587bda80bc1c3ddbdd602f13e1aaf8d17c8d10c57e2f092a0a98d8e386c763ba8b9015df50d55da1eb94b13ea484b051931d96844b60d88778d9a03318458d2003fa73b2a0b15be5e1852a2fbcf3a7a591918ebe65f2b82d011aff29fe5e874804e955033d1b33561c72cfc0866033d97ad6bbda09a16870563f097858b20fa285cd7ec3a746bcd8a590ee33fdc38442e6eb446b7a3027a6c249355da9c7a1c3b67bc3ad952a6b9832f11a2425c80a23cffd16124dac19d0599d0044507d19603cf1eadf8b0cddde790cbf38f08df0a4aaf00b4b704f3da573bfbc38eb0fcd2766f48e4318c8e14567613242a45ed5c532970a79f23102631b6f29aa3df86d046da6093e91c7ed7057795370909630b09b03f3908bc5bed519b355ef8e19fe08e18ce59e31e91eed6377677377aacbd5d08c42ffa52aeeeecd8032133808e992bdaabdbf99b3732f753c74522e412059056bb23c636eed98555e6fad4757cebd9ed7e4707b682b0ea73d0b4bb702532d6d2b550855a6e421a44325ddcb394b744740e06c4e33cf8a8a2e584efde7e0dd2d4c4ee4e7c8b4ab80c0319aee3e3914c7f7950c4e84cbce8b701e916d2c0f4db32d59808b3da6517e9b9aee1f57fbb63fd0a5d0a4f9563856dd0f199179eb8083e14da39fe21bc0c6b4f1c8b4095f2117d6f5444c6712de51cdcbec485cf0771626d79d223addaa7d9957b6b5626de99416275ca5a9d747a62098d75bdd27bccdec5b70f0bde7fab1fd7bbcd9756069b5574be72bd59524df99db90cb91ec999ad9a7abacab2ada87a212ca9a278a2c400576abae8f7f881602b968605096b7e6e2a20b6b12a4215d3986e4cb5ba679d4dfec6e59a149cbf9857150573f284b4aae9c629f849335a77f2192131abcdebe830aa6deb347d0b65581ca627b8bdf91dec52bcd27bb47642b6171938a07e4d7a0feee9543ad9630abefed8e95e3caa556b5fafe07b1cce88b9a1ceff57514370931969cbe94c2c34e5b204f5330758dfbabaf710d6aad785f5668cca11b704e01a5f5ea5cbbc150b4e7ef8b384c460d5b426f75740ed427872a75b4ea1fa7f2d9d36dc88dd2109b98bd7d7fc0853de6ab297408be7931e4a665e954743e63aeb8cce67cce9c610771356c49ca190b5ac0a2bc37687b08e49cd1c69f98b8528d291cbf748ef0923cbae4b62970edbcc34a7e69dcb0f39bf83fadf660cd54045eef2033d25982fb9ab1a9177afb0c427cc87077331877637e4e74006a564709d7304dcd4cbd71f7ad0ef3983cdff08c6b0082afd0cda21550e868bad24b0d49894e9e5fde41563184d87d90b2b4e30d4f8add625d83db03f49f5837455d5282a28ac630632915590af4d7511f4223e33f8d12873c81e03806e92b27599ac778b66d68f9e24197f5dbd1ad5350ac7e49bc9ce68cbd9e083c81824fd52dc44d143da26891f441429944451898a2c338d3d44c595fab6ede51ab3587ddd47b76c50d8c7bce6d5ff7d00ef4c0f76240f5c145fb5c6bc9988f6215f93aea75a9ec30e14f05ef234946cdd6b0881a238f10cf7865c63efa51386e2b93709a19975a81d3eaa72412b3f799bb911708d4878a22f0b95f11f1ba5334f8166d838cdb65c299c8af9b4cc93c57fc59df409156f0e2e37fdbfa797798f999bfd98dc0c60c3092e2ab303f5055b8180950c80a6903f42b2b5909718262b36a0abc49eb582eb8ec3bf93704a74ed58866f0b0776da89d313eed66b5f75fbcd82b86ea6cdb21e2664a33f03b8451968d87b38ea3e47958567c9835209e88fc203d4241de589056eabb8b7ccf6b3538e77170dd6b118ff26af29d6798a60e2b25de62088e17d76fdc06e3f61d3f31a29f0755d63004f103c0b93beddbd70c702f655d8c987eb143c3eaf146c8845adf16fde8c523c2eff98c24bf7a63311e6e5401263d04433603a84cd38fcccd62d406e811f05b9fd4402dfc5eb0e38be5db40217a6b7d12eb38dabca0dce08d1c5aa52e82b74da6e6bf833c84e704c7d121f3ce207ed94aa97e0cff3f4f886909d5b37e7602fead83d07b114b87e133ec4ef8c500b1955f6d61e34c5f2b62f47dfd6513223644f89aab815cb32d4f7c0bcc23fd665a07be7780cd7e0c392326ee0dcbcbc3c2ca5c678ce2e8f904bedd99a17ef64185d9b02e03a7f4db767677cf0dd49ecdf5f6c165e0e1c81ee8ffab6e29d840a8b53bbe93317d31230191aeff181ffc30814bb2fa16fdee8e1f77fe77378bcb2eaf71f87da77028b21e2e73cce842ddb8ad3916c86edfaa77afe4d0c0db6265d3158a70d62c9bf5b5b3bca5cb63b46d99c8003d160b4f02ab7efdab1e0d098dc6e56bd164e1cca8cbcc0fda5cf3d00018ddac73d43134362869746ff03254df18f76039d7c80f892ca8304b94a8d27ce8430ee91922e4d33e39a1c0d7346924189099582e57ba22355d3bd8cca8df0fced53820815e1a435e50e6b6287613d296ae12aaba347330f8fff68cd30826033df7b1f7a15a00a97885b0bc2087cda4598489d68dfa6f8e1939541496b2abcfbe4cefdca5592e00fe4df9d92b391890e7b94d247a511bdaff23904d80f690c8f11f23e35cc4706a97d9f8f06bd843a5e79d5d6c94616030dfc9a4c89405bf3e59d194eb50d323085ed3bcb76fed25841f9606c96db2296b26471a1a09a84cd2433f271963411f395c4e5acad1f141167528dfd8adf31232f8c9be2f4ebe155f64f6ea5cd5249b0896a7a41c4b8b592d8db05c5db6981c257cf1eecf4f072f3ca53cb94f3364ecce038fda4fb9e9a9f8b9ed8645ecc16fb7620b060394dd1d7a14732f6d995c5419d218e920b40dc95a7b4be724585c1abb1f3ede0211cea5958ae455f8693e71f817fcc7c8adc7d6468117425a76ae5a3ff801eeb991d40544a758310da6090bba16fa6c41628f77ac8054ac5c3e89a68d2c614177d6904d3ac72cb2e8cffbaecf074e9f9b1aa4f4f623f8de9b642a437da3bb00e6fe37a40768b2fac5f976495a359da73e6a13fb01c43382c2eef8c8ff7fd54a8bc4448cf37915586ba94e7a485326f38844e1e8f5887efebb4be072423aedfd59e2f0ee7298c1dadaeeaae2a0526fc73667d98a430fd6ee6703464d4d26c41b71058d6912dbc6c724cb964293d461c2afaab16c03512fac907bcf59a282c035a6b26d5643c0ba2a9d513cc41a3660b725119e6be35f7f45944f66051fe6e2f34514850ee13727bebc558c92432594adcf3465aebe8dea1e2cc079c79da148485c708043be8a90005b7d5a81987999c1c6eefaf81ed440b16064612b411851d339e9429f4581b9742dba58cc04de121869eee962e3e9d9d66c1d432ca7cefddb73a340a732eed5f080f664d3bc025477206ecbdbfe8bf18988bf690563948ab23ef016e2ba4eb310271c1df8c74c79ae75c4dcd473adc73ad3bdc5287a6be373747fd4aad914ab625a7fbb4a0a1c32de68312695d50ff62e6e3b4fdbc16af7385c3b2618e415a4c13f3b274eab21e27c8a5f2a1188a8e19034d6f40169dbef7bcb58f784b04279490fd19a08b5f0dc8a0697f384cc6ba092d790646fbce4f58f05e426fecfda49db1ab8ea6e9bc68aff3ed16db29b929385755571b20f351463fcd664a153fa46395190ad48cb2c7b9701451978fdab11d6ed1dec12e3a47f9d56a40c750c9204ad4abcb97bfe5a02728846b29c1b9169ddcd8ad514ec42bd152938937fecc83ed240aa8e3c44a496c5893a798729493030672e50a3cbbdf10e09f474108356bcff2f91cb241b5d00cb14cd67c2630efa104eb1c2aa25288df0850612169ca05faf09ce6c9430c90b7f8e1973caced2f346c684c338eec51c19dca0d52dfd880abb28e585aa105f1135a36f3728dc179766b0370427ce816b6d40ceeb1e8b9d014c3a83513d558fcf77bfac40ec0c2e413494ef43dd42a3ee366cf685661c8e457a81817304c22cac2bf7de6f690ea6c8b1df6006389460e2fc04cc3b7f8d625ab8500b98058770f7c40eae4367f383a6d7b521e94fca8b6222496e9c5c38b7d5ae282ae10649445ba5aef50fefd58cd898fdb1c1d862e04e48870d5594d4435025335a1c193981f08c498fe6510cd7e66a92b9712bdd8cecf235097e3812ba498badc1b0e91c657f", &(0x7f0000000080)="ed92e5", &(0x7f0000000180)="6391bd0d3c6d313ab4566dad431c8328caa77dc7893840f7de6e69f5", &(0x7f00000012c0)="cccc4dfa13632da47e22cfc0a6b8a3c3733c2a587f3b423c3c87a87cd4b9ef11927b91eae83e9a124f25b952f1769027bf83cd30cb73472fe1321da35ecb53d7d50affabcca9390343f794571a01b7919bb4503a4ef975815767928c5b7612bcb4b5d05c346fb96508661ef6537eb26708ec07afb25977", &(0x7f0000001340)="2fddc3286ff28e8f450d01e176ecc21c0532f3aa6cccb6a850299f40a71569b93df368c7d849ad3f8c999eeb3ed3608ad4f4dfc91f67f351e71f5c9fede08d19f5bff12668c8c57aa40c2b4e4ee5ed62ad31394c531137fb40013d"], 0x400}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r1) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:35 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:42:35 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:35 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x73) [ 1815.217259] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1815.233724] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1815.257366] selinux_nlmsg_perm: 306 callbacks suppressed [ 1815.257381] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.279570] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.296255] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.310823] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.325492] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.339986] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.354266] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 21:42:35 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvram\x00', 0x28a100, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="730000000308010400000000000000f402000006240004800800014000000b6f080001400000000808000140fffff801080001400000000206000240000d000005000300010000000900010073797a310000000006000240080500000900000200000000000000000900010073797a31000000000900010073797a3100000000050003001100000044a7df4308e32d2717ec068e2d60f950edabe346ec7eebb396a47443380b9a14150144103047818fc6d99109dedba699dd804d2b32897404e961d9b825b4bf2003e28c93db2cfcc5b96893f917fb3d30548f4e7de68f56e02a0d979495a9957eab743f64737afb36424f0576491af5a26aa3f040f5e845759970bc7b8b4586786bf3d60315ddf145e8eba704d5d2cf2fcd5a0936e0a711ea491ecf214f5346e9fe537191b0ee6a94f3f5bb0043e141d345777199b688cab062f2ec24beb1e2c77cce4870d7161b128232a820b7d76d1769882384d99e408f077dc72d22065c3f27f2b8d23f4d0883080356be6b397c65686d9e41ca7d59f80f4014efde5bbd2aabc6bd346792fe97e374fc97d730bcdd6d9b858f9b51"], 0x88}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MON_GET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x20, r2, 0x70f, 0x0, 0x0, {0x7}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x5}]}]}, 0x20}}, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x2c, r2, 0x820, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1999}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x2c}}, 0x80) sendmsg$TIPC_NL_NET_GET(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1010500}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)={0xec, r2, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x35}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x81}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x79a}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2ac}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xa6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000080) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1815.369922] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.385496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.400671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22809 comm=syz-executor.4 [ 1815.461470] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 1815.529977] netlink: 'syz-executor.2': attribute type 2 has an invalid length. 21:42:35 executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRESHEX=r2], 0x1}}, 0x0) 21:42:35 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(0xffffffffffffffff, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:35 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) 21:42:35 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x74) 21:42:36 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x0, 0x80000000000000) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f0000000080)=r3) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) fcntl$notify(0xffffffffffffffff, 0x402, 0x9) [ 1816.167963] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1816.203654] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1816.891395] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1816.911613] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1816.917308] CPU: 1 PID: 22832 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1816.925206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1816.934570] Call Trace: [ 1816.937186] dump_stack+0x197/0x210 [ 1816.940846] dump_header+0x15e/0xa55 [ 1816.944582] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1816.949704] ? ___ratelimit+0x60/0x595 [ 1816.953610] ? do_raw_spin_unlock+0x181/0x270 [ 1816.958126] oom_kill_process.cold+0x10/0x6ef [ 1816.962651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1816.968203] ? task_will_free_mem+0x139/0x6e0 [ 1816.972715] ? find_held_lock+0x35/0x130 [ 1816.976802] out_of_memory+0x362/0x1330 [ 1816.980796] ? lock_downgrade+0x880/0x880 [ 1816.984954] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1816.990065] ? oom_killer_disable+0x280/0x280 [ 1816.994568] ? find_held_lock+0x35/0x130 [ 1816.998661] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1817.003513] ? memcg_event_wake+0x230/0x230 [ 1817.007854] ? do_raw_spin_unlock+0x181/0x270 [ 1817.012363] ? _raw_spin_unlock+0x2d/0x50 [ 1817.016533] try_charge+0xec5/0x1490 [ 1817.020258] ? lock_downgrade+0x880/0x880 [ 1817.024427] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1817.029284] ? rcu_read_unlock+0x33/0x60 [ 1817.033364] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1817.038231] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1817.044308] ? __lock_is_held+0xb6/0x140 [ 1817.048384] mem_cgroup_try_charge+0x259/0x6b0 [ 1817.053071] __add_to_page_cache_locked+0x334/0xd10 [ 1817.058101] ? find_lock_entry+0x5f0/0x5f0 [ 1817.062361] add_to_page_cache_lru+0x1c9/0x860 [ 1817.066970] ? add_to_page_cache_locked+0x40/0x40 [ 1817.071828] ? __page_cache_alloc+0x131/0x450 [ 1817.076339] pagecache_get_page+0x364/0xcf0 [ 1817.080683] grab_cache_page_write_begin+0x7b/0xb0 [ 1817.085632] ext4_da_write_begin+0x2d7/0x1180 [ 1817.090159] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1817.095711] ? ext4_write_begin+0x1790/0x1790 [ 1817.100221] ? copy_page_from_iter+0x7f0/0x7f0 [ 1817.104831] generic_perform_write+0x22a/0x520 [ 1817.109456] ? page_endio+0x780/0x780 [ 1817.113268] ? current_time+0x140/0x140 [ 1817.117258] ? lock_acquire+0x16f/0x3f0 [ 1817.121254] ? ext4_file_write_iter+0x23f/0x1060 [ 1817.126025] __generic_file_write_iter+0x25e/0x630 [ 1817.130970] ext4_file_write_iter+0x32b/0x1060 [ 1817.135562] ? mark_held_locks+0x100/0x100 [ 1817.139825] ? ext4_file_mmap+0x410/0x410 [ 1817.143988] ? mark_held_locks+0x100/0x100 [ 1817.148237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1817.153800] ? iov_iter_init+0xc6/0x1f0 [ 1817.157797] __vfs_write+0x587/0x810 [ 1817.161533] ? kernel_read+0x120/0x120 [ 1817.165463] ? rcu_read_lock_sched_held+0x110/0x130 [ 1817.170504] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1817.175272] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1817.180827] ? __sb_start_write+0x1a9/0x360 [ 1817.185170] vfs_write+0x20c/0x560 [ 1817.188731] ksys_write+0x14f/0x2d0 [ 1817.192380] ? __ia32_sys_read+0xb0/0xb0 [ 1817.196460] ? do_syscall_64+0x26/0x620 [ 1817.200446] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1817.205830] ? do_syscall_64+0x26/0x620 [ 1817.209831] __x64_sys_write+0x73/0xb0 [ 1817.213741] do_syscall_64+0xfd/0x620 [ 1817.217578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1817.222873] RIP: 0033:0x45b3b9 [ 1817.226081] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1817.245002] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1817.252723] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1817.260003] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1817.267279] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1817.274554] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1817.281829] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c [ 1817.304573] Task in /syz5 killed as a result of limit of /syz5 [ 1817.312981] memory: usage 307168kB, limit 307200kB, failcnt 14410 [ 1817.319445] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1817.326471] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1817.332813] Memory cgroup stats for /syz5: cache:132KB rss:249480KB rss_huge:229376KB shmem:0KB mapped_file:0KB dirty:132KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:249704KB inactive_file:136KB active_file:12KB unevictable:0KB [ 1817.355985] Memory cgroup out of memory: Kill process 17773 (syz-executor.5) score 1113 or sacrifice child [ 1817.366226] Killed process 17773 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB 21:42:38 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001480)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYPTR=&(0x7f0000001540)=ANY=[@ANYRESHEX=0x0], @ANYRESOCT=r0, @ANYBLOB="f333d4439451b7f804a97de69d388b7fb4da35558eedefcb8a0c1fc68fe21e983c6e44063deb21ca43d4b5104565d3fdd5195e7617ee0442fb718b3b9af90883b459eea910aad839716696f19595fbeea9ff8aa2cb1824ff177e45400758eadb70", @ANYRES64], @ANYRES32, @ANYRESDEC=r2, @ANYRES32=r0, @ANYBLOB="cf0fbf93883f067b391aaf16667b7de2f95905d50a2c70adef903220beda188cf04b9ebb63525f7300229ebd6847a876e8efe7700b751059424a8d11654ed2aff89ec1af21baaf81fe", @ANYRESOCT=r0, @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYBLOB="9b527fdb2308c7bd999dd63d6797039b3f0ec3979278b30ef97dfaea22bbf41043e5d6e43ef8605df99abbd80eff94cf993fa25e7e9c688d49714dbb9a8726ea0886635d2cf9faf4ebb26ec02fa8d0ac59e4874ae02847a026bcdb4d73dad030fd5684588db0dbe11f6cb4777182b8bd0f0d62c741887420f07328f632a29bfaf5d0feab2d5f4ad98b9076fb9fad65ee9a5d2faac1a5f3f061803092730708c9803b3f4784083a239f002726e810a187e66c521377ea51c85be491ecded7a3e91cc66df5f63dc6ad588a9479ca3729375d3451b10aa92ecf55fff7f1bf55b7fa36fa8c4a255e7b386599e83ea9c435f070defb74dbee1b468deeb930d1251c767f3e4db5c1a8928b1d8f0bd034b7597d2633aecc30494990b31180eee4207dac4e5c6cdd4318660735b22912638ea14bc9cf347fc705d2a20d279b42946c53d82ae9815af38b9c5d78bacb3a3de78ef9eafdd2cd3a6952c6e4af7c87a2c30f4355450ab7d3b9de0a226efe5e0ca13708488e60f4334e019d91979f1ba38dc9f6839164cfaea175f0a3b0039a5b5d274fd2ced02f5699bbcb06203afe9beb99168e08500cdaaffd3d43d3ca07672bbfc9f7f462bfeb012c08b0d4741608b2342395c9dd8661dfddebf399ce60159c0a8f28488d71d8b54c12a9b1a247c2f2d308667a9375a180b6614c53b7652518e941782071b1a3ec11e453214a21c12f38e9a39705b972a528ea3fac7dba25c1eb57f50bd25bb8af952b1d3ed4e272f5a89435007e4468a34a0a839f03c984be41b137dcda2748bcca336c74424df2dc89633bafb80c4ec93846e8d96e97d7e68fe423f03dff7999e31e079ed42bac93c52a4b69d8f5d60127eb63bbede41ea65f4f5119dd9c2f86c8d7881c59201900b27aed1f729fed93acfb374d6fad1a385d633526f0e26c162ebf62f06c9d22814830d5352cfd29508ea67e74e16aa76b97f2fa16523134225024f91f203ee2375bbc207c4cef6fc7e34b74644be699c1704330f8901e0ed5ffce5e1c900103b197005f27f4bbd0238ed8a220ad41f528e06e669525541b947017e17de62b6c2de16a7cb867f6badd10b1e47a48323262b71e55f6ab7ca4c36e84ced1985c91c9ab081e6301c9987f5dedb5b1b89e199c2c05c987b188ed97729f0a7a91c21f3bb977abc4260085c3f530cc55b2ec1127cdfa41372394fa6a10c635a20a3fbdf45c0e2371a6ffa70b2401ad126f09e20611ec5efa36083f1f91dafde3a9d1049c52aeacbef620b5968dfe8ab12fbcaeba4c7b4a219e3aa4bf35ba23d29003196e10884cb780e36e0874a7792e2ba985b07b322da80366677b167256fafb842eb7afed3805cd26eb132d7392f77d2ddf1a40a44a80707f3e716474e31380ef7363b7f4d595c83fc084c6a37e62b6ec5f2a0169ce30574a558cee94f8dc1e482d8e3e6e76b7a1000419d1b4eaac854d572bf7d85ede7753f7e6e6c085599150e566854ce7337c0c5c81af611e9d32aef99c58d350abd4da7ee591079f57f97a90eda593805cfd5308a4f8bff3c1e0b6db097d32981c75caec97a848521676731b4a10719146f0963a23545073b35c2f01a84b521af5cc5faf3d36424082f5e1fe8b9a47ecdc3e9fab8a2a157a00ac2e90454e8a8a87e63edd80cafa72cdfe2199381d882a032eed03dc061e93926a67eaa85233788ab6f97d52277b464e59d83d4bdac79b059ed9688e667a2d43df1a2a8d06000715a1fdacb3eab58fec18962e91952dc3bd1f5d12ea6d9bc252c19a27d0c6ec1ac5783555ef432993ea00d86ea75ad69ffb2e809be3336d09da47c5b4c5813885c9e8d622553dcbd30bea6885b2e81754aacee71ada325b25d1402b1155a9b64578528be15b500e7daf9e3560909cb8fb4466a4fd0cbd34274c99eea3715b0c28a5b119e879bbda3dd9ed4de3bc73f9eaff122fa8fd488dc39a49a8d6d26966673dc3945aa8a823210b0feef9acb16ab51bbe64de0c2aebf4f8210e7e2b9064ce9e642c361e2934900bc2cc6a4abdf94fb1876c02d2b0974f24b9104966325fbf4e97295714a33bc09dd1275c47b775a41f8a5e05a253d58eb5573cde4e3739c1d20edef8fa69645dd714e3b77d3bb2bffe3657933ab17566bfa8c7507a0cdf4f62f8c41d48a5906e5256da09385813a49aa9e63dca96bd57bf948588e9d9887fa26195fbb2558968045e757c63b3b93e53efd3e94fc8d0c35139ca82c5573397c5290c587e4f156fa5c0b38ec9497e4c0db8120fa8ffce70349bfd6061fa6be9528fbb31eca1b5114695c67de1dfd2c3caa5b632ba2da687c3274479da95d2d862530a168ebdcee655ea2f0f5b1f5199e3491f16090ac7c054ba088a5280021589f63d497014ca43ed73b1fc24be10c1cbf26dd02fde1df570c19dd6e77c5516c47b7403aa1b02aec698d55a59d7c4a6afe5d14dac6416ee1dcdd2d0a899d16b707e399c3be49457849756c7799524150071ba68220fe3640a05a5290508c639a53d14d75d34244265e141ff6e0337e27e4ffba123663822d9ba41835b6bd19e5b9426386545dd0cb197d2d163b0758d1d7bca24622c83cd471f88028363bacee0509c87d40558bcdbe7675b17f21af0b7223cf7c51a11683040e88455b66443c4430d0153d193b9700c09a5bb37996617d22b9e6459aa8f580b498bfe1a659baca0c80c6f8501b2712bacf761f2e97ca6496de548e9e3a02680fc84b81265caeb6f2b7b661788765f891a99270a7b477b2ef34a06a43b16dcdc16235830e6b573e5dbe68c0a1cf6e3bea55a4ae1675529f423714c37df9df76f6ea8c3c03f0169444079f6cf8622fe0bc67f82124fed2ad55c46c627d88c7892168158dd64c37a2ca7d99156a0ef27d66fefe6ff5777c0113fe788f48349fc752aa832cdc28679a8a710445e27d6f40116883ad110f128b999c88c3ad49264ee7620089c71479cfb74c48dc6895be22ad7053e3623b80437e3d639496b1864a238e268f7427de87c3f849c568964bf0b4920dd695afeedaa80d8981028524ef695f27e43b73bc8adceddf4edc1afeecd88ac3eb858b88b808a18d4404852ec3bae714e948aafa6b2a2ec345e598860da0fc6ce375f7382fe7ed37a3587bc115dea7b9392f4ced6375fe0ebbcb581aca35af7032af4b05b291795143391df1d283780ef1cb9c9a8330bb12e1b1e3488277ecac81559234b895a4984bd90dadc069618ff8427d9e3671ecc5a916bc6002a8f3a40689e30b6e7fcd7b8ae4c10b0c5ad576c3c161cf23415ea028ba24ae1d2d08480f774726b4bf653745a4d44a3c7d2be210c3d816f6256d5ad2092582abab6efb62db271b9566496d4712b93608753dc0e056fc8f5180e410b5d8bd1f9a6a2a6e59fd9c1cce41d63ebd479621f008ea58caf07b59213e3e61e751cdaea20c7f8a3f4d0d4b792d1300a78ba08ce76d00c10f886380827085e1d2dfc24395497c664698541d1e3a9670646c789c9495f657c327b23b690ffd1a40deef8c81b02a5b32df90ca102d6c43a954c0e8df52e581268c6a0512335871b15e6020aca1f9872d99960131619549b11bb45b585ab37dd2ddf45927704c1610c33f064f7a0bd237bcba308d7b1257196a848a2164de76a261d121591ce89e1d4a530ce5620f738d3913f1016a56222e2289ab9507a9445bff9ddb6abc5ec23fa7d4b506a4654d071f96756cca91dfc85ac0aeb403c0ecd1bf12c9e612ff5ed7460536ad0763adc657c30da35ff96368ea68846244fd574a826536973f562c113ab6d643589c8779ca0306f2cdc6f20f20881c96041d095143c6cd02b575ff793d39d33a67c0f4233b18b6fecfe41a7894561c77237ffbda7e66dbe116845be90ab8794136a3cced63168ce376897e2cd603cee5d0e81e86a68c1b96fdfcbb1fc453adc16a16d116a205121db3c0ac76467d23eb83b6e2cfc884013b5024eb3f59a1c20c54b7a6e3ca06143104b7ff6e9c8454d4e733450174aa2db68b89de1271854ebfc0e50125ed7793b2d27e2bc72b3c35806d61014f29d3a731cc7d47e4016b0c1371a42a99fe2456711f549a9b4d55952e68246d8f84addcf749903ae674bad357b7a7c766c4ba8149a38e7a43a8511181727e276f2816f65f01f0221d9d9885a17a9cfcce91a919f60c669bc0f574e3536f4aad5b41d1092c501898fb24b323b7f50f8fe4886f5c334c22bd12227342487838a14b2fca6a47e2e099f335a3f0869191d9f9768b352db74531a37f3ca8823b9f6ecd68bc37cb11d860dffa84b5db556b175b93f20548ba0ea436c0514b1ac23b26697a3297929395937c488a126d67e9fd8b13e5a23bc1d09957b7f63667f2ac7ace95f57f143e2f08de5e191614ff326614a24eba4b12cf2332e35a5491a5520b8d8ff299d71b542f7a375bd8d789e49e9ae52b0508c7063e63986cc356d6ef87088e475bc6cd35655dda43a51f2a4a5c2a49c52b4809a0a9a56afeec38362e5a3947e613ae22419bc4a6a5467380f60b6083292850b5241e4497392d8d5abef8fc5c7d13d644cea643a5aa8b97c8ac51cce1c73dc3be2fd0f3cbd3773788d1e13ef742456f32ab0a0317692059bc15fef91e3d7dba415649845bca164573e8ec5c5ead226473d3667c6a5570011ec30938c06fbef58203d79158071ac9e85ecc6b2260f4baceb987e170938ba2dbc66e617231315776ae1e37d254f135ed53b46bf1ffc6c8b02db9940021477d0bcf89ede512e8e5adbc5beed22d0ef6fd0dc91c90cde5b847cdeee786912bceb88668bd92a2004d97c7da75f75b376c8e7cb4572ee656653db23588056a69180e8dd3411ea288608ebc9401e23f188c426f5bd0c4777ba6c1e7b31b2aa9bebd1d374447b0dba8e61c4e18b6f0dc25a3e4824525343a5ae4de0d082fbfa35caf318558e720a2ee333adf69e3a93ac8e3bc363bd66abebe8753f90655be9f2b2eef4048a5f9888bf8fdbcfea25438eaa2d7e3852710049c7faa7373e71ce16b80e270b77df578a32edb1fa45be15db8ef5bcc1e5b09c99c0f1e1b0f0c448bcf0fc9683344ca7e9440ed7bcbba54c2ec03db8d018e2bdc79143810a153dbc2db92c7b75d3af7272d8e0df1d138d0b8b3730c6a8ce2aa1cddfabe0e8c466397f8545204695d1e96069fc6ec04af38c1abedf9eeefe2e02a34a3e33b3412f009c89f568bf7d84cd1122835d709ed8e4bc26bb4894c69468db6c68f879af21b084407ceb873fe1f8eb28e75f51aa6758f4b541f28c4c44a4aa2b44a4bc84012d9b3bf88732d2a40494321eb0c60a08c72fa339ec88dd73e7c79ab68a03d34274e59f33e0850859b9606c827fd9e61549ad7514d3989909c0d26ae3a897195479aac7ba8d3441840385541a3c8b81b204a7eb64fdb6d13eb195ee7ed71634a067ce5719bad890012478d4a2eef0edaefbbb347e1aa973a971fedc6ebe77ee313851ca829da861fcb9996ca7a8194fd1de2085f8ba403bbd8199ba151746e3b8e40c9c23615934d525912600e959fe44d7e51d0b32e6f9bbe0350c5594ecd8542c46487b4584052241181bb5201630677f13fa5f31af7e9d80399d255ef7b1a1ec5c8ce2b4e67318c2f735472eb767d1f29ff311587d514bbf5470a5c54dc9137a14df3ea87d657664a984a7c14b1bf9b5a46422c4cda5c00a6ae80d41094760af59af8b16209ac89b6dd08680ca22f733fdaac5289e924fd174cd8afeb18c91b0357f49891813a7c34f332fc534062717d3e910dedf888529b1d235ebbe877be7ce9a04b98b28dc6c", @ANYRESHEX=r3, @ANYRESHEX=r4], @ANYRES32=r5, @ANYPTR, @ANYRES32=0x0], 