memcg=/syz5,task=syz-executor.5,pid=15361,uid=0 [ 2104.179541][T15362] Memory cgroup out of memory: Killed process 15361 (syz-executor.5) total-vm:72708kB, anon-rss:2188kB, file-rss:35848kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2104.217616][ T1065] oom_reaper: reaped process 15361 (syz-executor.5), now anon-rss:0kB, file-rss:34888kB, shmem-rss:0kB 13:01:32 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) gettid() r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) [ 2104.273360][T15346] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2104.300571][T15346] CPU: 0 PID: 15346 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2104.308166][T15346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2104.318228][T15346] Call Trace: [ 2104.321527][T15346] dump_stack+0x172/0x1f0 [ 2104.325862][T15346] dump_header+0x10b/0x82d [ 2104.330278][T15346] ? oom_kill_process+0x94/0x3f0 [ 2104.335219][T15346] oom_kill_process.cold+0x10/0x15 [ 2104.340337][T15346] out_of_memory+0x334/0x1340 [ 2104.345067][T15346] ? lock_downgrade+0x920/0x920 [ 2104.349922][T15346] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2104.355738][T15346] ? oom_killer_disable+0x280/0x280 [ 2104.360962][T15346] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2104.366538][T15346] ? memcg_stat_show+0xc40/0xc40 [ 2104.371489][T15346] ? do_raw_spin_unlock+0x57/0x270 [ 2104.376606][T15346] ? _raw_spin_unlock+0x2d/0x50 [ 2104.383027][T15346] try_charge+0xf4b/0x1440 [ 2104.387455][T15346] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2104.393006][T15346] ? percpu_ref_tryget_live+0x111/0x290 [ 2104.398559][T15346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2104.404805][T15346] ? __kasan_check_read+0x11/0x20 [ 2104.409923][T15346] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2104.415480][T15346] mem_cgroup_try_charge+0x136/0x590 [ 2104.420773][T15346] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2104.426410][T15346] wp_page_copy+0x407/0x1860 [ 2104.431002][T15346] ? find_held_lock+0x35/0x130 [ 2104.435786][T15346] ? do_wp_page+0x53b/0x15c0 [ 2104.440384][T15346] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2104.446195][T15346] ? lock_downgrade+0x920/0x920 [ 2104.451048][T15346] ? swp_swapcount+0x540/0x540 [ 2104.455813][T15346] ? __kasan_check_read+0x11/0x20 [ 2104.460832][T15346] ? do_raw_spin_unlock+0x57/0x270 [ 2104.465944][T15346] do_wp_page+0x543/0x15c0 [ 2104.470363][T15346] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2104.475742][T15346] __handle_mm_fault+0x23ec/0x4040 [ 2104.480857][T15346] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2104.486398][T15346] ? handle_mm_fault+0x292/0xaa0 [ 2104.491345][T15346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2104.497583][T15346] ? __kasan_check_read+0x11/0x20 [ 2104.502610][T15346] handle_mm_fault+0x3b7/0xaa0 [ 2104.507383][T15346] __do_page_fault+0x536/0xdd0 [ 2104.512153][T15346] do_page_fault+0x38/0x590 [ 2104.516664][T15346] page_fault+0x39/0x40 [ 2104.520822][T15346] RIP: 0033:0x430b06 [ 2104.524715][T15346] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2104.544319][T15346] RSP: 002b:00007fffff631220 EFLAGS: 00010206 [ 2104.550385][T15346] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2104.558356][T15346] RDX: 0000000001eb8930 RSI: 0000000001ec0970 RDI: 0000000000000003 [ 2104.566327][T15346] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001eb7940 13:01:32 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:01:32 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293e5, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:01:32 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], 0x0, 0x37, 0x0, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2104.574292][T15346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2104.582257][T15346] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2104.597503][T15346] memory: usage 868kB, limit 0kB, failcnt 326 [ 2104.604201][T15346] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.615521][T15346] Memory cgroup stats for /syz4: [ 2104.615632][T15346] anon 0 [ 2104.615632][T15346] file 0 [ 2104.615632][T15346] kernel_stack 0 [ 2104.615632][T15346] slab 937984 [ 2104.615632][T15346] sock 0 [ 2104.615632][T15346] shmem 0 [ 2104.615632][T15346] file_mapped 0 [ 2104.615632][T15346] file_dirty 0 [ 2104.615632][T15346] file_writeback 0 [ 2104.615632][T15346] anon_thp 0 [ 2104.615632][T15346] inactive_anon 0 [ 2104.615632][T15346] active_anon 0 [ 2104.615632][T15346] inactive_file 135168 [ 2104.615632][T15346] active_file 0 [ 2104.615632][T15346] unevictable 0 [ 2104.615632][T15346] slab_reclaimable 405504 13:01:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1c}], 0x1}, 0x20008844) 13:01:32 executing program 2: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8b37, &(0x7f0000000000)='wlan1\x00\xd8\xe9\x86\x10\xa3\x01Oj\x00\x02\xa0\xd9\xc2\xd9\xe5\x91:\xb6$\a[\x16]l\xb3b\xaf \x00\xbb\xec*\x17\xe0\xd2c\x04\xa6/\xb9\xd7 r\xe2u*\t\x19i\x90\x0f\xf2Z\xeb\x8bF\xabo0\xc7\x95E(b\x8b\xfc\xed\xcc\xaa\xbc\x107\xdc\x93\xf14T\x01\x99T\x93\x96\xb1\xa9\xbe\x1a9\x1feu\xe6\xde\x84W,v\xc2Y)\x0e\xa2\x16n\xa3\xc7\xfa\x00\xf3&\x00X\xd6\xc0\x01\x01\xaf\xb3?f(\xce\xa2\xfc\xa5\xf1\xd5\xce\aom\trq#\x87\xe6\v&QP\xf9\xdc\xc0\xfc\\kc\xeb\xb5\xcf\x96\xb9\x18+\xe4fs3I\v7^\x81\x16I\x88\xdd}\xcaa\xc6p\xd2P\xff\x02\x03F\xd5\xe8\xcf\xf1\xffE\x91m:\x9ax\x11\xfa\xbdI\x80\xed[\xfd\xde') [ 2104.615632][T15346] slab_unreclaimable 532480 [ 2104.615632][T15346] pgfault 211200 [ 2104.615632][T15346] pgmajfault 0 [ 2104.615632][T15346] workingset_refault 0 [ 2104.615632][T15346] workingset_activate 0 [ 2104.615632][T15346] workingset_nodereclaim 0 [ 2104.615632][T15346] pgrefill 148 [ 2104.615632][T15346] pgscan 138 [ 2104.615632][T15346] pgsteal 101 [ 2104.615632][T15346] pgactivate 33 13:01:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1d}], 0x1}, 0x20008844) [ 2104.779831][T15368] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2104.884231][T15346] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15346,uid=0 [ 2104.914216][ C1] net_ratelimit: 14 callbacks suppressed [ 2104.914225][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2104.926025][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2104.926428][T15346] Memory cgroup out of memory: Killed process 15346 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2104.984578][T15345] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2104.994245][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2104.994625][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2105.000299][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2105.006029][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2105.011867][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2105.017612][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2105.023534][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2105.029263][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2105.055101][T15345] CPU: 0 PID: 15345 Comm: syz-executor.5 Not tainted 5.3.0+ #0 [ 2105.062699][T15345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2105.073112][T15345] Call Trace: [ 2105.076415][T15345] dump_stack+0x172/0x1f0 [ 2105.080772][T15345] dump_header+0x10b/0x82d [ 2105.085204][T15345] ? oom_kill_process+0x94/0x3f0 [ 2105.090161][T15345] oom_kill_process.cold+0x10/0x15 [ 2105.095274][T15345] out_of_memory+0x334/0x1340 [ 2105.099970][T15345] ? lock_downgrade+0x920/0x920 [ 2105.104838][T15345] ? oom_killer_disable+0x280/0x280 [ 2105.110061][T15345] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2105.115623][T15345] ? memcg_stat_show+0xc40/0xc40 [ 2105.120585][T15345] ? do_raw_spin_unlock+0x57/0x270 [ 2105.125805][T15345] ? _raw_spin_unlock+0x2d/0x50 [ 2105.130700][T15345] try_charge+0xf4b/0x1440 13:01:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1e}], 0x1}, 0x20008844) [ 2105.135142][T15345] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2105.140712][T15345] ? percpu_ref_tryget_live+0x111/0x290 [ 2105.146275][T15345] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2105.152530][T15345] ? __kasan_check_read+0x11/0x20 [ 2105.157572][T15345] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2105.163129][T15345] mem_cgroup_try_charge+0x136/0x590 [ 2105.168453][T15345] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2105.174103][T15345] wp_page_copy+0x407/0x1860 [ 2105.178710][T15345] ? find_held_lock+0x35/0x130 [ 2105.183485][T15345] ? do_wp_page+0x53b/0x15c0 [ 2105.188088][T15345] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2105.193914][T15345] ? lock_downgrade+0x920/0x920 [ 2105.198772][T15345] ? swp_swapcount+0x540/0x540 [ 2105.203624][T15345] ? __kasan_check_read+0x11/0x20 [ 2105.208684][T15345] ? do_raw_spin_unlock+0x57/0x270 [ 2105.213821][T15345] do_wp_page+0x543/0x15c0 [ 2105.218258][T15345] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2105.218281][T15345] __handle_mm_fault+0x23ec/0x4040 [ 2105.228758][T15345] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2105.234309][T15345] ? handle_mm_fault+0x292/0xaa0 [ 2105.239274][T15345] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2105.245526][T15345] ? __kasan_check_read+0x11/0x20 [ 2105.250570][T15345] handle_mm_fault+0x3b7/0xaa0 [ 2105.255616][T15345] __do_page_fault+0x536/0xdd0 [ 2105.260408][T15345] do_page_fault+0x38/0x590 [ 2105.264931][T15345] page_fault+0x39/0x40 [ 2105.269087][T15345] RIP: 0033:0x430b06 [ 2105.273015][T15345] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2105.292625][T15345] RSP: 002b:00007ffd68ecd7c0 EFLAGS: 00010206 [ 2105.292636][T15345] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2105.292643][T15345] RDX: 0000000001b04930 RSI: 0000000001b0c970 RDI: 0000000000000003 [ 2105.292650][T15345] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001b03940 [ 2105.292657][T15345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 13:01:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x21}], 0x1}, 0x20008844) [ 2105.292665][T15345] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2105.484074][T15345] memory: usage 40684kB, limit 0kB, failcnt 100 [ 2105.507489][T15345] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2105.517731][T15345] Memory cgroup stats for /syz5: [ 2105.517850][T15345] anon 0 [ 2105.517850][T15345] file 172032 [ 2105.517850][T15345] kernel_stack 65536 [ 2105.517850][T15345] slab 41660416 [ 2105.517850][T15345] sock 0 [ 2105.517850][T15345] shmem 0 [ 2105.517850][T15345] file_mapped 0 [ 2105.517850][T15345] file_dirty 0 [ 2105.517850][T15345] file_writeback 0 [ 2105.517850][T15345] anon_thp 0 [ 2105.517850][T15345] inactive_anon 0 [ 2105.517850][T15345] active_anon 0 [ 2105.517850][T15345] inactive_file 135168 [ 2105.517850][T15345] active_file 0 [ 2105.517850][T15345] unevictable 0 [ 2105.517850][T15345] slab_reclaimable 40820736 [ 2105.517850][T15345] slab_unreclaimable 839680 [ 2105.517850][T15345] pgfault 191169 13:01:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x22}], 0x1}, 0x20008844) [ 2105.517850][T15345] pgmajfault 0 [ 2105.517850][T15345] workingset_refault 0 [ 2105.517850][T15345] workingset_activate 0 [ 2105.517850][T15345] workingset_nodereclaim 0 [ 2105.517850][T15345] pgrefill 0 [ 2105.517850][T15345] pgscan 0 [ 2105.517850][T15345] pgsteal 0 [ 2105.517850][T15345] pgactivate 0 13:01:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x23}], 0x1}, 0x20008844) [ 2105.648779][T15345] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=15345,uid=0 [ 2105.665856][T15345] Memory cgroup out of memory: Killed process 15345 (syz-executor.5) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2105.684054][ T1065] oom_reaper: reaped process 15345 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:01:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x24}], 0x1}, 0x20008844) [ 2106.005754][T15365] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:01:34 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) gettid() r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) 13:01:34 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={0xffffffffffffffff, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) [ 2106.531877][T15392] IPVS: ftp: loaded support on port[0] = 21 13:01:34 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293e6, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2106.734077][T15394] IPVS: ftp: loaded support on port[0] = 21 [ 2106.777783][T15397] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2107.092031][T15398] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2107.504833][T15392] chnl_net:caif_netlink_parms(): no params data found [ 2107.626177][T15394] chnl_net:caif_netlink_parms(): no params data found [ 2107.707700][T15392] bridge0: port 1(bridge_slave_0) entered blocking state [ 2107.716103][T15392] bridge0: port 1(bridge_slave_0) entered disabled state [ 2107.725731][T15392] device bridge_slave_0 entered promiscuous mode [ 2107.751385][T15392] bridge0: port 2(bridge_slave_1) entered blocking state [ 2107.759769][T15392] bridge0: port 2(bridge_slave_1) entered disabled state [ 2107.769773][T15392] device bridge_slave_1 entered promiscuous mode [ 2107.839227][T15394] bridge0: port 1(bridge_slave_0) entered blocking state [ 2107.847483][T15394] bridge0: port 1(bridge_slave_0) entered disabled state [ 2107.865150][T15394] device bridge_slave_0 entered promiscuous mode [ 2107.929715][T15394] bridge0: port 2(bridge_slave_1) entered blocking state [ 2107.937047][T15394] bridge0: port 2(bridge_slave_1) entered disabled state [ 2107.946205][T15394] device bridge_slave_1 entered promiscuous mode [ 2107.957884][T15392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2107.978559][T15392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2108.051355][T15394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2108.066448][T15392] team0: Port device team_slave_0 added [ 2108.078896][T15394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2108.097900][T15392] team0: Port device team_slave_1 added [ 2108.169600][T15394] team0: Port device team_slave_0 added [ 2108.188549][T15394] team0: Port device team_slave_1 added [ 2108.287637][T15392] device hsr_slave_0 entered promiscuous mode [ 2108.325427][T15392] device hsr_slave_1 entered promiscuous mode [ 2108.365264][T15392] debugfs: Directory 'hsr0' with parent '/' already present! [ 2108.485830][T15394] device hsr_slave_0 entered promiscuous mode [ 2108.545387][T15394] device hsr_slave_1 entered promiscuous mode [ 2108.584283][T15394] debugfs: Directory 'hsr0' with parent '/' already present! [ 2108.880809][T15392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2108.966970][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2108.976259][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2108.990412][T15392] 8021q: adding VLAN 0 to HW filter on device team0 [ 2109.075776][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2109.095479][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2109.105303][T10934] bridge0: port 1(bridge_slave_0) entered blocking state [ 2109.112386][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2109.131090][T15394] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2109.148586][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2109.161191][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2109.171475][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2109.181383][ T8838] bridge0: port 2(bridge_slave_1) entered blocking state [ 2109.188548][ T8838] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2109.278142][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2109.289114][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2109.298684][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2109.312008][T15394] 8021q: adding VLAN 0 to HW filter on device team0 [ 2109.374589][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2109.384937][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2109.393915][T10934] bridge0: port 1(bridge_slave_0) entered blocking state [ 2109.401077][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2109.469891][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2109.479201][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2109.490252][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2109.501526][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2109.513677][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 2109.520837][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2109.529824][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2109.540394][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2109.617196][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2109.627303][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2109.638019][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2109.648876][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2109.732163][T15392] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2109.744738][T15392] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2109.762223][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2109.772849][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2109.783234][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2109.799683][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2109.810030][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2109.888644][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2109.897966][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2109.908344][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2109.921663][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2109.932124][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2109.942401][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2109.952037][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2109.969866][T15392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2110.030309][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2110.047917][T15394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2110.072236][T15394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2110.092299][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2110.102667][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2110.195881][T15394] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2110.499459][T15411] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2110.514957][T15411] CPU: 1 PID: 15411 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2110.522554][T15411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2110.532606][T15411] Call Trace: [ 2110.532628][T15411] dump_stack+0x172/0x1f0 [ 2110.532646][T15411] dump_header+0x10b/0x82d [ 2110.532662][T15411] oom_kill_process.cold+0x10/0x15 [ 2110.532677][T15411] out_of_memory+0x334/0x1340 [ 2110.532692][T15411] ? __sched_text_start+0x8/0x8 [ 2110.532710][T15411] ? oom_killer_disable+0x280/0x280 [ 2110.564547][T15411] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2110.570119][T15411] ? memcg_stat_show+0xc40/0xc40 [ 2110.575077][T15411] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2110.581246][T15411] ? cgroup_file_notify+0x140/0x1b0 [ 2110.586451][T15411] memory_max_write+0x262/0x3a0 [ 2110.591315][T15411] ? mem_cgroup_write+0x370/0x370 [ 2110.596343][T15411] ? lock_acquire+0x20b/0x410 [ 2110.601124][T15411] cgroup_file_write+0x241/0x790 [ 2110.606175][T15411] ? mem_cgroup_write+0x370/0x370 [ 2110.611198][T15411] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2110.616948][T15411] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2110.622634][T15411] kernfs_fop_write+0x2b8/0x480 [ 2110.627524][T15411] __vfs_write+0x8a/0x110 [ 2110.631846][T15411] ? kernfs_fop_open+0xd80/0xd80 [ 2110.636787][T15411] vfs_write+0x268/0x5d0 [ 2110.641024][T15411] ksys_write+0x14f/0x290 [ 2110.645337][T15411] ? __ia32_sys_read+0xb0/0xb0 [ 2110.650088][T15411] ? do_syscall_64+0x26/0x760 [ 2110.654749][T15411] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2110.660839][T15411] ? do_syscall_64+0x26/0x760 [ 2110.665504][T15411] __x64_sys_write+0x73/0xb0 [ 2110.670081][T15411] do_syscall_64+0xfa/0x760 [ 2110.674657][T15411] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2110.680558][T15411] RIP: 0033:0x459a29 [ 2110.684457][T15411] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2110.704046][T15411] RSP: 002b:00007f60a0d5fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2110.712461][T15411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2110.720423][T15411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 2110.728378][T15411] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2110.736407][T15411] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f60a0d606d4 [ 2110.744371][T15411] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2110.756946][T15411] memory: usage 3780kB, limit 0kB, failcnt 178 [ 2110.763268][T15411] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2110.772835][T15411] Memory cgroup stats for /syz1: [ 2110.774416][T15411] anon 2088960 [ 2110.774416][T15411] file 0 [ 2110.774416][T15411] kernel_stack 65536 [ 2110.774416][T15411] slab 1499136 [ 2110.774416][T15411] sock 0 [ 2110.774416][T15411] shmem 0 [ 2110.774416][T15411] file_mapped 0 [ 2110.774416][T15411] file_dirty 0 [ 2110.774416][T15411] file_writeback 0 [ 2110.774416][T15411] anon_thp 2097152 [ 2110.774416][T15411] inactive_anon 0 [ 2110.774416][T15411] active_anon 2088960 [ 2110.774416][T15411] inactive_file 135168 [ 2110.774416][T15411] active_file 0 [ 2110.774416][T15411] unevictable 0 [ 2110.774416][T15411] slab_reclaimable 675840 [ 2110.774416][T15411] slab_unreclaimable 823296 [ 2110.774416][T15411] pgfault 195096 [ 2110.774416][T15411] pgmajfault 0 [ 2110.774416][T15411] workingset_refault 0 [ 2110.774416][T15411] workingset_activate 0 [ 2110.774416][T15411] workingset_nodereclaim 0 [ 2110.774416][T15411] pgrefill 66 [ 2110.774416][T15411] pgscan 69 [ 2110.774416][T15411] pgsteal 39 [ 2110.774416][T15411] pgactivate 33 [ 2110.870877][T15411] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=15409,uid=0 [ 2110.897388][T15411] Memory cgroup out of memory: Killed process 15409 (syz-executor.1) total-vm:72708kB, anon-rss:2192kB, file-rss:35840kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2110.921724][ T1065] oom_reaper: reaped process 15409 (syz-executor.1), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB 13:01:39 executing program 1: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1}, 0x20008844) 13:01:39 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x25}], 0x1}, 0x20008844) 13:01:39 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) gettid() r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) 13:01:39 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293e7, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:01:39 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={0xffffffffffffffff, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:01:39 executing program 2: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0xa601, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2111.374583][T15392] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2111.383112][T15424] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2111.398759][T15392] CPU: 0 PID: 15392 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2111.406355][T15392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2111.416421][T15392] Call Trace: [ 2111.419738][T15392] dump_stack+0x172/0x1f0 [ 2111.424095][T15392] dump_header+0x10b/0x82d [ 2111.428519][T15392] ? oom_kill_process+0x94/0x3f0 [ 2111.433471][T15392] oom_kill_process.cold+0x10/0x15 [ 2111.438602][T15392] out_of_memory+0x334/0x1340 [ 2111.443301][T15392] ? lock_downgrade+0x920/0x920 [ 2111.448174][T15392] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2111.453987][T15392] ? oom_killer_disable+0x280/0x280 [ 2111.459214][T15392] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2111.464779][T15392] ? memcg_stat_show+0xc40/0xc40 [ 2111.469726][T15392] ? do_raw_spin_unlock+0x57/0x270 13:01:39 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x26}], 0x1}, 0x20008844) [ 2111.474858][T15392] ? _raw_spin_unlock+0x2d/0x50 [ 2111.474875][T15392] try_charge+0xf4b/0x1440 [ 2111.474897][T15392] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2111.474908][T15392] ? percpu_ref_tryget_live+0x111/0x290 [ 2111.474924][T15392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2111.474939][T15392] ? __kasan_check_read+0x11/0x20 [ 2111.474956][T15392] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2111.474972][T15392] mem_cgroup_try_charge+0x136/0x590 [ 2111.474989][T15392] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2111.475005][T15392] wp_page_copy+0x407/0x1860 [ 2111.475019][T15392] ? find_held_lock+0x35/0x130 [ 2111.475033][T15392] ? do_wp_page+0x53b/0x15c0 [ 2111.475048][T15392] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2111.475062][T15392] ? lock_downgrade+0x920/0x920 [ 2111.475078][T15392] ? swp_swapcount+0x540/0x540 [ 2111.475093][T15392] ? __kasan_check_read+0x11/0x20 [ 2111.475104][T15392] ? do_raw_spin_unlock+0x57/0x270 [ 2111.475118][T15392] do_wp_page+0x543/0x15c0 [ 2111.475135][T15392] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2111.475141][ C1] net_ratelimit: 40 callbacks suppressed [ 2111.475150][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.475159][T15392] __handle_mm_fault+0x23ec/0x4040 [ 2111.475178][T15392] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2111.475192][T15392] ? handle_mm_fault+0x292/0xaa0 [ 2111.475216][T15392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2111.475221][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2111.475232][T15392] ? __kasan_check_read+0x11/0x20 [ 2111.475250][T15392] handle_mm_fault+0x3b7/0xaa0 [ 2111.475277][T15392] __do_page_fault+0x536/0xdd0 [ 2111.475301][T15392] do_page_fault+0x38/0x590 [ 2111.475318][T15392] page_fault+0x39/0x40 [ 2111.475324][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.475333][T15392] RIP: 0033:0x4034f2 [ 2111.475348][T15392] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2111.475355][T15392] RSP: 002b:00007fff19387da0 EFLAGS: 00010246 [ 2111.475366][T15392] RAX: 0000000000000000 RBX: 00000000002033b7 RCX: 0000000000413630 [ 2111.475370][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2111.475376][T15392] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007fff19388ed0 [ 2111.475384][T15392] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000da2940 [ 2111.475391][T15392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff19388ed0 [ 2111.475399][T15392] R13: 00007fff19388ec0 R14: 0000000000000000 R15: 00007fff19388ed0 [ 2111.475646][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.559091][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2111.568667][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.585565][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2111.601269][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.634363][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2111.724331][T15392] memory: usage 1412kB, limit 0kB, failcnt 190 [ 