0xa}}, 0x0) 21:42:38 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) 21:42:38 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x75) 21:42:38 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x3a800, 0x80) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x2, 0x800, 0x2}) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r1, 0x16) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x626281, 0x0) setsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000080)=0x1, 0x4) [ 1818.285041] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1818.292595] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:38 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:38 executing program 1: gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x34, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) tkill(r1, 0x1c) 21:42:39 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) getsockname(0xffffffffffffffff, 0x0, 0x0) epoll_create1(0x0) r1 = openat$nvram(0xffffffffffffff9c, 0x0, 0x4480, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0) r2 = open(0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x0, 0x2}) statx(r2, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000040)="02006800000ffffffff60005000000e08128b14700000000d59863d20000000002000f2020cc00000000ff0700690000030000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055aa", 0x60, 0x1a0}]) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_CAPBSET_READ(0x17, 0x10) tkill(r0, 0x16) 21:42:39 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) 21:42:39 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(0xffffffffffffffff, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:39 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x76) 21:42:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c000000000011905000006435c45b6450e3ccbd49600000000000a000000070016f8ba000400fe800000c8bc9c0001000000000000000000bb0c00020005000100000000003c0002000c00020005000100100000002c00017d9f0063227cb8be0000000000000000000000000114000400ff0100000002000000000000000000010800f5ff000000002c000d0014000500fe80000000009ee9ffffff000000000014000400fe800000000000000000000000000000ca3f79bbf304e4d27cddb2a85d00"/208], 0x1}}, 0x0) [ 1819.244217] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1819.271351] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:39 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000001c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe8000000000000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:39 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x4, 0x9, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x9a0914, 0xffff, [], @string=&(0x7f0000000000)=0x2}}) getsockopt$inet6_tcp_int(r1, 0x6, 0xffd8433be5285938, &(0x7f0000000140), &(0x7f0000000180)=0x4) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1819.511702] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1819.541475] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0", @ANYBLOB="770abc2f73d810ac3820ece1b21183a34befb9e584589500a35cfd21cb4bc529907fe7586afef79cbcfcdd4bb1f6bbaa045b6571e9cf186d2ab5c90ba076d38789d294e19cd9d524a04fc6d77ef6c254d021eddcf705a949779dd8208ae2006abd68bfef7c4705c1c55768edd562"], 0x2}}, 0x800) 21:42:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000da000000000000000005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe80000082784a1cffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x20004880) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000002c0)={r3, 0xfd9}, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={r3, 0x2c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x101, @remote, 0x2}, @in={0x2, 0x4e24, @broadcast}]}, &(0x7f0000000140)=0x10) 21:42:39 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm_plock\x00', 0x109040, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000200), 0x4) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x40, 0x0) ioctl$TIOCSSERIAL(r2, 0x541e, &(0x7f0000000140)={0x4, 0x9, 0x1, 0x2, 0x77b, 0x661b, 0x4, 0x5, 0x90, 0x2, 0x1f, 0x10, 0x1000, 0x3, &(0x7f0000000100)=""/64, 0x3, 0x7ae0, 0x100000001}) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:41 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:42:41 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) getsockopt$PNPIPE_INITSTATE(r1, 0x113, 0x4, &(0x7f0000000080), &(0x7f0000000100)=0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYRESDEC], 0x1}}, 0x20000004) openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) 21:42:41 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x77) [ 1821.698562] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1821.713765] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1821.728867] selinux_nlmsg_perm: 306 callbacks suppressed [ 1821.728883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.764382] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.783347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.797651] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.812481] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.826837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.841023] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.855220] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.869472] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 [ 1821.883505] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22925 comm=syz-executor.4 21:42:42 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000080)=0x14) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) keyctl$setperm(0x5, 0x0, 0x500) 21:42:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100ff0000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000900000000000108000700000000002c000d0014000500fe800010000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:42 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(0xffffffffffffffff, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:42 executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200000, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {0x2, 0x4e21, @remote}, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e22, @rand_addr=0x7}, 0x112, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000040)='team0\x00', 0xa70b, 0x6, 0x800}) 21:42:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}, 0x1, 0x0, 0x0, 0x8881}, 0x20000010) 21:42:42 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:42:42 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x78) 21:42:42 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) ppoll(&(0x7f0000000500)=[{r1, 0x2103, 0x64}], 0x1, &(0x7f0000000580)={0x0, r2+10000000}, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:42 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {r1, r2+10000000}}, 0x0) r3 = socket(0x28, 0x2, 0x80) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'veth0_to_hsr\x00', {0x3}, 0x4}) r4 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$video4linux(&(0x7f0000000100)='/dev/v4l-subdev#\x00', 0x4, 0x101000) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@local, @in=@broadcast}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in6=@local}}, &(0x7f0000000140)=0xe8) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000180)={@dev={0xac, 0x14, 0x14, 0x12}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x7, [@local, @empty, @multicast1, @remote, @multicast2, @remote, @broadcast]}, 0x2c) ioctl$VIDIOC_RESERVED(r5, 0x5601, 0x0) tkill(r0, 0x16) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r7, &(0x7f00000017c0), 0x333, 0x0) r8 = accept4$rose(r7, &(0x7f0000000300)=@full={0xb, @dev, @remote, 0x0, [@bcast, @default, @rose, @null, @netrom]}, &(0x7f0000000340)=0x40, 0x0) ioctl$sock_SIOCBRDELBR(r8, 0x89a1, &(0x7f0000000380)='ip6gre0\x00') [ 1822.629880] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1822.653391] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:43 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 21:42:43 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x79) [ 1823.533151] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1823.543664] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:44 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:44 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x7a) [ 1824.431190] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1824.448789] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:45 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[]}}, 0x0) 21:42:45 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x3, 0x1, 0x201, 0x0, 0x0, {0xc, 0x0, 0x6}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x7fffffff}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_LABELS_MASK={0x14, 0x17, [0x3, 0x6, 0x7, 0x4]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x41106cb5}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20040000}, 0x800) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:45 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x7b) [ 1825.437494] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1825.456469] netlink: 'syz-executor.4': attribute type 5 has an invalid length. 21:42:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control\x00', 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) fgetxattr(r0, &(0x7f0000000100)=@random={'btrfs.', '/dev/loop-control\x00'}, &(0x7f0000000140)=""/9, 0x9) [ 1825.699017] audit: type=1400 audit(1581370965.638:4076): avc: denied { read } for pid=23001 comm="syz-executor.2" dev="sockfs" ino=303604 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 21:42:45 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x200800, 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000f3c0d4485dda985dc802b5e500ff030000020000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000004000000001000000900000000020000f000000000000000010000000000000002000000000000000000000000000000000000000000000000000000ff000000000700000000000000000000000000f1ffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000907d22a0bae309f7b6ca"]) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000240)={0x8, 0x4, 0x2, 0x0, 0x2}, 0x14) getsockopt$packet_int(r3, 0x107, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0x4) sendmsg$FOU_CMD_DEL(r3, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00042ab57000fedbdf250200000008000600ffffffff06000a004e23000014000900fe80000000000000000000000000002208000800e0000002"], 0x40}, 0x1, 0x0, 0x0, 0x20000044}, 0x4000008) 21:42:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f0000000100)=0x2000002) 21:42:45 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x7, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x370}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040041}, 0x20000000) 21:42:46 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x0) 21:42:46 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0) ioctl$UI_SET_KEYBIT(r2, 0x40045565, 0xd8) tkill(r0, 0x16) 21:42:48 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:48 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:48 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x7c) 21:42:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bab83edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}, 0x1, 0x0, 0x0, 0x44810}, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x101080, 0x0) r2 = socket$inet6_sctp(0xa, 0x0, 0x84) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000180)={0x0, 0x2, 0x7, 0x1477}) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x68, 0x9, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x3c, 0x7, 0x0, 0x1, [@IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x6}, @IPSET_ATTR_CIDR={0x5, 0x3, 0xa0}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x4) r4 = socket$tipc(0x1e, 0x2, 0x0) r5 = syz_genetlink_get_family_id$team(&(0x7f0000000300)='team\x00') sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x14, r5, 0x8b332b27f3670133}, 0x14}}, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000440)={0x0, @empty, @dev}, &(0x7f0000000480)=0xc) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r10, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r13, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r14, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) r15 = socket$nl_route(0x10, 0x3, 0x0) r16 = socket$nl_route(0x10, 0x3, 0x0) r17 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r17, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r17, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r16, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r18, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002000000"], 0x3}}, 0x0) sendmsg$nl_route_sched(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r18, {}, {}, {0xfff1}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc, 0x2, [@TCA_TCINDEX_FALL_THROUGH={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000840)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000800)={&(0x7f00000004c0)={0x298, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x4}}, {{0x8, 0x1, r18}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x15c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x3c}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r3}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x5}, {0x8, 0x4, 0x8001}}}]}}, {{0x8}, {0xc0, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r14}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x5}, {0x8}}}]}}]}, 0x298}, 0x1, 0x0, 0x0, 0x40}, 0x4000840) dup2(r4, r2) 21:42:48 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) mknodat(r2, &(0x7f0000000000)='./file0\x00', 0x1, 0x5153) tkill(r0, 0x16) 21:42:48 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) [ 1828.551530] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 1828.564670] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 1828.584718] selinux_nlmsg_perm: 385 callbacks suppressed [ 1828.584734] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 21:42:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f00000001c0)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x210000, 0x0) ioctl$IOC_PR_CLEAR(r1, 0x401070cd, &(0x7f00000002c0)={0x9}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000100)={0x1ff, 0xb, 0x4, 0x0, 0x1f, {0x0, 0x2710}, {0x3, 0xc, 0xf3, 0x5, 0xac, 0x80, "17134131"}, 0x7, 0x1, @planes=&(0x7f00000000c0)={0x0, 0x7, @mem_offset=0x8, 0xfffffe01}, 0x5, 0x0, r2}) ioctl$SOUND_MIXER_READ_RECMASK(r3, 0x80044dfd, &(0x7f0000000180)) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1828.698677] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 21:42:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c000103000000000000000016f8bad33edabcb8060000000000011014000400fe8000000001000000000000000000bb0c0002fd04000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000004000000000000049000000e0"], 0xc0}}, 0x0) [ 1828.750049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 [ 1828.816848] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 21:42:48 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000080), 0x4) [ 1828.863830] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 [ 1828.885583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 21:42:48 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0xffffffffffffffff, 0x4000001) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014ec0300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e03864f0fc006f2500e99e62f9a07de357a507d019b7a23ad53dc0673d4205a0e24e0a5395a3c5bb50e8016b33f596ca4edeb88730750c949feb5716344503fb3ca48911138001fd4c522d954712d26305ef4646ae7d178c692defa2df8a8dd8c91348ca1efd31c6770b1de7da7e977c0cf8132357d0671fe4914c4a2027d8976b582d4a13b60852e5bf6aa33ae7fcab9652a9c21af266f75908c241eb20b38249f59c3030fd2b1a7b"], 0xc0}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xf110bd4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c000200000801080000000000000000060000000500030011000000340004800800014000000004080001400000000708000240000000b208000240001b8000080001400000000608000240004000af0900010073797a3100000000"], 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40100) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000140)={0x80000001, 0x8, 0x4}) [ 1828.978719] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 [ 1829.025417] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 21:42:49 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bsg\x00', 0x0, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r2 = socket$packet(0x11, 0x3, 0x300) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000003c0)=0x0) r4 = getuid() syz_mount_image$hfs(&(0x7f00000002c0)='hfs\x00', &(0x7f0000000300)='./file0\x00', 0x4, 0x1, &(0x7f0000000380)=[{&(0x7f0000000340)="f9a4314ffa0a73b2ddf2d15cf73b3543eb0321167e8db7498cc5220f", 0x1c, 0x4}], 0x200851, &(0x7f0000000400)={[{@session={'session', 0x3d, 0x80000001}}, {@uid={'uid', 0x3d, r3}}, {@session={'session', 0x3d, 0x100}}, {@type={'type', 0x3d, "0ab1ef02"}}, {@codepage={'codepage', 0x3d, 'macturkish'}}], [{@obj_role={'obj_role', 0x3d, '\\,'}}, {@dont_appraise='dont_appraise'}, {@subj_user={'subj_user', 0x3d, 'port1\x00'}}, {@appraise_type='appraise_type=imasig'}, {@obj_role={'obj_role', 0x3d, 'port1\x00'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000001c0)={0x9b0000, 0x2, 0x977, r2, 0x0, &(0x7f0000000180)={0x990a96, 0x1, [], @value=0x800}}) ioctl$SIOCRSGL2CALL(r5, 0x89e5, &(0x7f0000000200)=@rose) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f00000000c0)={{0x40, 0xc1}, 'port1\x00', 0x25, 0x1800, 0xab8, 0x3, 0x1, 0x4, 0x81, 0x0, 0x4, 0x81}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e000"/192], 0xc0}}, 0x0) [ 1829.069330] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 [ 1829.108788] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23037 comm=syz-executor.4 [ 1829.199345] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1829.213933] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1829.244811] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:49 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) splice(r0, 0x0, r1, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:51 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:51 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x7d) 21:42:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x0) 21:42:51 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x5) tkill(r0, 0x16) 21:42:51 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) splice(r0, 0x0, r1, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0), 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x1}}, 0x0) 21:42:51 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:51 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYRES16=r0, @ANYRESOCT=r2, @ANYRES64=0x0, @ANYRES32=r3, @ANYRESOCT, @ANYRES32=r1], 0x7}}, 0x0) 21:42:51 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:51 executing program 1: r0 = gettid() ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000000)=0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:52 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) splice(r0, 0x0, r1, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:42:52 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x7e) 21:42:52 executing program 1: r0 = gettid() timer_create(0x2, &(0x7f00000000c0)={0x0, 0xb, 0x1, @tid=r0}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'batadv_slave_1\x00', 0x2000}) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:52 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) [ 1833.035375] batman_adv: batadv0: Interface deactivated: batadv_slave_1 21:42:53 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) r1 = openat(r0, &(0x7f0000000180)='./file0\x00', 0x8000, 0x8) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYRESOCT=r2], 0x1}, 0x1, 0x0, 0x0, 0x40}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) getdents64(r3, &(0x7f0000000200)=""/54, 0x36) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0xa8, r4, 0x202, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000001}]}, @TIPC_NLA_MEDIA={0x88, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xde39}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x75}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb7fa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}]}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x200080c4}, 0x48054) 21:42:53 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 1833.594510] selinux_nlmsg_perm: 78 callbacks suppressed [ 1833.594527] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.614077] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.629038] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.643407] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.657674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.671850] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.689319] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.705072] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.719357] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 [ 1833.734853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=23140 comm=syz-executor.4 21:42:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f0000000180)) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01020000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3) r3 = syz_open_dev$vivid(&(0x7f00000000c0)='/dev/video#\x00', 0x2, 0x2) fallocate(r3, 0x5, 0x3, 0xfffffffffffffffd) r4 = socket$packet(0x11, 0x3, 0x300) r5 = syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x8000) setsockopt$IP_VS_SO_SET_TIMEOUT(r5, 0x0, 0x48a, &(0x7f0000000380)={0x61, 0x8001, 0x4}, 0xc) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$VIDIOC_QUERYBUF(r6, 0xc0585609, &(0x7f00000002c0)={0x2, 0x7, 0x4, 0x8, 0x10001, {r7, r8/1000+10000}, {0x1, 0x0, 0x0, 0x4, 0x80, 0x7, "a844ee10"}, 0x80000000, 0x3, @planes=&(0x7f0000000200)={0x40, 0x7, @userptr=0x100, 0x1114}, 0x100, 0x0, 0xffffffffffffffff}) recvfrom$packet(r9, 0x0, 0x0, 0x20, 0x0, 0x0) fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000100)=0x3) 21:42:54 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x82) 21:42:54 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:42:54 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) 21:42:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYRESHEX=0x0, @ANYBLOB="ec324d0aff4adc7a4f3c7ae06ec805550354ac36d56f9e6e565970efecfc3b136082ecb9f734b6fa8502a3c474245c9849a04d9929a2dc26dfa05dc1cd8fd73ed84b1da0d51ae62940a913485e9140e0147cad448d585cd367c337d81157cf6e8c7fe52b25ea739f9fb05a4b5dff863a186dbda6e073e8befd1dc7dd2094b32546c4777c6f3566246511f2db3e12afffab3e1a6d48dae0c8664badf837d51d609aed3251ad8d", @ANYRES16=r2, @ANYRESOCT, @ANYRESDEC=0x0, @ANYRES16=r0, @ANYRESOCT=0x0, @ANYBLOB="18e07590525b7d04a322472bd80233620e5a0562f8734956559a5b9ce9f24167717cd9c12a00f0b0c838d5e3ef92c93dc635adaeeef11267757935608a61eff88dc2adc5f84275fff3e715c2330a299dbb1f8f0d6aa8786f6bedb12d18b6382d08"]], 0x2}, 0x1, 0x0, 0x0, 0x8800}, 0x0) r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000bc0)='/selinux/policy\x00', 0x0, 0x0) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000c40)='l2tp\x00') sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x38, r4, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0x4}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) 21:42:55 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:56 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x20302, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000000180)=0x6, 0x4) recvfrom$inet(r2, &(0x7f0000000100)=""/98, 0x62, 0x140, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10) tkill(r0, 0x16) 21:42:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe80000000010000000081a9234a00bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c00ffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:56 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:42:56 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x83) 21:42:56 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvram\x00', 0x8000, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000100)={0x80000001, 0x3, 0x1, 'queue0\x00', 0x10001}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f00000002c0)) fsetxattr(r2, &(0x7f00000001c0)=@known='trusted.overlay.nlink\x00', &(0x7f0000000200)='/dev/nvram\x00', 0xb, 0x5) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff0100000000000000000000000000000007ff00000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000140)=""/206, &(0x7f00000002c0)=0xce) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) getpriority(0x1, r2) [ 1836.449868] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1836.904768] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:56 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:42:56 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x84) 21:42:56 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe80000000010000000000000000001bbb0c0002000500012dc03e7403d104dfad9800000000003c0002000c0002000500e600000000002c00010014000300fe000400ff01000000000000000000000000000108ddf454f2e3e40e000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e000000000004906a546791ad4f47a1614de5dde9958c2b4ebfd6bb6cb9b5c5b96e8db2795c19aa38f94ef83e02c9b0903da41969f3d82fec2e71314945ff73b8496f27c860155e848c0683e9c3c3e18b6e5a8423ce4e3306b38ca35b4b256faf0ac0a82179a5980a1c1f573f06773aae2f22b86914285657304780a38b06c90ca7a96535c935ec4cb303286ffb4b65785c0e58c65c6662a2cdfedc7ae3519f6cbd7eac7dd48111a12e175f412be0428adfdb95df8f8bb224e06de7c4fc9b3860b86685d321db73a0fbfa14b14b8b47dbb9710f91bd326888348", @ANYRES16=r1, @ANYRES16=r2, @ANYRESDEC=0x0], 0x4}}, 0x0) 21:42:58 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:42:58 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000100)=""/149, 0x95) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) sched_setparam(r1, &(0x7f0000000000)=0xff) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:42:58 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:42:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x0, 0x24000) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000100)={0x0, 0x41f622a0, 0x1, 'queue1\x00', 0x7}) 21:42:58 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x85) 21:42:58 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:42:58 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x15) 21:42:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001004cf501001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1838.431099] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'. 21:42:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) connect$phonet_pipe(r1, &(0x7f00000000c0)={0x23, 0x3, 0x7c, 0x3}, 0x10) syz_init_net_socket$x25(0x9, 0x5, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000e73c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ff63ff000000000014000405000000000000000000000049000000e0"], 0x1}, 0x1, 0x0, 0x0, 0x4092}, 0x20004000) 21:42:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000000c0)=[{{0x3, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x4}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x1}}], 0x18) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:42:58 executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c0000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114002100ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000eb69f375b4936d"], 0x1}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f00000000c0)=0x490, 0x4) 21:42:58 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) lsetxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.upper\x00', &(0x7f0000000140)={0x0, 0xfb, 0x18, 0x6, 0x9, "86c79ab48d9b8bd99edfd36109469aaf", "ae75f1"}, 0x18, 0x1) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:01 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) recvmsg$kcm(r1, &(0x7f00000004c0)={&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)=""/161, 0xa1}], 0x1}, 0x6160) getpeername(r2, &(0x7f0000000000)=@ax25={{0x3, @bcast}, [@rose, @rose, @rose, @rose, @netrom, @default, @rose, @rose]}, &(0x7f0000000080)=0x80) shutdown(r2, 0x0) r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCAUSEDIAG(r3, 0x89ec, &(0x7f0000000500)={0x3, 0x4}) r4 = socket$unix(0x1, 0x5, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) r6 = dup2(r5, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={[{@fat=@umask={'umask'}}, {@dots='dots'}], [{@euid_eq={'euid', 0x3d, 0xee01}}]}) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="c0000000001a190500000600000000000a0000003bffe5002c0001001400070016f8bad33edabcb80600000000000010140004bb0c0002000500e0ffffffffff3b0002000c6eedfc99000100000000002c00010014000300fe88000000000000000000000000000114000400ff01002000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0000000000000000000000000000000004c6342fdf4a4a364efd2f887e11ce5fc6696f0d83d0ab97ddaeefe43f389652b461ec0ea01cab2cfdbf6fd4be443e9d27ff095f7996a8ee7c7510a808ffc3a7829098e587d35258ca6181332e9897471cfdc4d60dab06a1f3590cccbcf03ecf7afd3c24e8299c8832196f4ce04815ca51645c627b0bfb4f6e2ff0737a48c13a36edae597b021d0becd72e26ea8889ff0cc50bddca7c7692468f3767ac2f6a2624542b4620b9c5f35df68ab9ce5bd90c1bfc0ec00a1d9bf3e080eca1e07a10930333a674c2bf3cae565a928e66094067ac4d753614d72aad2223c56"], 0xc0}}, 0x0) 21:43:01 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) tkill(r1, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:01 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:01 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x86) 21:43:01 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f0000000100)) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000100)={0x9, 0x2, 0x4, 0x100, 0x7fffffff, {0x0, 0x2710}, {0x3, 0x8, 0xa, 0x2, 0x3, 0xff, "260bb053"}, 0x80000000, 0x1, @planes=&(0x7f00000000c0)={0x0, 0x80000001, @mem_offset=0xffffffab, 0x3}, 0x400, 0x0, r1}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x1}) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000200000000000114000400ff010000000000000000000000000001080007000000003656000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1841.444248] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. 21:43:01 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 1841.505652] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. 21:43:01 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000800001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:01 executing program 2: sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:02 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:02 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x87) 21:43:04 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:04 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:04 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:04 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x88) 21:43:04 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="ce1bc00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100ff141b51c700000000000300fe88000000000000000000000000810114000400ff01000000000000000000000000000108000700000800002c000d0014000500fe800000000000e9ffffff000000000014000400fe80000000000000000000490000"], 0xc0}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000001c0)='NLBL_CALIPSO\x00') sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000380)=ANY=[@ANYBLOB="87ac8fc7415868874dec5624385769aab4a586dc15f723b23db01fd4320b15e26c55485c905a5de3745dfbd26bfe4c7e7b55ba7f7894109bc43611a78792000000", @ANYRES16=r5, @ANYBLOB="00042abd7000ffdbdf2502000000080002000200000008000100030000000800010000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) sendmsg$NLBL_CALIPSO_C_ADD(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="000000000800020002fff200e89e1225d6b921de1b628333a7d008e813bdce812e3646560a593c18039969b10bba1615364552fd28726d93eac3f7e7ebf49bf3d76cb5b07547ec790bc49760580000941c"], 0x1c}, 0x1, 0x0, 0x0, 0x8801}, 0x0) sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r5, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}}, 0x4000800) 21:43:04 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = semget$private(0x0, 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002e80)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000003540)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000003740)={&(0x7f0000003500)={0x10, 0x0, 0x0, 0x80000080}, 0xc, &(0x7f0000003700)={&(0x7f0000003580)={0x164, r3, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x20, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3f}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x800}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100}]}, @TIPC_NLA_SOCK={0x78, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x59}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xb6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x400}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf0a2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffffa}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffffff3f}]}, @TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x4b46}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x401}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_BEARER={0x24, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6bb3}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'bond_slave_0\x00'}}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x10}, 0x4000) semctl$GETNCNT(r1, 0x0, 0xe, &(0x7f0000000000)=""/109) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[]}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000003780)={@any, 0x4}) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000003900)='/dev/vcs\x00', 0x0, 0x0) timerfd_settime(r4, 0x0, &(0x7f0000003940)={{}, {0x77359400}}, &(0x7f0000003980)) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003380)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="bedd8a2f07e8cab3c5e56cfcfc04ec44e7cdd2406f7e663e3bf3a291340c717d985c207dc7a3b990057a1736d8ac9f25302f5230f9df3967bd9334525e5d6b723d4df289fe6d45a05d0dfdfe231fad8b", 0x50}], 0x1, &(0x7f00000002c0)=[@assoc={0x18, 0x117, 0x4, 0xfffffff7}, @assoc={0x18, 0x117, 0x4, 0xffff}, @assoc={0x18, 0x117, 0x4, 0x7fffffff}, @assoc={0x18, 0x117, 0x4, 0xffffffff}, @iv={0x58, 0x117, 0x2, 0x44, "fa4f6a6c8d995636f8e966ab498c8dd705c0b09d81b97180652344b4f2cdfe827dd71159536cc3ca2f0907d49eefe149f5c8bd00323464e080d9e82e9b0224b8c0458324"}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0xd0, 0x117, 0x2, 0xbc, "8686b0a3268c32f59c8d22ee787a395996f8ee1885ab9003315763ef9f8cc039be338cfa2cf74f169c989651b948f2d4e31a3b2b6a07500ae02ee2ec4ba206187bf3825ab94bbf1d2bfb62a58aee98a57a88a4b4a03160bee09422eeea5f03e380d0ad4bdaf55d2b728af5d17d75453584290d57124c57a77ab6566f86a2ecc895f36a2abaf4d23017156e4d7a740f82ced3ae5e3c99a20310f05f8fc840b9ba2a95033809ea0fc61114270e7b45e12fd43b9097196dcac7973f6279"}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x30, 0x117, 0x2, 0x19, "bfeae2824e49c4a9a8ac79a6279160eea0af781dd6eac7ab2b"}, @op={0x18, 0x117, 0x3, 0x1}], 0x200, 0x20000000}, {0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)="8283cf24d9b070f147a1670d8ad43dcd0a969f176987354fd5f91da2315b62dd8a0417ccdb7eaa97c05f9683ce0335423c175d3f9766f1a36c62175492538cfcb690b649a51d397467ec088a1e2b3d136e6c0e220345691e6ec18e97aa3753d6b7900f43986d11ed334cf38de19af3b3b48950116265222be20a118af7f4355d1a2e9f72d1e41a3c8115c89c56f348b4246c3bc7c9aaebdaa32574353cb5bf16d9ea06db2a7e44785263021dd6153b46b928f339eb916b51d068f49570232fc1982648111adb6287b0813cddffd70392039d3b9238768b1b8a25b82903e204982fa7cc7e8692", 0xe6}], 0x1, &(0x7f0000000500)=[@assoc={0x18, 0x117, 0x4, 0x6}, @assoc={0x18, 0x117, 0x4, 0x46}, @op={0x18}, @iv={0x1018, 0x117, 0x2, 0x1000, "120db702afb2d44da74f0ed9914d7a8cf82abebd88447fc25a6ae272acc4acc27da23b50886db171bcf4f91904032476cf4a432780cdd5cc0eb20e7840387eb1690659fbfc5de0632fea734af8c9d11119d93d9fdd1de83f42aa5b63e06641e3b5242b2cf4179e26359ccc0d0d4e4ed1696adfd1e3885e5a3405a73eec95e662c4b52fde1f91a11c439304172ead17a273e7b8b7d3795f8ffce07de10c036042d17ced69c49e9c86a93e0dc98e857718bd866c62b4df63069d093a49d0d947525a3e499dcc754be16547c1c0560ae05d06169aeb521a1a4231f1d0d52af64c5fcdabb2f14037de954867ebaa536571e32e7807d03892dc4498a727542b02e177b6debb01713728a8515d98dc41e090f0f28403d0c29a94569bf013b8823dc620b4898aac5d37bc9d9844328d9db18391ac21317e7f8ef13e2b252ad825c3d56da3d6c0725dccbacb24aa9127fe47ef7bd728babb65dd76961cd283d75eda786f42ff5cc16e02f698b033f2fdcbeef11621832fc1cb0c81265c8471c62ab07faa3346f5e4e8b064dc04cbc507d56f64ea9707f1473b5e29080de600672f823f6b2e6f9e496d1d1f7cc9714869ea96228c7fe4eb5977e6a2e1efc8adcf57252faf6b933dfd71f778d0178a3c873d5dbae2460ef3d3eeddd7b003912accd2e001d4936331c88ac4ebff5c6e73e59dc64c40a881cf1e2d07018881230a101f88a227a24551f2d714bc5b8810f98b5748d9f7b3fd97e4f4ab23b913a22d00d0d651b41fb31c2919d4b46fb922a095f55f3c9e23478c28e8f0703328b4cf5746c7b466954451d84afd14843e71d4e8d86da578980c2e8ad03e85d901876e376d6c1801888e2b6a6e392a1de52aac1424d867709901bce405eec4500292a69fc177b06eb85cd3b72f7c7d3d1a559e76ca4e264ff4776e75b1bd7d728f134406405420cdf0f103eea41cc258f38131f930019358456c0f7b66565c612725d428cf2c7ad7b1aa10df71150dd77ebcd5bb1ea6f699194b642185d051acd5bfc9281c23c07f9876ed126590fa1a4407a95979ea8375bc4b1a0542e954e8e0da507fe8fd091dbc95ea94bdc98eaac78fed989597a15fad0fa705d13a1b5a64c25ac9649f9b3435fd9b63593f8c8901d562840bb13357caba9e6f443316e66089f8cb8c41bf0a49d538cc5fc686b89a135f22bdb7aae3de9d158a6a2741ac2b66c6ffebbae55c56540d9fc2f8e7d6379963af17fd5d0a868c5fed040290c50df9e32e52ebf91bfa24ae1a1cc18c5d953520445045085d90eadb524520bba862452ec33aa0bcc926b5e9cc416c89a11c203b434d2fcff8f6abad69cb1ab2de2b765890d3a870d657a12d7e7d5cef0c951a229f16c1429b5ae06cdcebf23b695cf082006b9e502ae00e2f4dd2e9ac56789bc79e97800e578789bd29718e990801456fd8dbb855b2e45a94882262661d5928433a160b8a8802a8ee627b5fab7d73745e44bdc5460df3eb0c18fd490b32e4a04997261f81e24229d08a4131f08f1a2ca135650d86c7bafc83293430337355d46e9591d882678b19f465d4604e07dca4237fab60df4d28308fec9f2782cabd24f11e48c4b1985aee39024ae5b2fa78659a348569b17dbda3b678c1b97249e8ae8fd88e8f891d63864d960b8cf4b411648c660b05ac9ea1e2c325505aa5f91a372d0730e01854d65440b90ac6458a298a57a8af6531588721161ba3f5389709d88b7d693b180ad71486336d42adf29f3bb9e316c630fbf82e989b59692f56bffa664c4f91ed45a14e84e10b4f5b3c69bca107f2b84efe498b77614534e78c89333e9fda6f119a1ef3d5fbdf7fc48e432e50136691e23b3313875f7788372939482f7debb45e6058570d92e84ef6e1f2adc866bbe69e19582f3c361a3c4c3597c3861a1fe8824212d501c5138918134da55357939bf63ffc76adb12f620b1696c93cb9164cbf8c5ccf366127ba81e78d17ed55bde4f8e795f5529242d66fb4d0dbe9a5e6b9c07c375b13faacd8a0d2d3e0791b1a4d99d3f29b53ac5d91458ec771874a1db6e88a3cb76d2e4d9106d05fe03719c1163d6ea9e4f302b1f29d7c238d3a6fa60d70b7e4e60e1a1d33bb4690ec07dd686256122f852fa3f4f99f4327bf7f0a291f23c0e5d381ddbc1411929beebda1ec0b5b13fa8b1ac54d94f1785ca4ffef37c2b044aaf6f4437cf7121303e1c412474b46693c4c725257ce8b59a865ce67d4a82c3d1c9fef7351b3f2931abc499a1b3bde3e6f88a5df7b95a46e7cb94b60e7c93e26a31558aec5b4444e7a069c62d3749a669ca75e24287aa7723b91df6a631e23f9e7ead82811dae07e8af50efa7e5d59b37869e833ab32ed6687d7ae14753fc63b11667f93c4336689e071104fb26c807b78ba85472adf4cf5a742760bf49db525ece701280dac982233ebf033abfc0411bbcca40c55cf5bc3f550ff7fdd73ae975ce2e63ee864ed16e1bec2bfd9578a2d5b9a5fd0d48f7da3f420c5966df17fba997c1c3a2fe9adb1a8b4258b0fd5bdc5a3a8f9d137610d2bcac9f5ee81056031683a45248c931e1a03b44caf54681a3766c0129738b48e1cec8e5e2d4e60561d7dc27fdf9405c02b956249e52e04a4256cb43b49dc810ab28e8009992c0880808df36ab02fd7d10e2b1dc13e1836c788b11b779de2ac41cd81b9a576d1e40fb95a71a23da3ec08eaa08ca445fb4559560c6e4950b148041ac7ba72f9afddbdb20a86fbd181a113df13503d69fb13591f6a4d9d9ad01068fd4d678c303734ae93517a8098d143f2999afa990aa6ebdcb19b9999308a18c22eeb70a407806b8960e0f12dccc6d7b7e9dae3a6bc63d65a448caf7429155718bdf1cb63a87999d4c1896e950ba9746250846e3be0e307c47255ec2979cb757875222ffe4342f860fa7d10d646623e326d0c01e2b704be7409155b3df617291042a83d24f3bcc420ff1e74da30cbf4fa1f09f36cc690a57385a3ad6573d83448e7ea156c720452c58af8ed92f75ded14a5a04c22f5a4871c7b0ba7b8b84421502eb32b0df800c97a727ea65ef395f5c044af45ccedc2174d4b05ccc4fa0c2f45b14f6ff479ee288375f6fce29b04a3dc1ed611548d348d1c2d3ab0667766261090995fb125323a3afc34c3fc624f145ee204eac960a5d29b4a3bb09fa81378b52e2a7a65fd28c9e4c39c74c2aa0b6b974d24f96b2364da1e02cac824d9feb33d3ec089f81bfb2a126bab0c42395c7be1f92f021a1614f9154d7b0eb6c0ebf56a0a92fa792f7d992cb15a561436256397ab611363aa4046091bc6221c2c16be0227be0b81c02ab355d1ecfc9a255b043ff1006afcfd4a46f27b997d45aec04897ef40cf89d9b8105f0c02bfe7955d86e5f09b0fa07b47c2186832f2beca596b19de6f953ba3fb05b884b650cc444b623b53e200da61611a00e032913d97a82412acd20d731a4e1835cb0e84ab59ffcc5ada139854227d934df02a3245be1d0e556a9fdfaa8096b50da920a560954f38343cad5a9dc95bfac2eb17ac61df0e90e2e09baa619b44b48bf5bcdeee42951c6356bacfbf60428120f132e6c473f30f855f0796f31a01228c2889c59aa67b1293518ffdf2f32f54497db948a71349c5792f60bb33524ac38d67c8fca78703de8f04042c041f1a594ac84af3879f4fe892831c051ae315caa7e90cf3eee204cda7dd0b65c8e49785f8e2806026af7d73c131bd631275971f087bea2f88ef2322991b5d7baf6de07d82b4f92b39b30bd5fb08209a53e274a8bc9679093821088cd926e0524d40616f0fcee0f347e36e5ba4e49006f39726821a1f550dc1088ba2441b9f3ed403bfc19dd97874f8848d48b345f0800b5974431d46ddbc29a3ac31b4f6b6c1d54f07b2301950d85da4b79f66e767ba539e93d66c419176a0f6d4cfd49126689823b3920090c281d8fa72dacdb2c5ae48ae88c6f717ee1481c817cf2e5c705c2428a81d4fc7d8ef3c00cc8ca22cb14023252e69507e40b5aaf627a8a77e19291bd824e60ec91767a5ba00b90cba7e6a292ce9ff1de63c0d9e920be635b67d87297ebd33cc71b230cded96420c68660380c30fa9f0a4efc399822a5e6cf034d779266fac6c8489a0ef74e48d2c2b16d6aa2d060c2edd0b0e615f17a3815d1b834493297dc383b895364fe00bb49731611377f3b740fbca7a19a2e7ad4da54e8d043dde19feb39c9bbc8151239284ea29188d131ecea099600a550a73394f5490fb531b8dab50389c86830fc60f238bf165d054c037e6691c1da807f3f348e7421cb5b994b79ed2cf0e481ae67ba79f9982e63be85e0f156edad8c6cdb5e14b1ad1c642d5b6214933d39ed66c3ace3c1adcbaddb6c76f6c39858b3801c850874e0a7e1ff055682aa295b986098843287ac4608cb0dccaa706aa3ad66310c7893eca6cae0af04fcc018092a291453c4d70a12aa14a5c55364dd748ff29949c6659f7b0185826aaed96d6e348a48dccac672ac4eafd1435803128f352749231581bf6c58650d578d193aeb147a9269d623567595dd067d076a6783b1c88e9bffcf946aafcec99c05cf0299615a8df0a0960039b5de694e8e3258adfa4ea3fefff9996f80a96d2c8cbd213152a067c59e9a87370fbd823255a71bd8f0fe9ecef76d931c640638e17dab1008b04acd7834fdad94338d3b30dab94d799eb5e021be5749c41a7d9c2d6830df268207a12a662577346095f1c94dd73d77fcf8b62f0901169e46d0ecf1848c9dd3c2b9fe82f0bdbed9d548c32e6dfca986a895b9baeabc09d77f38d419e4b7f001c15a416d676d2ed5333a622de644ec99761d1edb69871984a48f0113545724da3d4a25545dc897f251969d66760988cfd8bef22a7f5c73f4eaaf8c62c9c25eb28ad5f2f119c8148e0c5a33711866f25b9987c60a4248cb4258c2a411a0144940e7d29f050c27dbd5554ed918883f67354f5819913e283877348ca6a1e89d2996f6dd11555c6aac69d053873ded72d312bb9ab6397dd2e3b9cedbf5bdbba91c09e9ac3801e508950257e805f5992f353e739515125115418b85c36874fa8671529bd7de3ec45fe01b05f76795b378e62fddc59c967365daa8fd3b5b0543064f7e746dfaeeee2f5e2bda5a5f539356672e42f1ee8d0712891a6310c2a05b6ed13b35005023a482ea7d960519c560d2658c7e9ca8662f048982f29e9c76b1237eca0049c9f29d0752c760010607e6ecafe86a49df3dd94e7079e166fd10109f552130714334b21ba28ccfe87c36d32465fc28cbd27b95066edf6ebb5f303120601c84adeb8ad14c6b7556fe87f7867d88d943712c556a9b92dd5ad7b977e1f5ad9bbf9834e457b0c4771705cffeb4fb2c6ece4ff036e70bd704deedab1447185df79d4e048c6cd4587986d558fd28233ccdd2683837d1797334d121841bb49bc8a6990195c5a8514ef769ef11f6a753347ba13fc6de286dcf60c47323e452e4ba48c0458b3b30faacea667f7da0ac6eef306d032cf24c714bc222133bcd0ea35f2769106a137ab4b6cc979e519d6998e86fe125321e7afe46f4eb222282063008f7841fb70e8b9638ea18f457ea5dfeab7bc2b678c2f3b395a9a84d028a8484c0629258dccfeb981845c2a4856b1cba25fdb6ea3c2df0bbf311c5a40250fed32637466a2939d8b3dba219c0d945752dc9e63993894511fac11ff45811ec4ebb57b61368d57a1df28de473e84e2f816ab5765ab1b2a430dbb5bf26a37899b113bdb734b13109fefb89e35f125ec37b4973f77f535846d53816a14c2af6f90"}, @assoc={0x18, 