2111.738633][T15392] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2111.772200][T15392] Memory cgroup stats for /syz1: [ 2111.772311][T15392] anon 24576 [ 2111.772311][T15392] file 0 [ 2111.772311][T15392] kernel_stack 0 [ 2111.772311][T15392] slab 1499136 [ 2111.772311][T15392] sock 0 [ 2111.772311][T15392] shmem 0 [ 2111.772311][T15392] file_mapped 0 [ 2111.772311][T15392] file_dirty 0 [ 2111.772311][T15392] file_writeback 0 [ 2111.772311][T15392] anon_thp 0 [ 2111.772311][T15392] inactive_anon 0 [ 2111.772311][T15392] active_anon 24576 [ 2111.772311][T15392] inactive_file 135168 [ 2111.772311][T15392] active_file 0 [ 2111.772311][T15392] unevictable 0 13:01:39 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x27}], 0x1}, 0x20008844) [ 2111.772311][T15392] slab_reclaimable 675840 [ 2111.772311][T15392] slab_unreclaimable 823296 [ 2111.772311][T15392] pgfault 195096 [ 2111.772311][T15392] pgmajfault 0 [ 2111.772311][T15392] workingset_refault 0 [ 2111.772311][T15392] workingset_activate 0 [ 2111.772311][T15392] workingset_nodereclaim 0 [ 2111.772311][T15392] pgrefill 66 [ 2111.772311][T15392] pgscan 69 [ 2111.772311][T15392] pgsteal 39 [ 2111.772311][T15392] pgactivate 33 [ 2111.882126][T15392] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=15392,uid=0 [ 2111.910034][T15392] Memory cgroup out of memory: Killed process 15392 (syz-executor.1) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2111.932088][ T1065] oom_reaper: reaped process 15392 (syz-executor.1), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 13:01:39 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x28}], 0x1}, 0x20008844) 13:01:40 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x29}], 0x1}, 0x20008844) 13:01:40 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2a}], 0x1}, 0x20008844) 13:01:40 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2b}], 0x1}, 0x20008844) 13:01:40 executing program 1: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1}, 0x20008844) 13:01:40 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2c}], 0x1}, 0x20008844) [ 2112.714271][T15426] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2112.985062][T15427] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2113.209764][T15454] IPVS: ftp: loaded support on port[0] = 21 [ 2113.443139][T15457] IPVS: ftp: loaded support on port[0] = 21 [ 2113.545655][T15454] chnl_net:caif_netlink_parms(): no params data found [ 2113.672265][T15454] bridge0: port 1(bridge_slave_0) entered blocking state [ 2113.679580][T15454] bridge0: port 1(bridge_slave_0) entered disabled state [ 2113.689770][T15454] device bridge_slave_0 entered promiscuous mode [ 2113.699351][T15454] bridge0: port 2(bridge_slave_1) entered blocking state [ 2113.707195][T15454] bridge0: port 2(bridge_slave_1) entered disabled state [ 2113.716813][T15454] device bridge_slave_1 entered promiscuous mode [ 2113.893836][T15454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2113.910462][T15457] chnl_net:caif_netlink_parms(): no params data found [ 2113.924260][T15454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2114.022315][T15454] team0: Port device team_slave_0 added [ 2114.046498][T15454] team0: Port device team_slave_1 added [ 2114.052719][T15457] bridge0: port 1(bridge_slave_0) entered blocking state [ 2114.064316][T15457] bridge0: port 1(bridge_slave_0) entered disabled state [ 2114.073288][T15457] device bridge_slave_0 entered promiscuous mode [ 2114.132735][T15457] bridge0: port 2(bridge_slave_1) entered blocking state [ 2114.141534][T15457] bridge0: port 2(bridge_slave_1) entered disabled state [ 2114.153414][T15457] device bridge_slave_1 entered promiscuous mode [ 2114.198391][T15454] device hsr_slave_0 entered promiscuous mode [ 2114.307449][T15454] device hsr_slave_1 entered promiscuous mode [ 2114.354319][T15454] debugfs: Directory 'hsr0' with parent '/' already present! [ 2114.389413][T15457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2114.449926][T15457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2114.540567][T15457] team0: Port device team_slave_0 added [ 2114.558915][T15457] team0: Port device team_slave_1 added [ 2114.668834][T15457] device hsr_slave_0 entered promiscuous mode [ 2114.735488][T15457] device hsr_slave_1 entered promiscuous mode [ 2114.774224][T15457] debugfs: Directory 'hsr0' with parent '/' already present! [ 2115.018390][T15454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2115.099601][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2115.108945][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2115.125071][T15454] 8021q: adding VLAN 0 to HW filter on device team0 [ 2115.205961][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2115.216894][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2115.225939][T10934] bridge0: port 1(bridge_slave_0) entered blocking state [ 2115.233005][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2115.242359][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2115.252856][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2115.262143][T10934] bridge0: port 2(bridge_slave_1) entered blocking state [ 2115.269260][T10934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2115.297599][T15457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2115.305984][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2115.316439][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2115.396921][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2115.407434][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2115.417942][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2115.427659][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2115.438737][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2115.448825][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2115.533293][T15457] 8021q: adding VLAN 0 to HW filter on device team0 [ 2115.540799][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2115.550216][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2115.562415][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2115.572733][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2115.591925][T15454] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2115.605631][T15454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2115.679256][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2115.689286][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2115.698797][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2115.711127][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2115.720905][T10934] bridge0: port 1(bridge_slave_0) entered blocking state [ 2115.728307][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2115.737299][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2115.747560][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2115.756811][T10934] bridge0: port 2(bridge_slave_1) entered blocking state [ 2115.763876][T10934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2115.842793][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2115.853078][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2115.863314][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2115.945877][T15454] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2115.953266][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2115.963614][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2115.973641][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2115.993932][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2116.082653][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2116.107250][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2116.117471][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2116.127720][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2116.138138][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2116.152231][T15457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2116.307707][T15457] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2116.368151][T15466] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2116.378681][T15466] CPU: 1 PID: 15466 Comm: syz-executor.5 Not tainted 5.3.0+ #0 [ 2116.386252][T15466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2116.396314][T15466] Call Trace: [ 2116.399622][T15466] dump_stack+0x172/0x1f0 [ 2116.404135][T15466] dump_header+0x10b/0x82d [ 2116.408655][T15466] oom_kill_process.cold+0x10/0x15 [ 2116.413759][T15466] out_of_memory+0x334/0x1340 [ 2116.418428][T15466] ? __sched_text_start+0x8/0x8 [ 2116.423278][T15466] ? oom_killer_disable+0x280/0x280 [ 2116.428470][T15466] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2116.434017][T15466] ? memcg_stat_show+0xc40/0xc40 [ 2116.438947][T15466] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2116.444742][T15466] ? cgroup_file_notify+0x140/0x1b0 [ 2116.449938][T15466] memory_max_write+0x262/0x3a0 [ 2116.454775][T15466] ? mem_cgroup_write+0x370/0x370 [ 2116.459783][T15466] ? lock_acquire+0x190/0x410 [ 2116.464534][T15466] ? kernfs_fop_write+0x227/0x480 [ 2116.469569][T15466] cgroup_file_write+0x241/0x790 [ 2116.474492][T15466] ? mem_cgroup_write+0x370/0x370 [ 2116.479499][T15466] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2116.485128][T15466] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2116.490743][T15466] kernfs_fop_write+0x2b8/0x480 [ 2116.495580][T15466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2116.501805][T15466] __vfs_write+0x8a/0x110 [ 2116.506132][T15466] ? kernfs_fop_open+0xd80/0xd80 [ 2116.511141][T15466] vfs_write+0x268/0x5d0 [ 2116.515382][T15466] ksys_write+0x14f/0x290 [ 2116.519692][T15466] ? __ia32_sys_read+0xb0/0xb0 [ 2116.524462][T15466] ? do_syscall_64+0x26/0x760 [ 2116.529145][T15466] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2116.535201][T15466] ? do_syscall_64+0x26/0x760 [ 2116.539866][T15466] __x64_sys_write+0x73/0xb0 [ 2116.544471][T15466] do_syscall_64+0xfa/0x760 [ 2116.548965][T15466] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2116.554864][T15466] RIP: 0033:0x459a29 [ 2116.558766][T15466] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2116.578350][T15466] RSP: 002b:00007f8a03f06c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2116.586742][T15466] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2116.594705][T15466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2116.602664][T15466] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2116.610651][T15466] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8a03f076d4 [ 2116.618602][T15466] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2116.629881][T15466] memory: usage 39800kB, limit 0kB, failcnt 101 [ 2116.636511][T15466] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2116.636517][T15466] Memory cgroup stats for /syz5: [ 2116.636636][T15466] anon 2121728 [ 2116.636636][T15466] file 172032 [ 2116.636636][T15466] kernel_stack 131072 [ 2116.636636][T15466] slab 38416384 [ 2116.636636][T15466] sock 0 [ 2116.636636][T15466] shmem 0 [ 2116.636636][T15466] file_mapped 0 [ 2116.636636][T15466] file_dirty 0 [ 2116.636636][T15466] file_writeback 0 [ 2116.636636][T15466] anon_thp 2097152 [ 2116.636636][T15466] inactive_anon 0 [ 2116.636636][T15466] active_anon 2121728 [ 2116.636636][T15466] inactive_file 135168 [ 2116.636636][T15466] active_file 0 [ 2116.636636][T15466] unevictable 0 [ 2116.636636][T15466] slab_reclaimable 37576704 [ 2116.636636][T15466] slab_unreclaimable 839680 [ 2116.636636][T15466] pgfault 191268 [ 2116.636636][T15466] pgmajfault 0 [ 2116.636636][T15466] workingset_refault 0 [ 2116.636636][T15466] workingset_activate 0 [ 2116.636636][T15466] workingset_nodereclaim 0 [ 2116.636636][T15466] pgrefill 0 [ 2116.636636][T15466] pgscan 0 [ 2116.636636][T15466] pgsteal 0 [ 2116.636636][T15466] pgactivate 0 [ 2116.636658][T15466] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=15465,uid=0 [ 2116.636785][T15466] Memory cgroup out of memory: Killed process 15465 (syz-executor.5) total-vm:72708kB, anon-rss:2196kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2116.696554][ T1065] oom_reaper: reaped process 15465 (syz-executor.5), now anon-rss:0kB, file-rss:34904kB, shmem-rss:0kB [ 2117.177699][T15473] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2117.188501][T15473] CPU: 1 PID: 15473 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2117.196055][T15473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2117.206099][T15473] Call Trace: [ 2117.209381][T15473] dump_stack+0x172/0x1f0 [ 2117.213705][T15473] dump_header+0x10b/0x82d [ 2117.218107][T15473] oom_kill_process.cold+0x10/0x15 [ 2117.223212][T15473] out_of_memory+0x334/0x1340 [ 2117.227876][T15473] ? __sched_text_start+0x8/0x8 [ 2117.232732][T15473] ? oom_killer_disable+0x280/0x280 [ 2117.237928][T15473] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2117.243455][T15473] ? memcg_stat_show+0xc40/0xc40 [ 2117.248384][T15473] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2117.254193][T15473] ? cgroup_file_notify+0x140/0x1b0 [ 2117.259379][T15473] memory_max_write+0x262/0x3a0 [ 2117.264236][T15473] ? mem_cgroup_write+0x370/0x370 [ 2117.269248][T15473] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2117.274697][T15473] cgroup_file_write+0x241/0x790 [ 2117.279620][T15473] ? mem_cgroup_write+0x370/0x370 [ 2117.284628][T15473] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2117.290248][T15473] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2117.295866][T15473] kernfs_fop_write+0x2b8/0x480 [ 2117.300705][T15473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2117.306941][T15473] __vfs_write+0x8a/0x110 [ 2117.311254][T15473] ? kernfs_fop_open+0xd80/0xd80 [ 2117.316289][T15473] vfs_write+0x268/0x5d0 [ 2117.320532][T15473] ksys_write+0x14f/0x290 [ 2117.324846][T15473] ? __ia32_sys_read+0xb0/0xb0 [ 2117.329594][T15473] ? do_syscall_64+0x26/0x760 [ 2117.334254][T15473] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2117.340302][T15473] ? do_syscall_64+0x26/0x760 [ 2117.344964][T15473] __x64_sys_write+0x73/0xb0 [ 2117.349538][T15473] do_syscall_64+0xfa/0x760 [ 2117.354030][T15473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2117.359905][T15473] RIP: 0033:0x459a29 [ 2117.363784][T15473] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2117.383371][T15473] RSP: 002b:00007ff126a98c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2117.391764][T15473] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2117.399735][T15473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2117.407702][T15473] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2117.415655][T15473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff126a996d4 [ 2117.423626][T15473] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2117.439291][T15473] memory: usage 3060kB, limit 0kB, failcnt 327 [ 2117.447108][T15473] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2117.454795][T15473] Memory cgroup stats for /syz4: [ 2117.456231][T15473] anon 2093056 [ 2117.456231][T15473] file 0 [ 2117.456231][T15473] kernel_stack 65536 [ 2117.456231][T15473] slab 802816 [ 2117.456231][T15473] sock 0 [ 2117.456231][T15473] shmem 0 [ 2117.456231][T15473] file_mapped 0 [ 2117.456231][T15473] file_dirty 0 [ 2117.456231][T15473] file_writeback 0 [ 2117.456231][T15473] anon_thp 2097152 [ 2117.456231][T15473] inactive_anon 0 [ 2117.456231][T15473] active_anon 2093056 [ 2117.456231][T15473] inactive_file 135168 [ 2117.456231][T15473] active_file 0 [ 2117.456231][T15473] unevictable 0 [ 2117.456231][T15473] slab_reclaimable 270336 [ 2117.456231][T15473] slab_unreclaimable 532480 [ 2117.456231][T15473] pgfault 211266 [ 2117.456231][T15473] pgmajfault 0 [ 2117.456231][T15473] workingset_refault 0 [ 2117.456231][T15473] workingset_activate 0 [ 2117.456231][T15473] workingset_nodereclaim 0 [ 2117.456231][T15473] pgrefill 148 [ 2117.456231][T15473] pgscan 138 [ 2117.456231][T15473] pgsteal 101 [ 2117.456231][T15473] pgactivate 33 [ 2117.461277][T15473] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15472,uid=0 [ 2117.593123][T15473] Memory cgroup out of memory: Killed process 15472 (syz-executor.4) total-vm:72576kB, anon-rss:2184kB, file-rss:35812kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2117.615803][ T1065] oom_reaper: reaped process 15472 (syz-executor.4), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 2117.723583][T15454] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2117.733901][T15454] CPU: 1 PID: 15454 Comm: syz-executor.5 Not tainted 5.3.0+ #0 [ 2117.741459][T15454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2117.751519][T15454] Call Trace: [ 2117.754821][T15454] dump_stack+0x172/0x1f0 [ 2117.759159][T15454] dump_header+0x10b/0x82d [ 2117.763679][T15454] ? oom_kill_process+0x94/0x3f0 [ 2117.768630][T15454] oom_kill_process.cold+0x10/0x15 [ 2117.773722][T15454] out_of_memory+0x334/0x1340 [ 2117.778377][T15454] ? lock_downgrade+0x920/0x920 [ 2117.783209][T15454] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2117.788993][T15454] ? oom_killer_disable+0x280/0x280 [ 2117.794190][T15454] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2117.799713][T15454] ? memcg_stat_show+0xc40/0xc40 [ 2117.804644][T15454] ? do_raw_spin_unlock+0x57/0x270 [ 2117.809733][T15454] ? _raw_spin_unlock+0x2d/0x50 [ 2117.814666][T15454] try_charge+0xf4b/0x1440 [ 2117.819086][T15454] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2117.824655][T15454] ? percpu_ref_tryget_live+0x111/0x290 [ 2117.830234][T15454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2117.836454][T15454] ? __kasan_check_read+0x11/0x20 [ 2117.841602][T15454] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2117.847136][T15454] mem_cgroup_try_charge+0x136/0x590 [ 2117.852405][T15454] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2117.858017][T15454] wp_page_copy+0x407/0x1860 [ 2117.862590][T15454] ? find_held_lock+0x35/0x130 [ 2117.867331][T15454] ? do_wp_page+0x53b/0x15c0 [ 2117.871900][T15454] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2117.877706][T15454] ? lock_downgrade+0x920/0x920 [ 2117.882540][T15454] ? swp_swapcount+0x540/0x540 [ 2117.887283][T15454] ? __kasan_check_read+0x11/0x20 [ 2117.892282][T15454] ? do_raw_spin_unlock+0x57/0x270 [ 2117.897375][T15454] do_wp_page+0x543/0x15c0 [ 2117.901775][T15454] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2117.907129][T15454] __handle_mm_fault+0x23ec/0x4040 [ 2117.912221][T15454] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2117.917743][T15454] ? handle_mm_fault+0x292/0xaa0 [ 2117.922678][T15454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2117.928989][T15454] ? __kasan_check_read+0x11/0x20 [ 2117.934105][T15454] handle_mm_fault+0x3b7/0xaa0 [ 2117.938860][T15454] __do_page_fault+0x536/0xdd0 [ 2117.943610][T15454] do_page_fault+0x38/0x590 [ 2117.948109][T15454] page_fault+0x39/0x40 [ 2117.952243][T15454] RIP: 0033:0x430b06 [ 2117.956116][T15454] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2117.975697][T15454] RSP: 002b:00007ffcf67577a0 EFLAGS: 00010206 [ 2117.981739][T15454] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2117.989711][T15454] RDX: 0000000001d42930 RSI: 0000000001d4a970 RDI: 0000000000000003 [ 2117.997673][T15454] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001d41940 [ 2118.005631][T15454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2118.013585][T15454] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 13:01:46 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000000500), 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:01:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2d}], 0x1}, 0x20008844) 13:01:46 executing program 1: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1}, 0x20008844) [ 2118.030409][T15454] memory: usage 37368kB, limit 0kB, failcnt 109 [ 2118.039716][T15454] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2118.053737][T15454] Memory cgroup stats for /syz5: [ 2118.053843][T15454] anon 24576 [ 2118.053843][T15454] file 172032 [ 2118.053843][T15454] kernel_stack 0 [ 2118.053843][T15454] slab 38281216 [ 2118.053843][T15454] sock 0 [ 2118.053843][T15454] shmem 0 [ 2118.053843][T15454] file_mapped 0 [ 2118.053843][T15454] file_dirty 0 [ 2118.053843][T15454] file_writeback 0 [ 2118.053843][T15454] anon_thp 0 [ 2118.053843][T15454] inactive_anon 0 [ 2118.053843][T15454] active_anon 24576 [ 2118.053843][T15454] inactive_file 135168 [ 2118.053843][T15454] active_file 0 [ 2118.053843][T15454] unevictable 0 [ 2118.053843][T15454] slab_reclaimable 37441536 [ 2118.053843][T15454] slab_unreclaimable 839680 [ 2118.053843][T15454] pgfault 191268 [ 2118.053843][T15454] pgmajfault 0 [ 2118.053843][T15454] workingset_refault 0 13:01:46 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293e8, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:01:46 executing program 2: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1}, 0x20008844) 13:01:46 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={0xffffffffffffffff, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) [ 2118.053843][T15454] workingset_activate 0 [ 2118.053843][T15454] workingset_nodereclaim 0 [ 2118.053843][T15454] pgrefill 0 [ 2118.053843][T15454] pgscan 0 [ 2118.053843][T15454] pgsteal 0 [ 2118.053843][T15454] pgactivate 0 [ 2118.156786][T15454] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=15454,uid=0 [ 2118.177514][T15480] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2118.216327][T15454] Memory cgroup out of memory: Killed process 15454 (syz-executor.5) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2118.244428][T15457] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2118.244972][ T1065] oom_reaper: reaped process 15454 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 2118.254695][T15457] CPU: 0 PID: 15457 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2118.273201][T15457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2118.283442][T15457] Call Trace: [ 2118.286752][T15457] dump_stack+0x172/0x1f0 [ 2118.291101][T15457] dump_header+0x10b/0x82d [ 2118.295542][T15457] ? oom_kill_process+0x94/0x3f0 [ 2118.300499][T15457] oom_kill_process.cold+0x10/0x15 [ 2118.305627][T15457] out_of_memory+0x334/0x1340 [ 2118.310329][T15457] ? lock_downgrade+0x920/0x920 [ 2118.315202][T15457] ? oom_killer_disable+0x280/0x280 [ 2118.320465][T15457] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2118.326031][T15457] ? memcg_stat_show+0xc40/0xc40 [ 2118.330992][T15457] ? do_raw_spin_unlock+0x57/0x270 [ 2118.336136][T15457] ? _raw_spin_unlock+0x2d/0x50 [ 2118.341006][T15457] try_charge+0xf4b/0x1440 [ 2118.345454][T15457] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2118.351013][T15457] ? percpu_ref_tryget_live+0x111/0x290 [ 2118.354700][ C1] net_ratelimit: 26 callbacks suppressed [ 2118.354708][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2118.356571][T15457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2118.362216][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2118.367887][T15457] ? __kasan_check_read+0x11/0x20 [ 2118.367905][T15457] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2118.367923][T15457] mem_cgroup_try_charge+0x136/0x590 [ 2118.367944][T15457] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2118.374290][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2118.379875][T15457] wp_page_copy+0x407/0x1860 [ 2118.384938][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2118.390415][T15457] ? find_held_lock+0x35/0x130 [ 2118.422053][T15457] ? do_wp_page+0x53b/0x15c0 [ 2118.426664][T15457] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2118.432488][T15457] ? lock_downgrade+0x920/0x920 [ 2118.434216][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2118.437347][T15457] ? swp_swapcount+0x540/0x540 [ 2118.437366][T15457] ? __kasan_check_read+0x11/0x20 [ 2118.437384][T15457] ? do_raw_spin_unlock+0x57/0x270 [ 2118.443144][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2118.447852][T15457] do_wp_page+0x543/0x15c0 [ 2118.447869][T15457] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2118.447896][T15457] __handle_mm_fault+0x23ec/0x4040 13:01:46 executing program 2 (fault-call:31 fault-nth:0): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2118.478589][T15457] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2118.484151][T15457] ? handle_mm_fault+0x292/0xaa0 [ 2118.489114][T15457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2118.495370][T15457] ? __kasan_check_read+0x11/0x20 [ 2118.500418][T15457] handle_mm_fault+0x3b7/0xaa0 [ 2118.505202][T15457] __do_page_fault+0x536/0xdd0 [ 2118.510001][T15457] do_page_fault+0x38/0x590 [ 2118.514535][T15457] page_fault+0x39/0x40 [ 2118.518698][T15457] RIP: 0033:0x4034f2 [ 2118.522692][T15457] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2118.542300][T15457] RSP: 002b:00007fff73a81b40 EFLAGS: 00010246 [ 2118.542312][T15457] RAX: 0000000000000000 RBX: 0000000000204de4 RCX: 0000000000413630 [ 2118.542319][T15457] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007fff73a82c70 [ 2118.542325][T15457] RBP: 0000000000000002 R08: 0000000000000001 R09: 000000000133a940 [ 2118.542332][T15457] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff73a82c70 13:01:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2e}], 0x1}, 0x20008844) [ 2118.542339][T15457] R13: 00007fff73a82c60 R14: 0000000000000000 R15: 00007fff73a82c70 [ 2118.542525][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2118.542575][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2118.542682][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2118.572751][ C0] protocol 88fb is buggy, dev hsr_slave_1 13:01:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2f}], 0x1}, 0x20008844) [ 2118.674865][T15457] memory: usage 740kB, limit 0kB, failcnt 339 [ 2118.681169][T15457] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2118.734202][T15457] Memory cgroup stats for /syz4: [ 2118.734306][T15457] anon 0 [ 2118.734306][T15457] file 0 [ 2118.734306][T15457] kernel_stack 65536 [ 2118.734306][T15457] slab 802816 [ 2118.734306][T15457] sock 0 [ 2118.734306][T15457] shmem 0 [ 2118.734306][T15457] file_mapped 0 [ 2118.734306][T15457] file_dirty 0 [ 2118.734306][T15457] file_writeback 0 [ 2118.734306][T15457] anon_thp 0 [ 2118.734306][T15457] inactive_anon 0 [ 2118.734306][T15457] active_anon 0 [ 2118.734306][T15457] inactive_file 135168 [ 2118.734306][T15457] active_file 0 [ 2118.734306][T15457] unevictable 0 [ 2118.734306][T15457] slab_reclaimable 270336 [ 2118.734306][T15457] slab_unreclaimable 532480 [ 2118.734306][T15457] pgfault 211266 [ 2118.734306][T15457] pgmajfault 0 [ 2118.734306][T15457] workingset_refault 0 [ 2118.734306][T15457] workingset_activate 0 [ 2118.734306][T15457] workingset_nodereclaim 0 [ 2118.734306][T15457] pgrefill 148 [ 2118.734306][T15457] pgscan 138 [ 2118.734306][T15457] pgsteal 101 [ 2118.734306][T15457] pgactivate 33 [ 2118.884570][T15457] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15457,uid=0 13:01:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x30}], 0x1}, 0x20008844) [ 2118.930570][T15486] FAULT_INJECTION: forcing a failure. [ 2118.930570][T15486] name failslab, interval 1, probability 0, space 0, times 0 [ 2118.955013][T15457] Memory cgroup out of memory: Killed process 15457 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2118.994416][T15486] CPU: 0 PID: 15486 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2119.002032][T15486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2119.012104][T15486] Call Trace: [ 2119.015056][ T1065] oom_reaper: reaped process 15457 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 2119.015414][T15486] dump_stack+0x172/0x1f0 [ 2119.030799][T15486] should_fail.cold+0xa/0x15 [ 2119.035411][T15486] ? fault_create_debugfs_attr+0x180/0x180 [ 2119.041241][T15486] ? ___might_sleep+0x163/0x2c0 [ 2119.046117][T15486] __should_failslab+0x121/0x190 [ 2119.051074][T15486] should_failslab+0x9/0x14 [ 2119.055597][T15486] __kmalloc+0x2e0/0x770 [ 2119.059864][T15486] ? kernfs_fop_write+0x33b/0x480 [ 2119.064916][T15486] kernfs_fop_write+0x33b/0x480 [ 2119.069785][T15486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2119.076050][T15486] __vfs_write+0x8a/0x110 [ 2119.080400][T15486] ? kernfs_fop_open+0xd80/0xd80 [ 2119.085356][T15486] vfs_write+0x268/0x5d0 [ 2119.089618][T15486] ksys_write+0x14f/0x290 13:01:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x31}], 0x1}, 0x20008844) [ 2119.093953][T15486] ? __ia32_sys_read+0xb0/0xb0 [ 2119.098733][T15486] ? do_syscall_64+0x26/0x760 [ 2119.103430][T15486] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2119.109511][T15486] ? do_syscall_64+0x26/0x760 [ 2119.114184][T15486] __x64_sys_write+0x73/0xb0 [ 2119.114200][T15486] do_syscall_64+0xfa/0x760 [ 2119.114218][T15486] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2119.114229][T15486] RIP: 0033:0x459a29 [ 2119.114243][T15486] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2119.114250][T15486] RSP: 002b:00007f732e617c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2119.114262][T15486] RAX: ffffffffffffffda RBX: 00007f732e617c90 RCX: 0000000000459a29 [ 2119.114274][T15486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2119.178308][T15486] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2119.186293][T15486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f732e6186d4 13:01:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x32}], 0x1}, 0x20008844) [ 2119.194286][T15486] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 0000000000000008 [ 2119.635641][T15482] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:01:48 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000000500), 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:01:48 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x33}], 0x1}, 0x20008844) [ 2120.192923][T15505] IPVS: ftp: loaded support on port[0] = 21 [ 2120.629890][T15505] chnl_net:caif_netlink_parms(): no params data found [ 2120.722677][T15505] bridge0: port 1(bridge_slave_0) entered blocking state [ 2120.731111][T15505] bridge0: port 1(bridge_slave_0) entered disabled state [ 2120.740473][T15505] device bridge_slave_0 entered promiscuous mode [ 2120.751608][T15505] bridge0: port 2(bridge_slave_1) entered blocking state [ 2120.759387][T15505] bridge0: port 2(bridge_slave_1) entered disabled state [ 2120.768618][T15505] device bridge_slave_1 entered promiscuous mode [ 2120.849322][T15505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2120.862658][T15505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2120.951702][T15505] team0: Port device team_slave_0 added [ 2120.961436][T15505] team0: Port device team_slave_1 added [ 2121.037407][T15505] device hsr_slave_0 entered promiscuous mode [ 2121.076517][T15505] device hsr_slave_1 entered promiscuous mode [ 2121.114263][T15505] debugfs: Directory 'hsr0' with parent '/' already present! [ 2121.185133][T15505] bridge0: port 2(bridge_slave_1) entered blocking state [ 2121.192246][T15505] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2121.199677][T15505] bridge0: port 1(bridge_slave_0) entered blocking state [ 2121.206773][T15505] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2121.330147][T15505] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2121.351692][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2121.361674][T10646] bridge0: port 1(bridge_slave_0) entered disabled state [ 2121.372757][T10646] bridge0: port 2(bridge_slave_1) entered disabled state [ 2121.382823][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2121.401769][T15505] 8021q: adding VLAN 0 to HW filter on device team0 [ 2121.491316][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2121.500839][ T5357] bridge0: port 1(bridge_slave_0) entered blocking state [ 2121.508149][ T5357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2121.590449][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2121.600397][ T8838] bridge0: port 2(bridge_slave_1) entered blocking state [ 2121.607569][ T8838] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2121.683597][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2121.701743][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2121.711871][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2121.790507][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2121.800828][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2121.810550][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2121.821029][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2121.835697][T15505] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2121.919199][T15505] 8021q: adding VLAN 0 to HW filter on device batadv0 13:01:50 executing program 1 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:01:50 executing program 5 (fault-call:3 fault-nth:0): r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:01:50 executing program 2 (fault-call:31 fault-nth:1): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:01:50 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x34}], 0x1}, 0x20008844) 13:01:50 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293e9, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:01:50 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000000500), 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) [ 2122.244967][T15525] FAULT_INJECTION: forcing a failure. [ 2122.244967][T15525] name failslab, interval 1, probability 0, space 0, times 0 [ 2122.262556][T15522] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2122.276143][T15525] CPU: 1 PID: 15525 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2122.283730][T15525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2122.293778][T15525] Call Trace: [ 2122.293805][T15525] dump_stack+0x172/0x1f0 [ 2122.293825][T15525] should_fail.cold+0xa/0x15 [ 2122.293843][T15525] ? fault_create_debugfs_attr+0x180/0x180 [ 2122.293864][T15525] ? ___might_sleep+0x163/0x2c0 [ 2122.293896][T15525] __should_failslab+0x121/0x190 [ 2122.322235][T15525] should_failslab+0x9/0x14 [ 2122.326767][T15525] kmem_cache_alloc_node+0x268/0x740 [ 2122.332092][T15525] __alloc_skb+0xd5/0x5e0 [ 2122.332114][T15525] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 2122.332141][T15525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2122.348241][T15525] ? netlink_autobind.isra.0+0x228/0x310 [ 2122.353906][T15525] netlink_sendmsg+0x972/0xd60 [ 2122.358706][T15525] ? netlink_unicast+0x710/0x710 [ 2122.359173][T15527] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2122.363654][T15525] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2122.363675][T15525] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2122.363695][T15525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2122.363710][T15525] ? security_socket_sendmsg+0x8d/0xc0 [ 2122.363731][T15525] ? netlink_unicast+0x710/0x710 [ 2122.384880][T15525] sock_sendmsg+0xd7/0x130 [ 2122.405915][T15525] ___sys_sendmsg+0x803/0x920 [ 2122.410605][T15525] ? copy_msghdr_from_user+0x440/0x440 [ 2122.410632][T15525] ? __kasan_check_read+0x11/0x20 [ 2122.410652][T15525] ? __fget+0x384/0x560 [ 2122.425289][T15525] ? ksys_dup3+0x3e0/0x3e0 [ 2122.429735][T15525] ? __fget_light+0x1a9/0x230 [ 2122.434467][T15525] ? __fdget+0x1b/0x20 [ 2122.438558][T15525] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2122.444827][T15525] __sys_sendmsg+0x105/0x1d0 [ 2122.444844][T15525] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2122.444873][T15525] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2122.444887][T15525] ? do_syscall_64+0x26/0x760 [ 2122.444903][T15525] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2122.444920][T15525] ? do_syscall_64+0x26/0x760 [ 2122.464652][T15525] __x64_sys_sendmsg+0x78/0xb0 [ 2122.464672][T15525] do_syscall_64+0xfa/0x760 [ 2122.464695][T15525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2122.464712][T15525] RIP: 0033:0x459a29 [ 2122.490652][T15525] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2122.490661][T15525] RSP: 002b:00007f73086fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2122.490680][T15525] RAX: ffffffffffffffda RBX: 00007f73086fec90 RCX: 0000000000459a29 [ 2122.514521][T15525] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 13:01:50 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x35}], 0x1}, 0x20008844) [ 2122.514531][T15525] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2122.514539][T15525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f73086ff6d4 [ 2122.514549][T15525] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 0000000000000005 [ 2122.567418][T15527] CPU: 0 PID: 15527 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2122.575002][T15527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2122.585060][T15527] Call Trace: [ 2122.588382][T15527] dump_stack+0x172/0x1f0 [ 2122.588403][T15527] dump_header+0x10b/0x82d [ 2122.588422][T15527] oom_kill_process.cold+0x10/0x15 [ 2122.588441][T15527] out_of_memory+0x334/0x1340 [ 2122.606968][T15527] ? __sched_text_start+0x8/0x8 [ 2122.611829][T15527] ? oom_killer_disable+0x280/0x280 [ 2122.617055][T15527] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2122.622617][T15527] ? memcg_stat_show+0xc40/0xc40 [ 2122.627572][T15527] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2122.627592][T15527] ? cgroup_file_notify+0x140/0x1b0 [ 2122.627610][T15527] memory_max_write+0x262/0x3a0 [ 2122.627628][T15527] ? mem_cgroup_write+0x370/0x370 [ 2122.627645][T15527] ? lock_acquire+0x190/0x410 [ 2122.627661][T15527] ? kernfs_fop_write+0x227/0x480 [ 2122.627682][T15527] cgroup_file_write+0x241/0x790 [ 2122.627699][T15527] ? mem_cgroup_write+0x370/0x370 [ 2122.627716][T15527] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2122.627740][T15527] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2122.627756][T15527] kernfs_fop_write+0x2b8/0x480 [ 2122.627771][T15527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2122.627792][T15527] __vfs_write+0x8a/0x110 [ 2122.663266][T15527] ? kernfs_fop_open+0xd80/0xd80 [ 2122.663286][T15527] vfs_write+0x268/0x5d0 [ 2122.663304][T15527] ksys_write+0x14f/0x290 [ 2122.708436][T15527] ? __ia32_sys_read+0xb0/0xb0 [ 2122.713227][T15527] ? do_syscall_64+0x26/0x760 [ 2122.717928][T15527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2122.724013][T15527] ? do_syscall_64+0x26/0x760 [ 2122.728716][T15527] __x64_sys_write+0x73/0xb0 [ 2122.733321][T15527] do_syscall_64+0xfa/0x760 [ 2122.737844][T15527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2122.743760][T15527] RIP: 0033:0x459a29 [ 2122.747656][T15527] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2122.767269][T15527] RSP: 002b:00007f732e5f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2122.775692][T15527] RAX: ffffffffffffffda RBX: 00007f732e5f6c90 RCX: 0000000000459a29 [ 2122.783668][T15527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 13:01:50 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x36}], 0x1}, 0x20008844) [ 2122.791653][T15527] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2122.799638][T15527] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f732e5f76d4 [ 2122.807626][T15527] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 0000000000000008 [ 2122.954405][T15527] memory: usage 3668kB, limit 0kB, failcnt 1110 [ 2122.962562][T15527] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 13:01:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x37}], 0x1}, 0x20008844) [ 2123.094284][T15527] Memory cgroup stats for /syz2: [ 2123.094316][T15527] FAULT_INJECTION: forcing a failure. [ 2123.094316][T15527] name failslab, interval 1, probability 0, space 0, times 0 [ 2123.140091][T15527] CPU: 1 PID: 15527 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2123.147695][T15527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2123.157760][T15527] Call Trace: [ 2123.161068][T15527] dump_stack+0x172/0x1f0 [ 2123.165778][T15527] should_fail.cold+0xa/0x15 [ 2123.170398][T15527] ? fault_create_debugfs_attr+0x180/0x180 [ 2123.176198][T15527] ? ___might_sleep+0x163/0x2c0 [ 2123.176217][T15527] __should_failslab+0x121/0x190 [ 2123.176232][T15527] should_failslab+0x9/0x14 [ 2123.176248][T15527] kmem_cache_alloc_trace+0x2d3/0x790 [ 2123.176271][T15527] ? vprintk_default+0x28/0x30 [ 2123.195921][T15527] memory_stat_format+0x9e/0xc30 [ 2123.205605][T15527] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 2123.211073][T15527] ? memory_oom_group_write+0x120/0x120 [ 2123.216629][T15527] ? trace_hardirqs_on+0x67/0x240 [ 2123.221660][T15527] ? __kasan_check_read+0x11/0x20 [ 2123.226692][T15527] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2123.232507][T15527] mem_cgroup_print_oom_meminfo.cold+0x4e/0x79 [ 2123.238662][T15527] dump_header+0x13f/0x82d [ 2123.243075][T15527] oom_kill_process.cold+0x10/0x15 [ 2123.248177][T15527] out_of_memory+0x334/0x1340 [ 2123.252843][T15527] ? __sched_text_start+0x8/0x8 [ 2123.257683][T15527] ? oom_killer_disable+0x280/0x280 [ 2123.262899][T15527] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2123.268434][T15527] ? memcg_stat_show+0xc40/0xc40 [ 2123.273381][T15527] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2123.279183][T15527] ? cgroup_file_notify+0x140/0x1b0 [ 2123.284531][T15527] memory_max_write+0x262/0x3a0 [ 2123.289373][T15527] ? mem_cgroup_write+0x370/0x370 [ 2123.294472][T15527] ? lock_acquire+0x190/0x410 [ 2123.299136][T15527] ? kernfs_fop_write+0x227/0x480 [ 2123.304156][T15527] cgroup_file_write+0x241/0x790 [ 2123.309110][T15527] ? mem_cgroup_write+0x370/0x370 [ 2123.314129][T15527] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2123.319767][T15527] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2123.325387][T15527] kernfs_fop_write+0x2b8/0x480 [ 2123.330224][T15527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2123.336472][T15527] __vfs_write+0x8a/0x110 [ 2123.340790][T15527] ? kernfs_fop_open+0xd80/0xd80 [ 2123.345732][T15527] vfs_write+0x268/0x5d0 [ 2123.349981][T15527] ksys_write+0x14f/0x290 [ 2123.354299][T15527] ? __ia32_sys_read+0xb0/0xb0 [ 2123.359058][T15527] ? do_syscall_64+0x26/0x760 [ 2123.363725][T15527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2123.369777][T15527] ? do_syscall_64+0x26/0x760 [ 2123.374447][T15527] __x64_sys_write+0x73/0xb0 [ 2123.379028][T15527] do_syscall_64+0xfa/0x760 [ 2123.383537][T15527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2123.389417][T15527] RIP: 0033:0x459a29 [ 2123.393312][T15527] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2123.412904][T15527] RSP: 002b:00007f732e5f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2123.421314][T15527] RAX: ffffffffffffffda RBX: 00007f732e5f6c90 RCX: 0000000000459a29 [ 2123.429270][T15527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 13:01:51 executing program 1 (fault-call:2 fault-nth:1): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:01:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x38}], 0x1}, 0x20008844) [ 2123.437240][T15527] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2123.445195][T15527] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f732e5f76d4 [ 2123.453152][T15527] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 0000000000000008 [ 2123.572726][T15545] FAULT_INJECTION: forcing a failure. [ 2123.572726][T15545] name failslab, interval 1, probability 0, space 0, times 0 [ 2123.597102][T15545] CPU: 1 PID: 15545 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2123.604707][T15545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2123.614768][T15545] Call Trace: [ 2123.618095][T15545] dump_stack+0x172/0x1f0 [ 2123.622476][T15545] should_fail.cold+0xa/0x15 [ 2123.627081][T15545] ? fault_create_debugfs_attr+0x180/0x180 [ 2123.632902][T15545] ? ___might_sleep+0x163/0x2c0 [ 2123.637767][T15545] __should_failslab+0x121/0x190 [ 2123.642712][T15545] should_failslab+0x9/0x14 [ 2123.643871][T15527] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15520,uid=0 [ 2123.647216][T15545] kmem_cache_alloc_node_trace+0x274/0x750 [ 2123.647237][T15545] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2123.647251][T15545] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2123.647280][T15545] __kmalloc_node_track_caller+0x3d/0x70 [ 2123.647301][T15545] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2123.647321][T15545] __alloc_skb+0x10b/0x5e0 [ 2123.662908][T15527] Memory cgroup out of memory: Killed process 15520 (syz-executor.2) total-vm:72704kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2123.668474][T15545] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 2123.668497][T15545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2123.668514][T15545] ? netlink_autobind.isra.0+0x228/0x310 [ 2123.668540][T15545] netlink_sendmsg+0x972/0xd60 [ 2123.668567][T15545] ? netlink_unicast+0x710/0x710 [ 2123.740353][T15545] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2123.745893][T15545] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2123.751343][T15545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2123.757572][T15545] ? security_socket_sendmsg+0x8d/0xc0 [ 2123.763022][T15545] ? netlink_unicast+0x710/0x710 [ 2123.767954][T15545] sock_sendmsg+0xd7/0x130 [ 2123.772364][T15545] ___sys_sendmsg+0x803/0x920 [ 2123.777036][T15545] ? copy_msghdr_from_user+0x440/0x440 [ 2123.782494][T15545] ? __kasan_check_read+0x11/0x20 [ 2123.787522][T15545] ? __fget+0x384/0x560 [ 2123.791680][T15545] ? ksys_dup3+0x3e0/0x3e0 [ 2123.796099][T15545] ? __fget_light+0x1a9/0x230 [ 2123.800764][T15545] ? __fdget+0x1b/0x20 [ 2123.804837][T15545] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2123.811072][T15545] __sys_sendmsg+0x105/0x1d0 [ 2123.815657][T15545] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2123.820681][T15545] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2123.826129][T15545] ? do_syscall_64+0x26/0x760 [ 2123.830793][T15545] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2123.836848][T15545] ? do_syscall_64+0x26/0x760 [ 2123.841516][T15545] __x64_sys_sendmsg+0x78/0xb0 [ 2123.846270][T15545] do_syscall_64+0xfa/0x760 [ 2123.850767][T15545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2123.856651][T15545] RIP: 0033:0x459a29 [ 2123.860536][T15545] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2123.880126][T15545] RSP: 002b:00007f73086ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2123.888530][T15545] RAX: ffffffffffffffda RBX: 00007f73086ddc90 RCX: 0000000000459a29 [ 2123.897530][T15545] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 2123.905489][T15545] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2123.913459][T15545] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f73086de6d4 13:01:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x39}], 0x1}, 0x20008844) [ 2123.921419][T15545] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 0000000000000005 [ 2123.936408][ T1065] oom_reaper: reaped process 15520 (syz-executor.2), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 2123.999134][T15535] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:01:52 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x3a}], 0x1}, 0x20008844) [ 2124.303174][T15550] IPVS: ftp: loaded support on port[0] = 21 [ 2124.390934][T15394] syz-executor.2 invoked oom-killer: gfp_mask=0x40c50(GFP_NOFS|__GFP_COMP|__GFP_RECLAIMABLE), order=0, oom_score_adj=0 [ 2124.452431][T15394] CPU: 1 PID: 15394 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2124.460026][T15394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2124.470263][T15394] Call Trace: [ 2124.473558][T15394] dump_stack+0x172/0x1f0 [ 2124.477904][T15394] dump_header+0x10b/0x82d [ 2124.482316][T15394] ? oom_kill_process+0x94/0x3f0 [ 2124.487267][T15394] oom_kill_process.cold+0x10/0x15 [ 2124.492384][T15394] out_of_memory+0x334/0x1340 [ 2124.497070][T15394] ? lock_downgrade+0x920/0x920 [ 2124.501942][T15394] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2124.507757][T15394] ? oom_killer_disable+0x280/0x280 [ 2124.512943][T15394] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2124.518567][T15394] ? memcg_stat_show+0xc40/0xc40 [ 2124.523528][T15394] ? do_raw_spin_unlock+0x57/0x270 [ 2124.528624][T15394] ? _raw_spin_unlock+0x2d/0x50 [ 2124.533455][T15394] try_charge+0xf4b/0x1440 [ 2124.537861][T15394] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2124.543391][T15394] ? cache_grow_begin+0x122/0xd20 [ 2124.548397][T15394] ? find_held_lock+0x35/0x130 [ 2124.553139][T15394] ? cache_grow_begin+0x122/0xd20 [ 2124.558146][T15394] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2124.563672][T15394] ? lock_downgrade+0x920/0x920 [ 2124.568503][T15394] ? memcg_kmem_put_cache+0x50/0x50 [ 2124.573680][T15394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2124.581896][T15394] ? __kasan_check_read+0x11/0x20 [ 2124.586906][T15394] cache_grow_begin+0x629/0xd20 [ 2124.591754][T15394] ? __sanitizer_cov_trace_cmp4+0x1/0x20 [ 2124.597374][T15394] ? mempolicy_slab_node+0x139/0x390 [ 2124.602642][T15394] fallback_alloc+0x1fd/0x2d0 [ 2124.607318][T15394] ____cache_alloc_node+0x1bc/0x1d0 [ 2124.612496][T15394] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2124.618720][T15394] kmem_cache_alloc+0x1ef/0x710 [ 2124.623554][T15394] ? ratelimit_state_init+0xb0/0xb0 [ 2124.628731][T15394] ext4_alloc_inode+0x1f/0x640 [ 2124.633489][T15394] ? ratelimit_state_init+0xb0/0xb0 [ 2124.638666][T15394] alloc_inode+0x68/0x1e0 [ 2124.642975][T15394] new_inode_pseudo+0x19/0xf0 [ 2124.647645][T15394] new_inode+0x1f/0x40 [ 2124.651832][T15394] __ext4_new_inode+0x3d5/0x4ee0 [ 2124.656781][T15394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2124.663018][T15394] ? __dquot_initialize+0x525/0xd80 [ 2124.668728][T15394] ? ext4_free_inode+0x1490/0x1490 [ 2124.673826][T15394] ? dqget+0x10d0/0x10d0 [ 2124.678054][T15394] ? putname+0xef/0x130 [ 2124.682193][T15394] ext4_mkdir+0x3df/0xe20 [ 2124.686509][T15394] ? ext4_init_dot_dotdot+0x520/0x520 [ 2124.691874][T15394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2124.698171][T15394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2124.704417][T15394] ? security_inode_permission+0xcb/0x100 [ 2124.710121][T15394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2124.716337][T15394] ? security_inode_mkdir+0xe4/0x120 [ 2124.721617][T15394] vfs_mkdir+0x42e/0x670 [ 2124.725844][T15394] do_mkdirat+0x234/0x2a0 [ 2124.730281][T15394] ? __ia32_sys_mknod+0xb0/0xb0 [ 2124.735111][T15394] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2124.740563][T15394] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2124.746619][T15394] ? do_syscall_64+0x26/0x760 [ 2124.751274][T15394] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2124.756544][T15394] __x64_sys_mkdir+0x5c/0x80 [ 2124.761113][T15394] do_syscall_64+0xfa/0x760 [ 2124.765608][T15394] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2124.771475][T15394] RIP: 0033:0x458e47 [ 2124.775349][T15394] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2124.794983][T15394] RSP: 002b:00007ffe11d847c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 2124.803426][T15394] RAX: ffffffffffffffda RBX: 00000000002064f3 RCX: 0000000000458e47 [ 2124.811512][T15394] RDX: 00007ffe11d84813 RSI: 00000000000001ff RDI: 00007ffe11d84810 [ 2124.819477][T15394] RBP: 000000000000000c R08: 0000000000000000 R09: 0000000000000003 [ 2124.827476][T15394] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000020 [ 2124.835440][T15394] R13: 00007ffe11d84800 R14: 000000000020619e R15: 00007ffe11d84810 [ 2124.864035][T15394] memory: usage 1284kB, limit 0kB, failcnt 1126 [ 2124.870609][T15394] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2124.877590][T15394] Memory cgroup stats for /syz2: [ 2124.877693][T15394] anon 159744 [ 2124.877693][T15394] file 0 [ 2124.877693][T15394] kernel_stack 65536 [ 2124.877693][T15394] slab 1060864 [ 2124.877693][T15394] sock 0 [ 2124.877693][T15394] shmem 0 [ 2124.877693][T15394] file_mapped 0 [ 2124.877693][T15394] file_dirty 0 [ 2124.877693][T15394] file_writeback 0 [ 2124.877693][T15394] anon_thp 0 [ 2124.877693][T15394] inactive_anon 0 [ 2124.877693][T15394] active_anon 77824 [ 2124.877693][T15394] inactive_file 0 [ 2124.877693][T15394] active_file 0 [ 2124.877693][T15394] unevictable 0 [ 2124.877693][T15394] slab_reclaimable 405504 [ 2124.877693][T15394] slab_unreclaimable 655360 [ 2124.877693][T15394] pgfault 192324 [ 2124.877693][T15394] pgmajfault 0 [ 2124.877693][T15394] workingset_refault 0 [ 2124.877693][T15394] workingset_activate 0 [ 2124.877693][T15394] workingset_nodereclaim 0 [ 2124.877693][T15394] pgrefill 70 [ 2124.877693][T15394] pgscan 68 [ 2124.877693][T15394] pgsteal 33 [ 2124.877693][T15394] pgactivate 33 [ 2124.971739][T15394] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15394,uid=0 [ 2124.996725][T15394] Memory cgroup out of memory: Killed process 15394 (syz-executor.2) total-vm:72440kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2125.027287][ T1065] oom_reaper: reaped process 15394 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2125.479401][T15557] IPVS: ftp: loaded support on port[0] = 21 [ 2125.751481][T15550] chnl_net:caif_netlink_parms(): no params data found [ 2126.037947][T15550] bridge0: port 1(bridge_slave_0) entered blocking state [ 2126.046695][T15550] bridge0: port 1(bridge_slave_0) entered disabled state [ 2126.056571][T15550] device bridge_slave_0 entered promiscuous mode [ 2126.117648][T15550] bridge0: port 2(bridge_slave_1) entered blocking state [ 2126.125040][T15550] bridge0: port 2(bridge_slave_1) entered disabled state [ 2126.133981][T15550] device bridge_slave_1 entered promiscuous mode [ 2126.142073][T15557] chnl_net:caif_netlink_parms(): no params data found [ 2126.263171][T15550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2126.293652][T15550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2126.304270][T15557] bridge0: port 1(bridge_slave_0) entered blocking state [ 2126.311339][T15557] bridge0: port 1(bridge_slave_0) entered disabled state [ 2126.321958][T15557] device bridge_slave_0 entered promiscuous mode [ 2126.348211][T15557] bridge0: port 2(bridge_slave_1) entered blocking state [ 2126.356937][T15557] bridge0: port 2(bridge_slave_1) entered disabled state [ 2126.366282][T15557] device bridge_slave_1 entered promiscuous mode [ 2126.422145][T15550] team0: Port device team_slave_0 added [ 2126.443577][T15550] team0: Port device team_slave_1 added [ 