0x117, 0x4, 0x3f}], 0x1078, 0x4}, {0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f0000001580)="107fea2a2c3fdd0d883840090fa93d0ea2b48b2951338d4d79fc44ba10157260765d3868f090e14a47bb65c3d3959b878c8dca515020ad18393aa3808c4fc33e1d2cc8e22bb38cc403c8ff0135c23eafb7447bf53f66e6b195cec52c7e60aec6fd6bd20b62a74664f262563f9aae09d6d2fd9cda566f241ef7ff3f7a0a5d0fba3036470d5d3e274a28b669554e0c9edf55b0e070de0a0db298926df696323645f94c3fec0484e6236de30b6479a78f3e7ca2ff386264c74c22120fa6ff", 0xbd}, {&(0x7f0000001640)="3b1ffe2a6beb89e7c7f5b61085ecee68bf5f79df674cfd36875a792da5bbe270fd673172cc6006ddaf89ebe529fe3eb65f8a55aee398340ad7d9fd4227d669a4ab795ccc6d7dff29ab9a03d221c01f8b790a03386fa74c257ff99440f55f5b03fa86b48e97c2f1fd9a67d7f6ff819b51d94b3d812fbed669e3b410f59656c86764b2114dcf68b7e1654b53e53cd60b4da7ae45243db1c87b3aa2b91f6baaf58569cb40e9d8c542dcbddc000371acab525302c386be7252140a5a593149609cfcdda22f6bff1e83e0401932fc4af5930130c13ce945098a9313a19c822ce89a25dd680301588def7c01", 0xe9}, {&(0x7f0000001740)="17fa33c5be3b48b0d4bee774c5fc28890a589147fba80a8c689d9e21e7a7e2384f47d8961361adcb28246c0e44f23e0cc2518e4d442d023cbf730b2f52e29a9f3d93ee45e5640ac510579ec0fe4c967f3c7bdadc1af9c2eaff0345450a1d5a1b07128be406e207b36d4da6de70ea1ee6cb386c77f124252d7c7d62a718e9311edb069a3677469ac52e877a8f328c8dc32db419dac9ce", 0x96}, {&(0x7f0000001800)="833f407ea6638086ad6d0ab16bc9e593ca3da469a0eff4aaee941ccd92d871641bbe50b47aacc9c8a9b8983af5f4911c6512bbd902971119e40c22b08b6bb417a0bc99cf701d2cc6e4e7288aa7f4808bac36bd1be49abf4b0e33b02df9a4689cd1cd8e5b13a3d1446a975169595d43673e3e854bc77733f6c6c031309146ab581b22d9d61c3bc237142e6344978360fc8cbb95202622ed955e0109cc5a6e0a0a506e94c4ad488c196030e4fe249ee147cc25a4c2c0d830d273d8e79225500f49f67b0ba309b00f26ccba577f1a32244ec74f68571ac35aa896fcc704040c729ef7356ed327fba4d2b9a02bd76a04", 0xee}, {&(0x7f0000001900)="b3ea019217d6d9be77989da9b86626346429181d71b6c16b6a79651e7c645a238d171a7ce88b56ef5118840d37376293f3e93e6d7310b4ca790d26d0cb4819b0413d4a49baa12823adb31fef838c530d62ad23b0f89793b436e56ded0d9b72ed0a9f4ee066b4838f4c4cdb9cf5c3e8438e9c096ec9d696575bdb", 0x7a}, {&(0x7f0000001980)="e11a654d073115320f7b3af0011ca9423509aa1bfc624ccae9dfa11914", 0x1d}, {&(0x7f00000019c0)="051daa2f2d33304e8423d4110b067403827e7f6dfcae53236ce2296032cb0944b41394e3813661307474b3850e4c0226f76e374927f07756f02b05389723dad625cd306b4107cc92bb67b813b50089a79ac2ede836103a5212a1802d0f28b1d035960b0579611134bdf66106e559daa7c30085aa06cc9c325469c7035cfca86fc9bec4f56376af9dae329c48857227097c689f6898347498f09de2d357fa8bc1a585097164d35d533e4921426a324cfe48c67c5759277b6796a7c35925f9b9b4b113ce9d9539b073264bac8fffb3eeaffc1eb22d8945b260ec61f099feb8a581888e26e7f83cf86274c42a73296e38e482fdd8b60182dddefab834d22bf6113b5f9a1c66f4fef95de4cdebc4c99f9fa82ea6da44ff9e515d14690bfd9bb2fbf48f2fb43d88e049126f7b16d98d2b7072e186e0233f94da3275df0c04ee67aa458e35adbd95ee67aa4cb6eb3668286a862e40f00a425e428fcacf961c584d83eaa3277e83085d3227e871a38afa6a97bcda8505a0ca27a99e4d1d27460509f8bbef90262a6cc6a5cc04c742af95824db7b8c03ad0986d27bec37aecf4c89fa44c5843b707bfb3f7cf40869aaad85c07fe609cba78458cce0125f7ea4d19d536d978c37a6759ec3e5140541e5bf7ceb220dae678f8b5b2ab673592b625f41e3053091facc947052e3db7dbb3091d0bf0dde41b820f2565af09173f3d3799f93a81fe323e16004a3d7e071e65e7f11a799d8e6dfdc98aa5f690f09903d031b6ad3a1a1bb17a93df0405e0a4b557d838a8bfddd2bd5146f7aa1fa8c6d6f2390049518c46d3e85454c7e9adafd00d2198a9e04e3851a91fe1b95189eecfff6a5c3f6fa4d9701e3e72acc7b29fe0a122cc50056823947a325c819f0a11d1d65503ae4bd06f6887d72b571e1300a335920730ef2a27da4e1ae31c96f70a00d9d270587385e92b7bd76500e2267c8ea2f451463f0f452cee17fa050a71c1b4a9d28a2c3c956ba234d956c18bf887fecfa6f47dfad9fe6d8033f51e93bb07587b57a03d7cde9fdbdb6e644f5999d2da3b981c27adbba88745fdbc9d1edb9aaf0a04a9cd9662ee8de7e383b8ee523981a869e5f782477b8a983e7bb1d425ca788ae1abce2bb15d0a92033a191cdc9c2803842065a959cc483abf4540f167d03db3107eb9304d03bab68d3f5a1fe3d23a006071e5cb4f65fcd56b3133c2a1e281fb0332d3097b6a9f46a8183f9e1f74b2989f0a046d167e1e6fbc90cfc030bd9c7c541ec1df341d601d5b7b6ff01a20eb5e02c5768fd1b192a71cb15dccfd1f05919c3d4cbe24d7e46f3c828d694ce34168013cf787b475f46dd91af4cab2bc98e6f0783cea668dc8344c4a21ee7b144cae136a4607c19a0c6c5c82f50ea91fcd03d89eaf6c8aff28da46d9c2235bfdb7eefda557f63c186f7448952313d486c7a2da3d687ff173b047f8f58bdea5754488670ba72d331d66d274b185dee53c869b7ea0be7046c1e2e3847dcdf2294425705993cba9122955bf45aea14fae92c21c21b5746fc80596903fee82f7cd1ada5bbf005b9e4cd013e01b3d48725e210ad3f99bf2e3fe8d7cfd20a8af3ae007c973157dd06276783429eb9ea92f372345e44f4c441f88c7f8b14ec195b064e61575b4fcdd9eb2f26ea715069a18b7f112245f4c1702d6a599e6fce39b0b7ccd2c272a461d9bf775810351f6d316581ce3acc541ac9b61249432e085e2a76a935ebbb3417ea40dfb08fa91cde92c004ceba2b2c2b516762a21e497b3a1080f4c54600a098dd993644d43bd636fba2d5bd78a5e5518dce0689347d948784a906229bbf4217c78c51d62c841fefffca0591f171294473c99d5513f29353d7d66e40b2c8ffb9a986eb34116d9a21088fa81bf7d109710a948ed04c42495083b2289cd5a38496230174f4a934cdd0c5e917d25de058c96be8cd9b8f663d42b9babe0ca73b9f11e3a5e8825ba78d27dd5045992aa1fe4a981bf800b386404bb85cc5f26ca05b5f59debd101b8f78eb2fc81a29a25f36e2d2ba26ca9fce66f257eebf1f1739644186668d37a041730a53dedfec9305afd4f990696bb291c9095f28b0bb583b6caaec21a7f9350c2b0461265060fb3d97421b2c16e19637500bd034cebabee68285287c708d23d96f5809e2715def19e57c7b2b178d48ac54bcdbc9d6fc4d9c756ddcc52d4d66d62ce132a0728491934310be3058d52ae1263ec7b11ec073381599b09d7a541aec21e44e69c33e7e4cb3f682597978d88ef9cc66b86b170bc22678d4cc2b8614d5948a9dcc1e92ca897a1c853a3c8974289d7bcb1d4d6058ce9acbacadbf2ac2ca8e8b311d7317b4814786264fb406caa3746c4a61a2ac9ec3eea8ebbaa154051e706546a178e7c477f7a25bea3816141a67a8680175bfe5a264e0c7afbb54cc4392fe1849ff5c5eb0f892717f4e4d09aadc76b8544b771dfae2a5fc6113abfa7c8c5c0cc15d1ef05cffbe9378a1331e2125860abf97a7bc4b0b612d3a530152e69101875f55f100a3b7f2b282c61efcf213100fc6c543c0837bbf2be28337b2681996225d8811b8a1a73f23ef1e607b6f344767dbd65e3fc5ab2d519de0d88e37bfc8fecc8fd8ebaf537701233f88ad86163265333f194f2ed5919fc8ae5da4bec5f56f3c75e3bcf123b446eb556ff3b95d192393feba521c9141a8d700591d94089d45c0bf3ee182031e9539f2d32d562e5651af5e35e0b44ae10d0173d57464d48cebe28d9a7d9834e94d6a9afd965e6ef4176f3e5e9b591e1aa3d0ded15ad1fb3d818fd3c3904e7bd0d9954b3acb09965ca8c646a697edc2dc3869f199e496c2a9d70dfd76291c458ac1f471d7224ac834b8c2c3c9bf5bbc598d5088bcb2871c555e24e94a06f33dee1b5404e2cfc9e8f8e0366e6d3a74f53e693fca76607ffc66feefa358597058754f855e45c97b6168ced308e04d154c9360cbe8437ca663957db84cd19bc707b659787f771fee33900dcd873ebf6e248bf371b063620cde2024e6911e2324ab50cca745e70a096b91bf4628c370225ef0897428bc3610aa9fc99618804d952d5f71f1bc2b4a33d2d04e54913276f71bb3ac0f8e0dbf4f3a6cc024dddc82a4aacd3a868a5c647e213b3556f9896ca41119b568e0bfc33ad8fcc035f208d815759354e05a5309e85db64acee03c823b1a187e88b00e054984d77a2bde0b27df63f91bfc70cc3d68f31d1b79aa8c3a07c52135734876e592a00ee621ba8841a6fe0833b566acd72a2f7456d3d4deec7bd4058dd6b8d13652b7f132ef82bd1e230776adb77cc4214cf6a4cb4a56c1533c2654d6633158b245d76e2a2bf2093d4cc3d01c120ef674a23c7e55056ff92c973834f0bc79d26db0efbaef53ce97e26760d71eb990ad55752cedf6fa2a6191aee3c7435fdef85f13af8dff4757e165276172ef97e4a41b6a58026b9ff45855f8b28eed52da3a52fa0cd1acce2d7cd1da7e1cd6eb983b93d581afa00f3e2d0b58363a95e8e43f1b3a638077bb3ab67a805867f50ad8e4792053fc90bee0441569571e7a654967e7128593870a0dd1be8549af42616bed6423afe676d851cecf72b0610a9fc1e52111e5eeffa91428247ef1128bd060eed55496b77e147055d15fc191d91296c17ec257b1043a97751d684cbd9ad90173dadcbf50c789861aaae0ff4fd0af51615af3f6cda2b8b07fed98c6e859484a63938a8a8030ede5a164e9a65120a4ceb18d80f78a933e5f76ec5a754399059f399c46a9dfe15dc1090cd7a5da06d930011d41dc1bcdaa5283d1fa14335c9195a873b08c6e610827a4f6a1bad24ed7eb614a8f0fd5caa871802f6dbf0bf76cd9fa28968a0a9f240ceceaf656619e974efa4861f5b686311d6141a6b902e1dbdfee4876cc22c6a07ebae8d980e1ec2db70ef513b01d92b94f3de942b8c910269083abb9e2d3f8183c74d8da48f5bed07f1b3cae80701b54b4e4636a4ffaf784fc3663424d2b45f92270cc4588b68b7c803419ae4156fd602d586b46f31682236590b9dc88a27ff46719b03770bb365ae716cd6fa4398ca594bdea0eda1b3c517b8eca5e0102474d44fa87a2ba0c5ba1cf2006338960b1fb76375852e1ea169741a5ebbd055e5e781d3be2c060031a41d6d59c5447ecbf741adf3c144e538183ad514e03e6a756246ba5cff85efa969dfa57ee4b2ea69a531154f1ca81d6e44dde500376fd54db3aa19e275792bfb8714f37ab0841796e6dcbef544bdd652b3f34a47f655ffcb0b0a2bf00357dfc52c0d42ef1e804cb7a2e81e3d25a5c7079d0c1d2795d262bbd870195269bc1a62bfa60e38db88b8f9225950e4f46f72fe1471c12f0be4e207f5971b03ca9a4d5e3dbc40760c6d2b4d670bfad0124bd8db1546109647daae205ddb432b1b2656d8bcb9b5ca33f600fbc8dc625af09e6c32ca2384b3a7d562b01ee645420aa7fd4ab0e469ca0a03d00ab6b75796988b545dccc8094749cfaf7853241578719f4bafcad68c068436e0988f5fd3aa42f7dfaec2bc5b1b25bb50f76459eb5c03b541f02d2e5085534d1995016a4593e86e0b842d0f18dd278db5f948004764e981bb27bb30f5be10b0190932ab19df8acab3bb557aaeb8e54e832d72f76d8b70a25e43e6b3051e65b812d97034474b92468ca9df86957df8e5675c391d378859d2c9b4865321c517922f0d43f1720f2e5a7b912f5e4898a17b32ab3af02700495b885b730415474f674d4619cbac356f5ac86b1b3ba0c7e3cf9a955553b98869206a9bb7853562d148b4d9b551b9d857a8b75941c4f470696036827e8f29efff80f95a3abcd64e9cafd617fb6c2c7ce70a567699734a9eeeddb7309ddec41bef23f30c26cf0aa42c5e3e867a28aacae7a3076ee624e229ce0f5edfdf01fad6214eab455c3329321668531a51b0378b49a4680607e61af56664728e6a5013bfbe8833c5a0200f7c16bd99d5b1ab75cd920722259bd58fb08f6596018a066946e58bfc57d9c3d473fc631a7a6e20ea2ecf56da767dbcc7e65dcf2e74202a9047d182eff58884047930e24f0c8e4f6c533176400e916c545835ede0e3b85cd3e889595602a523d8f91cb8121987f8e66cbe20ae3b4fbd4c0b9d4e32595045bcaf8c4e20f4795d2bbf482f863d7d7390de2d312807a7d4accb3434048c49cea42294720a76004ffccff9215a58dbcf741d5e717e0dcbfbebe2337fb7cbaf1670f71634689332d9ea570c192a1f3b98aed667c7ff08523665517fda7f9c61be54c6f03d7bc4279bef1520cf0a26bc415beb748e817668e0e7d1077818710196f3423247ee18ea71b025f9366f2945c1e6ab4a12e5008eaa67594bc635ecf9c624e66cddb7edfb28db13e770fe25615eb0ac3dc539be1334dffa2e4c5b7ed4597dede4114608a4cd411b3476652fdf65be78b5dc061d05a0622c07e6dc970cd5b356d5ec9efb3e872a65094ff6138ed13c5eb23c15ac7d53dbbe48a0e58510f483560e1c6494ee54dcb1c4af28a38d98904ff619f7ff7a0edb23a5af8cc05ab5fceab1f6e5ae5bc89ac35e6441477ebcded27d10033ad448e89d4b2bcc944803d0be79e7cdf212e0433b4a80c5d1975c4cdf51dea083ced3a1cd26a6af8072f52018f7d163b68d8798379a33b335ed1a96ab6ea797bc891b0c5976565288b6e5315a6b6de8bc323f2f8380de9014dd2e13da4d88bd888c350f9e02b0660c0709ddd6ce3e1e0cd0994f94b88a4cb015a4900b8a744b9e12dd51aa224550dd265c34d2fbe90a95f23d66f5628167ac2f0ce5c7914d184def", 0x1000}], 0x7, &(0x7f0000002a40)=ANY=[@ANYBLOB="1800000000000000170100000000000000000000000000001800000000000000170100000300000001e3ff00000000001800000000000000170100000300000001000000000000001800000000000000170100000300000000000000000000000000000200001701000002000000a3000000455df8113ad1cd37baca9f51811af71722e9ae94ee7052c6d721621b53a5fa2353ace992e150b63a3981f22348cd1ddf61d1e50f7f837f870b06f4bc1a0fc6092d61f204771bb021cfb03e47f9a452a4682cd313a85dad4204565d44538d2f6f8ede27231cb05eece0897dd91616540bd92d72d319e1f992eafdade32cf403d44d4920d90b8b3a53cd6c9ebffd04923d2a1d791e970c86eb057ad1ae2d582a0390ccea000000"], 0x118, 0x40000c0}, {0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002b80)="f062768c1bb82dd0a2a5b5e0449ecd46704336ebce6f3826ae6e696b", 0x1c}, {&(0x7f0000002bc0)="39733902f3", 0x5}], 0x2, &(0x7f0000002c40)=[@iv={0x38, 0x117, 0x2, 0x1e, "8247a9617c5f7375d90e6e6d7bf26943224e180e806603be9fe5bcdeeecf"}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x2}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x68, 0x117, 0x2, 0x54, "67680f2315e50d62ade11f2ac8c5b2dfcba455e7226da8234f4cf5247ce1efad23e80764f3f237af91d16fb0e72203ae8b96943dd7031520e5ab8ff1e38cc9f0c21dde1affee43fe46152b1ea752d5cbe0b057a4"}, @assoc={0x18, 0x117, 0x4, 0xfffffff7}], 0x100, 0x800}, {0x0, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002d40)="bb12718c10b090b22067aea6a301f225714e27bc1d3799896d3ee1f0ee85432ecf34d325feb131aee63ebae264ba3b21b3f3e0f42436304766f73128e97c779adc8e", 0x42}, {&(0x7f0000002dc0)="6ce2c809419b772c7708af39eac30343b3c267ae4397c5ced8160184d4f8db6e8501226d14c80515da28e0c2c28f465b6ac9ccb522f14fddb2164a3892b2a45d8f4cfd8fd09756fd9ca1cc09f238ce3ee76d45fbd7536e3d6c", 0x59}], 0x2, &(0x7f0000002e80), 0x0, 0x40000}, {0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000002ec0)="72f2846fb3f8eab45803647aa6ec0e139e9f3ff2b75fe58a44af768c2910fb92ea79547c40e1f672395015b5b6a2f5d308977ee07e412a3d5e952fac71cf4a93087bd62b39bf103600e0ca6f286ccde2029a063830f0e3c2118dedc090884f6b6433673e240cc9acc591a3b3faee848d0874e701a5f5cdafc7232b55a47d05ea1e4f7848a6eae5f5f4aff079a88a905f4a918e4ec911a122f97a94759bf327a1b6c7a49bb68cec81dbe3e9bcde2095a7505ae9dcc91ae455ee4060a694a2476c1217f8ef0c0f0f4ca9da24c12071a6063033534777ce487a4bd63b78fa0d4df5dfaa9c92fe", 0xe5}, {&(0x7f0000002fc0)="075fc7f63dba1dbd800c51bdbc6b68c4eaf7153de7a08d34b2db3af51f36f0b56fa95f19393e0cc466bcf8bde3edfbde26d230d087c46f55bcff1c9f652d39f3f8b22a69f56c334aaaf8faba7fff81dc2f183fe5ff48099343987e6810d0e799a69cb4bd61c536b3a32c90bc399b6cf2552ba9902207377238eabc73e0533f30b8350acfaf3dab3773c8265975d49e9a1b7578c5b6a87a1b22464beb16c5db793eb806b81e954022c9384f668ba430fa201356424f736a41b6efd30edfc64a0dad9eb677cae304ad1f610a60ae2818fd316b950a23", 0xd5}, {&(0x7f00000030c0)="a9427f5b2af0d6028d87cacee4759335f25646c724e0350dfedb880affda540bc16b54073a58c36cb17c1da26f2b3536725744792193eb09", 0x38}, {&(0x7f0000003100)="d138d8324a3589bc8ba87f6fac77ac5fc3817f655b0cc8dcbfc918125e3b70cccc2e0243219f8e", 0x27}, {&(0x7f0000003140)="72335648ef9fe6f378134c07d349553118d2968345afba398dc230e64bc503adb7cdc0c39c5d3abd53b646fff1467122db7021c09928845fbbaaa9a6289b44b42350c4f5baa54f7d301bd51177dc74d3c5de83df2ec234dfaad096b1c844673b6c47d7eb312b2f67ac7c82b2a126c92d4103390e6e6577876929489d9f648825", 0x80}, {&(0x7f00000031c0)="dbeb837faf1c566ddbbc2803ffc2895b9b9b5e46001a4f68e0879f2f6c77d4de8ed51f90f8a81acfac90442550f89f9d25", 0x31}, {&(0x7f0000003200)="4bea60b2846a9fecb209d52abcee54309590399f9c4fb91e18dc7abce745f2b99697ccecfe16f3fb050e15c7ed2ca606f2cd7f82a41f6585a58cd55dedd853f366c8eb787304b7e8ced964bb386031ec3ed4087455f2d61489c9ec7f2d846799f3406ef3f6a4664846e1edd9f64b3b", 0x6f}], 0x7, &(0x7f0000003300)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x3}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x9}, @op={0x18}], 0x78, 0x20000000}], 0x6, 0x800) r5 = creat(&(0x7f00000037c0)='./file0\x00', 0x156) sendmsg$NFT_MSG_GETCHAIN(r5, &(0x7f00000038c0)={&(0x7f0000003800)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000003880)={&(0x7f0000003840)={0x1c, 0x4, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004800}, 0x4014) 21:43:04 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_int(r1, 0x0, 0x31, &(0x7f00000000c0), 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x0) 21:43:04 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:04 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d001400059a7a000000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f0000000200), 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000002c0)={r2, 0xfd9}, 0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000000c0)={r2, 0xf3, "5a1c44bb05c78582423f0068d0493b71e614e1b6d02867adf36fd64128a1efb8dc69d03c508752bb276b8afeebacb3436831e1f6bd682ec0960aa6d63f1404a9814ca59a1c156b347db53193b69c116a4492302449db9dbdefc365c4b529aba0bcbe2337b0376205b327a5a7e882dd7d10f317a787555dfcb481570dbe2aeb0d983448f01473a77409ec61a9009a05158bc61fff29c889d00cd8e748e08e3bdea3eaefee7cb903af29b7e139f006bf38ffb3ca292604cc8f8385431552615bffb18d9a1bd9196d0cd97bb79e4c12a996755123297a244f4c78d6d4467b4778b0fcf16c061d556cc1141abcddc46fe928d7b321"}, &(0x7f00000001c0)=0xfb) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={r3, @in6={{0xa, 0x4e21, 0x4, @loopback, 0x29be}}, 0xb363, 0x200, 0x5e, 0x401, 0x20, 0x85, 0x40}, 0x9c) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:04 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(0x0, 0x19) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:04 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = accept4$nfc_llcp(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x81000) writev(r1, &(0x7f00000001c0)=[{&(0x7f00000002c0)="9b4f090181472718c291a2b6eef32a995d66bd38bcfa77222dd929ccdaea0e782fe8adaf0b6b8c3719dacb0a143810ee795cfa0f44b62565dbdd42581436ccb126a69f2086fb98784232a2fdf85b82579aa8e351ebeb04262a8e3016611729827af44dfe39213e4deccbdde202cfd5b0f907d2bf9520914dcb4b639e5828460843d3e7bc3b3276e737882b75059243a59882915dd082f6358630eceba9cd17629bfb63194b0f62fa74816cb51d89c94a4a40121270a6b0f00f4a7b17f5280ee01c87b1f14dd1e84a6abdefde9966768fd33400eaf465c09efe4612e70c5cd418db0f3213a8d03b5046b755e832c3e29fd69be39efb4164e9e473a45c5c739ea2f238277d825e5e602e0aed89fbdc55fffa2e802d4a5de4e40786f7666b179fcb551b89f4e9f45d7dd6547fd1b45cc88b892200553760c989ec9a32d8c83e231e86ada4ea23b85e996fc73fec58af3ce23cecc59f494e8469841b19eadd879661fb8597d2cea5efb34fe16f6a0668d661822ebe76243eeecdd1710ef334632bd56186a2ee98ae8e9d27470301ea6ad1dd7d95f711376081c2600d5d72f04c0af4a18aef987a25efb849a1edcaaf18b63f3a4e1c160f03da3a63e4292c129b9c2d3702a5ca69ca5b0f029d5135e0e107890a84356a01f933c6b87d0e9c0d7deffef32a4b798c55fdc383dd4b069809d2c954c93bffb5c4834052c22a69d4a1a4cb28b8ea38ada6ab0b0b0cbaa52149340a0f288031e04b87dc50a4d40ac418c8751e2e52bc863b68bc20ad6ab24bcb16442c2c73d2dc7d12a948c19b960010cb318e3160d98b60ae328772b79172c1af0fa06913eddd5069b255650b7f30ed64d83246ed47e7716747fa26d108de0820f4c7b8bd54cd45c71c8d79ad495414e0054a30dec9e1b07507a89c7b222b4551a4315c96e7a5be136a7b6a9f1738b61cf7831db57d0ccfd8c4f4020b55cd73a4a59c85dbdb847e4c194679b74ee1d89b3134874c56374d51c60540c62bfce74b95350ac23aebfa17265a653ca95d27e94b5df241719d78e06a4fe3f2132f5123888185881cfb838b83f46fc8f4d4af6c6dc4b8e3870f17bff8c2bf7848f39eecee0b3bcb5bdf5e97ba558623b0ce302a5191c119ce03c895f19a3f826e703ba89ca91f19462246d967033295770e1fe3f1545e401ca317cd59609eaace59e2afa1cd71cf5c1bf04a93a52bce13041164a147c7e6964c3cb197bc42ee075c86ed5e07b27438a4cc556ecdf28d3c1f7dd3760f51aca6482ac29e710d4a62a61da06a274b85162aaa3a61a1da7444614f64d852d546ba9f03578332ba56f8c6749858e349bdffcc90385ddf0eede8dc63d49f2a3358a98073329bfbb5e4bdb6b83a1d5ff3fd7194261b22381433fa8f27bcad1cd7f95ae87a983e6e5e6726142e0467e0540378d21e3a4178ac56e3603945c413701d0241eb3bd425e13a780d8aefa6bbe0cef28be95122dcebeb8ae48fcb23f1b10535253a6e9a58a7bc0391d5ba35d5c72c1bc7368f4e6fa8dc90eb60399cc6f598a69c1f0a5d444e392d81e0e838bb905ef5e02658201b8b077e70feaed75ab7aa7d03c6fb559f60d1f05c391b74c9c7f9c6e1d319013c904db22025fb0c8d596ffa730d88761c38a4d80736c200a2832389245ad30b5f0ca34a73714e2e9b88241076d9ddc1d4596ce706115e044166c3240a08b6ade83e3a87e62a4cca9fd191a57033d73384b117cbf1fd579b57e88725ef4790c014a9ff39d297bd854e3ebcde22092dc3beb4375f40e1ccee09b2be9e18fce413a80e759fdc3025888596d20f47abe32f448302235604dfe14aef4ba1818d05814edc301b51a9bb242d08360640dcaf5763a317e7712f25002db3ebf1303d61c9ff9451192b7b2017271639c993a8a1df3162bc0be10fe9ba214e11942927a3fecc0d430ddded4dadf09f176d0da01e1adf93d3fa1c5cedba1325138adc9b8051dcc2119f20878aad35e395fc8f77c4b340bffebeeec8c1a42ba7a091414d748ca8b1b0b2f8eb28165fe39fc6a0f2b434a90adafd2d22131ba06ae44001c16c82eda26c70f86ab2a5cc28fc0f61bba072f0d645960dd389537d13093571c6a2a52611ee3748c57367ec048fcf50b2e601ce5f0ca5567201e5d0d354e7895c6bcf9e33f898aea4b91fc3506c5ea2707f17ceff063c13758909d143959fa08009c33d316cdf872aa40915a298cb15b4290137329ae6d48cc71b172a79ca2d5bfee76c979da60f2edd42d7260ed46bc87bcf2767ba65482fe3016c2b8e0be7ceea1a8c88461d4426d3fc2b3f51537f65fcc8e006855197cd93098dbf92a2565fc3fb06cb1db88ae780de6b195a38c44a35d9f998c6a275dabc607461ff5d331fc5345b1c4fea1e27648799c34d3cb04caab8dbe2df3193e124e3a6bdd980edf913cfbfb1884afcdbfa6dd34ae7e806fc160ce3be93c9aa13de7c6dc6efdee27abcdc033e8965bb09e017acec0d7d43fa3cbfdecaeaf66d0ac516eb108db32a24be450d71aa7f17a5a09c6ef5e4cbc0661d3f280a1afea90ca9fb8587747766581e67550986ec67604028da62e805d378b48d7455fd5ddcdfc6fcf29cc88813a5753daa376b6c7e92111559d4099bd45a1fbc9ba3f6de88dc1ce6f596c527d050dc24dd9d0697956eb768973f3bd6b7cbfd2e9d8eab9d2224081eeb76e1d3e085e74aa41022d6fa53f1c112c4c6d27f06b7269e1db38fe8b0e7ad92560a8b752513356d4ab2f21e96f2e477ad2a9306d5fef796182831f908e285d6ab577764534b77c51eefbc1ee18e1482bd2ae6210c14f26393aba4a7e9950d93e6d4c483874ef3cff45eb35134c0145f03c27e55a72dfd9b01fc772d7cae0bbe4d7d4fcab786e5708e7de3e1952025f98bd72ea5de586750e86fd7a22ac140075335e58c2de90ae2957b13695cb276238196d53207cb0f3e9a9f94c0f0b3bd3be49859cb751eda9f628c45234f47b201816c183bf9a6439db7ddc2df7f78e2e8aebc93f73f2abdf0943ca58241fbe03662f468985067ab23e4da1a0d1f7789ab2ddedb57c08e3b600a6d33c8c62d1dc08442f6880a861e7d3ff7f763c26e09ec8b8ff32d7ded23be3cc4c2bec5f3bfd4a02a7653f1f53b9c28affb2101975e1006b91261f0ef8a7fdd356c57cd040dc528fed7dd601c2b7e4b70878ab2ea1cd314608146e4081abe814b368c27c80027ee1f990eb960478b9697d38e0e9435755f60f69e1bdb891aebeb1b9f920448ce0c892e9b757061c74fbf10c50579c6e2d20cc428b9ae1719d8336cb39c97948bef3b3ce2a33acdc9755e252748d81f3c125f7850efe3ce4dc8005b9da00760a94962db530835fca58a58f950e86532c28e34973cf93fb4b54737f467801ce6d7cd797df9157f52c80a92e6b22c3d8067abd95bc1b6b8bcb4aad0417a4d4752eb9432b2540b4d02905d6849138ec320ba880c559cfd483156e9ac758974d7c8def527634e4c3a89c7b51a4c9fdbabe8559ac8fbc62f16d3d8a3c04569d96a2f9e4bdc70dd5e1e8d192b7a579160ebef83a6fcdf5cc4abc13ca1226bda7c74fce09ae7e087fd0ba638711133e673d55b57317995bf22eece913e88b66980f20be3a0f267cb9c1272a1421ce5238118daf32684ee81e6ec3680b60cdef1531afb840db92dd03cac11abc47ddb5648aa2b7b60b3bfc331960ac22829af59e75c3822ff91b5207ded7fcf493f2ed84babc6ad27992c93daeda58b236e3a8f710e5ebe99bcda7695608f9d251ed91e28c1243a0db306aae31f61e8441efb4364a26001fe810c638cc6f757533f91322e0b833784edfe2872e6ed651ca28b995a41c4a127a1474f4340e5e833ac8bf50157c0779a891ea3780a2b1d045a9d8e9abbe24b4a02604c2dda3ab7b2becd64e162165c7c2733306b9a7f97865f421ebe7dac74c59c84e9e2e329003498852d49856088708d155d7520c9e3fc34cff9d933a9fc82a7cc87b45d8bf74139aab701df03119cb25457ba269250d7af73b3278edd03f1fd614f9d126a81f03e9790dc70ee10e58fff12d8576a93f6fb09021f49d1199afac278247822a059fbb7bdee1dd29883f52fd0fc06076abb65dec0dc947ad2375535a2033cb5f54a3333400838f031ca5ee49324ad7a68d191d176b6bd4d13754995a9e5b0e9d7466945431b84df736177d1fc475a13bf57afdc313a8fb4cd996041075d6f8b77be16f374fe8d0452d5bede418ff7f52c2028130c12e82e8df017833423cbd336afea0cc9cb1a238e24a6c31705ea8fe588f4391bab344eaa8f2f7c3f7e6e2adcffd072d1e1df3835811b388131133913acaa21fa04116456afd4db6198fee87efd49d3aaa5c28844c47e6dfc9d88362eb786a38322317d4fee0d8fb376473fbeca2f40d49f171284ffd05925fa5f4f0ca45c181304d95188f7c516fd1d7f8fdca42ae27dd77aa1039230b9e467f20a6029106538b0fa00728beac1cbe26fa84a86a18860d9b787a05625d71c8e39bc6b022825875b04bcfeebf72f213f36583ee5ace71a21e238adc7350dc63fef721100f6c32da054a6de0416974fe9c62a5dff868728dd003ddc66c6f31cf502faaee5f9a564825d4b9e0fb03473a21f951a4bfa473ccd36223c40f6c2665484b31754ab2e716c2b1c210f310950ddfc42e2241a2667262f6cd2988e57ef256bd3467f8a69cc12a5805fd6c96b7bc216fc6cbf389f2351c588fedfce77546cc31becd99bd86d66870dd34624ca9bd7d840e9ec85ea85e5388dfa77223efb4df5dec61d0d4dff524b8cd82083ba3c08245f83a4298961996562c1160c238c1ee7628c107423bbb0817623aa5fb76e41f2ea4b9ad3c86718b40b9d25df427bf274bf80f9fa54b0eeb6ba789eb774752ef9bbada999b902f74915a28deb0a0878aac94f3aefaf0764f2fbd3a789ad313f618fcc0db8b4b24a72ec2ad433e69355f131e6c2de4663bc58d374319b68f658aaf844e2183aae9c738f16fcf44458201c8766ac1c70fef91a4a9885d69fa8173d5bf98099ef4af54b9f7d99e12d50aaf1bc9992014b61f7dbfc0532d995b45eb1e2925c72fe685a16f8561db50afa73b8431d95d344b20b8052791662029a1f3ff9cbd7e665a3888a1632790a3cd08666bdc8dd25a096b933e21d29f361bc6977d1de978fde2fde8a810df35905eb5042370b2dc6248e73fdbb1295f26ebc8a066660d6e41ec97e39c63aa1185c55f67821a2d23e56ea989503faaab593b8c3323289af39cef4c8013ab949f8dd6fd47e055f09c2acbedb48d20d68a4e8278707866e791c6c878105f68e04616d14244ac2b9dd72f065ac4be4771495ffc903fe3bb7874a3e201a44f82a9a08b7f62f1515fa6d089f95b259717a0e2b15848f795b6d13943792e032c811cd939ddf978a4f5cf044c78f9e9b2aa39430301717d54ebb1f1929296134b763cc25f58ab75860c88b02d681c5a6b408065129ac1a09d38e17dc0f12e92ebc9370d8c9561fd2564e770557d1cfa4ac2564835a19ccc849e1e2048dc6c526057aab80e287283dbe5069015cf0d45ee958d65fd5c7024daff744cde97553fcfc9ae10d46db7fa6f33ffcae5185518c0d0d5f6cb4342d36610e27bdc33b2226907a1ce9b0e0aea2f85096fc39204054d95b3d0334e6943302a989932445233e0ae9198b30070eea9496e29dd81d08f829a1eebbcfaf070e965c8ca5da0919b8e809575611f23ec27e34b2dcfb2dd6d5bc97e20f7de6f0ebc2bf93270a97dfc7fbff6618338d2e59c8955cc29b9b85db06", 0x1000}, {&(0x7f0000000100)="c4dd4027565c14a5f611028bc6ffd77ac4860848bb1199667de68135a9e8ff341c4e34af9d43e1c5b172f455bcb1fc4baa4ac8a2707fab88da082c33c6426a1081e0947bccd7e7674f4c1d6e22450792d4050b8962dbe22e6584a1c22b3854403441380bcf1bc26769b707cdb4070de05a497f466a44ca8880f5f5", 0x7b}, {&(0x7f0000000180)="fde4a8651a7971ca266151da1067be87179b", 0x12}, {&(0x7f00000012c0)="eaff3f34c7537d6e0543b96e7da51a58808090e0752b17abc161cdb542ef8528cc3f2f70ad219743de509fdb8848bb0d754b6a7a01675657cf33cbb94a11c62728b0689be28f729f1db293bfea0fd424714b2e6e80d1c32e118f068fbf7f5164f54acc8140e6e6dfb1d464a34f3fbb95b4c742b1c9491da17b6a0ad1088fe82702e034cf050aa35de703da94d643c7844300435cd786982a7a5f44", 0x9b}], 0x4) 21:43:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:07 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000000100), &(0x7f0000000140)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x0) 21:43:07 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x102, 0x0, 0x0) tkill(r0, 0x16) 21:43:07 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x89) 21:43:07 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@CTA_EXPECT_HELP_NAME={0xf, 0x6, 'netbios-ns\x00'}, @CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x40}, @CTA_EXPECT_HELP_NAME={0x9, 0x6, 'snmp\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x2400c010}, 0x8001) 21:43:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:07 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) writev(r1, &(0x7f0000000300)=[{&(0x7f0000000100)="e32bf5e1f404296511649dc502ed425c424608f91ef9b0cc44b9e4917e38533c1e7ec01c8e427641d8e0962a55c94b511df92c61e21097c5d8f53033c12c7e75ee6ecc0a9535eb6703e9ee63c276a2f5b9e49dceb4df745a099659c3af637ead82169e36066265a3364e23e48583e4abc224aff4b17a30c7d2b4bac7522d6f81c5c9fb18bcbc06fc9302c3d7e563a23a3cc3b4931eb321ddbbe4760e4b7f1b9d933c9da79d34", 0xa6}, {&(0x7f0000000000)="c108000a88c71627ae8b876fcfacb6c5688df14b62072826c5da", 0x1a}, {&(0x7f0000000080)="af042f86324351602e7b4d33", 0xc}, {&(0x7f0000000200)="7e3b368bd71839fdb80bd1762dcd6c27f8e71d1d6364587a8e2d23acaac1", 0x1e}, {&(0x7f0000000240)="20ebe13c17cff4d490d15e5d4fcfb02c7fda5b5bba9490beeb2779f1e0c0db0c3d", 0x21}, {&(0x7f0000000280)="517235fe9b8ebc61e2bd623e9a0416b872e39b73fc2218063f59773d67d7bfee2be31f0b21616c15b2e4", 0x2a}, {&(0x7f00000002c0)="2be2390957dfeb6f2e5d8b7580aa84b9e1e3", 0x12}], 0x7) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$NFT_MSG_GETSET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x5c, 0xa, 0xa, 0x5, 0x0, 0x0, {0x6, 0x0, 0x9}, [@NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x2f}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x20}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x7}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x1c}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) 21:43:07 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000000200)=0xc) r4 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r7 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) r9 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r9, &(0x7f00000017c0), 0x333, 0x0) accept$nfc_llcp(r9, &(0x7f0000000400), &(0x7f00000001c0)=0x60) keyctl$chown(0x4, r4, r6, r8) getgroups(0x3, &(0x7f0000000580)=[0xee01, 0x0, r8]) lstat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) keyctl$chown(0x4, 0x0, r11, r10) ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000200)={@any, 0x5}) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRES16], 0x1}}, 0x20040006) 21:43:07 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') uselib(&(0x7f0000000180)='./file0\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000040)={0x29, 0x3, 0x4, 0x80000, 0x101, {r2, r3/1000+30000}, {0x2, 0x1, 0x2, 0xa8, 0x0, 0x8a, "7b818205"}, 0x10001, 0x4, @userptr=0xfffffffffffffeff, 0x3, 0x0, r0}) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000100)=0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[]}}, 0x0) 21:43:10 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:10 executing program 1: r0 = gettid() r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$user(&(0x7f0000000480)='user\x00', &(0x7f0000000280)={'syz'}, &(0x7f0000000600)='\b', 0x1, r2) keyctl$invalidate(0x15, r2) ptrace$cont(0x20, r1, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x4, @tid=r1}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x989680}}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e21, @loopback}}, 0x4, 0x3961, 0x9, 0x3, 0x20, 0x1}, &(0x7f0000000040)=0x9c) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r5, 0x5, 0xe0}, 0xc) r6 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:10 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000340)={0x68, r1, 0x300, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={[], [], @multicast1}}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:crack_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}]}, 0x68}}, 0x80) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000001880)={0x3ff, 0x3, 0x4, 0x400000, 0xfffffffd, {}, {0x2, 0x8, 0x2, 0x0, 0x3f, 0x20, "c50e0621"}, 0x80, 0x1, @userptr=0x100, 0x42, 0x0, 0xffffffffffffffff}) getsockopt$nfc_llcp(r2, 0x118, 0x1, &(0x7f0000001900)=""/4096, 0x1000) 21:43:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:10 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:43:10 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8a) 21:43:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:10 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}}, 0x4040) 21:43:10 executing program 1: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsu\x00', 0x20200, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x12) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@dev, @mcast1, @rand_addr="657261c70996f4e1596272e2ec4688fa", 0x0, 0x0, 0x0, 0x0, 0x0, 0x20c204c6, r3}) r4 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r7, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r7, 0x40086607, &(0x7f00000017c0)=0x8) getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x12) ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000000c0)={@dev, @mcast1, @rand_addr="657261c70996f4e1596272e2ec4688fa", 0x0, 0x0, 0x0, 0x10, 0x0, 0x20c204c6, r8}) r9 = gettid() r10 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r11) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xee3, 0xa, &(0x7f0000001640)=[{&(0x7f0000000100)="09be0dafec6dbdb89d780d4e1d03e4627694da17dac0eb5c93d5e1cfc207e4935721fd06dc8cb9d4e678632fcd1ba81a714f1a25de4329dc31298c5878e8cda4cebbf0c02ebc3d0382888600078856ee0bc8c85be2d26d994a0050cbf466da68226e0663d354ced6799330b1231cbd9aa9a997f6266ac27f8f07", 0x7a, 0x8000}, {&(0x7f0000000200)="c507532b1647cebc714a599a49cc7dd3fed50a38b2c70f9f50e88da60d0c43b96f2222278c192f537bd72de6191447547ea7cf97771f7c9e6cce3f5a50e42de8fb67d362a24751f2be9014ccb66487d549738a1b175aed4e2993b6e9cea38e2a86d8a9b114ea9f02286b983f94f06b8087fd382a4c20c1e3b8adce7c742dd544b323489484728486b4f2cd003e62f9faeb8477e4645eb403a17f", 0x9a, 0x10001}, {&(0x7f0000000180)="28ab82439893fdba6658431a74c8e04b", 0x10, 0xfffffffffffffffa}, {&(0x7f00000002c0)="b5f27c2eb7159e11c4cf041e8a2292ac9854211c602ffa55abfc572a02835d64f7b995a86ec15fda736ac969f55dafdf74fd3908ffc7da04461ad916aeaddcd2c7ec4d5a8916310382ecf54960502495b9bf18479bbd0d3c82", 0x59, 0x3f}, {&(0x7f0000000340)="3f9a0a3749603f3fb29acd6c36ea652eba046877c7449abb59c4ec3fd28b636ac474e5c8684e21cfc4e47da49df0b90523856a4a1c3bf936e5e50232afd0ff0ecd648299e528f160ad0cc514a09eaf606d573e08f458a1fd97f13247df65dd1ef167058dcbdd43bf0ee75183da88853185fd705bf25f3e9846a83ca0b029e876a1d64e9781b41cb3fbe1d7bf4502b3f38a2dcde4d0cff7571f3bc9", 0x9b, 0x9}, {&(0x7f0000000400)="58f4f495eecef252b3a6755a72f921d78db2c32c0f7ca9e7bdb1d02527a1132ecc4c9db80d49756479208741c76e4e70bf49", 0x32, 0x3}, {&(0x7f0000000440)="b8659472cb1f370edb5393d82d923d467cc884ec383c688067595ae0b41581a2d838f13a887b0907c97a4a3f051a6ac7a9f18f31646307f6ec09b7f9893f0366c1d21153879cc0683bcb961b134e8976105b8f250c135c6b0b332aceb1d7c87c4646f45f0815be4b729d48514004a2564c8b4919cb8ba16258a41ddbb8704d5dada146acbba426c7612b1ce5bb2ceb6c0a74c57ef16546e6ac5d6254633bac5320c235d96a5e6df8d82e540186e93967cdb47cdf4cfe761fc2219ccb77a1490a6b762ed15782b5b3a68d82e3e1f62263344515a623a5e9ba562d1fe10f90d50a6175f1cf9fcf658ab0fa58b08101309cb07fd164899b0e1951c4811d6cfe7905f838ea6eea84f3af995aaaf6b94bd73e3572cbedb5e693ffee26be251fe8d75081d67e766967f37e1e791d2ae4d3a0a33584d0465ba5dc39021f264797301cee240ee849c60dd2c855c67d22c3f3356016a0470e8d8f9b88423f12b0f42afd3652e2237b73679d729c0fb516c3fa3818a0dcffb3774fb17b58ae1fd93507a70b8f8fe4e4596696d8acb8e35d8d533eb99498067566c00c9d8fa6c6d73e80192a3e95d72f43654a0e4efb7e321948b951f1107c3afdf0c9b71513278be76ceb6b169eb48aadb1801005ea13fd7983675eab0a258f3eafc0bea8fe2f7f7bd2296942992233978aaa76853370deeff7e258e5eafa23549d40c07c1039f0f72a3ed14cd967470560e9a59a05e035184dd6384afbecdef81852d78068510116f514841447a50555e83f87f484158d18719b7dc6dc48789740f5a5414a889ad3cc9052745bac72598a7229d7bb2c6fbcfba93d7566d6569736cc1c4aa1fe85626e2ceec6ab13122dc49e77dcd618404331717affd6cf5cb7dbe705ccf7ef6a2c449d10519217872f81577bf5a3ee25f3a0cf51fd1ec04948605c82e264b26d9d90baff8ca6ec8e112729476925c1da26c8f62a86cdbbe4439fd0564278c92f0ae1c40097e5708450bb3b3b555d65688f8ac338f65fb780164e14d8b523c5cc6dc6e115fff2b6e133657722e9c4e4eaac673e34dd08181399dd7057d3e888d41a9c4b021b1ac36482c29618efd112c0d930910b85c9b9b4457c80abc737d157d7625841af79cc4360aecbf864024c33f8385949c929eec8aa3fa295b41365241eed7cfcf2b7abe747fdcaa59f99fb0a9b036841d145bf350d67a3c3ed59d8986e3501a27560d4c1db8ae66576f497b8d03aac62619198c9f9c1c48d9e9afc38281a82f3507d4d39c3aa5a067eea21d43dcde8d29522d8722d0bba5a9a1bea8555108ef460e66787561a29b24960877561d3f1d0a0d3b5791eadaf6b877cd6b60424ff480caa492e4be0126c65f78f8c2a42f965dc9699e8d4013793ea75379a70369652c7db4310e6ac27c0919981531fab8076ae06671da13f0206c8af9c236ac6927dcab5385b78e4ecbe53521ba11cd4ed3c139754c1544b7aac2c175cf92cc59ba7aa3a536765c68c8596db354adb3fc0044cd4090bf3216c73f79382c70621a19ce3eb5d865255b528c925f2541c004661e7eddbff8588be47b6d989f234d9d4b51a388cc595f60d3ec9ce8ef1e6446e4c9e623eccd92d6166cec8f6aeade5bec1aa0697eeb13848b911b32814aac49848cf98f6e579b8509b510784f5a0ce1f5c2d419431fc9f349115c68ba781ff4d045a363dfebd2337735347e5e9e48dc2b77bb4e6e23ebc258b42a0bc19e8769fff1fdc07010932e5de645562bcd1c7524af7f31ec8692b7c2d37d89a2b3b3f88937187258c71432f0a2543061fe3d9ab0c1c9a947945ca876c2c8a89c3ec60f0194a85997bfb493a2e361c822583e1d48422831ca47d9087cf09917fec84effe910661ba6ab5799e42a95ca7a211bd54c0f603b63c706a435638dc7e2e2f45567fa4fbfef764c2ad891152fa0df06703617baa515dc21ca1ad19c8996322c5e55a7ed4ecd24115a2d5769a2566533e861dc56aa69f7ba525c6691afbeee6062f87eb98ce422d54cdfdcc76d8460227c18b007a803de2445eef354c1120f9090ff0a2ec76a299a06222eaee5ffadd82a2c3642ef71889a489ad68ebffb62390f02349147ddfa3024ac3263ed9e5346b69ef7d6d15caab643964c885299f89ba99e86dd0664cd423861649225df03bca33e879d80f7ca69af6786aacb968f2d5aa4ce0d213b227f4360ee903408ee7eba9fdc394b3e45c0db6a026c6a9ac677c47b11bbb6bf0a6b4237144412cef231a42c56d4a72a117dd3a30db2bafc74e913302c65e20577c73700c06d5ffe8f4c1c22034dc5676db508000db2cf416e1dea316f9d06ca6a83cc8cdc475c2c529bd6d9095d23b5198ce9b38b0abe401a61443d2f2ce7599c0e8191d5aebe2021088a31272481e2097e37c9723bfcbf4464889a879dc7a06c6a08b14c8bf3f46facebe2a292fb20c99a7df2bf079df453e4cce4026a2fbd146ea0b57755e9aac9ce2529a2ae0022e18ecbb5c764e5383a9cdb4388873528f83fcff8b6b4d7bc96ea817c62a010263eb09b59bddd5c9def089ce8d1eb7d7cd9fdd0e4abf50959df6b48d2600c6b4526f4c8079afa61c280487eac8daca95bd1742ec1af588827b74bac73fa43a84d41c22e25b49df6c672fabaeb34d92d6e3e446e75f73e24a93a0fa9e509d5ad8652203df9d969098eb48e4da0da5cd5751c0167fb71d5e5177f7b562c69a1574e936300cd15e436146b5274f73f14f3cf1cb37114494574ef6befad439d5a80be604043e51f9d81a11476607470d713f82e3446c8ee91dccbc5b49aa0452ca393d22674da4dd6223610ce0293cfe1502f4213b7c55c616e03284c46994aacc4276766cb17472714c80b3cb693d33f8223083e6e988d34f9455aa6a59b5b309b134d3e2eb35d77d6d74d37d99b9b3a0a49b034e2c9f893ccfa761924d33bc16cf6071298b7635be06b92ee6d8d63a7da65854b910a7b7888b51946e766735f095412150a6b5a01f280b360ea3340f0b8659f8a2392b7da7d0a7326393288b5c0e7d7edabe510b2c4a3c684b467f22b10dff5a5912c9a0d61f80d7f2e19ea159b1b45e76b7a57dc60bb8f33f677e8205061b9e5aa151128a338560f7edbcbe64f054ce0567ec6f441e9d88f2fd9b98f500885975104527f8c00ed309873b2463e71bd3634448badd33ad9aff60a3d5be71e179ea34121a9f274c1f7970be0f39679ac3bc742d00ab188646c7965c632066025e90890b6054735c0956dddc855219ba13007d0d479f43db9e3312d2912d0f77d45ff7b4f417c3674391a7c2e966ad3d43e27a1d1968810df330d273d6b7e8164b7c8100d5cf6aa39b808002b73dacbe45101587f50a0b351f48a6ffdb887f193d21dc11021be996b44dd5cd36116e7163ad3e16004686c03101f1b2df6329ae5b8d257da2a0ca41f1f6724746d7037c4cdbd2c16fbdff2407c2bbbb683616c9f64b90ad2e00427f73bb7e0bb806da233d80b5eb317ff263300faa3a4e9548d59bb564dbcfbad7bf9727429af5705b238c3912a6d5bfe409f3ae162c097cb5a732531b61a70b542b63fdc5fab94aa8a71186bb93557ce5dc746eed620e4c2a33d2d40109854fa1d6811b016c056f066a069de282e47a65bac3109eeb4dc5d4fcfe808e662a145b9f254938659dca6a31de2204d4161778cf476ccea5d8eb5ace78bf384033f99b06d25dc57d3f182d5f82fdf1f37221501e6e05bdb3fbda6d2fa52f98e9d68a60b69f78fd5a088cbc53fc2956b48f7090bc144d07896ddaad71bf8f4dc752cfeee7527e34adc9afc49bd7e6045a3ca95af827c9ccacc4ec3058355c82894afb0f93927e2af0abfe77381a9c0030cc570c788e16f08d163e60d3c576ab3292012624c6c43736975c12c7b0590770081af6400bdea6654c0370b67c9f02b37df440bcfbd54cb886bb30141ee9f99828b2c4486aca7b4700bf654602b3d8ce1d890146d3612aabc6ffa0f9383ac1714da4ec29c87eb69a6205f760df17e2097ba58938c44a4cc24e35e0a86043c948445dc2f69f85ed0d240eace41b13341f743e649749b82bdddf3f861d8beded38eb4b80e1ce69b9289da51a8cef0c095147e57e59754ce2430514948030223ce0881a66feeab24a8e87170391b2f3de4bcb52d7d34dbb10f0ef1b17f05439ac6730d4dde11724f10a64b1c5101759e7d92aa64cf678a8cc84ea71ab75684be3789455302edc397d05782b17b55af6ae024cb5eec0c563e3269f84afc381048dac7918c15725b7761699c00a6e54d5d7a910d25be8367d25ec3d4f7fbc924e6071707c18477fb691b5ee9d84265fae9627996a313804e8d6344edbe2a2c6b79f094e10ed32557e9c79410ed43bae9d15902b246383500b19ac0abd288399f2bdb8c860ae7ce6db77563e04dd13fb7ba57053998926f46480a657ccb6be6bd7a68a9b591bd806361a39290a7258f18df672888c2201fdcfd5be98a40f2129d18fedccad9f426a13373008da119300be8966f5e3b98b482317e759f248e2b3b7c8f56243221f401c61e8dc49e990b08c79e060cbdbaf3fdca130229210480d094d59fb7bc5bbfb365cc75f57a150a40134ba03f50ccfa6d9938691357e13deb1aa3d72dc71020ecdec51014cf66f52cfcbe07c670013d65a6540c55e5be254593013526bcb83b2032ae9d96da8b51915d8aa6d7f10abc6aaa73cb466d59ec25fde627fa5e3bf4ef476ed72afaea81972ea310b7435b3f68cb433d554d58595b60d1eaa22656f61f77166af7a74a5229ba53aac091daa513393fd116e18fbfcf414cd2218e2f3f170ac8066bc12b87143a6c4149da0ef3930e1e038ca03ab92b3ff431674b6eb80b46937c48f04ef380cda0a9255e6648cb7d58665e98372d7ca06cec4b7da581035313bf605d764f6e8d63c33c7db6bd76cfa41286267757d9dc5652ce0ada918f8053fd63d1f0054175b943e7ad53a07de7962dcf3d8d173e1e2bcd469f4f781f1681b9d95c63107bcfc75904ab0bfbe1fbedb6c193d4ba9ff36fcb459491838c764caf18b6e733b3b325aba9e61432b7e88145b85e21000fd8d6d009daeece444af2068cb1b309571612a176d66a823321b1572227230aca71f644acccc5a6b6ca34df4e0c22a5a6c5f1ef0050a9cec86e3aeb52f3706f4830d16b7c5509c61e2e9819a969577aa921cad385350e6dcc7a4fb5c485fd970104df4d401cff66dd5a923ef0d05b248a8432a687af806f79a6074f5ed139de1f6c4a36b41d2cd3f030e148a43fc7fed7c3a5a674ddecebd91db8908acc3433b9c7372964f9fe1a1f1a5234b9abb580273104df24ee2aa78eeb79de3e55f49d1e3042742debc404d3e0e823dee87d98ffd47d8a08ef43c1b99d8c10ee6787ae8cfb15fb9b36af1db1f079a2556a9eed823df96c7900988f5d9f7875d02d37c7c88952ed67f595d798746e76bfcd6871235b791620d6d54c677ca4156e6dffae13fafd407896f757610841c626992c5ff78879bcb4be0a2b4d1ac69ac4fc216838b7fb289bc88bc9f1670bd1b5de4501bcd2e7a95c7701647091f9de8703558d689f59b521b139fdb52b516aa0bf1794c5b42586909b5c58221097f77c5929a6956c6ed4dcde959fe680010ef69923639863071ac89eb2300d2011f82a23ff974014a5c734941cf3f691241461b653487e161870f373ed91283d2deed4f464d0b01b726c2a83a625ee2257c2de8d49855abee967c284248f723c5746cc0605ea396cb0b907be605714cd5cec6e54a6e63bf0ce526951e425dd6612f", 0x1000, 0x5}, {&(0x7f0000001440)="0b7775392281fb18cdc57c022794d81dd4a8abb9613bf3ea22db43cd4968f5f28bfa5605ee452e9368d71c17e7b6deb53f1fb8492e9434ebf1359fb43bc535743cf51563186a199b9ef41bc3fe52b6e53a51ebffb43b282acb42fe6ee54da93a2f1743b3555af62a886804a1cac938b30c09b9c437d2f66827391d3b9d206bbf8d2535642032266f", 0x88, 0xffffffffffffb5a2}, {&(0x7f0000001500)="d5e0e117b63f267086ba479ce836fd264d06e9549bb6171ae98b90af82b0c3301d97e3646e8aa6f5d545d4d63689de2dabafbca6c1ebf3028ff54f2c1fa0baaf32fcbf561a694186b68e1a4f59d84ef5824c06374fb768404edbddf132596e49a4964dd5dd7b8929860b", 0x6a, 0x5}, {&(0x7f0000001580)="3403f9adcab8e5ce9b9bec7a5a5a20b2103998fcb324c6d30b98ff5fb264eb07a04a752711621c5c46b0cd9219ee9220881ef0a14f4f9700b7683e6ef289a9244e9bcf1148df8d8c5ea4cc3cccff9d59f261a0f8a1c7984087e8e4bcb9aa48793c810f96c81886801a043a9d3d849879cd2538806e48fe8209780dbb96792e3a475612ca90cbe23a16a8068bd905d819f1df8f1b4d22507378877bfe737c140aec519e321423778c53e9c132afa7136d5626863c0ceb70f172802c029ec4630b", 0xc0, 0x5}], 0x800, &(0x7f0000001740)={[{@expose_privroot='expose_privroot'}], [{@smackfsroot={'smackfsroot', 0x3d, 'keyringwlan1'}}, {@euid_lt={'euid<', r11}}]}) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r12 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r12, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r9, 0x16) 