2126.532377][T15557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2126.563692][T15557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2126.678934][T15550] device hsr_slave_0 entered promiscuous mode [ 2126.745239][T15550] device hsr_slave_1 entered promiscuous mode [ 2126.794540][T15550] debugfs: Directory 'hsr0' with parent '/' already present! [ 2126.868676][T15557] team0: Port device team_slave_0 added [ 2126.878008][T15557] team0: Port device team_slave_1 added [ 2127.028471][T15557] device hsr_slave_0 entered promiscuous mode [ 2127.077608][T15557] device hsr_slave_1 entered promiscuous mode [ 2127.115521][T15557] debugfs: Directory 'hsr0' with parent '/' already present! [ 2127.403503][T15550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2127.442885][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2127.452918][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2127.531420][T15550] 8021q: adding VLAN 0 to HW filter on device team0 [ 2127.560889][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2127.571834][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2127.581374][ T8838] bridge0: port 1(bridge_slave_0) entered blocking state [ 2127.588499][ T8838] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2127.615583][T15557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2127.667760][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2127.676995][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2127.686704][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2127.696635][ T5357] bridge0: port 2(bridge_slave_1) entered blocking state [ 2127.703710][ T5357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2127.780095][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2127.816059][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2127.827191][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2127.837506][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2127.848157][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2127.857586][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2127.867122][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2127.895597][T15557] 8021q: adding VLAN 0 to HW filter on device team0 [ 2127.903057][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2127.926439][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2128.008027][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2128.020884][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2128.070095][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2128.081554][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2128.091344][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2128.101527][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2128.111787][ T5357] bridge0: port 1(bridge_slave_0) entered blocking state [ 2128.118928][ T5357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2128.132512][T15550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2128.206161][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2128.225467][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2128.246913][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2128.256330][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 2128.263396][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2128.271570][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2128.295686][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2128.307135][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2128.317092][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2128.387673][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2128.397388][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2128.408954][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2128.486052][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2128.498605][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2128.524577][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2128.534030][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2128.584044][T15550] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2128.595814][T15557] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2128.681080][T15557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2128.861347][T15570] FAULT_INJECTION: forcing a failure. [ 2128.861347][T15570] name failslab, interval 1, probability 0, space 0, times 0 [ 2128.880399][T15570] CPU: 1 PID: 15570 Comm: syz-executor.5 Not tainted 5.3.0+ #0 [ 2128.888081][T15570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2128.898148][T15570] Call Trace: [ 2128.901487][T15570] dump_stack+0x172/0x1f0 [ 2128.905850][T15570] should_fail.cold+0xa/0x15 [ 2128.910460][T15570] ? fault_create_debugfs_attr+0x180/0x180 [ 2128.916289][T15570] ? ___might_sleep+0x163/0x2c0 [ 2128.921171][T15570] __should_failslab+0x121/0x190 [ 2128.926134][T15570] should_failslab+0x9/0x14 [ 2128.930737][T15570] kmem_cache_alloc_node+0x268/0x740 [ 2128.936035][T15570] __alloc_skb+0xd5/0x5e0 [ 2128.940460][T15570] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 2128.946010][T15570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2128.952253][T15570] ? netlink_autobind.isra.0+0x228/0x310 [ 2128.957902][T15570] netlink_sendmsg+0x972/0xd60 [ 2128.962678][T15570] ? netlink_unicast+0x710/0x710 [ 2128.967615][T15570] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2128.973164][T15570] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2128.978630][T15570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2128.984870][T15570] ? security_socket_sendmsg+0x8d/0xc0 [ 2128.990327][T15570] ? netlink_unicast+0x710/0x710 [ 2128.995275][T15570] sock_sendmsg+0xd7/0x130 [ 2128.999705][T15570] ___sys_sendmsg+0x803/0x920 [ 2129.004389][T15570] ? copy_msghdr_from_user+0x440/0x440 [ 2129.009865][T15570] ? __kasan_check_read+0x11/0x20 [ 2129.014890][T15570] ? __fget+0x384/0x560 [ 2129.019042][T15570] ? ksys_dup3+0x3e0/0x3e0 [ 2129.023454][T15570] ? __fget_light+0x1a9/0x230 [ 2129.028119][T15570] ? __fdget+0x1b/0x20 [ 2129.032175][T15570] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2129.038407][T15570] __sys_sendmsg+0x105/0x1d0 [ 2129.042999][T15570] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2129.048018][T15570] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2129.053480][T15570] ? do_syscall_64+0x26/0x760 [ 2129.058167][T15570] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2129.064230][T15570] ? do_syscall_64+0x26/0x760 [ 2129.068893][T15570] __x64_sys_sendmsg+0x78/0xb0 [ 2129.073646][T15570] do_syscall_64+0xfa/0x760 [ 2129.078162][T15570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2129.084051][T15570] RIP: 0033:0x459a29 [ 2129.087938][T15570] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2129.107539][T15570] RSP: 002b:00007f133bb77c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2129.116558][T15570] RAX: ffffffffffffffda RBX: 00007f133bb77c90 RCX: 0000000000459a29 [ 2129.124516][T15570] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003 [ 2129.132472][T15570] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2129.140430][T15570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f133bb786d4 [ 2129.148388][T15570] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 0000000000000006 [ 2129.186770][T15574] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2129.213418][T15574] CPU: 1 PID: 15574 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2129.221016][T15574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2129.231081][T15574] Call Trace: [ 2129.231107][T15574] dump_stack+0x172/0x1f0 [ 2129.231125][T15574] dump_header+0x10b/0x82d [ 2129.231143][T15574] oom_kill_process.cold+0x10/0x15 [ 2129.231160][T15574] out_of_memory+0x334/0x1340 [ 2129.231175][T15574] ? __sched_text_start+0x8/0x8 [ 2129.231193][T15574] ? oom_killer_disable+0x280/0x280 [ 2129.263316][T15574] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2129.268884][T15574] ? memcg_stat_show+0xc40/0xc40 [ 2129.273845][T15574] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2129.279666][T15574] ? cgroup_file_notify+0x140/0x1b0 [ 2129.284869][T15574] memory_max_write+0x262/0x3a0 [ 2129.284886][T15574] ? mem_cgroup_write+0x370/0x370 [ 2129.284901][T15574] ? lock_acquire+0x190/0x410 [ 2129.284918][T15574] ? kernfs_fop_write+0x227/0x480 [ 2129.284938][T15574] cgroup_file_write+0x241/0x790 [ 2129.284953][T15574] ? mem_cgroup_write+0x370/0x370 [ 2129.284971][T15574] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2129.321342][T15574] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2129.326990][T15574] kernfs_fop_write+0x2b8/0x480 13:01:57 executing program 5 (fault-call:3 fault-nth:1): r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:01:57 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:01:57 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293ea, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:01:57 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x3b}], 0x1}, 0x20008844) [ 2129.331858][T15574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2129.338151][T15574] __vfs_write+0x8a/0x110 [ 2129.342496][T15574] ? kernfs_fop_open+0xd80/0xd80 [ 2129.347452][T15574] vfs_write+0x268/0x5d0 [ 2129.351733][T15574] ksys_write+0x14f/0x290 [ 2129.356071][T15574] ? __ia32_sys_read+0xb0/0xb0 [ 2129.360843][T15574] ? do_syscall_64+0x26/0x760 [ 2129.365538][T15574] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2129.371621][T15574] ? do_syscall_64+0x26/0x760 [ 2129.376318][T15574] __x64_sys_write+0x73/0xb0 [ 2129.380930][T15574] do_syscall_64+0xfa/0x760 [ 2129.385450][T15574] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2129.391528][T15574] RIP: 0033:0x459a29 [ 2129.395430][T15574] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2129.415047][T15574] RSP: 002b:00007fd859f51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2129.423560][T15574] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2129.431544][T15574] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2129.439533][T15574] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2129.447522][T15574] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd859f526d4 [ 2129.455510][T15574] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2129.490004][T15583] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2129.636237][ C0] net_ratelimit: 54 callbacks suppressed [ 2129.636245][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2129.636504][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2129.641998][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2129.647708][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2129.653469][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2129.659193][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2129.664872][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2129.670577][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2129.687855][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2129.693645][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2129.789178][T15574] memory: usage 3168kB, limit 0kB, failcnt 340 [ 2129.814748][T15574] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2129.828495][T15574] Memory cgroup stats for /syz4: [ 2129.828603][T15574] anon 2170880 [ 2129.828603][T15574] file 0 [ 2129.828603][T15574] kernel_stack 65536 [ 2129.828603][T15574] slab 802816 [ 2129.828603][T15574] sock 0 [ 2129.828603][T15574] shmem 0 [ 2129.828603][T15574] file_mapped 0 [ 2129.828603][T15574] file_dirty 0 [ 2129.828603][T15574] file_writeback 0 [ 2129.828603][T15574] anon_thp 2097152 [ 2129.828603][T15574] inactive_anon 0 [ 2129.828603][T15574] active_anon 2170880 [ 2129.828603][T15574] inactive_file 135168 [ 2129.828603][T15574] active_file 0 [ 2129.828603][T15574] unevictable 0 [ 2129.828603][T15574] slab_reclaimable 270336 [ 2129.828603][T15574] slab_unreclaimable 532480 [ 2129.828603][T15574] pgfault 211365 [ 2129.828603][T15574] pgmajfault 0 [ 2129.828603][T15574] workingset_refault 0 [ 2129.828603][T15574] workingset_activate 0 [ 2129.828603][T15574] workingset_nodereclaim 0 [ 2129.828603][T15574] pgrefill 148 [ 2129.828603][T15574] pgscan 138 [ 2129.828603][T15574] pgsteal 101 [ 2129.828603][T15574] pgactivate 33 [ 2129.929435][T15574] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15572,uid=0 [ 2129.946487][T15574] Memory cgroup out of memory: Killed process 15572 (syz-executor.4) total-vm:72708kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2129.968566][ T1065] oom_reaper: reaped process 15572 (syz-executor.4), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB 13:01:58 executing program 1 (fault-call:2 fault-nth:2): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:01:58 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:01:58 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = gettid() write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000500)=r4, 0x12) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) 13:01:58 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x3c}], 0x1}, 0x20008844) [ 2130.062272][T15557] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2130.082258][T15592] FAULT_INJECTION: forcing a failure. [ 2130.082258][T15592] name failslab, interval 1, probability 0, space 0, times 0 [ 2130.083275][T15589] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2130.106189][T15583] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2130.124426][T15557] CPU: 0 PID: 15557 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2130.132017][T15557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2130.147200][T15557] Call Trace: [ 2130.150485][T15557] dump_stack+0x172/0x1f0 [ 2130.154801][T15557] dump_header+0x10b/0x82d [ 2130.159198][T15557] ? oom_kill_process+0x94/0x3f0 [ 2130.164142][T15557] oom_kill_process.cold+0x10/0x15 [ 2130.169291][T15557] out_of_memory+0x334/0x1340 [ 2130.173983][T15557] ? lock_downgrade+0x920/0x920 [ 2130.178831][T15557] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2130.184626][T15557] ? oom_killer_disable+0x280/0x280 [ 2130.189815][T15557] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2130.195344][T15557] ? memcg_stat_show+0xc40/0xc40 [ 2130.200282][T15557] ? do_raw_spin_unlock+0x57/0x270 [ 2130.205379][T15557] ? _raw_spin_unlock+0x2d/0x50 [ 2130.210220][T15557] try_charge+0xf4b/0x1440 [ 2130.214631][T15557] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2130.220158][T15557] ? percpu_ref_tryget_live+0x111/0x290 [ 2130.225687][T15557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2130.231910][T15557] ? __kasan_check_read+0x11/0x20 [ 2130.236924][T15557] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2130.242459][T15557] mem_cgroup_try_charge+0x136/0x590 [ 2130.247734][T15557] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2130.253353][T15557] wp_page_copy+0x407/0x1860 [ 2130.257927][T15557] ? find_held_lock+0x35/0x130 [ 2130.262945][T15557] ? do_wp_page+0x53b/0x15c0 [ 2130.267536][T15557] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2130.273337][T15557] ? lock_downgrade+0x920/0x920 [ 2130.278174][T15557] ? swp_swapcount+0x540/0x540 [ 2130.282926][T15557] ? __kasan_check_read+0x11/0x20 [ 2130.287949][T15557] ? do_raw_spin_unlock+0x57/0x270 [ 2130.293051][T15557] do_wp_page+0x543/0x15c0 [ 2130.297456][T15557] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2130.302833][T15557] __handle_mm_fault+0x23ec/0x4040 [ 2130.307932][T15557] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2130.313462][T15557] ? handle_mm_fault+0x292/0xaa0 [ 2130.318393][T15557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2130.324618][T15557] ? __kasan_check_read+0x11/0x20 [ 2130.329628][T15557] handle_mm_fault+0x3b7/0xaa0 [ 2130.334729][T15557] __do_page_fault+0x536/0xdd0 [ 2130.339491][T15557] do_page_fault+0x38/0x590 [ 2130.343981][T15557] page_fault+0x39/0x40 [ 2130.348117][T15557] RIP: 0033:0x430b06 [ 2130.352009][T15557] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2130.371684][T15557] RSP: 002b:00007ffdf5a45710 EFLAGS: 00010206 [ 2130.377732][T15557] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2130.385697][T15557] RDX: 0000000000fb3930 RSI: 0000000000fbb970 RDI: 0000000000000003 [ 2130.393649][T15557] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000fb2940 [ 2130.401615][T15557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 13:01:58 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x3d}], 0x1}, 0x20008844) [ 2130.409569][T15557] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2130.417587][T15592] CPU: 1 PID: 15592 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2130.425161][T15592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2130.435227][T15592] Call Trace: [ 2130.438544][T15592] dump_stack+0x172/0x1f0 [ 2130.442906][T15592] should_fail.cold+0xa/0x15 [ 2130.447515][T15592] ? debug_smp_processor_id+0x3c/0x214 [ 2130.452998][T15592] ? fault_create_debugfs_attr+0x180/0x180 [ 2130.458835][T15592] __should_failslab+0x121/0x190 13:01:58 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2130.463792][T15592] should_failslab+0x9/0x14 [ 2130.468312][T15592] kmem_cache_alloc+0x47/0x710 [ 2130.473785][T15592] ? lock_acquire+0x190/0x410 [ 2130.478569][T15592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2130.484821][T15592] skb_clone+0x154/0x3d0 [ 2130.489086][T15592] netlink_deliver_tap+0x94d/0xbf0 [ 2130.494217][T15592] netlink_unicast+0x5a2/0x710 [ 2130.498999][T15592] ? netlink_attachskb+0x7c0/0x7c0 [ 2130.504117][T15592] ? _copy_from_iter_full+0x25d/0x8c0 [ 2130.509631][T15592] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2130.515373][T15592] ? __check_object_size+0x3d/0x437 [ 2130.520582][T15592] netlink_sendmsg+0x8a5/0xd60 [ 2130.525348][T15592] ? netlink_unicast+0x710/0x710 [ 2130.525361][T15592] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2130.525376][T15592] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2130.525392][T15592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2130.525407][T15592] ? security_socket_sendmsg+0x8d/0xc0 [ 2130.525421][T15592] ? netlink_unicast+0x710/0x710 [ 2130.525440][T15592] sock_sendmsg+0xd7/0x130 [ 2130.525458][T15592] ___sys_sendmsg+0x803/0x920 [ 2130.525475][T15592] ? copy_msghdr_from_user+0x440/0x440 [ 2130.525501][T15592] ? __kasan_check_read+0x11/0x20 [ 2130.525521][T15592] ? __fget+0x384/0x560 [ 2130.525544][T15592] ? ksys_dup3+0x3e0/0x3e0 [ 2130.525565][T15592] ? __fget_light+0x1a9/0x230 [ 2130.525581][T15592] ? __fdget+0x1b/0x20 [ 2130.525594][T15592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2130.525611][T15592] __sys_sendmsg+0x105/0x1d0 [ 2130.525625][T15592] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2130.525655][T15592] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2130.525668][T15592] ? do_syscall_64+0x26/0x760 [ 2130.525686][T15592] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2130.525699][T15592] ? do_syscall_64+0x26/0x760 [ 2130.525718][T15592] __x64_sys_sendmsg+0x78/0xb0 [ 2130.536186][T15592] do_syscall_64+0xfa/0x760 [ 2130.536206][T15592] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2130.536216][T15592] RIP: 0033:0x459a29 13:01:58 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x3e}], 0x1}, 0x20008844) [ 2130.536231][T15592] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2130.536238][T15592] RSP: 002b:00007f73086fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2130.536257][T15592] RAX: ffffffffffffffda RBX: 00007f73086fec90 RCX: 0000000000459a29 [ 2130.567366][T15592] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 2130.567374][T15592] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2130.567382][T15592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f73086ff6d4 [ 2130.567389][T15592] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 0000000000000005 [ 2130.584237][T15557] memory: usage 796kB, limit 0kB, failcnt 352 [ 2130.653427][T15557] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 13:01:58 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x41}], 0x1}, 0x20008844) [ 2130.784076][T15603] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:01:58 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2131.038327][T15606] IPVS: ftp: loaded support on port[0] = 21 [ 2131.080786][T15557] Memory cgroup stats for /syz4: [ 2131.080895][T15557] anon 0 [ 2131.080895][T15557] file 0 [ 2131.080895][T15557] kernel_stack 0 [ 2131.080895][T15557] slab 802816 [ 2131.080895][T15557] sock 0 [ 2131.080895][T15557] shmem 0 [ 2131.080895][T15557] file_mapped 0 [ 2131.080895][T15557] file_dirty 0 [ 2131.080895][T15557] file_writeback 0 [ 2131.080895][T15557] anon_thp 0 [ 2131.080895][T15557] inactive_anon 0 [ 2131.080895][T15557] active_anon 0 [ 2131.080895][T15557] inactive_file 135168 [ 2131.080895][T15557] active_file 0 [ 2131.080895][T15557] unevictable 0 [ 2131.080895][T15557] slab_reclaimable 270336 [ 2131.080895][T15557] slab_unreclaimable 532480 [ 2131.080895][T15557] pgfault 211365 [ 2131.080895][T15557] pgmajfault 0 [ 2131.080895][T15557] workingset_refault 0 [ 2131.080895][T15557] workingset_activate 0 [ 2131.080895][T15557] workingset_nodereclaim 0 [ 2131.080895][T15557] pgrefill 148 [ 2131.080895][T15557] pgscan 138 [ 2131.080895][T15557] pgsteal 101 [ 2131.080895][T15557] pgactivate 33 [ 2131.087068][T15557] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15557,uid=0 [ 2131.190571][T15611] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2131.203966][T15557] Memory cgroup out of memory: Killed process 15557 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2131.222986][ T1065] oom_reaper: reaped process 15557 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2131.966204][T15606] chnl_net:caif_netlink_parms(): no params data found [ 2132.052955][T15606] bridge0: port 1(bridge_slave_0) entered blocking state [ 2132.060252][T15606] bridge0: port 1(bridge_slave_0) entered disabled state [ 2132.069269][T15606] device bridge_slave_0 entered promiscuous mode [ 2132.129831][T15606] bridge0: port 2(bridge_slave_1) entered blocking state [ 2132.139014][T15606] bridge0: port 2(bridge_slave_1) entered disabled state [ 2132.148428][T15606] device bridge_slave_1 entered promiscuous mode [ 2132.221344][T15606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2132.236791][T15606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2132.320785][T15606] team0: Port device team_slave_0 added [ 2132.331533][T15606] team0: Port device team_slave_1 added [ 2132.448338][T15606] device hsr_slave_0 entered promiscuous mode [ 2132.485348][T15606] device hsr_slave_1 entered promiscuous mode [ 2132.524328][T15606] debugfs: Directory 'hsr0' with parent '/' already present! [ 2132.593617][T15606] bridge0: port 2(bridge_slave_1) entered blocking state [ 2132.600783][T15606] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2132.608209][T15606] bridge0: port 1(bridge_slave_0) entered blocking state [ 2132.615323][T15606] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2132.781502][T10934] bridge0: port 1(bridge_slave_0) entered disabled state [ 2132.790564][T10934] bridge0: port 2(bridge_slave_1) entered disabled state [ 2132.811022][T15606] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2132.883221][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2132.892524][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2132.942590][T15606] 8021q: adding VLAN 0 to HW filter on device team0 [ 2132.959309][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2132.969553][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2132.979506][T13302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2132.986644][T13302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2133.030111][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2133.040553][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2133.050127][T10646] bridge0: port 2(bridge_slave_1) entered blocking state [ 2133.057269][T10646] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2133.067680][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2133.129064][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2133.155487][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2133.165877][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2133.240231][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2133.249369][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2133.259504][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2133.269339][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2133.278971][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2133.360600][T15606] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2133.373690][T15606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2133.383913][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2133.394878][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2133.499991][T15606] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2133.830305][T15621] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2133.840997][T15621] CPU: 1 PID: 15621 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2133.848542][T15621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2133.858596][T15621] Call Trace: [ 2133.861890][T15621] dump_stack+0x172/0x1f0 [ 2133.866223][T15621] dump_header+0x10b/0x82d [ 2133.870639][T15621] ? oom_kill_process+0x94/0x3f0 [ 2133.875589][T15621] oom_kill_process.cold+0x10/0x15 [ 2133.880714][T15621] out_of_memory+0x334/0x1340 [ 2133.885489][T15621] ? __sched_text_start+0x8/0x8 [ 2133.890339][T15621] ? oom_killer_disable+0x280/0x280 [ 2133.895554][T15621] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2133.901097][T15621] ? memcg_stat_show+0xc40/0xc40 [ 2133.906041][T15621] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2133.911852][T15621] ? cgroup_file_notify+0x140/0x1b0 [ 2133.917058][T15621] memory_max_write+0x262/0x3a0 [ 2133.921913][T15621] ? mem_cgroup_write+0x370/0x370 [ 2133.926939][T15621] ? lock_acquire+0x190/0x410 [ 2133.931727][T15621] ? kernfs_fop_write+0x227/0x480 [ 2133.936761][T15621] cgroup_file_write+0x241/0x790 [ 2133.941702][T15621] ? mem_cgroup_write+0x370/0x370 [ 2133.946735][T15621] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2133.952399][T15621] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2133.958040][T15621] kernfs_fop_write+0x2b8/0x480 [ 2133.962901][T15621] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2133.969155][T15621] __vfs_write+0x8a/0x110 [ 2133.973486][T15621] ? kernfs_fop_open+0xd80/0xd80 [ 2133.978424][T15621] vfs_write+0x268/0x5d0 [ 2133.982671][T15621] ksys_write+0x14f/0x290 [ 2133.987000][T15621] ? __ia32_sys_read+0xb0/0xb0 [ 2133.991777][T15621] ? do_syscall_64+0x26/0x760 [ 2133.996454][T15621] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2134.002519][T15621] ? do_syscall_64+0x26/0x760 [ 2134.007224][T15621] __x64_sys_write+0x73/0xb0 [ 2134.011830][T15621] do_syscall_64+0xfa/0x760 [ 2134.016357][T15621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2134.022249][T15621] RIP: 0033:0x459a29 [ 2134.026143][T15621] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2134.045761][T15621] RSP: 