21:43:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c07bc3376003639405cb4aed12f000000000015ffa8ee79cfde47a110526616e608ceae47a825d86800278dcff47d010000805ae64f8f36460234432479ae6d68dba5d949bdce2613e9391fb4e8284f33c48c2ab9b125bc8fd963c1956097f213eb3bf3b8e0ec5de9ebf3b2b82b20c819ea15689caed5bed971a7cca1cb1412c6241a39f99a67cd1075c1e34b74458f527e30cdfed331217b6c777c38c0b62c186227f4d5b21a731759dd2cf690d9586c0724a478f3f19629e739ac2983e74f90b96624c841db9360cab86b73eb94808205182d41506316f881a39d", 0xe2}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:10 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0", @ANYRES64, @ANYBLOB="3fb3f01ed74f89ae75e5096ccac7a66d5e21fc869281eb2af8fd3a572d718cd79f3b98a5c66502ddbb42106abdbddfc0ff28cf4b26da1a717ce144e7ea33ab336eb0"], 0x3}}, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x400000, 0x0) write$P9_RRENAMEAT(r1, &(0x7f0000000100)={0x7, 0x4b, 0x2}, 0x7) 21:43:10 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:13 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 21:43:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0ef85ca42f474c18cc649c6836295e7c6efb6bc3f3b7da66cee8e6c108cb528cd3e9436c488485c6fb389acccd7c5372cc36d98be65e2ba5dd99ba9ddbd8c6fb230c6574af1ea9b0579d163953e1c453f91f5fb732471e44e6e61c7fcedcc046f653394ba18661e2ff2d5061ab7e4e144ad3551edd4a6dc152a1ba7d1a38fb07f4e9a931b9b90f2b726c54f74b25c1ac445f3d633ed2091218ee6a43e51a881eb104ec878bd4277"], 0xc0}}, 0x0) 21:43:13 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x800016) 21:43:13 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:43:13 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8b) 21:43:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e2"], 0xc0}}, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f00000000c0)={'veth1_virt_wifi\x00', {0x2, 0x4e22, @broadcast}}) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) accept$netrom(r1, 0x0, &(0x7f0000000100)) 21:43:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f00000007c0)={0xa, &(0x7f00000000c0)=""/27, &(0x7f00000006c0)=[{0x7f, 0x6b, 0x1, &(0x7f0000000100)=""/107}, {0xf, 0xaa, 0x6, &(0x7f0000000180)=""/170}, {0x4fa7, 0x9c, 0x6, &(0x7f00000002c0)=""/156}, {0x1ff, 0xe, 0x76f6e5d5, &(0x7f0000000380)=""/14}, {0x1, 0x4d, 0x8, &(0x7f00000003c0)=""/77}, {0x5, 0x97, 0x2, &(0x7f0000000440)=""/151}, {0x6, 0xb2, 0x5, &(0x7f0000000500)=""/178}, {0xf06, 0x1d, 0xda6, &(0x7f00000005c0)=""/29}, {0x5597, 0xc, 0xdd, &(0x7f0000000600)=""/12}, {0x1a04, 0x53, 0x8, &(0x7f0000000640)=""/83}]}) 21:43:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x3, 0x3, 0x401, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffc, 0x8000}}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xffffffffffffffff, 0x9}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20000004) 21:43:13 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x400, 0x0) ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0x5) r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000140)) 21:43:13 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) socket$inet_udplite(0x2, 0x2, 0x88) timer_settime(r1, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {r2, r3+10000000}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, 0x2, {0x7, 0x1f, 0x4, 0x12, 0x8d4b, 0x7f, 0x3, 0x7fffffff}}, 0x50) r5 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:14 executing program 2: openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x200, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x58, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:16 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x8200, 0x0) write$P9_RLOPEN(r2, &(0x7f0000000080)={0x18, 0xd, 0x2, {{0x40, 0x2}, 0x2}}, 0x18) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) syz_mount_image$ocfs2(&(0x7f0000000100)='ocfs2\x00', &(0x7f0000000140)='./file0\x00', 0x1, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000180)="81a39e5ca13db50ab8716e96515d7b1c033acf3834d50e1fc554721f5db3b5acdf5a7a32d876db8a0ba1767434eaa92b94fee8534eb2ddc36c82dd070432af57a5aabdcef843b374e2f70b766bb580f78abba273563356fadd65aa6c23be9f6c49c97a94fb22d993e06f97558c0503d4c7567acba746794bf4c76d565c85a214a445b69af6ee1658dfc2771e78eef24132da90b5c9b03a21fa1100e103", 0x20, 0x10001}, {&(0x7f0000000440)="48f2cc6bd82972227047b1f07c58822662cc54a4958936658556e8f3cd67cea70f5c3e6caeee45ec8bb45c6678713f60b63cc2b52e3063d74c24dcf8a7f1c4987d5fe00313cb4fcc8ae684b5aad9c8bf943932b6370cce437c5fe9ec66ac79f1a5d1805d4abf3501203a53bca771a22114efa669f0aea8e260dfe77f405a4ea6484fbf69bf92b7cfa89fdcea095caa09489d2d66096eae3be12e366c4242726d2193e82bc541bd7a344cd7da3197825a6ca1d33fecf379d98db2e43633f8eb659a4126411e74057567e2eedced508d9663c666923e80c6030dd3ba045ffbcacd695d274fbb1e8ba24ba006a9a12369d174", 0xf1, 0x1}], 0x4028, &(0x7f0000000400)='loGPLwlan0&nodevlowlan1eth0-$-^;eth0#-(:}(\x00') recvfrom$packet(r2, 0x0, 0x58, 0x40, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRES16=r1], 0x1}}, 0x40800) 21:43:16 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 21:43:16 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8c) 21:43:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e03cec6419ff7a78febbb8177b7217b6ef7537d3d43765251241d63d50f4f590ecb36e67cefa85609599617b28ba22463c680ec5c769206e68dc07726a6f2ea1d1a257adaea791d6df0456bf503afaf04bc37799671c465690469fa0891e266da46fae"], 0x1}, 0x1, 0x0, 0x0, 0x4048044}, 0x0) 21:43:16 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000002c0)={0x8000, {{0x2, 0x4e24, @empty}}, 0x0, 0x2, [{{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {{0x2, 0x4e24, @empty}}]}, 0x190) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) sendmsg$NFT_MSG_GETOBJ_RESET(r2, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x15, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x4800) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) r3 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$user(&(0x7f0000000480)='user\x00', &(0x7f0000000280)={'syz'}, &(0x7f0000000600)='\b', 0x1, r3) keyctl$negate(0xd, 0x0, 0xfffffffffffffffc, r3) 21:43:16 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:16 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0x1}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 21:43:17 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0xa2181, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x0, 0x10001}) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x60002, 0x0) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r3, 0x0, 0x0) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000140)) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x3c) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r4, 0x0, 0x0) tkill(r0, 0x2b) 21:43:17 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:17 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x40002, 0x0) ioctl$SNDCTL_DSP_GETISPACE(r0, 0x8010500d, &(0x7f0000000100)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x333, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x1b, &(0x7f0000000180)=0x2b, 0x4) preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000100)="3076b8c813dc9451570ed297d6eb7cdf", 0x10) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f00000000c0)={0xfffffff9, 0x3, 0x200, 0x8000, 0x1, "d7c531761dea4c09598474f51d7b4e6294a79e", 0xbbd, 0x7}) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:17 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f0000000200)={{0x0, 0x0, @identifier="5898da68a7ea177c93012bb3af3844d9"}, 0xb1, [], "63b73c5885789e2091e15fa0ecbcdd2a7b7cf9ce3b316da173583607f4f92c33a09d9ef706ef2df8cfe89b2577f9b0fa036d0c0978fab687cf71667fd85f9a32682c3374e365e242707a62c17b67e34f2787aa05af38445345cb63a3ba8d7c855dcff5a63fe2927d033c8b271d1b12e93caaaff9e2089f508348267db3f2ad621efb036883e6e78094b5a0ab7b1c2ac14da100f5cafa8e1d987ac3b8af529c1c4d4b24a8d4ec714cb98e0bd721f5552c4c"}) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) [ 1857.421474] syz-executor.5 invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=1000 [ 1857.435825] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1857.441643] CPU: 0 PID: 23460 Comm: syz-executor.5 Not tainted 4.19.102-syzkaller #0 [ 1857.449538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1857.458984] Call Trace: [ 1857.461588] dump_stack+0x197/0x210 [ 1857.465232] dump_header+0x15e/0xa55 [ 1857.468989] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1857.474107] ? ___ratelimit+0x60/0x595 [ 1857.478000] ? do_raw_spin_unlock+0x181/0x270 [ 1857.482512] oom_kill_process.cold+0x10/0x6ef [ 1857.487031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1857.492579] ? task_will_free_mem+0x139/0x6e0 [ 1857.497085] ? find_held_lock+0x35/0x130 [ 1857.501167] out_of_memory+0x362/0x1330 [ 1857.505157] ? lock_downgrade+0x880/0x880 [ 1857.509317] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1857.514433] ? oom_killer_disable+0x280/0x280 [ 1857.518937] ? find_held_lock+0x35/0x130 [ 1857.523020] mem_cgroup_out_of_memory+0x1d2/0x240 [ 1857.527876] ? memcg_event_wake+0x230/0x230 [ 1857.532227] ? do_raw_spin_unlock+0x181/0x270 [ 1857.536732] ? _raw_spin_unlock+0x2d/0x50 [ 1857.540900] try_charge+0xec5/0x1490 [ 1857.544624] ? lock_downgrade+0x880/0x880 [ 1857.548792] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1857.553644] ? rcu_read_unlock+0x33/0x60 [ 1857.557711] ? get_mem_cgroup_from_mm+0x185/0x510 [ 1857.562576] ? __mem_cgroup_largest_soft_limit_node+0x500/0x500 [ 1857.568659] ? __lock_is_held+0xb6/0x140 [ 1857.572740] mem_cgroup_try_charge+0x259/0x6b0 [ 1857.577340] __add_to_page_cache_locked+0x334/0xd10 [ 1857.582372] ? find_lock_entry+0x5f0/0x5f0 [ 1857.586630] add_to_page_cache_lru+0x1c9/0x860 [ 1857.591227] ? add_to_page_cache_locked+0x40/0x40 [ 1857.596085] ? __page_cache_alloc+0x131/0x450 [ 1857.600597] pagecache_get_page+0x364/0xcf0 [ 1857.604947] grab_cache_page_write_begin+0x7b/0xb0 [ 1857.609893] ext4_da_write_begin+0x2d7/0x1180 [ 1857.614407] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1857.619961] ? ext4_write_begin+0x1790/0x1790 [ 1857.624474] ? copy_page_from_iter+0x7f0/0x7f0 [ 1857.629084] generic_perform_write+0x22a/0x520 [ 1857.633690] ? page_endio+0x780/0x780 [ 1857.637505] ? current_time+0x140/0x140 [ 1857.641490] ? lock_acquire+0x16f/0x3f0 [ 1857.645488] ? ext4_file_write_iter+0x23f/0x1060 [ 1857.650262] __generic_file_write_iter+0x25e/0x630 [ 1857.655212] ext4_file_write_iter+0x32b/0x1060 [ 1857.659804] ? mark_held_locks+0x100/0x100 [ 1857.664058] ? ext4_file_mmap+0x410/0x410 [ 1857.668221] ? mark_held_locks+0x100/0x100 [ 1857.672470] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1857.678018] ? iov_iter_init+0xc6/0x1f0 [ 1857.682009] __vfs_write+0x587/0x810 [ 1857.685746] ? kernel_read+0x120/0x120 [ 1857.689669] ? rcu_read_lock_sched_held+0x110/0x130 [ 1857.694818] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 1857.699587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1857.705149] ? __sb_start_write+0x1a9/0x360 [ 1857.709489] vfs_write+0x20c/0x560 [ 1857.713050] ksys_write+0x14f/0x2d0 [ 1857.716783] ? __ia32_sys_read+0xb0/0xb0 [ 1857.720857] ? do_syscall_64+0x26/0x620 [ 1857.724845] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1857.730220] ? do_syscall_64+0x26/0x620 [ 1857.734212] __x64_sys_write+0x73/0xb0 [ 1857.738109] do_syscall_64+0xfd/0x620 [ 1857.741929] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1857.747125] RIP: 0033:0x45b3b9 [ 1857.750327] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1857.769243] RSP: 002b:00007f67b82b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1857.776966] RAX: ffffffffffffffda RBX: 00007f67b82b96d4 RCX: 000000000045b3b9 [ 1857.784247] RDX: 0000000002d1ee37 RSI: 0000000020000180 RDI: 0000000000000003 [ 1857.791523] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1857.798803] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1857.806079] R13: 0000000000000caf R14: 00000000004cd8f4 R15: 000000000075bf2c 21:43:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x1ff}, @in6={0xa, 0x4e22, 0x4c7, @remote, 0xfffffffe}, @in6={0xa, 0x4e23, 0x81, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x2}, @in6={0xa, 0x4e23, 0x0, @mcast2, 0x4}], 0x70) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) [ 1857.842437] Task in /syz5 killed as a result of limit of /syz5 [ 1857.854434] memory: usage 307168kB, limit 307200kB, failcnt 24023 [ 1857.865119] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1857.883727] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 21:43:17 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8d) 21:43:17 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 1857.903233] Memory cgroup stats for /syz5: cache:48KB rss:247672KB rss_huge:227328KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:247672KB inactive_file:88KB active_file:0KB unevictable:0KB [ 1857.933748] Memory cgroup out of memory: Kill process 17784 (syz-executor.5) score 1113 or sacrifice child [ 1857.979595] Killed process 17784 (syz-executor.5) total-vm:74768kB, anon-rss:2216kB, file-rss:35792kB, shmem-rss:0kB [ 1858.008622] oom_reaper: reaped process 17784 (syz-executor.5), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 21:43:19 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:43:19 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x80, 0x0) 21:43:19 executing program 1: r0 = gettid() r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x14, 0x0, @tid=r0}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000080)=""/16, &(0x7f0000000100)=0x10) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RAUTH(r2, &(0x7f0000000200)={0x14, 0x67, 0x1, {0x4, 0x2, 0x8}}, 0x14) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x8) tkill(r0, 0x16) 21:43:19 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:19 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8e) 21:43:20 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:20 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:43:20 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8, 0xff, 0x5, 0x27532900, 0xff, 0x7, 0x101, 0x1}, &(0x7f0000000080)={0x100, 0x9, 0x400000, 0x7f, 0x7f, 0x5, 0xffffffffffffff80, 0xfffffffffffffffb}, &(0x7f0000000100)={0x8, 0x4, 0x80000000, 0x3f, 0x1, 0x2, 0x5, 0x1}, &(0x7f0000000140), &(0x7f0000000200)={&(0x7f0000000180)={[0xffff]}, 0x8}) tkill(r0, 0x16) 21:43:20 executing program 5: r0 = socket$inet(0x10, 0x80002, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="24000000210007041dfffd946f610500020000e8fe02080100010800083711000400ff7e", 0x24}], 0x1}, 0x0) 21:43:20 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000200000000000000108000700000000002c000d0014000000e9ffffff000000000014000400fe8000000000000000000049000000e0b432987dbe4870441b35efe62c34d100e64c272fc8ac73818cb65e3c27a4f7ace3ecf2c3dc055e09a066ff2c2a1cc9dfc2f03abb4f9590f1fd56f6f23bac526b469e828134c026c9b26e5beaa9158ab40257f79674bc9caec781f95de225fcea7a1e1d38fdf204000000e0d3610de2eacbd697882ae6615196f338466eddf0a8abe8d05b8dcec60ea97c4bafe582d31de21948bd08c6133e246c2b12d8eb84f877589fd1ba2e33fb8424050b2404be77c54e513e67b29cce8cd2"], 0xc0}}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000580)='/dev/dsp\x00', 0x200, 0x0) r4 = openat$selinux_context(0xffffffffffffff9c, &(0x7f00000005c0)='/selinux/context\x00', 0x2, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r6, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r7, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = getuid() statx(0xffffffffffffffff, &(0x7f0000002080)='./file0\x00', 0x6000, 0x7ff, &(0x7f00000020c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = gettid() ptrace$setopts(0x4206, r11, 0x0, 0x0) tkill(r11, 0x3c) ptrace$cont(0x18, r11, 0x0, 0x0) ptrace$setregs(0xd, r11, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r11, 0x0, 0x0) r12 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r13) r14 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r17 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r17, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r14, r16, r18) r19 = gettid() ptrace$setopts(0x4206, r19, 0x0, 0x0) tkill(r19, 0x3c) ptrace$cont(0x18, r19, 0x0, 0x0) ptrace$setregs(0xd, r19, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r19, 0x0, 0x0) r20 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r20, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r21) r22 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r23, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r25 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r22, r24, r26) r27 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r27, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r27, 0x0, 0x0, 0x0, 0x0, 0x0) r28 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000021c0)='/dev/adsp1\x00', 0xc60c4, 0x0) r29 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r29, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r29, 0x0, 0x0, 0x0, 0x0, 0x0) r30 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r30, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r30, 0x0, 0x0, 0x0, 0x0, 0x0) r31 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r31, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r31, 0x0, 0x0, 0x0, 0x0, 0x0) r32 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000002200)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) r33 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r33, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r33, 0x0, 0x0, 0x0, 0x0, 0x0) r34 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r34, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r34, 0x0, 0x0, 0x0, 0x0, 0x0) r35 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r35, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r35, 0x0, 0x0, 0x0, 0x0, 0x0) r36 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000002480)='/dev/mISDNtimer\x00', 0x22200, 0x0) r37 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r37, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r37, 0x0, 0x0, 0x0, 0x0, 0x0) r38 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r38, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r38, 0x0, 0x0, 0x0, 0x0, 0x0) r39 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r39, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r39, 0x0, 0x0, 0x0, 0x0, 0x0) r40 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r40, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r40, 0x0, 0x0, 0x0, 0x0, 0x0) r41 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r41, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r41, 0x0, 0x0, 0x0, 0x0, 0x0) r42 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r42, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r42, 0x0, 0x0, 0x0, 0x0, 0x0) r43 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r43, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r43, 0x0, 0x0, 0x0, 0x0, 0x0) r44 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000024c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) r45 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r45, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r45, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(r45, 0x8903, &(0x7f0000002500)=0x0) r47 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r47, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r48) r49 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r50, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r52 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r52, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r49, r51, r53) r54 = gettid() ptrace$setopts(0x4206, r54, 0x0, 0x0) tkill(r54, 0x3c) ptrace$cont(0x18, r54, 0x0, 0x0) ptrace$setregs(0xd, r54, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r54, 0x0, 0x0) r55 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r55, &(0x7f00000017c0), 0x333, 0x0) getsockopt$inet_IP_XFRM_POLICY(r55, 0x0, 0x11, &(0x7f0000002540)={{{@in=@initdev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@multicast1}}, &(0x7f0000002640)=0xe8) r57 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_cred(r58, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r60 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r60, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) keyctl$chown(0x4, r57, r59, r61) r62 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) r63 = socket$inet6(0xa, 0x5, 0xf8) r64 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r64, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r64, 0x0, 0x0, 0x0, 0x0, 0x0) r65 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r65, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r65, 0x0, 0x0, 0x0, 0x0, 0x0) r66 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r66, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r66, 0x0, 0x0, 0x0, 0x0, 0x0) r67 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r67, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r67, 0x0, 0x0, 0x0, 0x0, 0x0) r68 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r68, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r68, 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000002900)=[{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000540)=[{&(0x7f0000000080)="d06c321deecbd752d4c6c7eb85cab585b512a54db7ccea67a27116e027fdeeae3c33b5afc7f77d7b148b4cfae66bb537c8456ae96a11591aaf305cda85ad7a6b7975d7a5f36775a8f2645c37dd901eed26372ad24e327395a7ff9e6c6f5faa3148485b6cb89088a129ca349f158710287f5813c95cb48a9ab0d417ce44e3182bc2917c61b6eb715b5f538fc683e8e2127fde50e7f19e39dfb1772087d54d32bbd07eb0e7d160f98f5aee051f0ba5", 0xae}, {&(0x7f0000000140)="1fe704cbac4e3de61146a3b7a8a543fa55c87f00943c3bce10949d5af2de1f03a58bdcf8db81ab09db1556fd9f962221045b833bbf55dae0c0176852722dac6cbaa677339c1b2e098cd3c5507cd75f0f5542c1c78bf4885afe5ed9cb7445b4561c1002c3a390675031c9d421477217c5a932a32a8a8826749ab41b171fd409a9c314445e29cb37675b20086756bf41f1ffa747cdf5ceb84b49109719130398bb855afd54f0f7891776276fae59d85523d448ee4f9856a9361ea9f7e8043ec0d12bee5816c51e4847659467344ce8f9567f805699efe3", 0xd6}, {&(0x7f0000000440)="85eb8bb17f695181a737d802a1537cf59368f6b1a085cbb287913fb7a0d3b25d365eb4c87cefee70102cf642f3513e5aeac80b0370b0059012c531353f331e0f81b9b190763de9c882337a448949af301a6559ef42136211746c63b6095cee4a11118a2023984081c70c22cbd7b6f0438b7e8fdfb9fc556f1cdf0b147be0e95bb5f126497dc946d5b8b5d454b11bbabef2deec1dbed053fe56d14cf7333e960724f5a4deddb0bf8c8176c4b41d6c0bcd5156e7ff3b7bc462896ee4e1361d9d271d42ae324152a283a74be4cec0c26cf6", 0xd0}], 0x3, &(0x7f0000000600)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r2]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @rights={{0x30, 0x1, 0x1, [r3, r0, r0, r4, r0, r5, r0, r0]}}], 0x80, 0x24010000}, {&(0x7f0000000680)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000700)="eda70e07bdf520f959c4522b821d045727246416b111babcde24b907accfa8168c75b64a157174f09a8455ccb8908c7247", 0x31}, {&(0x7f0000000740)="cd256c314cb0a6a16a2bea3458d1b7b9d171cce7e566d1f96fb98daa89e5a93f693ca621328b058847429828453c129509e34c6edd08a5b43b2c9d54922a24dec22bccf7bbf24dce7c49a01a4daf1a6e24bc906347c99283434ac768793c1701a4defe89d949b52d59f20c68094d1612bcc0971c52e50daab4b0604d2575991377109d8b9d4939", 0x87}, {&(0x7f0000000800)="34771a9afddecdfc770d5aac8a4bc49b645f179b48f833f77dc6faede0f1413cae5b0a3870eebf1ad355ab0abce54747f0f5a86e3a37c31d1dd5dddd812358b3186bd5912ec2a27b07a0775ad0c6ee5c9985be87748e68c2dcdbdb9fbdcf4717141846acf110239e191a1f2d0fad9c9d78f916625336e85e0eafb52da7e30a7c145435fef0adf2f3ab9a1f95d6c9803d6ce5a10114d1c3c8bfb1895776a3fee213ebeb6df24695e2dbe9f5bd4c7249f6d5a0e67cdf97b0331e038ea7", 0xbc}], 0x3, &(0x7f0000000900)=[@rights={{0x20, 0x1, 0x1, [r0, r6, r7, r8]}}], 0x20, 0x4008810}, {&(0x7f0000000940)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001fc0)=[{&(0x7f00000009c0)="86312f4fc5e0f6993d4099fbc91c9bb2b11cae7a31bc915543c0f42991e4972b1978fd24aec358b28156c14a7831714fa7bef323c5402ac23b4287b2c2c3d2769a2a968f186e8901da5c25075e64dbd6b3ae2678c47d867795198361276f369a2fa6058bb81c626e78432b29491445d9e9c21b6e1835c705d41f4940774a69be8e2fcb3922ff11fde787b22e6c3fa1951715b19fedcd45ee0458aef88ad3ed51e3a0bbdd3a8427b78187652c8262ff9e35058853e6440a52b318319333328b9b7715d87cb06315b5082b7a141b30e395122423567a1f4db77afaf80d5a530b16303f02f5856f94d97871fc06d784a7ed6b510def7eac29c84c52b5551b0848bf49bb9ad829d7577b19619d1b8a3c0a029f70bb48af1bc316fc123353ace1dd87a54d92062caa1047b428aaa0a0b1eeac76dca8ec99464e897919d691ac2b561f9f9842b45ce0a106c008e1cee8d0cc27979d6dbb8f7f92e410fb65d72f82e9d9e7d1e8885e22fdd790405506f757d8ce6ef482ec0c38888b689deb8ac0486beb1bbe2225bdb1f69f4af02f60fed742722f35264eb002541478d9d7fb75fd70b6a2d318177cb61802a070cfe1918a04838384d1d546d17cbe61b5b6d028209cd5b4beb48cd3d0f0e105d29a82702d303f75623b76776c67e5edae79dd68fb139bc8bf183957679c383bdee9c21dc84430e84c07297c786d9bb58f498a8356c1176e689c55a77fa39448dfde5c29d3ef429275bdc0b9c6c2531e2851bc9e86044064f00e3cf332f4cafc201b44f605f960b593e3f660f4f82d5b27f75919945fc0f11f3045af9e1d78d40e64bf900bd92f3ec55ededa342a8d42918dce3ddcf85259c6ed329c8618cf24aaf62ff4cb359bf5954b1a44ef7741978469e6eb8f82f1466c1830b065ea0ae12ae863bb329813a90fe1e865e77332e1d1a2f124d04ddd9dc6c53ebc3a042f719de1366050d32365c84cdd94022eae1b23d2f651c724332a881089f1a83ff4018cde00e56efa8597cf2ccdc29bd5c5014e1311cdd9ebbe6f419b5e7689694f6ca0dde51c0a912ab07a5f05069d56a190ead774960b1927d1a42941aea42fef231abbcbed83f5f71cf6bc839ab1d257ad7973128fb56f66576af26d23cf7bcb7e993c6ced821c16648746895c41e96fc5f42d7698011c2a9fb7896866f4ce709e582dcfdec082cb12ff0eaff2d9666acb8a637fc7d9ca23ebd99e87b632b044efdfad180a47de98c3140f9c4d5f9d15e258fda211d152dae8889c78c455372c6942240a97da3bf8ceee59b277feee6424b7bb948f125138abebc43ec907ed343ac2a08bc1f1f8e57a0b8254bd4e1e152ad77510b9492abaf54d51aaff92dabeee702ac94d29959328ac751cc27a33a792ec179e4850591644baf4e97eb93a1fb530af12e90f4c1bf3958f4c61cb9de228449b52e38cc133fec991dbbc1f9ff6125fcb68ff9a8f9daca27970122a6291a4daeae4ec8a58a9b6d18390538a93d72947fbe33fbff5e4c893e169d98bb46879f776a568001de5d67cc09ef0f97a244eafb74b3edc320577a7e105e0d3908400e8e2b125a0d8f034ae54b62f956eaf4aaae78d53b61b5c99a89a574d7985ce6c409c4c9f0f884388d25003cf422a9935fe9cf4a80b31086dcc7ffc6dbc839253619b3e9ef79a2d18ff3409509577c37288774c9f684190fd09ca9e73f39530c5c891dd67ba4452ab683d1edbd61e43bf210769dceee41f504068959977d3714258571659d01bdb0041dd2582ad8414d17a50d3d0e164032526a35ad1f2ec1bf15822d4e337ece9e1b8d44b8665fa0f7f097afba3b6b026fc4aa626deeacdba1ae4561d3023ceb926bd2c6b18521e631e82dacf53e60ff078e39e452b285094263c59c8bc2b7d642564f258f342da200856dd92b0f92bce5f3582c73b479b0b0e25244e56580403a9a1e98fa910c3b49ebcb3d0341b98f5e7f031ee6702ec1b28bdbc7642c21d73c78b15bd26c9440468a8ac89cebc26edcbcf5bad44b8b2f08e627434f5c535d1bff634e5f03c2d21ea81307aff20c3ad2c27ae26e3b6ff424ed6073e256a8c2d699b9180d12337840f73e19b2546520766bb048b7e78ec009bbdc3183b2fc9cda8ecb92cebd0a43db46762eff094c9eaca59f354247111a8cc8c0fdfe5221a0fefe9646c62bf2627de92e4e4c5db1c67f4640d929aa47a25e6f41a3345ce71a5734df4a5b9b8a8bc2b44aea446c6b7f7669cd9efe54bf9b15035202320adfc54aa6dcd1dff664706c5d64e42d8084671fab5b1542391240364a4a9c01f712d2997f1113fe7db3dad6ada8e24e8e6f6b1a62211fbb90ca2678e89a1a05a8dc44ec76a808579fad9166324a0fc3537a7e607a9f5ee49da31bdfcde4e148aeca1fc6a8c6d4ca6bfdd00a045adb21128caac78a1fc15b981c02e09cd33561ad711f75b81dddebc51664aec35645af540c725d603f3dff956f2a3c4abbf80aaae8adad9b7bed3cea81221fe38b26c236d37369927e926e96e63f89e4fa501e68bc2e1e9ff6243e99c34843043d8af4827b21719b988d75ff7efecef6f6f4c9e092ec8cf3282e968b8e73a46ed5ef72129eec1e6dbe38e1d8d2aeb15835b077561a1b73843c15c9c6a60ca2ba008f10585b0227a4dc89e0feb82395fe7aa317ac5f1282ace0137b91ea0a40ddfa04d77cf9729733d18ef29b4965792c1f7bf48b7a01c6ed38e294dd870c0ea6958f4876a7d3d3266b0acadca8f0053bded5d27b39ccd4af901e83124fb3a14d971fe0eb5bb0132ed53a99341caec26c494040b162b734e6130a6267c355eeabd9d6771b2cdf8e78d7044e0a96d8e08a9aba61d13b48eb1ecc11aa93d5b5a4c71358e3cd09b55aa3465038c8199a084726da831593ef72dce0dda6216904d79cfc9a422aa38ef08982645fae9de825b3882fe19d4541bb3ab3959fb977cff5fd00b9593f0109483d4be006154b983f809069927ebf796ad9f08ce5fc2cbde5278724b9c3e4b6c102b98e6cdae122c573a80ed131f959f0bdfba2a5e351261cb43cb6f0d962ce68c38609bdc344387992712e51be8740b7768e3d2a7d171c19c40663e85ffae06b848c273754789c0f50b8c79a183bf27abff84af12f5d154d6a200c5656e249782fc4e2579562760dfbe9a906f3bde52f3432c3a84d1ef34c7b5e87dea02c7d2965f5de9b2c8e4c3e78b5df8f5350195626813ea3eb9c0d0b3a8a6e0dec4f9bb38a6db0af5dbfb57399b85bf7bdecd06e117810bc26a8239e631257ed0fc06b7982ae3c65b22449a1bac25e47c33a19470e576e2966034cbb7bf93773fe0fa2b1fa68b33b0ed3b40ab1f51b6431dcbe94c41a78da97476b7bbaa7629065e2191bd97c5f13dc2ba692ef87959d65e1f356b736e81820133436f2fe9c815c637ae5994b61a224e2202d13b906a783b5efc190f21c954c36f8974f71f340f09aa5be75bf6015fd1bc8744f748db9f27b6e64a7aa45fddd511b461fefc92fe52a63975739e939b942e303c80d47a8b57974f65833307431afb343f7f0b125f076552900b3255ef1a2981f6bf7431348b1e36a52588abc12388ce2d4080e463727333fb1214c0b5cdba138ea005cd947b9244b53a8e0c2ff0161031aa99947436df00f335c0144d8c56a8fe7b363194fc6f5418c9d1094390802f57b91496964a2c8921e12a568c04ee3c756266b08af36fab17e0c134710b4888b2e0ad8d87df73751eb144340e4215fa2a2852a78345564f5fcb712708cd103439f79d9b030e4e28cd91b9696b61848e7bf22e039d6ae1ea5a92eeb2b19e4d81d2dcd0235a89d0e1d0d710821e0d4768937b91461f06a057faef2a55c32aaf0fffb643e419eb93c712e261710ef00168efe1ec10b193f1b218309dfcc9aef6f97408efe110b83d2387c61f0f3c87a1945c516427fad412ddba73ddda2761dbc6c25cfdf930e392d77e6899fef24be37ed9baba2168229a1e327fc227b6862290b58e666b3cb9121440035f08635650f5cecc3a09d05388d2431f6f44e63dc11d5ee7f821335cce06b376b283d2285468bbb5b10acc98df8ff134cc69104cd4a2e41b43447584aea851f2ebb60f6c628123389f286c55e5548da0bd069e907bfc2b50a722a389fcef7a4391cc4a4d672be15edc19cfa5a2bf0d447450c99f2d3b4e0f696de497950091e6c69ea0ecdef8a02493144125721d227865b9f794c5021209a498a541985defc0e167187e94dd07780f19433920ff3a8164e47241337198d9a901d6e8424b46cf4abf4aebb0c7340572681d6eb45633a88f73d3ac10168b7b867331a42ff938b1753dabe4e820bd0a389d20e7c9dc5122c776d30400457cd64cb9730f5c0f92d1135dbbe4b75f118908f1c2d3087797740ba3225e8b8f74dade991035a619de76755f5f0fbeb7ddd2182cac5292742b3c2174a65af681a93b9a157c40cbdba206f58137cb5f6242eae9d7bf07c864e2e0ff1aa7267c942bbccc145f4b55d9894db50a92f439797762813b1e13dd15b84b4dd55ccb7cbfe4f6f57364fc2ec4a0389a0154b8dba39eb4c0f4605343ace1521b37aae87490d84eb11bf3b49b91ce67ac73fb0c8ef02a65b127defc91f72860e7e93528b2cdd5a41413289161ee91f4eacf45f6d0af64c6dd466bb8d29ddd3482fc5e986d83a40528ccf1ee50852e432bad811a14a4911dc2a57ad1fc29e9620739685bf3e8d701ee5188b4aedcbfb294d667d56def2669e6fd4d65c1743f30cddd0cb1de2b67016b19a9fff7903eb783482ac4f2e7e1d901d96e2312618cbc509cc03ad58114dacc480f3e2911dcc43a14bf8ad9d03b645c0338165efe5b642dab07595b15f1a9552590d21c096741e86370f81b4b6066c69c68e71e99f9f9929b48531297606f83b598ed1a918b6bcf1ffdb13338749600c20b448b20f96ca1ab4d285ac0bee2f935790ffc959fcc092ba40d6a98c878771d70d90828318b6d4b047708ba40d18755b1daeb0b3aba2c32379c54932cb1bee4b8ca506f320644b46f73321ebece33c1de00b96483a4d322e83d900ea737196af2640b73fd93fc2241471d26ae36b567e7122eebe9cbc91fb7fd39fb61e71a318ba8b3e95d249607189b4705c9d06abde68fb008448af018c9bc791330da6a89885e562a38cd2b57f43bda7e63684d327d9d1d4b1302fafc80a95b938b4c77ec2fd91b7b34a43b0e19bfcf55a6881dd0129426f1cf6fc2e990beb86d9ff99a17f89949b47d72e50bc1fb8890253e00d7d20f00fc106e58f2aa070bf06a789c2f072b6146cdade0767af433dd730fac7c02d61f2d27eeedd876ad8b9daaa7b9b93d4273de759fe6b05121a19655958dd669c5b39275e69600403df07f1cc20da6688ef0a456879089fdb35c398a222523e0e78ef0a7cd07986c4a16d0d37ec2941521ad9ab79edb7d0b5dcd695d59520d1e8df6dadaaa07f82fd037488b5f5d9363780a574cd1b4fe4869ca0ea075fa42c3ec9645dd48f4dcfee84aabcca616d676b82d8e3cc6864eb036401d1859a75b77d8e3856e647bad7208df6b9b250ec8037ac707ad1a3b625874913294799e00a1deb6db2dc87aa3e386aff6be8d856a36d40866219c4cce9b6eea206e0a134417ef29876b01ba0fcfb4e3696927176efae5708db9610a192c7f881fca36c1ab6e303d3d0b08c2a00053c46f41d012e49361d47a92549af532d2c37c4600cc4a8b594bda205e0256a86c6c01fc1b31f6be875fac8b0881de5453d451ee9f77a69483207c1025a78e3b31ebd1d08ae430676c0888", 0x1000}, {&(0x7f00000019c0)="55c1c70bd5b2ccb43ca411b64d67c0c97f8a75f696e1d577c2e727b5276648f50b6f378a781a13b50e6e4f8444127803eb9b9cfdf7c05f5ab30d135bc94b21fc6350300709790067f5d7301db03210e86f8b4045e85431c499c0834ce0196a87bdf4902f8da2518df5da3266b1d2773af25f9170f21aaeab", 0x78}, {&(0x7f0000001a40)="c813ffc4d0923e2a8c79c6294a6bfae6dc4df011b5158b14811bfad9949ba36e1a62559659af4aa93247d1b759950c1830838fb35d8bc28813136c4223f08589ab71e24716db60d0a96af75ea02578b952a3e9543e", 0x55}, {&(0x7f0000001ac0)="406276e118c5e4d50ec94d0569c45230fc9240fdf30405bf846f1ae4fa2ce65f433fca8ace7ed2f5c9ed29f09b21826e0e5fe07c06e60686992f764b21ef034c64b67c6c85f27e17ef2cec4d711aa02c0c4b2c6face1889aba2b0efc48364860b7a73a28ba1e9d5ef4dacca302019ff8d68719e5823b9a9c04029653ba68ae6701da873c947c1684cad44f0e8df4cd59aaa241a73fe227b75d268b2063b68d2cd8bbed00e5f16ee58ab2838776825c2a9f106814f16e153f9aa55bf3a1ce7b89d6581fddffc02427751913775f654ccc319a75a1350c7486f488c7d043cbb72a15ce6ddf7f5d10d31fdd", 0xea}, {&(0x7f0000001bc0)="b50054bba78d0a42c4cf3b64d93a5ceafa620fc668", 0x15}, {&(0x7f0000001c00)="d6f9811f73403623d9999f0baf6d8a2630b40e5d79ca08143878369a66b9586bede9764d3dd025fe27ac6e7f0e758b363dae0f33d5f6ec909c7446dd502ff3609a48db012c84114053c2c6c9aab649b7104ccaf20f8aeea41a870d2e09665e656a68e846463490db9d891db1a546b1ce4ea1bdda040074313d328bc9a611fd16eaa7a324614b0fa97b2fb93cb4a63c78398ecdd13195198d186ac3f08b77b96a260adddfc36f812bd2ee18a4f2cfa20f5340f22a9d2b8773121f5921606fc2c8fe817108e6c75856f2", 0xc9}, {&(0x7f0000001d00)="4f5987d2d6f141d8a829fce6eaa691b485cc393af58fc0670df34e8d385be7b8b720fad55a907785f155d8bd75477046d5563834eb19974f639e0aef2925ee898c9142e8c3bdd5ce1084f54caeed1bba05880126c99ecf70b21023b75fe1ab7d6c1e13ed780619f9ddf02eb1c1b0bf81eb50987cbcc65a81151c0dc8f16c1eb1d4afd018d8539a7feb80c23bf53e0229408c", 0x92}, {&(0x7f0000001dc0)="e55a934014f3b2f64b849f6e065a626a2aed58612b2fbdc1fdcc5c7b30152fa0446bab04f49c95b3ab40eaaa2218e41c7041d29bac6cffacc8946fb8212b2ef7507dfabd7f06332e44760e1cfb239af3c1c508edc0b8b77433a5bfde1a89c0acb235cdf7402d88120af6e13a46f2fd639b85739f3a81c00559ff5c198ced04e95bbb1627b6b7f0b3435033f52d0b1c62acede7f22d56041b6434a2", 0x9b}, {&(0x7f0000001e80)="eb433f1b29", 0x5}, {&(0x7f0000001ec0)="5b199fe681afea48a7492ab43cab5740d86bb2fb47a86a91030ceb33eee187e45b987a1fb52fa6bd0d9a509357378354ef6f89f77aea4c9e71fe4c25f798a806e4b2156b660ef6935d4bf82b33bb7207072a003386a85178a7125a730ebf21a49cd59449b196cab2ffc3a942d45d48292c2a2de6eb59c772474be1782b28862957692f7cdbd2076752deb07740a2f185380af989911a9e83b32cf8726d56acedbfc173913f2602d83c7ac1438d85ac2321bb3b727f757a608e03db070b3d7e9c554092e54b0690e8d8626a", 0xcb}], 0xa, &(0x7f0000002a40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r13, @ANYRES32=r18, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r19, @ANYRES32=r21, @ANYRES32=r26, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r27, @ANYRES32=r28, @ANYRES32=r29, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r30, @ANYRES32=r31, @ANYBLOB="2000000000000000db7d000001000000981372fef2e9325ee17fa9b9f26cafd802452c3a027ba683e95c67e9fcc712ea6bd2fb10aa720fd9e9ac57e9a1e9dd481fdab45033db777b7a33728a48346bf13d4c62467ae1d418065187a1b70dcf8d48ff876c953143b4c919bfffc85e77ed6023a39938e8d42c7078d46d6ef481b11bceb5a3955a20bf6d2459e816c331f45bce3a01fbeb85bb55a2b3f771256d967201e95a71c8890b0ae1a0fa4b4f585c3a3fb9d2a9f45f7c81376f605a47291535226678fe8e9d0e7be8b4eb72dd12d525aad3bb4a11c69eaf114b3cf7bf61829c401f29d2d855423a2f355208eddaa3953ed87bfc73f4abd7", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r32, @ANYRES32=r0], 0xb0, 0x40090}, {&(0x7f0000002300)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000002440)=[{&(0x7f0000002380)="529eed265b74f99e4239ed4758f9b2a5ea872c36fb8d2898f680a9e57ed88ce739d39e2460d57789a21090a62af46ecb7d6c226ef980da9e44621fb3f8d88e61133edb9da9390026a5aeb123ada90c7d54273b21a907df37eafcca629530921b2210aa7f5b01", 0x66}, {&(0x7f0000002400)="0c0f001708a75ae9b21e5f900603fb", 0xf}], 0x2, &(0x7f0000002680)=ANY=[@ANYBLOB="2c000000000000004100000001000000", @ANYRES32, @ANYRES32=r33, @ANYRES32=r34, @ANYRES32=r35, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r36, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r37, @ANYRES32=r38, @ANYRES32=r39, @ANYRES32=r0, @ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r40, @ANYRES32=r0, @ANYRES32=r41, @ANYRES32, @ANYRES32=r42, @ANYRES32=r43, @ANYRES32=r44, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r46, @ANYRES32=r48, @ANYRES32=r53, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r54, @ANYRES32=r56, @ANYRES32=r61, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r62, @ANYRES32=r63, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r64, @ANYRES32=r0, @ANYRES32=r65, @ANYRES32=r66, @ANYRES32=r67, @ANYRES32=r68], 0x118, 0x20040000}, {&(0x7f00000027c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000028c0), 0x0, 0x0, 0x0, 0x1}], 0x5, 0x40800) [ 1860.316371] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 21:43:20 executing program 4: pipe(0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:43:20 executing program 5: unshare(0x2000400) r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, 0x0) 21:43:20 executing program 4: pipe(0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:43:20 executing program 5: r0 = socket$vsock_dgram(0x28, 0x2, 0x0) poll(&(0x7f0000000180)=[{r0}], 0x1, 0x0) 21:43:20 executing program 4: pipe(0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 21:43:20 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) 21:43:20 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:23 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:23 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x8f) 21:43:23 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001300)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0", @ANYRES32, @ANYRES64=r0], 0x3}, 0x1, 0x0, 0x0, 0x44048000}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cpu.stat\x00', 0x0, 0x0) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) write$UHID_INPUT(r2, &(0x7f00000002c0)={0x8, {"50cd8e30458903defc67984c0106007ec12716d6d56bd0205b84eb503a12e177ce9fe604a9f67fe331726c616f486a1e83eafc18eba2a6e87a16a5abf3f7fadb8ba89db85b009fc8a34c17e950f5c1ccc47ae89e32ff2accbb8cbec20197f7ba2a897cf1199528a3d78e72e3d37def0246f93230c944b6b97a0557f3507ade34a2dc34b6a23a1b0de50e343d2e7373014e4ba995f6ee8dbbbaefdb5fdd49952224df6ece3a1a75ac8b67a4b9cf047e6638af4e5c65211f7e24bd229d5fe5a9f3345e96cd779b5cf2e9a2a66cf9038d7cb326a27a4fce11219495c0cb58bfaaa9bee6dd20025b79884d14890e96544feb36a634295474ec44d55f5d14e1a63d61b8dfd128e0bcde608c9bf678d7ae7f6a7533ac8bd074a2809902d5395798cc6a5903507ec5a70dc49426124c4b4b91f9b881ff1d168d3c5dcbe8c5dd9b3b81fbc83ba61648fa520c03a0231fff645f3b2b9ad722869233c99050b8db9fdcdcb2d535f25de3a11f37254e3f5fe820f38fdf6eec5493eeefe5998b99971c220607630431abba069e9651493afa4ad582e0e77b160c463be9af3c9d8bae15d20eb21f20408ace80d0e2666b96d5e14cbfe4046b464c07c1fb9d245d0dc7774c6d3dc038f9c24769bca15f6dc5ae43034126f778100df2a3ebd534136548c57268b7b20dca52a9a76017f4d25a2666d454d1452e58b15876e6c9bc644239e6670224379e3ac4d2a5a725c79c10b8c5d08c2b7a59850d6ce781aadce10e30e93785131670dff9af0a971832394cae5421a797c1cb566f6bda07c992ad9d6e70063744344763d0bcae99e29e3152588aa80c5a61f7f688fa949e3574e6ae60375236af09b9ca1cac89702f30289cb9e19f5b9ed9eb0cc8c9b3c17bbb119f7a72ca98c12ec573964a12d2205705ed09df864189f25f1d1d4d61ee19acf6f52df244b10d898433720ce5038dfc5387dba3d79ed32c07bf728af94d8c6f252e986dd806ea6d805c60e22f64d22c9640e145664eb336f268c306fd2237a6b76115282237e3032b2fb3480db0d1e4695194bb3874b6035ca3c04037631b07d0323870fbf779b0b4fc92cbcd237230611d113e64cd3bd486fa9fe5f224cce2ea396f9d6fc4c08a1126fca8c9d96a4c834e083476b4393ab8eb2fc8c02c2baef305a46dfecb667e9eec58cbe56354dd1bbc33c3bff26eeb6970b845a9f26e42fb4533fec709c539321fd644d9f52ad16a5e850fb7bdabe3b6459b914e0a09320561f451ae0ab4a12a6ad26fd77856a1cd5debc603c350432de28a2387709e081ce28945618109c598766518a06ef1b9d016f4925180dca860a7ba0440af93ddb42f26b8808973091f65a213a93073dbaf8517b86067e5595ad4ef4fd115fd5ec52d5c034b6eb2b8689d23c9a5947481e1b2abeaaa031e5e193775ee31bded6f6f176666c9ea93d743e671411119ca879da513842fe0fbe4f7000353c76b47cf3e29945eaba18e73cd484209a193833aa7987d72df96bb389a1e19a0949e0e7db1cb137b9c2d6646050b94d628d820fd09196b79c2d01094d64f44cfb2ae1fb92054a29ac6e42a0c252d435dedceba0a52b40b048af3841ebf3f8cbdc583d10cdf9b48bd94cbd41cc3b0f4a628663c437eb3b616f845cb7ff79ad6ac77a00a033e3ccdf2fd48f897a7fe9f38bc690ecf5b746c3151bbe201bb2071fab6d6e2d868314d47c8018a96737d53447570dfbb7a6d11c6131e635f15e72e56d524ec847a29f7e1502196abccf01f0222f16c034bcf0de245d56012d585eb84b7be406b760ea4f09bb88da3928b445bf2bfba40f64bbb3d059d179a96b5706b8e9d89f0b63512ec8a1a4d7c4058e233b89a97dd101f6efbac5fd880dc904f402cd9393b9bbdc0a0aac299e6674e662750668277cf46864cef5331c2eac64bcb3944dff02f418967703b80c491691b12f224df80d63293076801b9b006c5133581b9b1a444c2517ac84a7d9545bce8559730cf545ae8cfbe72cd058d07f278b4d254152f482321b4e15ec4696b5066bb0fcc7e26c072008ce46b3361085f44482b2bab0a158f73333b16f5142092654aefe1a74c37ed40050474e540db0e0fa14e7fa2e51d6ebebfd0c8bf8dcae85706cf2bc6b9e166effba4a065c38e5713a673c0fa88e5d4146f644e9af8883b9e8cf3a97811816aa1f6717860ed4a4d90850a859d6e701d033bc779a636ff39c91a9b01783875cdee73547073a75030a7b448b6f85d0b6d22b9695e17401dff5af4d4a05a1aee46a76ba4c821b31edd3c98e43dd5f28f36ac5036822b74a95b075ce503cb7d9643c6b9476c2078c595bde27e39f41da96b903ea9f67586f949ceb5c905f3583dc1353011838318b45e5c7df4a5ae81206e646cecd8140b989bc9a18df3521e48b49de485f2f39bb9b01f19692e859e7a630cc6710f78598f4cbc3116e535febe2093fe27bf35b454ad4f2bcec0ed87e77fabd5d0d990a9f0cfb538088bc22199d384b7059c48b728a094cea6d92f05f6ae58ed439c380cc22d8fd010819056fd5206652a464f5618fa355462d581e042cfb269f8fb0fd36a9d9105f5e94117dc81e3175a2ad8bc1d2e909f3f8786f3626dae3e95ea1b40977032c9a5b4b9442c1950678fc971ecc6098411b3150bd12993374223316bb43e63382e579e7ecc3d4b74b1ed4e1dc12a1ac796fa6ff381b3a92f51d395e860d0a7c8757d1617043c18663c9d827651174889fb8e03418f15fd62dff3aa6aeb661a85ade3771d7dc7a6ba53c01d9bfed1e46703e56ce48160d21c0e2005b78404d5c3113d48af5cd00d6a75c82abf7e1ea2823eebc78a7ac0109b5b49a4557a703d02e65b9e154870b73d1da3d666989c6884888c1dba0b45ba886515c905b3078e5ba49b25ffef77f73b3d5977fe416b0675bbfcbc8ca5e57186417c1f5b70e87d4525350a21b8ce82d4b6dedd3beae2793fe08598ce5f859b41b4df19b8a2a474345fca06416759516852dffaaea997ab17a58aa03d9e194088b4b62ac2fa28649577bb2b268d3ccb89a8bb841eb601cfe842b4f40defe940863b2b93841dfbf335639872a7694ea11c83c1473d3990775b112b757323725fd2d09bb4c29451723d5e9be91e2fd6bd6906a8145d89c8a3b26aebb969adb374f7f1d6eb91455ad8414d07b1ea7ac5268b637a407d7c19c1b8424b326659c8604c146b3db1b9c8ed584b44df20c73cf540acdfccbd09d9cdbbf78c091f35b6d42429f6b7e1ff346509127bde3c03bfe29f0d570965bf6426a7c4d320c37a5284bdac4cd1d08e8d28388ca131bb4ac6796fad01b1d4b01e38a913e5239209387a58a4906f862cba97b1486c48ba67320952465027d1e0423943db39fa0b3816b23fabef180670d7277c27271af73bf11fa6b3fb0680dbf45eb9f84d3c0c685cee3582a3ca57895493d5de2cf60be970cd58e065034fa24c8b9374ea1e6609d6fde0b16edd87d5a9c34101c6e5b9a03dc2c761990ca1899dd683f073a7ba47c30d008d3814c99cec00d10a096a85a7f82826e43ff4adbb5f216e3bbcfa329d23f4785ef963a04e24e23735586337a2722e9de996e28ec90151e8e64e866e36c59ed4345649b823235f7a9f6eaa87e7dc7128e54791b6b2e39b68ef7f5f609dd6dbf0bf130f8d69942838e50d827d9388bdf985d70c50ee31106723532bac7b5a61d4b951562c44ee201f04b1fb6b02c17597fb7af60722953f1f3e652753ff22ba6f681056dbd96f9eddde0039ea832f51ef9822ee5a72774ce278e4b3c0dcac776023d3567769593a83ee036ef5daeb30a4135fdfb5390393735a76fa559184b18237fa1da6f41780ea5e7a2c85c05b3e50c0ac1c871f81c068cca20484d2e1c6767d8b5c06c9ed324e3f1c9934f6134db6bb1157caca6bd44385fe16596fe87f635177c411a9af948507ae6364813f407839a5369c31c680f363aacb87a90244fe389e5976e03b3faf84cf6cb644f32ea57c49b4d280c6d6c96558d8573b5cd362ffd1d8d6108a24e86fa069da25c3613f6bff918ba72b4c6a841874dc45f4d5d165c388c518dc895bab0274f3e8709b0eb3850f600612a918ab0ed13022d7e59f8eb35cf53b889e529b1ca22a13e2c1c7c771751540001762b0ffc3b33c07edfe3c6af37ce89aafd884aa9ffe86551c2461d5a70795a1024d681295782d5444d53482e60c70d1b5dbe0a23162879bd7f8d25fccfee92d5a5c245886659c729aea3fd9b38c5e47fde890e7993f75f2877972840c37fb28a72b9b7b280290e448cf5a8568e01e5d40b36f7b0a00ca3d405fc955c7665d3442087025146d3a7e20f1e6172d0b46f50782ba48646cc56cc9a598453fe214b6bf2f232b8ab47951f4bbdd901250be8098e0d3cfde7f506382b8a2f37e943632f960a46ad307fe1a3cbf38cea0dfaf896381c2e84f174e7491be67475251c66ac470aa3271aab98645cf64fd3d3284658c48865695b90d93ffcae620690ed9d6f08dd1fb7d3f00efd381dbd6ffdfa96838fd70337d573cfa0172d648bae2aef801d32cb0561a58e82ad576b801ecf5b6c006ff647d9739a3ec3f502b8a09a1b0f1f34107f53085420b3f08293aa56d870b395d5d420995ed61330d2e332504aa2a76cc43a776ecec52aa4cc9fb759035ab962e0a7102eec1895c2f393ba2e4b2d19b2a6ad09c857bbf775ae7fbbc7ede1fa0839cabd5c879cee09e029e4c8c065ed424becd374d8be24731f44b09d04705fe4cbd6080c7c608afcd345bddbc93c31edfe9294d67cfc7d43066052743cab7000e08ce54463e9375656f6ad2a52f7dc72c8e70f9199272ca5dc1be328d061a493f16e8b59ee72cc21819d0bef95a2ff2a05faed015e1f6fe9bbff77a99febf602e3ad5a203622e3e816c62a60af6d3bd15e410c24c11cb66355e0dd3be3753add6a0a33f8bf4f6de5b851907fe9ece6c14d095a06e1f427af2ac21c5923f028c10e4310912470ad2b17e3f7aa584eabc3920117f1182ec9d9d00ab1bbfb483ae216c412ecc0810b480f4d09017928314a8c3829e563297bede1645ab73998eb23d5bcc58375c7492d626e5e5e9d93b43f90902474762630eb9518ffc948aefeebbbefd4229d40455cb3e2b46327772a07a74bff165109562353515793bfd47339aeaeaf38ba72f9029f7cd625c85d32726237509d367307a8c937bb0c7adb1370f90fa3565e3380b0f9da3d2e94c363d74cacb610792a309532b698f3e923b02c27fdefe34989999f11a532dac935e64ca0141d3bd3f22670c214b11306e7796a665fc5f36ddd033ae87b0d43e83a7fddf484b5cc6d1c35bdc99b79d6d8be755c2aa8aa2346eea299a5bbafa9c82cdd3888d2432f8e5c8e5a9b15de8e3de825bf0b6784d7912f5c2e658e25913c188af5e77869a16f7dd866d81e1c646d8998278265bbc414372e7e9691fe75b648dcfb9338b519a429c7dbc11cb536cf51298a13b129735a996703ced7694a7be01bb326235e92f7c7f511ec6b4bc7cdd0da1aaeb76aeb2ee6cc49c70d8f92c0c98719d6b866f6f4a1f897725b34b417c2657c4d1f83e82a248ce7d2be008b72581d6f5ddc848c0482a6a005ba77319ee4a82fbd54a93270f42713eae08262202b01aecebcd46cdfb6dc900f64296f864946c6d9956881250b587d777f4f041ae35a324165f15f2a9a82df46cba3dda59cce714c8fdea44f294dc74ac57b1f89c7d88b4707ba0832b6d86e891d654f85ce3fc0e5e302794272449510b5767dfb69b97400078c55f45782b21f32ca1", 