002b:00007f0bfcdaac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2134.054180][T15621] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2134.062153][T15621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2134.070128][T15621] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2134.078107][T15621] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0bfcdab6d4 [ 2134.086091][T15621] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2134.124059][T15621] memory: usage 3572kB, limit 0kB, failcnt 1127 [ 2134.131054][T15621] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2134.139644][T15621] Memory cgroup stats for /syz2: [ 2134.141340][T15621] anon 2240512 [ 2134.141340][T15621] file 0 [ 2134.141340][T15621] kernel_stack 65536 [ 2134.141340][T15621] slab 1060864 [ 2134.141340][T15621] sock 0 [ 2134.141340][T15621] shmem 0 [ 2134.141340][T15621] file_mapped 0 [ 2134.141340][T15621] file_dirty 0 [ 2134.141340][T15621] file_writeback 0 [ 2134.141340][T15621] anon_thp 2097152 [ 2134.141340][T15621] inactive_anon 0 [ 2134.141340][T15621] active_anon 2158592 [ 2134.141340][T15621] inactive_file 0 [ 2134.141340][T15621] active_file 0 [ 2134.141340][T15621] unevictable 0 [ 2134.141340][T15621] slab_reclaimable 405504 [ 2134.141340][T15621] slab_unreclaimable 655360 [ 2134.141340][T15621] pgfault 192390 [ 2134.141340][T15621] pgmajfault 0 [ 2134.141340][T15621] workingset_refault 0 [ 2134.141340][T15621] workingset_activate 0 [ 2134.141340][T15621] workingset_nodereclaim 0 [ 2134.141340][T15621] pgrefill 70 [ 2134.141340][T15621] pgscan 68 [ 2134.141340][T15621] pgsteal 33 [ 2134.141340][T15621] pgactivate 33 [ 2134.248389][T15621] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15619,uid=0 [ 2134.264894][T15621] Memory cgroup out of memory: Killed process 15619 (syz-executor.2) total-vm:72576kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2134.294300][ T1065] oom_reaper: reaped process 15619 (syz-executor.2), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB [ 2134.615560][T15606] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2134.625767][T15606] CPU: 1 PID: 15606 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2134.633329][T15606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2134.643391][T15606] Call Trace: [ 2134.646689][T15606] dump_stack+0x172/0x1f0 [ 2134.651037][T15606] dump_header+0x10b/0x82d [ 2134.655460][T15606] ? oom_kill_process+0x94/0x3f0 [ 2134.660415][T15606] oom_kill_process.cold+0x10/0x15 [ 2134.665543][T15606] out_of_memory+0x334/0x1340 [ 2134.670235][T15606] ? lock_downgrade+0x920/0x920 [ 2134.675108][T15606] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2134.680935][T15606] ? oom_killer_disable+0x280/0x280 [ 2134.686161][T15606] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2134.691726][T15606] ? memcg_stat_show+0xc40/0xc40 [ 2134.696684][T15606] ? do_raw_spin_unlock+0x57/0x270 [ 2134.701820][T15606] ? _raw_spin_unlock+0x2d/0x50 [ 2134.706694][T15606] try_charge+0xf4b/0x1440 13:02:02 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x300}], 0x1}, 0x20008844) 13:02:02 executing program 1 (fault-call:2 fault-nth:3): perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:02 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x4, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:02 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293eb, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:02 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = gettid() write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000500)=r4, 0x12) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) [ 2134.711133][T15606] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2134.716718][T15606] ? percpu_ref_tryget_live+0x111/0x290 [ 2134.722286][T15606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2134.728551][T15606] ? __kasan_check_read+0x11/0x20 [ 2134.733596][T15606] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2134.739166][T15606] mem_cgroup_try_charge+0x136/0x590 [ 2134.744476][T15606] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2134.750130][T15606] __handle_mm_fault+0x1f0d/0x4040 [ 2134.755263][T15606] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2134.760827][T15606] ? handle_mm_fault+0x292/0xaa0 [ 2134.765078][T15628] FAULT_INJECTION: forcing a failure. [ 2134.765078][T15628] name failslab, interval 1, probability 0, space 0, times 0 [ 2134.765781][T15606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2134.784607][T15606] ? __kasan_check_read+0x11/0x20 [ 2134.789653][T15606] handle_mm_fault+0x3b7/0xaa0 [ 2134.794438][T15606] __do_page_fault+0x536/0xdd0 [ 2134.799228][T15606] do_page_fault+0x38/0x590 [ 2134.803754][T15606] page_fault+0x39/0x40 [ 2134.807920][T15606] RIP: 0033:0x4034f2 [ 2134.811822][T15606] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2134.831436][T15606] RSP: 002b:00007ffd2d164e90 EFLAGS: 00010246 [ 2134.837514][T15606] RAX: 0000000000000000 RBX: 0000000000208ef6 RCX: 0000000000413630 [ 2134.845500][T15606] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffd2d165fc0 [ 2134.853486][T15606] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000019b7940 [ 2134.861466][T15606] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2d165fc0 [ 2134.869449][T15606] R13: 00007ffd2d165fb0 R14: 0000000000000000 R15: 00007ffd2d165fc0 [ 2134.880407][T15628] CPU: 0 PID: 15628 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 2134.887991][T15628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2134.898084][T15628] Call Trace: [ 2134.901382][T15628] dump_stack+0x172/0x1f0 [ 2134.905720][T15628] should_fail.cold+0xa/0x15 [ 2134.910301][T15628] ? fault_create_debugfs_attr+0x180/0x180 [ 2134.916099][T15628] ? ___might_sleep+0x163/0x2c0 [ 2134.920959][T15628] __should_failslab+0x121/0x190 [ 2134.925889][T15628] should_failslab+0x9/0x14 [ 2134.930391][T15628] __kmalloc+0x2e0/0x770 [ 2134.934622][T15628] ? find_held_lock+0x35/0x130 [ 2134.939416][T15628] ? __dev_queue_xmit+0x1798/0x3720 [ 2134.944601][T15628] ? genl_family_rcv_msg+0x8b8/0xf90 [ 2134.949874][T15628] genl_family_rcv_msg+0x8b8/0xf90 [ 2134.954981][T15628] ? genl_unregister_family+0x7b0/0x7b0 [ 2134.960539][T15628] ? __kasan_check_read+0x11/0x20 [ 2134.965563][T15628] ? __lock_acquire+0x16f2/0x4a00 [ 2134.970610][T15628] ? __dev_queue_xmit+0xbb5/0x3720 [ 2134.975717][T15628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2134.981946][T15628] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2134.988192][T15628] ? __radix_tree_lookup+0x1ef/0x260 [ 2134.993474][T15628] ? radix_tree_lookup+0x22/0x30 [ 2134.998434][T15628] genl_rcv_msg+0xca/0x170 [ 2135.002884][T15628] netlink_rcv_skb+0x177/0x450 [ 2135.007653][T15628] ? genl_family_rcv_msg+0xf90/0xf90 [ 2135.012941][T15628] ? netlink_ack+0xb50/0xb50 [ 2135.017521][T15628] ? __kasan_check_write+0x14/0x20 [ 2135.022630][T15628] ? netlink_deliver_tap+0x254/0xbf0 [ 2135.027913][T15628] genl_rcv+0x29/0x40 [ 2135.031885][T15628] netlink_unicast+0x531/0x710 [ 2135.036640][T15628] ? netlink_attachskb+0x7c0/0x7c0 [ 2135.041736][T15628] ? _copy_from_iter_full+0x25d/0x8c0 [ 2135.047218][T15628] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2135.052946][T15628] ? __check_object_size+0x3d/0x437 [ 2135.058139][T15628] netlink_sendmsg+0x8a5/0xd60 [ 2135.062919][T15628] ? netlink_unicast+0x710/0x710 [ 2135.067847][T15628] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2135.073382][T15628] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2135.078843][T15628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2135.085090][T15628] ? security_socket_sendmsg+0x8d/0xc0 [ 2135.090539][T15628] ? netlink_unicast+0x710/0x710 [ 2135.095469][T15628] sock_sendmsg+0xd7/0x130 [ 2135.099875][T15628] ___sys_sendmsg+0x803/0x920 [ 2135.104546][T15628] ? copy_msghdr_from_user+0x440/0x440 [ 2135.110003][T15628] ? __kasan_check_read+0x11/0x20 [ 2135.115022][T15628] ? __fget+0x384/0x560 [ 2135.119178][T15628] ? ksys_dup3+0x3e0/0x3e0 [ 2135.123595][T15628] ? __fget_light+0x1a9/0x230 [ 2135.128262][T15628] ? __fdget+0x1b/0x20 [ 2135.132320][T15628] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2135.138554][T15628] __sys_sendmsg+0x105/0x1d0 [ 2135.143131][T15628] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2135.148165][T15628] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2135.153612][T15628] ? do_syscall_64+0x26/0x760 [ 2135.158276][T15628] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2135.164351][T15628] ? do_syscall_64+0x26/0x760 [ 2135.169052][T15628] __x64_sys_sendmsg+0x78/0xb0 [ 2135.173845][T15628] do_syscall_64+0xfa/0x760 [ 2135.178356][T15628] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2135.184235][T15628] RIP: 0033:0x459a29 [ 2135.188120][T15628] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2135.207716][T15628] RSP: 002b:00007f73086ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2135.216147][T15628] RAX: ffffffffffffffda RBX: 00007f73086ddc90 RCX: 0000000000459a29 [ 2135.224123][T15628] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 2135.232084][T15628] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2135.240040][T15628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f73086de6d4 [ 2135.247996][T15628] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 0000000000000004 13:02:02 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c0000000300b65df73888aac544000e0208000000000000000000000000000400000500"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:02 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x301}], 0x1}, 0x20008844) [ 2135.262826][T15606] memory: usage 1280kB, limit 0kB, failcnt 1135 [ 2135.289083][T15606] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2135.320197][T15606] Memory cgroup stats for /syz2: [ 2135.320295][T15606] anon 135168 [ 2135.320295][T15606] file 0 [ 2135.320295][T15606] kernel_stack 65536 [ 2135.320295][T15606] slab 1060864 [ 2135.320295][T15606] sock 0 [ 2135.320295][T15606] shmem 0 [ 2135.320295][T15606] file_mapped 0 [ 2135.320295][T15606] file_dirty 0 [ 2135.320295][T15606] file_writeback 0 [ 2135.320295][T15606] anon_thp 0 [ 2135.320295][T15606] inactive_anon 0 [ 2135.320295][T15606] active_anon 53248 [ 2135.320295][T15606] inactive_file 0 [ 2135.320295][T15606] active_file 0 [ 2135.320295][T15606] unevictable 0 [ 2135.320295][T15606] slab_reclaimable 405504 [ 2135.320295][T15606] slab_unreclaimable 655360 [ 2135.320295][T15606] pgfault 192390 [ 2135.320295][T15606] pgmajfault 0 [ 2135.320295][T15606] workingset_refault 0 [ 2135.320295][T15606] workingset_activate 0 [ 2135.320295][T15606] workingset_nodereclaim 0 [ 2135.320295][T15606] pgrefill 70 [ 2135.320295][T15606] pgscan 68 [ 2135.320295][T15606] pgsteal 33 [ 2135.320295][T15606] pgactivate 33 [ 2135.380541][T15636] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2135.416856][ C1] net_ratelimit: 48 callbacks suppressed [ 2135.416865][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2135.416928][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2135.417039][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2135.417088][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2135.417187][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2135.417234][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2135.417334][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2135.417383][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2135.417494][ C1] protocol 88fb is buggy, dev hsr_slave_0 13:02:03 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x901}], 0x1}, 0x20008844) [ 2135.417544][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2135.506434][T15630] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:03 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1101}], 0x1}, 0x20008844) [ 2135.601976][T15606] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15606,uid=0 [ 2135.643195][T15606] Memory cgroup out of memory: Killed process 15606 (syz-executor.2) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2135.678625][ T1065] oom_reaper: reaped process 15606 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:02:03 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xfef4}], 0x1}, 0x20008844) [ 2135.748819][T15631] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:03 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x5, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:03 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x2465a}], 0x1}, 0x20008844) 13:02:04 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x34000}], 0x1}, 0x20008844) [ 2136.468880][T15659] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2136.507553][T15651] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:04 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:04 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x20000041}], 0x1}, 0x20008844) [ 2136.828984][T15668] IPVS: ftp: loaded support on port[0] = 21 13:02:04 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293ec, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2137.036919][T15672] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2137.325178][T15668] chnl_net:caif_netlink_parms(): no params data found [ 2137.530488][T15668] bridge0: port 1(bridge_slave_0) entered blocking state [ 2137.538453][T15668] bridge0: port 1(bridge_slave_0) entered disabled state [ 2137.548482][T15668] device bridge_slave_0 entered promiscuous mode [ 2137.609929][T15668] bridge0: port 2(bridge_slave_1) entered blocking state [ 2137.618283][T15668] bridge0: port 2(bridge_slave_1) entered disabled state [ 2137.627608][T15668] device bridge_slave_1 entered promiscuous mode [ 2137.666195][T15668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2137.729165][T15668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2137.759417][T15668] team0: Port device team_slave_0 added [ 2137.769079][T15668] team0: Port device team_slave_1 added [ 2137.888213][T15668] device hsr_slave_0 entered promiscuous mode [ 2137.945412][T15668] device hsr_slave_1 entered promiscuous mode [ 2137.984501][T15668] debugfs: Directory 'hsr0' with parent '/' already present! [ 2138.218606][T15668] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2138.242001][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2138.251465][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2138.299927][T15668] 8021q: adding VLAN 0 to HW filter on device team0 [ 2138.314366][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2138.324843][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2138.333787][T10646] bridge0: port 1(bridge_slave_0) entered blocking state [ 2138.340921][T10646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2138.465147][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2138.474063][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2138.484050][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2138.493104][T10646] bridge0: port 2(bridge_slave_1) entered blocking state [ 2138.500221][T10646] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2138.556985][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2138.569166][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2138.579502][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2138.589536][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2138.601986][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2138.732919][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2138.743382][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2138.763758][T15668] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2138.775376][T15668] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2138.848544][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2138.861526][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2138.885285][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2138.906962][T15668] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2139.164058][T15683] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2139.176797][T15683] CPU: 0 PID: 15683 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2139.184381][T15683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2139.194444][T15683] Call Trace: [ 2139.197743][T15683] dump_stack+0x172/0x1f0 [ 2139.202088][T15683] dump_header+0x10b/0x82d [ 2139.206527][T15683] oom_kill_process.cold+0x10/0x15 [ 2139.211667][T15683] out_of_memory+0x334/0x1340 [ 2139.216350][T15683] ? __sched_text_start+0x8/0x8 [ 2139.221191][T15683] ? oom_killer_disable+0x280/0x280 [ 2139.226480][T15683] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2139.232008][T15683] ? memcg_stat_show+0xc40/0xc40 [ 2139.236931][T15683] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2139.242731][T15683] ? cgroup_file_notify+0x140/0x1b0 [ 2139.247912][T15683] memory_max_write+0x262/0x3a0 [ 2139.252745][T15683] ? mem_cgroup_write+0x370/0x370 [ 2139.257755][T15683] ? lock_acquire+0x190/0x410 [ 2139.262422][T15683] ? kernfs_fop_write+0x227/0x480 [ 2139.267429][T15683] cgroup_file_write+0x241/0x790 [ 2139.272347][T15683] ? mem_cgroup_write+0x370/0x370 [ 2139.277369][T15683] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2139.282997][T15683] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2139.288625][T15683] kernfs_fop_write+0x2b8/0x480 [ 2139.293456][T15683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2139.299677][T15683] __vfs_write+0x8a/0x110 [ 2139.303985][T15683] ? kernfs_fop_open+0xd80/0xd80 [ 2139.308916][T15683] vfs_write+0x268/0x5d0 [ 2139.313152][T15683] ksys_write+0x14f/0x290 [ 2139.317477][T15683] ? __ia32_sys_read+0xb0/0xb0 [ 2139.322297][T15683] ? do_syscall_64+0x26/0x760 [ 2139.326986][T15683] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2139.333037][T15683] ? do_syscall_64+0x26/0x760 [ 2139.337698][T15683] __x64_sys_write+0x73/0xb0 [ 2139.342282][T15683] do_syscall_64+0xfa/0x760 [ 2139.346766][T15683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2139.352646][T15683] RIP: 0033:0x459a29 [ 2139.356519][T15683] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2139.376102][T15683] RSP: 002b:00007fbf0024cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2139.384504][T15683] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2139.392454][T15683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 2139.400405][T15683] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2139.408354][T15683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbf0024d6d4 [ 2139.416302][T15683] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2139.428718][T15683] memory: usage 3180kB, limit 0kB, failcnt 353 [ 2139.436011][T15683] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2139.442891][T15683] Memory cgroup stats for [ 2139.442900][T15683] /syz4: [ 2139.443009][T15683] anon 2170880 [ 2139.443009][T15683] file 0 [ 2139.443009][T15683] kernel_stack 65536 [ 2139.443009][T15683] slab 802816 [ 2139.443009][T15683] sock 0 [ 2139.443009][T15683] shmem 0 [ 2139.443009][T15683] file_mapped 0 [ 2139.443009][T15683] file_dirty 0 [ 2139.443009][T15683] file_writeback 0 [ 2139.443009][T15683] anon_thp 2097152 [ 2139.443009][T15683] inactive_anon 0 [ 2139.443009][T15683] active_anon 2170880 [ 2139.443009][T15683] inactive_file 135168 [ 2139.443009][T15683] active_file 0 [ 2139.443009][T15683] unevictable 0 [ 2139.443009][T15683] slab_reclaimable 270336 [ 2139.443009][T15683] slab_unreclaimable 532480 [ 2139.443009][T15683] pgfault 211398 [ 2139.443009][T15683] pgmajfault 0 [ 2139.443009][T15683] workingset_refault 0 [ 2139.443009][T15683] workingset_activate 0 [ 2139.443009][T15683] workingset_nodereclaim 0 [ 2139.443009][T15683] pgrefill 148 [ 2139.443009][T15683] pgscan 138 [ 2139.443009][T15683] pgsteal 101 [ 2139.443009][T15683] pgactivate 33 [ 2139.544216][T15683] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15680,uid=0 [ 2139.565770][T15683] Memory cgroup out of memory: Killed process 15680 (syz-executor.4) total-vm:72708kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2139.588385][ T1065] oom_reaper: reaped process 15680 (syz-executor.4), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 13:02:07 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = gettid() write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000500)=r4, 0x12) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r5, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r5, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r6 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r7, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r6, 0x0, 0x0) 13:02:07 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0xd0083, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e02080000000000e400000000000400"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0xc) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f0000000840)=ANY=[@ANYPTR=&(0x7f0000000480)=ANY=[], @ANYRESOCT=r8, @ANYBLOB="00d662cdd3d6bc66361022d6ef59f432d2b1ea87640ccd1a46e14546c5ad85f58d5c19f3d0b38e007ab71dae135f8badf0c2c1ce6f8551e54757fa109218c8a2c7f92a7f", @ANYRES32=0x0, @ANYRESOCT=r2, @ANYRESHEX], 0x0, 0x3, 0xfffffffffffffe82, 0xffffffffffffffff}, 0xfffffffffffffceb) r9 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000400)='meTory.max\x00]\xf0\x19\xe2p\xe8F\xbb\\\xbf\xd3\xcf\xcc\x96t\xbb\x85Q^\xad\x0e\xd9\x97v\x81\xb7T\x11\xd1oG\xb3\x1c\xb3\x1bL\x19\x85_\x9fx>\xf2\x1a>\x03\xa8 \x17#Q\x93\xe6\x02D\xd0\xc2\xbd\xf9\xc8\xd5_\x17\x03', 0x2, 0x0) r10 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r4, &(0x7f0000000540)=r10, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r9, 0x0, 0x0) 13:02:07 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x7ffff000}], 0x1}, 0x20008844) 13:02:07 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:07 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:07 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293ed, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2139.754570][T15668] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2139.783717][T15668] CPU: 1 PID: 15668 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2139.791302][T15668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2139.801361][T15668] Call Trace: [ 2139.804674][T15668] dump_stack+0x172/0x1f0 [ 2139.809019][T15668] dump_header+0x10b/0x82d [ 2139.813447][T15668] ? oom_kill_process+0x94/0x3f0 [ 2139.818750][T15668] oom_kill_process.cold+0x10/0x15 [ 2139.823883][T15668] out_of_memory+0x334/0x1340 [ 2139.828577][T15668] ? lock_downgrade+0x920/0x920 [ 2139.833449][T15668] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2139.839283][T15668] ? oom_killer_disable+0x280/0x280 [ 2139.844511][T15668] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2139.850079][T15668] ? memcg_stat_show+0xc40/0xc40 [ 2139.855040][T15668] ? do_raw_spin_unlock+0x57/0x270 [ 2139.860172][T15668] ? _raw_spin_unlock+0x2d/0x50 [ 2139.865046][T15668] try_charge+0xf4b/0x1440 [ 2139.869493][T15668] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2139.875492][T15668] ? percpu_ref_tryget_live+0x111/0x290 [ 2139.881064][T15668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2139.887331][T15668] ? __kasan_check_read+0x11/0x20 [ 2139.892388][T15668] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2139.897964][T15668] mem_cgroup_try_charge+0x136/0x590 [ 2139.903292][T15668] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2139.908949][T15668] wp_page_copy+0x407/0x1860 [ 2139.913566][T15668] ? find_held_lock+0x35/0x130 [ 2139.918355][T15668] ? do_wp_page+0x53b/0x15c0 [ 2139.922972][T15668] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2139.928800][T15668] ? lock_downgrade+0x920/0x920 [ 2139.933680][T15668] ? swp_swapcount+0x540/0x540 [ 2139.938465][T15668] ? __kasan_check_read+0x11/0x20 [ 2139.943511][T15668] ? do_raw_spin_unlock+0x57/0x270 [ 2139.948669][T15668] do_wp_page+0x543/0x15c0 [ 2139.953119][T15668] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2139.958529][T15668] __handle_mm_fault+0x23ec/0x4040 [ 2139.963671][T15668] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2139.969241][T15668] ? handle_mm_fault+0x292/0xaa0 [ 2139.974210][T15668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2139.980483][T15668] ? __kasan_check_read+0x11/0x20 [ 2139.985540][T15668] handle_mm_fault+0x3b7/0xaa0 [ 2139.990334][T15668] __do_page_fault+0x536/0xdd0 [ 2139.995132][T15668] do_page_fault+0x38/0x590 [ 2139.999666][T15668] page_fault+0x39/0x40 [ 2140.003835][T15668] RIP: 0033:0x430b06 [ 2140.007741][T15668] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2140.027380][T15668] RSP: 002b:00007fff4d88d300 EFLAGS: 00010206 [ 2140.033461][T15668] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2140.041453][T15668] RDX: 0000000000c84930 RSI: 0000000000c8c970 RDI: 0000000000000003 [ 2140.049446][T15668] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000c83940 [ 2140.057434][T15668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2140.065418][T15668] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 13:02:08 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xfffffdef}], 0x1}, 0x20008844) [ 2140.096172][T15668] memory: usage 804kB, limit 0kB, failcnt 361 [ 2140.102455][T15668] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2140.113757][T15690] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2140.143537][T15689] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2140.156845][T15668] Memory cgroup stats for /syz4: [ 2140.156955][T15668] anon 0 [ 2140.156955][T15668] file 0 [ 2140.156955][T15668] kernel_stack 0 [ 2140.156955][T15668] slab 802816 [ 2140.156955][T15668] sock 0 [ 2140.156955][T15668] shmem 0 [ 2140.156955][T15668] file_mapped 0 [ 2140.156955][T15668] file_dirty 0 [ 2140.156955][T15668] file_writeback 0 [ 2140.156955][T15668] anon_thp 0 [ 2140.156955][T15668] inactive_anon 0 [ 2140.156955][T15668] active_anon 0 [ 2140.156955][T15668] inactive_file 135168 [ 2140.156955][T15668] active_file 0 [ 2140.156955][T15668] unevictable 0 [ 2140.156955][T15668] slab_reclaimable 270336 [ 2140.156955][T15668] slab_unreclaimable 532480 [ 2140.156955][T15668] pgfault 211431 [ 2140.156955][T15668] pgmajfault 0 [ 2140.156955][T15668] workingset_refault 0 [ 2140.156955][T15668] workingset_activate 0 [ 2140.156955][T15668] workingset_nodereclaim 0 [ 2140.156955][T15668] pgrefill 148 [ 2140.156955][T15668] pgscan 138 [ 2140.156955][T15668] pgsteal 101 [ 2140.156955][T15668] pgactivate 33 13:02:08 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x7, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2140.357560][T15668] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15668,uid=0 13:02:08 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffff1f}], 0x1}, 0x20008844) [ 2140.394784][T15668] Memory cgroup out of memory: Killed process 15668 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2140.482373][ T1065] oom_reaper: reaped process 15668 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2140.515896][ C0] net_ratelimit: 54 callbacks suppressed [ 2140.515905][ C0] protocol 88fb is buggy, dev hsr_slave_0 13:02:08 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffff80}], 0x1}, 0x20008844) [ 2140.515991][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2140.521619][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2140.527382][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2140.533137][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2140.538914][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2140.544554][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2140.550283][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2140.567639][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2140.573424][ C1] protocol 88fb is buggy, dev hsr_slave_1 13:02:08 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:08 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffff82}], 0x1}, 0x20008844) [ 2140.674570][T15704] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:09 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2141.125145][T15710] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2141.437553][T15719] IPVS: ftp: loaded support on port[0] = 21 [ 2141.775045][T15719] chnl_net:caif_netlink_parms(): no params data found [ 2141.870100][T15719] bridge0: port 1(bridge_slave_0) entered blocking state [ 2141.878758][T15719] bridge0: port 1(bridge_slave_0) entered disabled state [ 2141.888108][T15719] device bridge_slave_0 entered promiscuous mode [ 2141.897736][T15719] bridge0: port 2(bridge_slave_1) entered blocking state [ 2141.905352][T15719] bridge0: port 2(bridge_slave_1) entered disabled state [ 2141.915339][T15719] device bridge_slave_1 entered promiscuous mode [ 2142.005462][T15719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2142.019167][T15719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2142.101334][T15719] team0: Port device team_slave_0 added [ 2142.110293][T15719] team0: Port device team_slave_1 added [ 2142.298574][T15719] device hsr_slave_0 entered promiscuous mode [ 2142.415485][T15719] device hsr_slave_1 entered promiscuous mode [ 2142.464298][T15719] debugfs: Directory 'hsr0' with parent '/' already present! [ 2142.667218][T15719] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2142.690351][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2142.699689][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2142.716754][T15719] 8021q: adding VLAN 0 to HW filter on device team0 [ 2142.807742][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2142.817974][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2142.828136][T10646] bridge0: port 1(bridge_slave_0) entered blocking state [ 2142.835267][T10646] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2142.857921][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2142.868752][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2142.879223][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2142.889712][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 2142.896845][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2142.906568][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2143.059776][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2143.080684][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2143.107485][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2143.180699][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2143.190687][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2143.201672][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2143.278414][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2143.290116][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2143.309332][T15719] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2143.326659][T15719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2143.336406][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2143.346209][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2143.418339][T15719] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2143.632801][T15729] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2143.650539][T15728] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2143.710081][T15730] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. 