0x1000}}, 0x1006) 21:43:23 executing program 5: 21:43:23 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = socket(0x80000000000000a, 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00') r4 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r4, &(0x7f00000017c0), 0x333, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r5, &(0x7f00000017c0), 0x333, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r6, &(0x7f00000017c0), 0x333, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r7, &(0x7f00000017c0), 0x333, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r8, &(0x7f00000017c0), 0x333, 0x0) r9 = syz_open_dev$vcsu(&(0x7f0000000180)='/dev/vcsu#\x00', 0x5, 0x0) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r3, @ANYBLOB="00012cbd7000fddbdf25030000000c00040001000000000000000c00080009000000000000004400078008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="15106aa10e82babf679d14a1aa3a7aebe32de0e3843904ddc20fd9fee5b6303517ee07eb6cd345c6f7df5afbba9cc085e1217fa3cbc14c5df21abf70d62e30a2aa286e027747cb659e2474b60d6c02f2a925f3ad0a4e05bcd56e10e3b764b5f4f412f2d941e215467523523d3d75d43e90ca", @ANYRES32=r9, @ANYBLOB="0c00040007000000000000000c00020001800000000000000c0006000000000000000000040007800c00050008010000000000000c0006000600000000000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x39, &(0x7f0000000100)={@ipv4={[0x0, 0x5, 0x4], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x30) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x2a}}, 0x14) tkill(r0, 0x96) 21:43:23 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:23 executing program 5: 21:43:23 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f00000000c0)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:23 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:23 executing program 1: r0 = gettid() timer_create(0x3, &(0x7f0000000080)={0x0, 0x151, 0x2, @thr={&(0x7f0000000100)="739fe3f7f6290550c14095763675f2e9a55c4d95542dfa9a58d6b1bdb2ff5c85c3bb4587eacbd58d6d2ad6203b4bec7cb5004a0fe079220a260d3bafe2ff471162f85efb21f263e11376e5e1882059fe0de191431345b6aaf6241df1ae3f548d9dfcfcae5195df894fdb6da5f462a243b7c489269199e433e496085503cf820bc28140657b", &(0x7f0000000200)="88293c3ad34d8f36684ecba832aa898b2629fda7cbe01192654df53b37afec995696c7e72f552e90ba161b58761b18f9fe6ec3a1cda53dd96a5ba9b2e983067fe336"}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x20000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050600000000000000001000000030000180060001000200000014000300e0000009000000000000000000000000f00002000000000006010400000000005f588df8b669a60a87fa5b96e1b2e311492b"], 0x44}}, 0x0) sendmsg$IPVS_CMD_SET_DEST(r3, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)={0xb0, r5, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [], @multicast1}}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x81}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x29}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffff00}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40}, 0x2000801d) preadv(r2, &(0x7f00000017c0), 0x333, 0x0) capset(&(0x7f0000000380)={0x19971634, r0}, &(0x7f0000000440)={0x800, 0x10001, 0x20, 0x4, 0x81, 0x100}) connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x200}, 0x10) tkill(r0, 0x16) [ 1863.703693] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 21:43:24 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:24 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x90) 21:43:26 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:26 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x0, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:26 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x91) 21:43:26 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:26 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) munlockall() r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) ioctl$PPPIOCGFLAGS1(r1, 0x8004745a, &(0x7f0000000000)) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:27 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x0, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:27 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x92) 21:43:27 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000300)='/dev/vcs#\x00', 0xff, 0x1050c2) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) setsockopt$netrom_NETROM_T2(r3, 0x103, 0x2, &(0x7f0000000640)=0x9, 0x4) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380)='gtp\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000003c0)={{{@in, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f00000004c0)=0xe8) r6 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') setsockopt$inet6_MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f00000005c0)={{0xa, 0x4e21, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x400}, {0xa, 0x4e21, 0x2, @loopback, 0x9}, 0x4, [0x2e0000, 0x0, 0x6, 0x400, 0x40, 0x7, 0x1, 0x2]}, 0x5c) preadv(r6, &(0x7f00000017c0), 0x333, 0x0) sendmsg$GTP_CMD_DELPDP(r2, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r4, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_TID={0xc, 0x3, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_LINK={0x8, 0x1, r5}, @GTPA_NET_NS_FD={0x8, 0x7, r6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000) tkill(r0, 0x16) syz_mount_image$ocfs2(&(0x7f0000000000)='ocfs2\x00', &(0x7f0000000080)='./file0\x00', 0x8eee, 0x2, &(0x7f0000000180)=[{&(0x7f0000000100)="2fa21c90e395240590722568a4a86a8a88223fa4b0a6fd040241fcc5426e8f1e602c4d4058a09b24467fe99d54e1309983dcb865ae7e26fd83ab170a355cfa3bb6c23789c71dabfb08653216063dcc211d8c8c3a636dc9885eaa", 0x5a, 0xe4a}, {&(0x7f0000000200)="c0d95f119c55e9e9997b64cfd105513616191dbd99dd5223c0734dc1adb8a7f89924ccc26ea84e74c46ae798a11586025d72a9ad110c03ba9384f625e768745f1748efce501df98652fa46608477a8dae4dafa8ffb96154331331421f355115d3b9df543dfa311cc03c8b02084a572ca2377c5522be517e75caac7dc018d01d3dd6d4f661122152564eda438e9a7e3a75c428489e9e08a3da9655b2ccb5f74", 0x9f, 0x6}], 0x1000000, &(0x7f00000002c0)='\x00') 21:43:27 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r1, 0x0, 0x0) tkill(r1, 0x2a) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:27 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) clock_gettime(0x0, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:27 executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x800000000f5c, 0x4) recvfrom$packet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r3) fsetxattr$security_capability(r1, &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v3={0x3000000, [{0x2, 0x10000}, {0xfffffffb, 0x2}], r3}, 0x18, 0x3) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f00000002c0)=@urb_type_iso={0x0, {0x4}, 0x9, 0x24, &(0x7f0000000180)="495cade1d9f9525d3f6753658f5d51fddb856b2dd55f8147371e9bb371af23e9f4c74e13f1b8afde710cd6ca325b4c1d6b573d8e17c7de8c2edd3a2c2fa0fb", 0x3f, 0x81, 0x8, 0x4b, 0x3, 0x0, &(0x7f00000001c0)="dbf5e9e83919f998d09b5932922a26badf205f4e92818a7501ffdc59d266f23e6e8bbb339db2fa6f96576413b775a38649df15a92c19a4e5514e4ba7cc14d042fd587c8adfcb6795766a5d02b1795792c7d27f012f313c19c4eee9f3f9effe8bf7b89f33ae32bfb1976647f8dc36af0ea793cc9d1073e29ba10d93eb0dcca014fd397a0eaf8a381cee1185d978c3f0d28e4116d0adc39df8f355b61399a62092eaa5b73ba17bdb9eb4343d4bbe48f3fa28048308e53995a04d69201fabe8c4e1829130b54e83ad54049b8dbea2f2c5e3475794eeacba040afd73de80d3b8ac0df2d7aaf698331470f0b3f7f4b02c32d18b642d", [{0xffffffff, 0x400, 0x22d}, {0x455f1610, 0xffffffff, 0x3}, {0x4, 0x479f, 0xff}, {0x8, 0xff, 0x1}, {0x8, 0x7e8, 0x8001}, {0x4, 0x9}, {0x8, 0x11a, 0x2}, {0x1, 0x6, 0x3}, {0xffff, 0x7, 0x80000001}, {0x400, 0x8, 0x7f}, {0x3, 0xffffffff, 0x800}, {0x7, 0x9, 0x5}, {0x81, 0x1ec, 0x43c148cc}, {0x3, 0x4, 0xc5}, {0x6, 0x5}, {0xfffffffe, 0xc05a, 0x5}, {0x897c, 0x1, 0x5}, {0x7, 0x5, 0x6}, {0x0, 0x0, 0x7}, {0x2, 0xc7, 0x3ff}, {0x5, 0x4, 0x5}, {0xaa6, 0x1, 0x4}, {0x4, 0x2}, {0x7f, 0xd0}, {0x8, 0x1, 0x7}, {0x9605, 0x400, 0x9ec1}, {0x8, 0x1f, 0x3}, {0x8, 0x2, 0x2}, {0xffffffff, 0x5, 0x80000001}, {0x2, 0x2, 0x7}, {0x19d7, 0x6, 0x2}, {0x9, 0x8}, {0xa24, 0xff, 0x6}, {0x8, 0x400}, {0x7, 0x5, 0x7fffffff}, {0x9, 0x3f06, 0x10000}, {0x80000000, 0x1, 0x6}, {0x1ff, 0xb39, 0x2fe90bbb}, {0x80, 0x2, 0x3}, {0x83f, 0x1f}, {0x1, 0x85, 0xfcc}, {0x1, 0x80000000, 0x81}, {0x5, 0x0, 0x8}, {0xb1, 0xfffffffa, 0x7}, {0x20, 0x20, 0xcf2}, {0x8, 0x2, 0x648}, {0x9efe, 0x8, 0xb24}, {0x7, 0x845, 0xffffffff}, {0x81, 0x16e7}, {0xb273, 0xffffffff, 0x4}, {0x2, 0xef, 0x1}, {0x40, 0x8, 0x6e}, {0xecf, 0x0, 0x6}, {0x1, 0x7ff, 0x1}, {0x1, 0x9, 0x1ff}, {0x2, 0x2}, {0x6, 0x232, 0x80000000}, {0x2, 0x10001, 0x877a}, {0x3, 0x8, 0x8}, {0xcb23, 0x101, 0x10001}, {0xbe9, 0x200, 0x10001}, {0xb0e, 0x28, 0xa1a9}, {0x8, 0x7, 0x9c7}, {0x9, 0x800, 0x20}, {0x1, 0x0, 0x100}, {0x97d2, 0x5, 0xfffffffe}, {0x0, 0x1f, 0x401}, {0x7, 0x1ff, 0x8}, {0x80, 0x3f, 0x8}, {0x81, 0x4, 0xfffffff7}, {0x3, 0x1f85, 0x6}, {0x3, 0x7fffffff, 0x8f1}, {0x400, 0x401, 0x4}, {0x2, 0x7, 0x5}, {0x2, 0x6, 0x5}]}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000100)={&(0x7f0000000080)="4f18a027103a3b2798c1f1cf1fe5e2c49de152a7ee4c4abfc3cc7bd0c6087ad320b42049fe933234abbfe0b27c048d346599f3eef09123d3773b26259c13c1f1c2e4b24db6c050bc1e60a04b5d30cc57abe8789920dfa09b7591ca618249941d7f", 0x61, 0x1}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="99037fddbed03f738c2f0c1a38aa3d7298fcbebbac703b2167e676a0d79679e116933333cb9c59aba4c600022f997bc2905d5ddd74051e008d07822b97", 0x3d, r4}) 21:43:27 executing program 1: r0 = gettid() pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) write$selinux_user(r1, &(0x7f0000000100)={'system_u:object_r:netutils_exec_t:s0', 0x20, 'sysadm_u\x00'}, 0x2e) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r2, 0xc0206416, &(0x7f0000000140)={0x8b10, 0x3, 0xff, 0xfff, 0x10}) openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/6lowpan_control\x00', 0x2, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x16) 21:43:29 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r2, 0x0, 0x0) 21:43:29 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r1, 0x0, 0x0, 0x40012020, 0x0, 0x0) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e20, @rand_addr=0x10000}, {0x306}, 0x44, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x35}}, 'veth0_to_team\x00'}) tkill(r0, 0x16) 21:43:29 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x0, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 21:43:29 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0x2d1ee37) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)='dax\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x19) creat(0x0, 0x0) 21:43:29 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e033e49aaa11d71738b4ba3a1952dd51d6628fe55f4a69c9265046185e1b630f3b01af56aaaff4e9ff5d812863c25e5de80776cec65ac1e5bdfe"], 0xc0}}, 0x0) 21:43:29 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x93) 21:43:29 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r0, &(0x7f00000017c0), 0x333, 0x0) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000200)={0xe, {0x4, 0x5, 0x5, 0xde, "922cbc711a8cd8302a37d51769ed97c63a8aa83b192b09580200c18791aef871b43ad06b651631d52d1b13e8b10a0881fa8dfaa1adbdeaa92073ffbc3cae38e6a702c4fb0489e1aa456249921156bf015b1cb14a99e5ad52f91f80838066de4fc13ca467c8201350c8d05c8518547d60073b7be3b4b686a85821cd109bceb4e45ef6757ba9819b66de181e44adb9390b3ea95c1d1639899d79f09d4d8c800cca22dc3a26f18e5aa43e50ddf645379c6b8ef425cf3a21b4dff5eb71a8e7db05f26d34055e2d6f9061bdd4e12b66dd1170f4a39b88e772cd0d8a542560321c"}}, 0xea) r1 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x4, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$PNPIPE_INITSTATE(0xffffffffffffffff, 0x113, 0x4, &(0x7f0000000000)=0x1, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r3, &(0x7f00000017c0), 0x333, 0x0) connect$vsock_dgram(r3, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10) tkill(r1, 0x16) 21:43:29 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffff4a26de38bef5b50d5254cbe807aa59ff000000000014000400fe8000000000000000000049000000e0c9328dc4d801c9e2ca2bd7070fc37fb760b1862beb7f65dd31f8f02c77472ab25b5e8340d0889272f63b29609cbcbb19761b7dd4ffde9b8b2ecc18aeed375f5a80b8b1b37ae2de6a1222517a32c708cf873d249cf8f5714eba0e9a396161a54142a5297fe54fb0837e5ccd"], 0xc0}}, 0x0) 21:43:29 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0)=0x2, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c00000000001190500000600000000000a0000003c0001002c0001001400070016f8bad33edabcb8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) 21:43:30 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') preadv(r1, &(0x7f00000017c0), 0x333, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c0000000000119050000060000000000ecffffff3c0001002c0001001400030016f8bad33edad6b8060000000000001014000400fe8000000001000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e0"], 0xc0}}, 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, 0x2, 0x2, 0x301, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x3e8}, @CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @CTA_EXPECT_MASTER={0x14, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="c0000000000119050000e8ff150000000a0000003c0001002c0001001400070016f8bad33edabcb80600000000000010140efb00fe8000000001000093bc58926f756cd32fce7d00000000000000bb0c000255737ff87999f94c180005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff01000000000000000000000000000108000700000000002c000d0014000500fe800000000000e9ffffff000000000014000400fe8000000000000000000049000000e014ef"], 0xc0}}, 0x0) [ 1870.126861] kasan: CONFIG_KASAN_INLINE enabled [ 1870.142937] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 1870.170291] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 1870.176557] CPU: 0 PID: 23649 Comm: syz-executor.2 Not tainted 4.19.102-syzkaller #0 [ 1870.184440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1870.193880] RIP: 0010:nfnetlink_parse_nat_setup+0x252/0x450 [ 1870.199600] Code: 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ed 01 00 00 48 8b b5 e8 fe ff ff 48 8b bd e0 fe ff ff <41> ff 57 38 31 ff 89 c3 89 c6 e8 1f 89 6e fb 85 db 0f 88 44 01 00 [ 1870.218515] RSP: 0018:ffff8880347bf148 EFLAGS: 00010246 [ 1870.223899] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000a2b0000 [ 1870.231183] RDX: 1ffffffff0c06c31 RSI: ffff8880347bf180 RDI: ffff8880347bf1d0 [ 1870.238458] RBP: ffff8880347bf268 R08: ffff88804806a280 R09: ffff8880347bf1d0 [ 1870.245730] R10: ffffed10068f7e3f R11: ffff8880347bf1ff R12: ffff8880a0504340 [ 1870.253002] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff86036150 [ 1870.260277] FS: 00007ff56b4cb700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 1870.268505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1870.274388] CR2: 00007fa317931028 CR3: 000000009ee53000 CR4: 00000000001406f0 [ 1870.281661] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1870.288937] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1870.296208] Call Trace: [ 1870.298811] ? nf_nat_inet_fn+0x8b0/0x8b0 [ 1870.303173] ctnetlink_parse_nat_setup+0xc5/0x660 [ 1870.308043] ctnetlink_create_conntrack+0x4ea/0x1300 [ 1870.313162] ? ctnetlink_dump_table+0x12e0/0x12e0 [ 1870.318095] ? __nf_conntrack_confirm+0x31e0/0x31e0 [ 1870.323145] ctnetlink_new_conntrack+0x527/0xe50 [ 1870.327926] ? ctnetlink_create_conntrack+0x1300/0x1300 [ 1870.333312] ? find_held_lock+0x35/0x130 [ 1870.337390] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 1870.342601] ? ctnetlink_create_conntrack+0x1300/0x1300 [ 1870.347973] nfnetlink_rcv_msg+0xd0d/0xfcf [ 1870.352315] ? nfnetlink_bind+0x2c0/0x2c0 [ 1870.356473] ? avc_has_extended_perms+0x10f0/0x10f0 [ 1870.361496] ? __dev_queue_xmit+0x1757/0x2fe0 [ 1870.366025] ? selinux_ipv4_output+0x50/0x50 [ 1870.370447] ? __dev_queue_xmit+0x892/0x2fe0 [ 1870.374871] netlink_rcv_skb+0x17d/0x460 [ 1870.378943] ? nfnetlink_bind+0x2c0/0x2c0 [ 1870.383099] ? netlink_ack+0xb30/0xb30 [ 1870.386998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1870.392635] ? ns_capable_common+0x93/0x100 [ 1870.396962] ? ns_capable+0x20/0x30 [ 1870.400598] ? __netlink_ns_capable+0x104/0x140 [ 1870.405283] nfnetlink_rcv+0x1c0/0x460 [ 1870.409188] ? nfnetlink_rcv_batch+0x1750/0x1750 [ 1870.413949] ? netlink_deliver_tap+0x254/0xc20 [ 1870.418539] netlink_unicast+0x53a/0x730 [ 1870.422608] ? netlink_attachskb+0x770/0x770 [ 1870.427028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1870.432574] netlink_sendmsg+0x8ae/0xd70 [ 1870.436643] ? netlink_unicast+0x730/0x730 [ 1870.440889] ? selinux_socket_sendmsg+0x36/0x40 [ 1870.445569] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1870.451113] ? security_socket_sendmsg+0x8d/0xc0 [ 1870.455871] ? netlink_unicast+0x730/0x730 [ 1870.460112] sock_sendmsg+0xd7/0x130 [ 1870.463830] ___sys_sendmsg+0x803/0x920 [ 1870.467810] ? copy_msghdr_from_user+0x430/0x430 [ 1870.472587] ? lock_downgrade+0x880/0x880 [ 1870.476754] ? kasan_check_read+0x11/0x20 [ 1870.480916] ? __fget+0x367/0x540 [ 1870.484380] ? iterate_fd+0x360/0x360 [ 1870.488191] ? lock_downgrade+0x880/0x880 [ 1870.492354] ? __fget_light+0x1a9/0x230 [ 1870.496341] ? __fdget+0x1b/0x20 [ 1870.499712] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1870.505269] __sys_sendmsg+0x105/0x1d0 [ 1870.509175] ? __ia32_sys_shutdown+0x80/0x80 [ 1870.513611] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1870.522371] ? do_syscall_64+0x26/0x620 [ 1870.526355] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1870.531727] ? do_syscall_64+0x26/0x620 [ 1870.535716] __x64_sys_sendmsg+0x78/0xb0 [ 1870.539788] do_syscall_64+0xfd/0x620 [ 1870.543598] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1870.548792] RIP: 0033:0x45b3b9 [ 1870.551991] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1870.570895] RSP: 002b:00007ff56b4cac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1870.578606] RAX: ffffffffffffffda RBX: 00007ff56b4cb6d4 RCX: 000000000045b3b9 [ 1870.585878] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1870.593155] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1870.600429] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1870.607703] R13: 00000000000008fe R14: 00000000004ca4e1 R15: 000000000075bf2c [ 1870.614988] Modules linked in: 21:43:30 executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a280930206000100000001020b00000a0007003500280014000000090005407f", 0x2d}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 1870.634726] ---[ end trace 7edd19ef92bde887 ]--- [ 1870.649664] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1870.657787] RIP: 0010:nfnetlink_parse_nat_setup+0x252/0x450 21:43:30 executing program 3: msgrcv(0x0, &(0x7f0000000180)={0x0, ""/195}, 0xcb, 0x1, 0x94) [ 1870.672893] Code: 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ed 01 00 00 48 8b b5 e8 fe ff ff 48 8b bd e0 fe ff ff <41> ff 57 38 31 ff 89 c3 89 c6 e8 1f 89 6e fb 85 db 0f 88 44 01 00 [ 1870.703221] RSP: 0018:ffff8880347bf148 EFLAGS: 00010246 [ 1870.709575] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000a2b0000 [ 1870.717175] RDX: 1ffffffff0c06c31 RSI: ffff8880347bf180 RDI: ffff8880347bf1d0 [ 1870.725744] RBP: ffff8880347bf268 R08: ffff88804806a280 R09: ffff8880347bf1d0 [ 1870.733189] R10: ffffed10068f7e3f R11: ffff8880347bf1ff R12: ffff8880a0504340 [ 1870.742798] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff86036150 [ 1870.750492] FS: 00007ff56b4cb700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 1870.759057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1870.765599] CR2: 0000000000b60004 CR3: 000000009ee53000 CR4: 00000000001406f0 [ 1870.773031] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1870.780650] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1870.788294] Kernel panic - not syncing: Fatal exception [ 1870.795038] Kernel Offset: disabled [ 1870.798665] Rebooting in 86400 seconds..