13:02:11 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0xfffffffffffffd9f) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={r7, 0x2, 0x0, 0x0, 0x0, 0x15}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffff89}], 0x1}, 0x20008844) 13:02:11 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x8, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:11 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:11 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:11 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293ee, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2143.751032][T15729] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2143.858064][T15735] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2143.869069][T15736] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffffc0}], 0x1}, 0x20008844) [ 2144.133503][T15741] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2144.157184][T15741] CPU: 1 PID: 15741 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2144.164785][T15741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2144.174850][T15741] Call Trace: [ 2144.178159][T15741] dump_stack+0x172/0x1f0 [ 2144.182505][T15741] dump_header+0x10b/0x82d [ 2144.186938][T15741] oom_kill_process.cold+0x10/0x15 [ 2144.192070][T15741] out_of_memory+0x334/0x1340 [ 2144.196764][T15741] ? preempt_schedule_common+0x63/0xe0 [ 2144.202240][T15741] ? oom_killer_disable+0x280/0x280 [ 2144.207459][T15741] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2144.213012][T15741] ? memcg_stat_show+0xc40/0xc40 [ 2144.217972][T15741] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2144.223799][T15741] ? cgroup_file_notify+0x140/0x1b0 [ 2144.229018][T15741] memory_max_write+0x262/0x3a0 [ 2144.233891][T15741] ? mem_cgroup_write+0x370/0x370 [ 2144.238934][T15741] ? lock_acquire+0x190/0x410 [ 2144.243635][T15741] ? kernfs_fop_write+0x227/0x480 [ 2144.248684][T15741] cgroup_file_write+0x241/0x790 [ 2144.253637][T15741] ? mem_cgroup_write+0x370/0x370 [ 2144.258679][T15741] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2144.264334][T15741] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2144.269976][T15741] kernfs_fop_write+0x2b8/0x480 [ 2144.270000][T15741] __vfs_write+0x8a/0x110 [ 2144.270017][T15741] ? kernfs_fop_open+0xd80/0xd80 [ 2144.284111][T15741] vfs_write+0x268/0x5d0 [ 2144.288371][T15741] ksys_write+0x14f/0x290 [ 2144.292720][T15741] ? __ia32_sys_read+0xb0/0xb0 [ 2144.297505][T15741] ? do_syscall_64+0x26/0x760 [ 2144.302182][T15741] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2144.308241][T15741] ? do_syscall_64+0x26/0x760 [ 2144.308260][T15741] __x64_sys_write+0x73/0xb0 [ 2144.308276][T15741] do_syscall_64+0xfa/0x760 [ 2144.308293][T15741] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2144.308304][T15741] RIP: 0033:0x459a29 13:02:12 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffffc2}], 0x1}, 0x20008844) [ 2144.308319][T15741] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2144.308331][T15741] RSP: 002b:00007f6e1b64ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2144.317564][T15741] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2144.317572][T15741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 13:02:12 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xa, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:12 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x9, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2144.317580][T15741] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2144.317588][T15741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e1b64b6d4 [ 2144.317597][T15741] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2144.403089][T15741] memory: usage 3712kB, limit 0kB, failcnt 1136 13:02:12 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0xffffffe0}], 0x1}, 0x20008844) [ 2144.430683][T15741] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2144.460800][T15741] Memory cgroup stats for /syz2: [ 2144.464667][T15741] anon 2289664 [ 2144.464667][T15741] file 0 [ 2144.464667][T15741] kernel_stack 65536 [ 2144.464667][T15741] slab 1200128 [ 2144.464667][T15741] sock 0 [ 2144.464667][T15741] shmem 0 [ 2144.464667][T15741] file_mapped 0 [ 2144.464667][T15741] file_dirty 0 [ 2144.464667][T15741] file_writeback 0 [ 2144.464667][T15741] anon_thp 2097152 [ 2144.464667][T15741] inactive_anon 0 [ 2144.464667][T15741] active_anon 2211840 [ 2144.464667][T15741] inactive_file 0 [ 2144.464667][T15741] active_file 0 [ 2144.464667][T15741] unevictable 0 [ 2144.464667][T15741] slab_reclaimable 405504 [ 2144.464667][T15741] slab_unreclaimable 794624 [ 2144.464667][T15741] pgfault 192522 [ 2144.464667][T15741] pgmajfault 0 [ 2144.464667][T15741] workingset_refault 0 [ 2144.464667][T15741] workingset_activate 0 [ 2144.464667][T15741] workingset_nodereclaim 0 [ 2144.464667][T15741] pgrefill 70 [ 2144.464667][T15741] pgscan 68 [ 2144.464667][T15741] pgsteal 33 [ 2144.464667][T15741] pgactivate 33 13:02:12 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2}, 0x20008844) [ 2144.638106][T15755] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2144.819286][T15741] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15740,uid=0 [ 2144.846094][T15741] Memory cgroup out of memory: Killed process 15740 (syz-executor.2) total-vm:72572kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2144.875489][ T1065] oom_reaper: reaped process 15740 (syz-executor.2), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 2144.923952][T15742] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:13 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:13 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xa, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:13 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3}, 0x20008844) 13:02:13 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2145.264880][T15719] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0 [ 2145.287759][T15719] CPU: 0 PID: 15719 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2145.295355][T15719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2145.305413][T15719] Call Trace: [ 2145.305433][T15719] dump_stack+0x172/0x1f0 [ 2145.305450][T15719] dump_header+0x10b/0x82d [ 2145.305461][T15719] ? oom_kill_process+0x94/0x3f0 [ 2145.305475][T15719] oom_kill_process.cold+0x10/0x15 [ 2145.305490][T15719] out_of_memory+0x334/0x1340 [ 2145.305503][T15719] ? lock_downgrade+0x920/0x920 [ 2145.305519][T15719] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2145.305537][T15719] ? oom_killer_disable+0x280/0x280 [ 2145.313142][T15719] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2145.313157][T15719] ? memcg_stat_show+0xc40/0xc40 [ 2145.313176][T15719] ? do_raw_spin_unlock+0x57/0x270 [ 2145.327611][T15719] ? _raw_spin_unlock+0x2d/0x50 [ 2145.327630][T15719] try_charge+0xf4b/0x1440 [ 2145.327656][T15719] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2145.327669][T15719] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2145.327688][T15719] ? cache_grow_begin+0x122/0xd20 [ 2145.327702][T15719] ? find_held_lock+0x35/0x130 [ 2145.327717][T15719] ? cache_grow_begin+0x122/0xd20 [ 2145.327735][T15719] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2145.327752][T15719] ? lock_downgrade+0x920/0x920 [ 2145.337282][T15719] ? memcg_kmem_put_cache+0x50/0x50 [ 2145.337299][T15719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2145.337315][T15719] ? __kasan_check_read+0x11/0x20 [ 2145.337334][T15719] cache_grow_begin+0x629/0xd20 [ 2145.337348][T15719] ? __sanitizer_cov_trace_cmp4+0x1/0x20 [ 2145.337362][T15719] ? mempolicy_slab_node+0x139/0x390 [ 2145.337378][T15719] fallback_alloc+0x1fd/0x2d0 [ 2145.337397][T15719] ____cache_alloc_node+0x1bc/0x1d0 [ 2145.337411][T15719] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2145.337432][T15719] kmem_cache_alloc+0x1ef/0x710 [ 2145.348409][T15719] ? stack_trace_save+0xac/0xe0 [ 2145.348429][T15719] __alloc_file+0x27/0x340 [ 2145.348445][T15719] alloc_empty_file+0x72/0x170 [ 2145.348465][T15719] path_openat+0xef/0x46d0 [ 2145.358954][T15719] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2145.358966][T15719] ? kasan_slab_alloc+0xf/0x20 [ 2145.358981][T15719] ? kmem_cache_alloc+0x121/0x710 [ 2145.358993][T15719] ? getname_flags+0xd6/0x5b0 [ 2145.359008][T15719] ? getname+0x1a/0x20 [ 2145.368938][T15719] ? do_sys_open+0x2c9/0x5d0 [ 2145.368952][T15719] ? __x64_sys_open+0x7e/0xc0 [ 2145.368969][T15719] ? __kasan_check_read+0x11/0x20 [ 2145.368987][T15719] ? mark_lock+0xc2/0x1220 [ 2145.378908][T15719] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2145.378930][T15719] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 2145.378953][T15719] ? ehci_endpoint_reset+0xf0/0x370 [ 2145.378966][T15719] ? __alloc_fd+0x487/0x620 [ 2145.378986][T15719] do_filp_open+0x1a1/0x280 [ 2145.379000][T15719] ? may_open_dev+0x100/0x100 [ 2145.379013][T15719] ? lock_downgrade+0x920/0x920 [ 2145.379025][T15719] ? rwlock_bug.part.0+0x90/0x90 [ 2145.379042][T15719] ? __kasan_check_read+0x11/0x20 [ 2145.379058][T15719] ? do_raw_spin_unlock+0x57/0x270 [ 2145.394341][T15719] ? _raw_spin_unlock+0x2d/0x50 [ 2145.394355][T15719] ? __alloc_fd+0x487/0x620 [ 2145.394379][T15719] do_sys_open+0x3fe/0x5d0 [ 2145.394397][T15719] ? filp_open+0x80/0x80 [ 2145.394415][T15719] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2145.394427][T15719] ? do_syscall_64+0x26/0x760 [ 2145.394440][T15719] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2145.394452][T15719] ? do_syscall_64+0x26/0x760 [ 2145.394471][T15719] __x64_sys_open+0x7e/0xc0 [ 2145.394486][T15719] do_syscall_64+0xfa/0x760 [ 2145.394504][T15719] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2145.394514][T15719] RIP: 0033:0x4138f0 [ 2145.394526][T15719] Code: 05 48 3d 01 f0 ff ff 0f 83 2d 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 3d 9d 29 66 00 00 75 14 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff [ 2145.394532][T15719] RSP: 002b:00007ffccfb1a7d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 2145.394543][T15719] RAX: ffffffffffffffda RBX: 000000000020b9c6 RCX: 00000000004138f0 [ 2145.394550][T15719] RDX: 00007ffccfb1a86a RSI: 0000000000000002 RDI: 00007ffccfb1a860 [ 2145.394557][T15719] RBP: 0000000000000006 R08: 0000000000000000 R09: 000000000000000a [ 2145.394563][T15719] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 2145.394570][T15719] R13: 00007ffccfb1a810 R14: 000000000020b669 R15: 00007ffccfb1a820 [ 2145.476068][T15719] memory: usage 1372kB, limit 0kB, failcnt 1152 [ 2145.624243][T15719] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2145.805462][T15719] Memory cgroup stats for /syz2: [ 2145.807319][T15719] anon 8192 [ 2145.807319][T15719] file 0 [ 2145.807319][T15719] kernel_stack 0 [ 2145.807319][T15719] slab 1200128 [ 2145.807319][T15719] sock 0 [ 2145.807319][T15719] shmem 0 [ 2145.807319][T15719] file_mapped 0 [ 2145.807319][T15719] file_dirty 0 [ 2145.807319][T15719] file_writeback 0 [ 2145.807319][T15719] anon_thp 0 [ 2145.807319][T15719] inactive_anon 0 [ 2145.807319][T15719] active_anon 8192 [ 2145.807319][T15719] inactive_file 0 [ 2145.807319][T15719] active_file 0 [ 2145.807319][T15719] unevictable 0 [ 2145.807319][T15719] slab_reclaimable 405504 [ 2145.807319][T15719] slab_unreclaimable 794624 [ 2145.807319][T15719] pgfault 192522 [ 2145.807319][T15719] pgmajfault 0 [ 2145.807319][T15719] workingset_refault 0 [ 2145.807319][T15719] workingset_activate 0 [ 2145.807319][T15719] workingset_nodereclaim 0 [ 2145.807319][T15719] pgrefill 70 [ 2145.807319][T15719] pgscan 68 [ 2145.807319][T15719] pgsteal 33 [ 2145.807319][T15719] pgactivate 33 [ 2145.807319][T15719] pgdeactivate 70 [ 2145.943801][T15719] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15719,uid=0 [ 2145.960964][T15719] Memory cgroup out of memory: Killed process 15719 (syz-executor.2) total-vm:72440kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2145.979514][ T1065] oom_reaper: reaped process 15719 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2145.997779][T15777] IPVS: ftp: loaded support on port[0] = 21 [ 2146.484009][T15777] chnl_net:caif_netlink_parms(): no params data found [ 2146.619991][T15777] bridge0: port 1(bridge_slave_0) entered blocking state [ 2146.627598][T15777] bridge0: port 1(bridge_slave_0) entered disabled state [ 2146.636761][T15777] device bridge_slave_0 entered promiscuous mode [ 2146.646147][T15777] bridge0: port 2(bridge_slave_1) entered blocking state [ 2146.653306][T15777] bridge0: port 2(bridge_slave_1) entered disabled state [ 2146.662607][T15777] device bridge_slave_1 entered promiscuous mode [ 2146.729996][T15777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2146.743235][T15777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2146.817012][T15777] team0: Port device team_slave_0 added [ 2146.826007][T15777] team0: Port device team_slave_1 added [ 2146.948924][T15777] device hsr_slave_0 entered promiscuous mode [ 2146.985563][T15777] device hsr_slave_1 entered promiscuous mode [ 2147.034326][T15777] debugfs: Directory 'hsr0' with parent '/' already present! [ 2147.175099][T15777] bridge0: port 2(bridge_slave_1) entered blocking state [ 2147.182226][T15777] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2147.189673][T15777] bridge0: port 1(bridge_slave_0) entered blocking state [ 2147.196778][T15777] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2147.276129][T15777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2147.297596][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2147.310908][ T1923] bridge0: port 1(bridge_slave_0) entered disabled state [ 2147.327794][ T1923] bridge0: port 2(bridge_slave_1) entered disabled state [ 2147.338313][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2147.402204][T15777] 8021q: adding VLAN 0 to HW filter on device team0 [ 2147.422171][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2147.431669][ T1923] bridge0: port 1(bridge_slave_0) entered blocking state [ 2147.438796][ T1923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2147.460006][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2147.469067][T13302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2147.476199][T13302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2147.548508][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2147.559847][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2147.582306][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2147.592858][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2147.606067][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2147.616471][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2147.689124][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2147.702157][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2147.712467][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2147.725650][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2147.736466][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2147.750409][T15777] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2147.859551][T15777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2148.319423][T15788] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2148.330213][T15788] CPU: 0 PID: 15788 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2148.337767][T15788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2148.347921][T15788] Call Trace: [ 2148.351219][T15788] dump_stack+0x172/0x1f0 [ 2148.355555][T15788] dump_header+0x10b/0x82d [ 2148.359972][T15788] oom_kill_process.cold+0x10/0x15 [ 2148.365087][T15788] out_of_memory+0x334/0x1340 [ 2148.369763][T15788] ? __sched_text_start+0x8/0x8 [ 2148.374717][T15788] ? oom_killer_disable+0x280/0x280 [ 2148.379925][T15788] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2148.385480][T15788] ? memcg_stat_show+0xc40/0xc40 [ 2148.390427][T15788] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2148.396757][T15788] ? cgroup_file_notify+0x140/0x1b0 [ 2148.401961][T15788] memory_max_write+0x262/0x3a0 [ 2148.406817][T15788] ? mem_cgroup_write+0x370/0x370 [ 2148.411864][T15788] ? lock_acquire+0x190/0x410 [ 2148.416545][T15788] ? kernfs_fop_write+0x227/0x480 [ 2148.421577][T15788] cgroup_file_write+0x241/0x790 [ 2148.426551][T15788] ? mem_cgroup_write+0x370/0x370 [ 2148.431662][T15788] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2148.437312][T15788] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2148.442947][T15788] kernfs_fop_write+0x2b8/0x480 [ 2148.447805][T15788] __vfs_write+0x8a/0x110 [ 2148.452130][T15788] ? kernfs_fop_open+0xd80/0xd80 [ 2148.457068][T15788] vfs_write+0x268/0x5d0 [ 2148.461314][T15788] ksys_write+0x14f/0x290 [ 2148.465644][T15788] ? __ia32_sys_read+0xb0/0xb0 [ 2148.470410][T15788] ? do_syscall_64+0x26/0x760 [ 2148.475091][T15788] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2148.481155][T15788] ? do_syscall_64+0x26/0x760 [ 2148.485836][T15788] __x64_sys_write+0x73/0xb0 [ 2148.490428][T15788] do_syscall_64+0xfa/0x760 [ 2148.494936][T15788] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2148.500827][T15788] RIP: 0033:0x459a29 [ 2148.504722][T15788] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2148.524413][T15788] RSP: 002b:00007f7bbf376c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2148.532825][T15788] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2148.540813][T15788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2148.548794][T15788] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2148.557458][T15788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bbf3776d4 [ 2148.565428][T15788] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2148.599228][T15788] memory: usage 3236kB, limit 0kB, failcnt 362 [ 2148.616096][T15788] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2148.623306][T15788] Memory cgroup stats for /syz4: [ 2148.626653][T15788] anon 2072576 [ 2148.626653][T15788] file 0 [ 2148.626653][T15788] kernel_stack 65536 [ 2148.626653][T15788] slab 802816 [ 2148.626653][T15788] sock 0 [ 2148.626653][T15788] shmem 0 [ 2148.626653][T15788] file_mapped 0 [ 2148.626653][T15788] file_dirty 0 [ 2148.626653][T15788] file_writeback 0 [ 2148.626653][T15788] anon_thp 2097152 [ 2148.626653][T15788] inactive_anon 0 [ 2148.626653][T15788] active_anon 2072576 [ 2148.626653][T15788] inactive_file 135168 [ 2148.626653][T15788] active_file 0 [ 2148.626653][T15788] unevictable 0 [ 2148.626653][T15788] slab_reclaimable 270336 [ 2148.626653][T15788] slab_unreclaimable 532480 [ 2148.626653][T15788] pgfault 211497 [ 2148.626653][T15788] pgmajfault 0 [ 2148.626653][T15788] workingset_refault 0 [ 2148.626653][T15788] workingset_activate 0 [ 2148.626653][T15788] workingset_nodereclaim 0 [ 2148.626653][T15788] pgrefill 148 [ 2148.626653][T15788] pgscan 138 [ 2148.626653][T15788] pgsteal 101 [ 2148.626653][T15788] pgactivate 33 [ 2148.728079][T15788] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15787,uid=0 [ 2148.745365][T15788] Memory cgroup out of memory: Killed process 15787 (syz-executor.4) total-vm:72708kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2148.783385][ T1065] oom_reaper: reaped process 15787 (syz-executor.4), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:02:17 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:17 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xb, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:17 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x4}, 0x20008844) 13:02:17 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x293ef, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:17 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00018003000000010000000000000e0208000000000000000000000000000400000000005f00000000e5ff00000000"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2149.227284][T15777] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2149.267778][T15777] CPU: 1 PID: 15777 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2149.275377][T15777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2149.285445][T15777] Call Trace: [ 2149.288758][T15777] dump_stack+0x172/0x1f0 [ 2149.293116][T15777] dump_header+0x10b/0x82d [ 2149.297552][T15777] ? oom_kill_process+0x94/0x3f0 [ 2149.302507][T15777] oom_kill_process.cold+0x10/0x15 [ 2149.307640][T15777] out_of_memory+0x334/0x1340 [ 2149.312336][T15777] ? lock_downgrade+0x920/0x920 [ 2149.317203][T15777] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2149.323027][T15777] ? oom_killer_disable+0x280/0x280 [ 2149.328249][T15777] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2149.333812][T15777] ? memcg_stat_show+0xc40/0xc40 [ 2149.338790][T15777] ? do_raw_spin_unlock+0x57/0x270 [ 2149.343925][T15777] ? _raw_spin_unlock+0x2d/0x50 [ 2149.348824][T15777] try_charge+0xf4b/0x1440 [ 2149.353273][T15777] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2149.358837][T15777] ? percpu_ref_tryget_live+0x111/0x290 [ 2149.364405][T15777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2149.371190][T15777] ? __kasan_check_read+0x11/0x20 [ 2149.376321][T15777] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2149.382240][T15777] mem_cgroup_try_charge+0x136/0x590 [ 2149.387555][T15777] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2149.393210][T15777] wp_page_copy+0x407/0x1860 [ 2149.397822][T15777] ? find_held_lock+0x35/0x130 [ 2149.402608][T15777] ? do_wp_page+0x53b/0x15c0 [ 2149.407219][T15777] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2149.409152][T15801] __nla_validate_parse: 1 callbacks suppressed [ 2149.409161][T15801] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2149.413041][T15777] ? lock_downgrade+0x920/0x920 [ 2149.413067][T15777] ? swp_swapcount+0x540/0x540 [ 2149.438276][T15777] ? __kasan_check_read+0x11/0x20 [ 2149.443319][T15777] ? do_raw_spin_unlock+0x57/0x270 [ 2149.448455][T15777] do_wp_page+0x543/0x15c0 [ 2149.452900][T15777] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2149.458299][T15777] __handle_mm_fault+0x23ec/0x4040 [ 2149.463422][T15777] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2149.468978][T15777] ? handle_mm_fault+0x292/0xaa0 [ 2149.469005][T15777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2149.480179][T15777] ? __kasan_check_read+0x11/0x20 [ 2149.480199][T15777] handle_mm_fault+0x3b7/0xaa0 [ 2149.480223][T15777] __do_page_fault+0x536/0xdd0 [ 2149.495001][T15777] do_page_fault+0x38/0x590 [ 2149.495022][T15777] page_fault+0x39/0x40 [ 2149.495032][T15777] RIP: 0033:0x430b06 [ 2149.495051][T15777] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2149.503669][T15777] RSP: 002b:00007ffe7bf8d6f0 EFLAGS: 00010206 [ 2149.503681][T15777] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2149.503689][T15777] RDX: 0000000001f69930 RSI: 0000000001f71970 RDI: 0000000000000003 [ 2149.503697][T15777] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001f68940 [ 2149.503705][T15777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 13:02:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x5}, 0x20008844) [ 2149.503719][T15777] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2149.574537][ C1] net_ratelimit: 30 callbacks suppressed [ 2149.574546][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2149.586044][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2149.586154][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2149.586198][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2149.586300][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2149.586345][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2149.586460][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2149.586505][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2149.586597][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2149.586647][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2149.592388][T15777] memory: usage 852kB, limit 0kB, failcnt 370 [ 2149.610776][T15777] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2149.617602][T15777] Memory cgroup stats for /syz4: [ 2149.617712][T15777] anon 0 [ 2149.617712][T15777] file 0 [ 2149.617712][T15777] kernel_stack 0 [ 2149.617712][T15777] slab 802816 [ 2149.617712][T15777] sock 0 [ 2149.617712][T15777] shmem 0 [ 2149.617712][T15777] file_mapped 0 [ 2149.617712][T15777] file_dirty 0 [ 2149.617712][T15777] file_writeback 0 [ 2149.617712][T15777] anon_thp 0 [ 2149.617712][T15777] inactive_anon 0 [ 2149.617712][T15777] active_anon 0 [ 2149.617712][T15777] inactive_file 135168 [ 2149.617712][T15777] active_file 0 [ 2149.617712][T15777] unevictable 0 [ 2149.617712][T15777] slab_reclaimable 270336 [ 2149.617712][T15777] slab_unreclaimable 532480 [ 2149.617712][T15777] pgfault 211497 [ 2149.617712][T15777] pgmajfault 0 [ 2149.617712][T15777] workingset_refault 0 [ 2149.617712][T15777] workingset_activate 0 [ 2149.617712][T15777] workingset_nodereclaim 0 [ 2149.617712][T15777] pgrefill 148 [ 2149.617712][T15777] pgscan 138 [ 2149.617712][T15777] pgsteal 101 [ 2149.617712][T15777] pgactivate 33 [ 2149.635543][T15777] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15777,uid=0 13:02:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x6}, 0x20008844) [ 2149.665971][T15777] Memory cgroup out of memory: Killed process 15777 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:0 13:02:17 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x60, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2149.851543][T15798] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:17 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xc, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x7}, 0x20008844) 13:02:18 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x8}, 0x20008844) 13:02:18 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:18 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:18 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x9}, 0x20008844) [ 2150.499336][T15817] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2150.534696][T15796] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:18 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xe, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2150.860113][T15834] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2150.904793][T15832] IPVS: ftp: loaded support on port[0] = 21 13:02:18 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2151.186245][T15832] chnl_net:caif_netlink_parms(): no params data found [ 2151.377077][T15832] bridge0: port 1(bridge_slave_0) entered blocking state [ 2151.384357][T15832] bridge0: port 1(bridge_slave_0) entered disabled state [ 2151.396405][T15832] device bridge_slave_0 entered promiscuous mode [ 2151.405809][T15832] bridge0: port 2(bridge_slave_1) entered blocking state [ 2151.412984][T15832] bridge0: port 2(bridge_slave_1) entered disabled state [ 2151.422253][T15832] device bridge_slave_1 entered promiscuous mode [ 2151.505744][T15832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2151.567798][T15832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2151.594232][T15832] team0: Port device team_slave_0 added [ 2151.662567][T15832] team0: Port device team_slave_1 added [ 2151.728494][T15832] device hsr_slave_0 entered promiscuous mode [ 2151.805713][T15832] device hsr_slave_1 entered promiscuous mode [ 2151.844270][T15832] debugfs: Directory 'hsr0' with parent '/' already present! [ 2151.908841][T15832] bridge0: port 2(bridge_slave_1) entered blocking state [ 2151.916001][T15832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2151.923366][T15832] bridge0: port 1(bridge_slave_0) entered blocking state [ 2151.930492][T15832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2152.083430][T15832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2152.146570][ T1923] bridge0: port 1(bridge_slave_0) entered disabled state [ 2152.166303][ T1923] bridge0: port 2(bridge_slave_1) entered disabled state [ 2152.233723][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2152.243618][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2152.255879][T15832] 8021q: adding VLAN 0 to HW filter on device team0 [ 2152.317276][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2152.327387][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2152.337510][ T1923] bridge0: port 1(bridge_slave_0) entered blocking state [ 2152.344638][ T1923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2152.420062][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2152.430488][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2152.439875][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 2152.446987][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2152.467772][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2152.477816][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2152.497879][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2152.508232][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2152.518148][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2152.528774][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2152.593798][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2152.605937][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2152.616028][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2152.686914][T15832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2152.699016][T15832] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2152.710288][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2152.720609][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2152.810114][T15832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2153.101745][T15846] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2153.112187][T15846] CPU: 1 PID: 15846 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2153.119740][T15846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2153.129799][T15846] Call Trace: [ 2153.133101][T15846] dump_stack+0x172/0x1f0 [ 2153.137448][T15846] dump_header+0x10b/0x82d [ 2153.141870][T15846] oom_kill_process.cold+0x10/0x15 [ 2153.146989][T15846] out_of_memory+0x334/0x1340 [ 2153.151671][T15846] ? __sched_text_start+0x8/0x8 [ 2153.156532][T15846] ? oom_killer_disable+0x280/0x280 [ 2153.161751][T15846] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2153.167301][T15846] ? memcg_stat_show+0xc40/0xc40 [ 2153.172385][T15846] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2153.178214][T15846] ? cgroup_file_notify+0x140/0x1b0 [ 2153.183427][T15846] memory_max_write+0x262/0x3a0 [ 2153.188296][T15846] ? mem_cgroup_write+0x370/0x370 [ 2153.193322][T15846] ? lock_acquire+0x190/0x410 [ 2153.198015][T15846] ? kernfs_fop_write+0x227/0x480 [ 2153.203045][T15846] cgroup_file_write+0x241/0x790 [ 2153.207988][T15846] ? mem_cgroup_write+0x370/0x370 [ 2153.213013][T15846] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2153.218655][T15846] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2153.224294][T15846] kernfs_fop_write+0x2b8/0x480 [ 2153.229151][T15846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2153.235401][T15846] __vfs_write+0x8a/0x110 [ 2153.239731][T15846] ? kernfs_fop_open+0xd80/0xd80 [ 2153.244671][T15846] vfs_write+0x268/0x5d0 [ 2153.248936][T15846] ksys_write+0x14f/0x290 [ 2153.253287][T15846] ? __ia32_sys_read+0xb0/0xb0 [ 2153.258060][T15846] ? do_syscall_64+0x26/0x760 [ 2153.262741][T15846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2153.268810][T15846] ? do_syscall_64+0x26/0x760 [ 2153.273493][T15846] __x64_sys_write+0x73/0xb0 [ 2153.278092][T15846] do_syscall_64+0xfa/0x760 [ 2153.282600][T15846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2153.288493][T15846] RIP: 0033:0x459a29 [ 2153.292387][T15846] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2153.311996][T15846] RSP: 002b:00007fec5d632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2153.320421][T15846] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2153.329010][T15846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2153.336988][T15846] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2153.344957][T15846] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fec5d6336d4 [ 2153.353626][T15846] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2153.363968][T15846] memory: usage 3648kB, limit 0kB, failcnt 1153 [ 2153.376199][T15846] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2153.383245][T15846] Memory cgroup stats for /syz2: [ 2153.383365][T15846] anon 2093056 [ 2153.383365][T15846] file 0 [ 2153.383365][T15846] kernel_stack 65536 [ 2153.383365][T15846] slab 1200128 [ 2153.383365][T15846] sock 0 [ 2153.383365][T15846] shmem 0 [ 2153.383365][T15846] file_mapped 0 [ 2153.383365][T15846] file_dirty 0 [ 2153.383365][T15846] file_writeback 0 [ 2153.383365][T15846] anon_thp 2097152 [ 2153.383365][T15846] inactive_anon 0 [ 2153.383365][T15846] active_anon 2093056 [ 2153.383365][T15846] inactive_file 0 [ 2153.383365][T15846] active_file 0 [ 2153.383365][T15846] unevictable 0 [ 2153.383365][T15846] slab_reclaimable 405504 [ 2153.383365][T15846] slab_unreclaimable 794624 [ 2153.383365][T15846] pgfault 192621 [ 2153.383365][T15846] pgmajfault 0 [ 2153.383365][T15846] workingset_refault 0 [ 2153.383365][T15846] workingset_activate 0 [ 2153.383365][T15846] workingset_nodereclaim 0 [ 2153.383365][T15846] pgrefill 70 [ 2153.383365][T15846] pgscan 68 [ 2153.383365][T15846] pgsteal 33 [ 2153.383365][T15846] pgactivate 33 [ 2153.478232][T15846] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15845,uid=0 [ 2153.494548][T15846] Memory cgroup out of memory: Killed process 15845 (syz-executor.2) total-vm:72708kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2153.514581][ T1065] oom_reaper: reaped process 15845 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:02:21 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[], 0x0, 0x4, 0x58, 0x3}, 0x20) r9 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r10 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r10, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r9, 0x0, 0x0) 13:02:21 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:21 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xa}, 0x20008844) 13:02:21 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x34000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:21 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:21 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2153.997248][T15832] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2154.043310][T15832] CPU: 0 PID: 15832 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2154.050924][T15832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2154.060995][T15832] Call Trace: [ 2154.064309][T15832] dump_stack+0x172/0x1f0 [ 2154.068662][T15832] dump_header+0x10b/0x82d [ 2154.073083][T15832] ? oom_kill_process+0x94/0x3f0 [ 2154.078034][T15832] oom_kill_process.cold+0x10/0x15 [ 2154.083168][T15832] out_of_memory+0x334/0x1340 [ 2154.087867][T15832] ? lock_downgrade+0x920/0x920 [ 2154.092737][T15832] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2154.098558][T15832] ? oom_killer_disable+0x280/0x280 [ 2154.103795][T15832] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2154.109454][T15832] ? memcg_stat_show+0xc40/0xc40 [ 2154.114416][T15832] ? do_raw_spin_unlock+0x57/0x270 [ 2154.119545][T15832] ? _raw_spin_unlock+0x2d/0x50 [ 2154.124416][T15832] try_charge+0xf4b/0x1440 [ 2154.128867][T15832] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2154.134438][T15832] ? percpu_ref_tryget_live+0x111/0x290 [ 2154.140006][T15832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2154.146265][T15832] ? __kasan_check_read+0x11/0x20 [ 2154.151315][T15832] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2154.156881][T15832] mem_cgroup_try_charge+0x136/0x590 [ 2154.162193][T15832] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2154.167853][T15832] wp_page_copy+0x407/0x1860 [ 2154.172473][T15832] ? find_held_lock+0x35/0x130 [ 2154.177258][T15832] ? do_wp_page+0x53b/0x15c0 [ 2154.181871][T15832] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2154.187699][T15832] ? lock_downgrade+0x920/0x920 [ 2154.192575][T15832] ? swp_swapcount+0x540/0x540 [ 2154.197370][T15832] ? __kasan_check_read+0x11/0x20 [ 2154.202408][T15832] ? do_raw_spin_unlock+0x57/0x270 [ 2154.207539][T15832] do_wp_page+0x543/0x15c0 [ 2154.211977][T15832] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2154.217376][T15832] __handle_mm_fault+0x23ec/0x4040 [ 2154.222491][T15832] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2154.222505][T15832] ? handle_mm_fault+0x292/0xaa0 [ 2154.222534][T15832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2154.222550][T15832] ? __kasan_check_read+0x11/0x20 13:02:22 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xb}, 0x20008844) [ 2154.239360][T15858] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2154.244257][T15832] handle_mm_fault+0x3b7/0xaa0 [ 2154.244279][T15832] __do_page_fault+0x536/0xdd0 [ 2154.244299][T15832] do_page_fault+0x38/0x590 [ 2154.244317][T15832] page_fault+0x39/0x40 [ 2154.244327][T15832] RIP: 0033:0x430b06 [ 2154.244340][T15832] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2154.244347][T15832] RSP: 002b:00007ffc8ae5c960 EFLAGS: 00010206 [ 2154.244357][T15832] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2154.244371][T15832] RDX: 000000000207f930 RSI: 0000000002087970 RDI: 0000000000000003 [ 2154.275675][T15832] RBP: 0000000000008041 R08: 0000000000000001 R09: 000000000207e940 [ 2154.275684][T15832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2154.275692][T15832] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2154.345341][T15857] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:22 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xc}, 0x20008844) 13:02:22 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x11, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:22 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xe00, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:22 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xd}, 0x20008844) [ 2154.595299][T15832] memory: usage 1276kB, limit 0kB, failcnt 1161 [ 2154.605772][T15832] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2154.625092][T15832] Memory cgroup stats for /syz2: [ 2154.625201][T15832] anon 0 [ 2154.625201][T15832] file 0 [ 2154.625201][T15832] kernel_stack 0 [ 2154.625201][T15832] slab 1200128 [ 2154.625201][T15832] sock 0 [ 2154.625201][T15832] shmem 0 [ 2154.625201][T15832] file_mapped 0 [ 2154.625201][T15832] file_dirty 0 [ 2154.625201][T15832] file_writeback 0 [ 2154.625201][T15832] anon_thp 0 [ 2154.625201][T15832] inactive_anon 0 [ 2154.625201][T15832] active_anon 0 [ 2154.625201][T15832] inactive_file 0 [ 2154.625201][T15832] active_file 0 [ 2154.625201][T15832] unevictable 0 [ 2154.625201][T15832] slab_reclaimable 405504 [ 2154.625201][T15832] slab_unreclaimable 794624 [ 2154.625201][T15832] pgfault 192621 [ 2154.625201][T15832] pgmajfault 0 [ 2154.625201][T15832] workingset_refault 0 [ 2154.625201][T15832] workingset_activate 0 [ 2154.625201][T15832] workingset_nodereclaim 0 [ 2154.625201][T15832] pgrefill 70 [ 2154.625201][T15832] pgscan 68 [ 2154.625201][T15832] pgsteal 33 [ 2154.625201][T15832] pgactivate 33 [ 2154.625201][T15832] pgdeactivate 70 [ 2154.674210][ C1] net_ratelimit: 34 callbacks suppressed [ 2154.674219][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2154.732426][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2154.738355][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2154.744215][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2154.750069][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2154.755929][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2154.761785][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2154.764313][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2154.767605][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2154.773303][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2154.785013][T15832] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15832,uid=0 [ 2154.800858][T15868] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:22 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xe}, 0x20008844) [ 2154.874421][T15832] Memory cgroup out of memory: Killed process 15832 (syz-executor.2) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2154.973733][T15859] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:23 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffee6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = gettid() perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf79e, 0xfffffffffffffffd, 0x4, 0x9, 0xad1, 0x2, 0x3f, 0x0, 0xfffffffffffffff8, 0x100, 0xe4, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x1}, 0x4001, 0x0, 0x2, 0x0, 0x79ca, 0x5, 0x80}, r3, 0xd, r2, 0xa) perf_event_open(0x0, r3, 0xffffffffffffffff, r2, 0x1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={0x0, r2, 0x0, 0x13, &(0x7f0000000380)='cgroup.controllers\x00'}, 0x30) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x1f, 0x0, 0x5, 0x2, 0x0, 0xfffd}, 0x0, 0x100002, r2, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208383b1c2d3a56ac1d95b0f900000000000000000000000000040000000000"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r7 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r8 = gettid() write$cgroup_pid(r7, &(0x7f0000000500)=r8, 0x12) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r9, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r9, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="8b165de67b22ae915e35b2df17f240ee5348108bbf99ddde50c036f3a0a35dcb914463806b919489f4c6ae156822f9ac8b6bd8e9fc67274b05"], 0x0, 0xfffffffffffffddf, 0x78, 0xffffffffffffffff}, 0xfffffffffffffceb) r10 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r11 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r7, &(0x7f0000000540)=r11, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r4, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r6, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r10, 0x0, 0x0) [ 2155.779717][T15884] IPVS: ftp: loaded support on port[0] = 21 [ 2156.037625][T15884] chnl_net:caif_netlink_parms(): no params data found [ 2156.128315][T15884] bridge0: port 1(bridge_slave_0) entered blocking state [ 2156.136662][T15884] bridge0: port 1(bridge_slave_0) entered disabled state [ 2156.146167][T15884] device bridge_slave_0 entered promiscuous mode [ 2156.250102][T15884] bridge0: port 2(bridge_slave_1) entered blocking state [ 2156.258197][T15884] bridge0: port 2(bridge_slave_1) entered disabled state [ 2156.267579][T15884] device bridge_slave_1 entered promiscuous mode [ 2156.300258][T15884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2156.315959][T15884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2156.343084][T15884] team0: Port device team_slave_0 added [ 2156.412470][T15884] team0: Port device team_slave_1 added [ 2156.508520][T15884] device hsr_slave_0 entered promiscuous mode [ 2156.595716][T15884] device hsr_slave_1 entered promiscuous mode [ 2156.694349][T15884] debugfs: Directory 'hsr0' with parent '/' already present! [ 2157.048470][T15884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2157.113275][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2157.122704][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2157.137440][T15884] 8021q: adding VLAN 0 to HW filter on device team0 [ 2157.153249][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2157.166629][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2157.176268][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 2157.183348][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2157.235338][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2157.244479][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2157.254258][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2157.263256][ T1923] bridge0: port 2(bridge_slave_1) entered blocking state [ 2157.270390][ T1923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2157.339717][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2157.361945][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2157.372467][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2157.383214][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2157.487114][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2157.500081][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2157.510523][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2157.520460][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2157.530444][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2157.613716][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2157.625326][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2157.636900][T15884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2157.772672][T15884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2158.188155][T15893] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2158.200118][T15893] CPU: 1 PID: 15893 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2158.207677][T15893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2158.217737][T15893] Call Trace: [ 2158.221041][T15893] dump_stack+0x172/0x1f0 [ 2158.225377][T15893] dump_header+0x10b/0x82d [ 2158.229794][T15893] oom_kill_process.cold+0x10/0x15 [ 2158.234909][T15893] out_of_memory+0x334/0x1340 [ 2158.239587][T15893] ? __sched_text_start+0x8/0x8 [ 2158.244446][T15893] ? oom_killer_disable+0x280/0x280 [ 2158.249652][T15893] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2158.255197][T15893] ? memcg_stat_show+0xc40/0xc40 [ 2158.260143][T15893] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2158.265952][T15893] ? cgroup_file_notify+0x140/0x1b0 [ 2158.271250][T15893] memory_max_write+0x262/0x3a0 [ 2158.276121][T15893] ? mem_cgroup_write+0x370/0x370 [ 2158.281150][T15893] ? lock_acquire+0x190/0x410 [ 2158.285838][T15893] ? kernfs_fop_write+0x227/0x480 [ 2158.290878][T15893] cgroup_file_write+0x241/0x790 [ 2158.295824][T15893] ? mem_cgroup_write+0x370/0x370 [ 2158.300859][T15893] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2158.306505][T15893] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2158.312136][T15893] kernfs_fop_write+0x2b8/0x480 [ 2158.316994][T15893] __vfs_write+0x8a/0x110 [ 2158.321324][T15893] ? kernfs_fop_open+0xd80/0xd80 [ 2158.326260][T15893] vfs_write+0x268/0x5d0 [ 2158.330504][T15893] ksys_write+0x14f/0x290 [ 2158.334840][T15893] ? __ia32_sys_read+0xb0/0xb0 [ 2158.339697][T15893] ? do_syscall_64+0x26/0x760 [ 2158.344377][T15893] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2158.350446][T15893] ? do_syscall_64+0x26/0x760 [ 2158.355133][T15893] __x64_sys_write+0x73/0xb0 [ 2158.359728][T15893] do_syscall_64+0xfa/0x760 [ 2158.364240][T15893] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2158.370141][T15893] RIP: 0033:0x459a29 [ 2158.374050][T15893] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2158.393667][T15893] RSP: 002b:00007f4294383c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2158.402122][T15893] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2158.410186][T15893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2158.418161][T15893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2158.426149][T15893] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f42943846d4 [ 2158.434125][T15893] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2158.475584][T15893] memory: usage 3260kB, limit 0kB, failcnt 371 [ 2158.482143][T15893] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2158.497179][T15893] Memory cgroup stats for /syz4: [ 2158.498677][T15893] anon 2174976 [ 2158.498677][T15893] file 0 [ 2158.498677][T15893] kernel_stack 65536 [ 2158.498677][T15893] slab 802816 [ 2158.498677][T15893] sock 0 [ 2158.498677][T15893] shmem 0 [ 2158.498677][T15893] file_mapped 0 [ 2158.498677][T15893] file_dirty 0 [ 2158.498677][T15893] file_writeback 0 [ 2158.498677][T15893] anon_thp 2097152 [ 2158.498677][T15893] inactive_anon 0 [ 2158.498677][T15893] active_anon 2174976 [ 2158.498677][T15893] inactive_file 135168 [ 2158.498677][T15893] active_file 0 [ 2158.498677][T15893] unevictable 0 [ 2158.498677][T15893] slab_reclaimable 270336 [ 2158.498677][T15893] slab_unreclaimable 532480 [ 2158.498677][T15893] pgfault 211563 [ 2158.498677][T15893] pgmajfault 0 [ 2158.498677][T15893] workingset_refault 0 [ 2158.498677][T15893] workingset_activate 0 [ 2158.498677][T15893] workingset_nodereclaim 0 [ 2158.498677][T15893] pgrefill 148 [ 2158.498677][T15893] pgscan 138 [ 2158.498677][T15893] pgsteal 101 [ 2158.498677][T15893] pgactivate 33 [ 2158.602773][T15893] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15892,uid=0 [ 2158.625993][T15893] Memory cgroup out of memory: Killed process 15892 (syz-executor.4) total-vm:72708kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2158.658704][ T1065] oom_reaper: reaped process 15892 (syz-executor.4), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:02:26 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf00, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:26 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xf}, 0x20008844) 13:02:26 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x12, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:26 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x400300, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:26 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f000000000000000000006028483f0e2028e15f1e0480d26382bc644fdab02319836ee27ca58307ed1309004e6f9122e149ab30284c91a666f9fe45c32e0e60e03e0c4d3bbbd64f39"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) r9 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffee6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = gettid() perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf79e, 0xfffffffffffffffd, 0x4, 0x9, 0xad1, 0x2, 0x3f, 0x0, 0xfffffffffffffff8, 0x100, 0xe4, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x1}, 0x4001, 0x0, 0x2, 0x0, 0x79ca, 0x5, 0x80}, r10, 0xd, r9, 0xa) perf_event_open(0x0, r10, 0xffffffffffffffff, r9, 0x1) r11 = openat$cgroup_procs(r4, &(0x7f0000000400)='tasks\x00_\x03p\xa2\xb4\x05\xa6\xee\xcevw\x0f\xf6\x82\xd8\x99q\xfd\xbd\xcf\x9c_5l\xd2\x00\t\xe4\x90\x89\a\f\x0f\x90\xb9\x9b]+\x9a6\xbf8\xf4\xad\xd9\f!\x91\x98<8', 0x2, 0x0) write$cgroup_pid(r11, &(0x7f0000000540)=r10, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2159.029733][T15884] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2159.072115][T15900] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2159.085348][T15884] CPU: 0 PID: 15884 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2159.092916][T15884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2159.092922][T15884] Call Trace: [ 2159.092941][T15884] dump_stack+0x172/0x1f0 [ 2159.092960][T15884] dump_header+0x10b/0x82d [ 2159.092976][T15884] ? oom_kill_process+0x94/0x3f0 [ 2159.119996][T15884] oom_kill_process.cold+0x10/0x15 [ 2159.125127][T15884] out_of_memory+0x334/0x1340 [ 2159.129820][T15884] ? lock_downgrade+0x920/0x920 [ 2159.134691][T15884] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2159.140512][T15884] ? oom_killer_disable+0x280/0x280 [ 2159.140539][T15884] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2159.140555][T15884] ? memcg_stat_show+0xc40/0xc40 [ 2159.156224][T15884] ? do_raw_spin_unlock+0x57/0x270 [ 2159.161345][T15884] ? _raw_spin_unlock+0x2d/0x50 [ 2159.161365][T15884] try_charge+0xf4b/0x1440 [ 2159.161383][T15884] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2159.161392][T15884] ? percpu_ref_tryget_live+0x111/0x290 [ 2159.161408][T15884] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2159.161422][T15884] ? __kasan_check_read+0x11/0x20 [ 2159.182050][T15884] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2159.182069][T15884] mem_cgroup_try_charge+0x136/0x590 [ 2159.182089][T15884] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2159.209873][T15884] wp_page_copy+0x407/0x1860 [ 2159.209891][T15884] ? find_held_lock+0x35/0x130 [ 2159.209906][T15884] ? do_wp_page+0x53b/0x15c0 [ 2159.209923][T15884] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2159.209941][T15884] ? lock_downgrade+0x920/0x920 [ 2159.234547][T15884] ? swp_swapcount+0x540/0x540 [ 2159.240009][T15884] ? __kasan_check_read+0x11/0x20 [ 2159.240024][T15884] ? do_raw_spin_unlock+0x57/0x270 [ 2159.240041][T15884] do_wp_page+0x543/0x15c0 [ 2159.240058][T15884] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2159.260219][T15884] __handle_mm_fault+0x23ec/0x4040 [ 2159.265354][T15884] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2159.270913][T15884] ? handle_mm_fault+0x292/0xaa0 [ 2159.275873][T15884] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2159.275891][T15884] ? __kasan_check_read+0x11/0x20 [ 2159.275913][T15884] handle_mm_fault+0x3b7/0xaa0 [ 2159.287249][T15884] __do_page_fault+0x536/0xdd0 [ 2159.287270][T15884] do_page_fault+0x38/0x590 [ 2159.301291][T15884] page_fault+0x39/0x40 [ 2159.305455][T15884] RIP: 0033:0x4034f2 [ 2159.309360][T15884] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2159.328965][T15884] RSP: 002b:00007ffdc0b0bdb0 EFLAGS: 00010246 [ 2159.328977][T15884] RAX: 0000000000000000 RBX: 000000000020ee25 RCX: 0000000000413630 [ 2159.328984][T15884] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffdc0b0cee0 [ 2159.328990][T15884] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001148940 [ 2159.328997][T15884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc0b0cee0 13:02:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x10}, 0x20008844) [ 2159.329005][T15884] R13: 00007ffdc0b0ced0 R14: 0000000000000000 R15: 00007ffdc0b0cee0 [ 2159.368377][T15903] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x11}, 0x20008844) [ 2159.536222][T15884] memory: usage 892kB, limit 0kB, failcnt 379 [ 2159.548291][T15884] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2159.561498][T15884] Memory cgroup stats for /syz4: [ 2159.561601][T15884] anon 0 [ 2159.561601][T15884] file 0 [ 2159.561601][T15884] kernel_stack 0 [ 2159.561601][T15884] slab 802816 [ 2159.561601][T15884] sock 0 [ 2159.561601][T15884] shmem 0 [ 2159.561601][T15884] file_mapped 0 [ 2159.561601][T15884] file_dirty 0 [ 2159.561601][T15884] file_writeback 0 [ 2159.561601][T15884] anon_thp 0 [ 2159.561601][T15884] inactive_anon 0 [ 2159.561601][T15884] active_anon 0 [ 2159.561601][T15884] inactive_file 135168 [ 2159.561601][T15884] active_file 0 [ 2159.561601][T15884] unevictable 0 [ 2159.561601][T15884] slab_reclaimable 270336 [ 2159.561601][T15884] slab_unreclaimable 532480 [ 2159.561601][T15884] pgfault 211563 [ 2159.561601][T15884] pgmajfault 0 [ 2159.561601][T15884] workingset_refault 0 13:02:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x4000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x12}, 0x20008844) [ 2159.561601][T15884] workingset_activate 0 [ 2159.561601][T15884] workingset_nodereclaim 0 [ 2159.561601][T15884] pgrefill 148 [ 2159.561601][T15884] pgscan 138 [ 2159.561601][T15884] pgsteal 101 [ 2159.561601][T15884] pgactivate 33 13:02:27 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x13, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2159.733678][T15884] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15884,uid=0 [ 2159.754378][T15884] Memory cgroup out of memory: Killed process 15884 (syz-executor.4) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 13:02:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x13}, 0x20008844) [ 2159.832880][ T1065] oom_reaper: reaped process 15884 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2159.881079][T15919] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2159.954279][ C1] net_ratelimit: 30 callbacks suppressed [ 2159.954287][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2159.965774][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2159.971608][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2159.977419][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2159.983285][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2159.989093][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2159.994981][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2160.000907][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2160.006787][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2160.012560][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2160.097039][T15904] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:28 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:28 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x14, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:28 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x6000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:28 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x14}, 0x20008844) [ 2160.626584][T15935] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:28 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x600000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2160.769750][T15932] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2160.816878][T15937] IPVS: ftp: loaded support on port[0] = 21 [ 2160.908750][T15940] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2161.251164][T15940] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2161.529525][T15937] chnl_net:caif_netlink_parms(): no params data found [ 2161.673560][T15937] bridge0: port 1(bridge_slave_0) entered blocking state [ 2161.682660][T15937] bridge0: port 1(bridge_slave_0) entered disabled state [ 2161.692281][T15937] device bridge_slave_0 entered promiscuous mode [ 2161.759816][T15937] bridge0: port 2(bridge_slave_1) entered blocking state [ 2161.769225][T15937] bridge0: port 2(bridge_slave_1) entered disabled state [ 2161.778736][T15937] device bridge_slave_1 entered promiscuous mode [ 2161.810164][T15937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2161.823884][T15937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2161.853901][T15937] team0: Port device team_slave_0 added [ 2161.912660][T15937] team0: Port device team_slave_1 added [ 2162.028986][T15937] device hsr_slave_0 entered promiscuous mode [ 2162.075504][T15937] device hsr_slave_1 entered promiscuous mode [ 2162.134382][T15937] debugfs: Directory 'hsr0' with parent '/' already present! [ 2162.212044][T15937] bridge0: port 2(bridge_slave_1) entered blocking state [ 2162.219196][T15937] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2162.226598][T15937] bridge0: port 1(bridge_slave_0) entered blocking state [ 2162.233673][T15937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2162.505015][T15937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2162.515151][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 2162.523575][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 2162.535144][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2162.598871][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2162.608272][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2162.622895][T15937] 8021q: adding VLAN 0 to HW filter on device team0 [ 2162.639013][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2162.649852][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2162.659956][T13302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2162.667099][T13302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2162.739287][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2162.749217][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2162.759077][ T1923] bridge0: port 2(bridge_slave_1) entered blocking state [ 2162.766219][ T1923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2162.775864][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2162.838105][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2162.857028][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2162.867834][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2162.877889][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2162.900638][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2162.911422][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2162.923487][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2162.933699][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2162.990890][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2163.001100][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2163.012458][T15937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2163.097440][T15937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2163.439007][T15952] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2163.449724][T15952] CPU: 0 PID: 15952 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2163.457287][T15952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2163.467353][T15952] Call Trace: [ 2163.470651][T15952] dump_stack+0x172/0x1f0 [ 2163.474981][T15952] dump_header+0x10b/0x82d [ 2163.479388][T15952] oom_kill_process.cold+0x10/0x15 [ 2163.484492][T15952] out_of_memory+0x334/0x1340 [ 2163.489147][T15952] ? __sched_text_start+0x8/0x8 [ 2163.494210][T15952] ? oom_killer_disable+0x280/0x280 [ 2163.499418][T15952] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2163.504946][T15952] ? memcg_stat_show+0xc40/0xc40 [ 2163.509870][T15952] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2163.515707][T15952] ? cgroup_file_notify+0x140/0x1b0 [ 2163.520887][T15952] memory_max_write+0x262/0x3a0 [ 2163.525745][T15952] ? mem_cgroup_write+0x370/0x370 [ 2163.530750][T15952] ? lock_acquire+0x190/0x410 [ 2163.535408][T15952] ? kernfs_fop_write+0x227/0x480 [ 2163.540425][T15952] cgroup_file_write+0x241/0x790 [ 2163.545341][T15952] ? mem_cgroup_write+0x370/0x370 [ 2163.550365][T15952] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2163.555981][T15952] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2163.561622][T15952] kernfs_fop_write+0x2b8/0x480 [ 2163.566555][T15952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2163.572775][T15952] __vfs_write+0x8a/0x110 [ 2163.577085][T15952] ? kernfs_fop_open+0xd80/0xd80 [ 2163.582002][T15952] vfs_write+0x268/0x5d0 [ 2163.586237][T15952] ksys_write+0x14f/0x290 [ 2163.590544][T15952] ? __ia32_sys_read+0xb0/0xb0 [ 2163.595302][T15952] ? do_syscall_64+0x26/0x760 [ 2163.599963][T15952] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2163.606091][T15952] ? do_syscall_64+0x26/0x760 [ 2163.610747][T15952] __x64_sys_write+0x73/0xb0 [ 2163.615316][T15952] do_syscall_64+0xfa/0x760 [ 2163.619806][T15952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2163.625697][T15952] RIP: 0033:0x459a29 [ 2163.629590][T15952] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2163.649186][T15952] RSP: 002b:00007f1e59cedc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2163.657577][T15952] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2163.665545][T15952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2163.673497][T15952] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2163.681447][T15952] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e59cee6d4 [ 2163.689396][T15952] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2163.720955][T15952] memory: usage 3556kB, limit 0kB, failcnt 1162 [ 2163.728358][T15952] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2163.735339][T15952] Memory cgroup stats for /syz2: [ 2163.735442][T15952] anon 2080768 [ 2163.735442][T15952] file 0 [ 2163.735442][T15952] kernel_stack 65536 [ 2163.735442][T15952] slab 1200128 [ 2163.735442][T15952] sock 0 [ 2163.735442][T15952] shmem 0 [ 2163.735442][T15952] file_mapped 0 [ 2163.735442][T15952] file_dirty 0 [ 2163.735442][T15952] file_writeback 0 [ 2163.735442][T15952] anon_thp 2097152 [ 2163.735442][T15952] inactive_anon 0 [ 2163.735442][T15952] active_anon 2080768 [ 2163.735442][T15952] inactive_file 0 [ 2163.735442][T15952] active_file 0 [ 2163.735442][T15952] unevictable 0 [ 2163.735442][T15952] slab_reclaimable 405504 [ 2163.735442][T15952] slab_unreclaimable 794624 [ 2163.735442][T15952] pgfault 192687 [ 2163.735442][T15952] pgmajfault 0 [ 2163.735442][T15952] workingset_refault 0 [ 2163.735442][T15952] workingset_activate 0 [ 2163.735442][T15952] workingset_nodereclaim 0 [ 2163.735442][T15952] pgrefill 70 [ 2163.735442][T15952] pgscan 68 [ 2163.735442][T15952] pgsteal 33 [ 2163.735442][T15952] pgactivate 33 [ 2163.835417][T15952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15951,uid=0 [ 2163.853148][T15952] Memory cgroup out of memory: Killed process 15951 (syz-executor.2) total-vm:72576kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2163.881624][ T1065] oom_reaper: reaped process 15951 (syz-executor.2), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:02:32 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:32 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x8000, 0xffffffffffffffff, 0xd) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="0000001c0037b7b31a5e5af7360000010000000000000e0208000000000000000000000000000400000000005f000000000000000000003ac84642c755bb341c6d5ccba7b9aa9cfb3718348670347781c64e4024504c8fc268a061484cb2159074b37662f5a4eb2a80b830e0a7dd59bcf1a573bd6f1ef146c2f1918b7cfe2e1156035b3e20301836c1462009e6b2fc2c44ccfbe0eead1bb038b85dff957cb8b929abfa5f"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r4, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:32 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:32 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x48, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:32 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x15}, 0x20008844) [ 2164.108123][T15937] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2164.149241][T15937] CPU: 0 PID: 15937 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2164.152290][T15956] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2164.156830][T15937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2164.156837][T15937] Call Trace: [ 2164.156859][T15937] dump_stack+0x172/0x1f0 [ 2164.156877][T15937] dump_header+0x10b/0x82d [ 2164.156888][T15937] ? oom_kill_process+0x94/0x3f0 [ 2164.156902][T15937] oom_kill_process.cold+0x10/0x15 [ 2164.156917][T15937] out_of_memory+0x334/0x1340 [ 2164.156931][T15937] ? lock_downgrade+0x920/0x920 [ 2164.156953][T15937] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2164.183875][T15937] ? oom_killer_disable+0x280/0x280 [ 2164.183902][T15937] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2164.183919][T15937] ? memcg_stat_show+0xc40/0xc40 [ 2164.198564][T15937] ? do_raw_spin_unlock+0x57/0x270 [ 2164.198583][T15937] ? _raw_spin_unlock+0x2d/0x50 [ 2164.198604][T15937] try_charge+0xf4b/0x1440 [ 2164.198632][T15937] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2164.198651][T15937] ? percpu_ref_tryget_live+0x111/0x290 [ 2164.208179][T15937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2164.208194][T15937] ? __kasan_check_read+0x11/0x20 [ 2164.208213][T15937] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2164.208231][T15937] mem_cgroup_try_charge+0x136/0x590 [ 2164.208253][T15937] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2164.208268][T15937] wp_page_copy+0x407/0x1860 [ 2164.208287][T15937] ? find_held_lock+0x35/0x130 [ 2164.228454][T15937] ? do_wp_page+0x53b/0x15c0 [ 2164.228474][T15937] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2164.228493][T15937] ? lock_downgrade+0x920/0x920 [ 2164.228514][T15937] ? swp_swapcount+0x540/0x540 [ 2164.238551][T15937] ? __kasan_check_read+0x11/0x20 [ 2164.238564][T15937] ? do_raw_spin_unlock+0x57/0x270 [ 2164.238581][T15937] do_wp_page+0x543/0x15c0 [ 2164.238600][T15937] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2164.238627][T15937] __handle_mm_fault+0x23ec/0x4040 [ 2164.238647][T15937] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2164.238658][T15937] ? handle_mm_fault+0x292/0xaa0 [ 2164.238683][T15937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2164.238699][T15937] ? __kasan_check_read+0x11/0x20 [ 2164.362719][T15937] handle_mm_fault+0x3b7/0xaa0 [ 2164.367507][T15937] __do_page_fault+0x536/0xdd0 [ 2164.372294][T15937] do_page_fault+0x38/0x590 [ 2164.376909][T15937] page_fault+0x39/0x40 [ 2164.381072][T15937] RIP: 0033:0x430b06 [ 2164.384977][T15937] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2164.404592][T15937] RSP: 002b:00007ffe045c65c0 EFLAGS: 00010206 [ 2164.410669][T15937] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2164.418653][T15937] RDX: 00000000023d4930 RSI: 00000000023dc970 RDI: 0000000000000003 [ 2164.426636][T15937] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000023d3940 [ 2164.434620][T15937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2164.442601][T15937] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 13:02:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x16}, 0x20008844) [ 2164.479144][T15961] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x17}, 0x20008844) 13:02:32 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x34000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:32 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x18}, 0x20008844) 13:02:32 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x4c, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2164.871647][T15937] memory: usage 1216kB, limit 0kB, failcnt 1170 [ 2164.906712][T15937] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2164.923447][T15937] Memory cgroup stats for /syz2: [ 2164.923545][T15937] anon 0 [ 2164.923545][T15937] file 0 [ 2164.923545][T15937] kernel_stack 65536 [ 2164.923545][T15937] slab 1200128 [ 2164.923545][T15937] sock 0 [ 2164.923545][T15937] shmem 0 [ 2164.923545][T15937] file_mapped 0 [ 2164.923545][T15937] file_dirty 0 [ 2164.923545][T15937] file_writeback 0 [ 2164.923545][T15937] anon_thp 0 [ 2164.923545][T15937] inactive_anon 0 [ 2164.923545][T15937] active_anon 0 [ 2164.923545][T15937] inactive_file 0 [ 2164.923545][T15937] active_file 0 [ 2164.923545][T15937] unevictable 0 [ 2164.923545][T15937] slab_reclaimable 405504 [ 2164.923545][T15937] slab_unreclaimable 794624 [ 2164.923545][T15937] pgfault 192687 [ 2164.923545][T15937] pgmajfault 0 [ 2164.923545][T15937] workingset_refault 0 [ 2164.923545][T15937] workingset_activate 0 [ 2164.923545][T15937] workingset_nodereclaim 0 [ 2164.923545][T15937] pgrefill 70 [ 2164.923545][T15937] pgscan 68 [ 2164.923545][T15937] pgsteal 33 [ 2164.923545][T15937] pgactivate 33 [ 2164.923545][T15937] pgdeactivate 70 13:02:33 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x19}, 0x20008844) [ 2165.041129][T15937] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15937,uid=0 [ 2165.057567][T15937] Memory cgroup out of memory: Killed process 15937 (syz-executor.2) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2165.084234][ C1] net_ratelimit: 66 callbacks suppressed [ 2165.084243][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2165.095780][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2165.101743][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2165.107582][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2165.108762][ T1065] oom_reaper: reaped process 15937 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 2165.154223][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2165.154253][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2165.160066][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2165.165797][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2165.171503][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2165.177178][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2165.228851][T15977] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2165.233669][T15962] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2165.901584][T15985] IPVS: ftp: loaded support on port[0] = 21 [ 2166.209864][T15985] chnl_net:caif_netlink_parms(): no params data found [ 2166.309763][T15985] bridge0: port 1(bridge_slave_0) entered blocking state [ 2166.318017][T15985] bridge0: port 1(bridge_slave_0) entered disabled state [ 2166.327627][T15985] device bridge_slave_0 entered promiscuous mode [ 2166.337402][T15985] bridge0: port 2(bridge_slave_1) entered blocking state [ 2166.345016][T15985] bridge0: port 2(bridge_slave_1) entered disabled state [ 2166.354833][T15985] device bridge_slave_1 entered promiscuous mode [ 2166.437082][T15985] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2166.451541][T15985] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2166.478044][T15985] team0: Port device team_slave_0 added [ 2166.538207][T15985] team0: Port device team_slave_1 added [ 2166.608040][T15985] device hsr_slave_0 entered promiscuous mode [ 2166.665389][T15985] device hsr_slave_1 entered promiscuous mode [ 2166.724234][T15985] debugfs: Directory 'hsr0' with parent '/' already present! [ 2166.824987][T15985] bridge0: port 2(bridge_slave_1) entered blocking state [ 2166.832260][T15985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2166.839662][T15985] bridge0: port 1(bridge_slave_0) entered blocking state [ 2166.846754][T15985] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2166.857353][T10934] bridge0: port 1(bridge_slave_0) entered disabled state [ 2166.866329][T10934] bridge0: port 2(bridge_slave_1) entered disabled state [ 2167.018789][T15985] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2167.115731][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2167.126632][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2167.141749][T15985] 8021q: adding VLAN 0 to HW filter on device team0 [ 2167.157659][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2167.168085][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2167.178917][T13302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2167.186087][T13302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2167.252110][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2167.262881][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2167.272298][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 2167.279444][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2167.378499][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2167.389203][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2167.411899][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2167.422846][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2167.499015][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2167.509327][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2167.519838][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2167.530846][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2167.540935][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2167.603199][T15985] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2167.618554][T15985] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2167.629825][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2167.656114][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2167.733871][T15985] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2168.165441][T15996] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2168.181346][T15996] CPU: 0 PID: 15996 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2168.189011][T15996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2168.199071][T15996] Call Trace: [ 2168.202373][T15996] dump_stack+0x172/0x1f0 [ 2168.206710][T15996] dump_header+0x10b/0x82d [ 2168.211131][T15996] oom_kill_process.cold+0x10/0x15 [ 2168.216250][T15996] out_of_memory+0x334/0x1340 [ 2168.220930][T15996] ? __sched_text_start+0x8/0x8 [ 2168.225791][T15996] ? oom_killer_disable+0x280/0x280 [ 2168.231006][T15996] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2168.236550][T15996] ? memcg_stat_show+0xc40/0xc40 [ 2168.241505][T15996] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2168.247318][T15996] ? cgroup_file_notify+0x140/0x1b0 [ 2168.252523][T15996] memory_max_write+0x262/0x3a0 [ 2168.257379][T15996] ? mem_cgroup_write+0x370/0x370 [ 2168.262404][T15996] ? lock_acquire+0x190/0x410 [ 2168.267080][T15996] ? kernfs_fop_write+0x227/0x480 [ 2168.272123][T15996] cgroup_file_write+0x241/0x790 [ 2168.277070][T15996] ? mem_cgroup_write+0x370/0x370 [ 2168.282097][T15996] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2168.287741][T15996] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2168.293374][T15996] kernfs_fop_write+0x2b8/0x480 [ 2168.298231][T15996] __vfs_write+0x8a/0x110 [ 2168.302561][T15996] ? kernfs_fop_open+0xd80/0xd80 [ 2168.307502][T15996] vfs_write+0x268/0x5d0 [ 2168.311758][T15996] ksys_write+0x14f/0x290 [ 2168.316091][T15996] ? __ia32_sys_read+0xb0/0xb0 [ 2168.320861][T15996] ? do_syscall_64+0x26/0x760 [ 2168.325551][T15996] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2168.331615][T15996] ? do_syscall_64+0x26/0x760 [ 2168.336297][T15996] __x64_sys_write+0x73/0xb0 [ 2168.340976][T15996] do_syscall_64+0xfa/0x760 [ 2168.345491][T15996] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2168.351376][T15996] RIP: 0033:0x459a29 [ 2168.355268][T15996] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2168.374964][T15996] RSP: 002b:00007fc713725c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2168.383379][T15996] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2168.391348][T15996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2168.399321][T15996] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2168.407289][T15996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc7137266d4 [ 2168.415260][T15996] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2168.437074][T15996] memory: usage 3320kB, limit 0kB, failcnt 380 [ 2168.446941][T15996] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2168.466956][T15996] Memory cgroup stats for /syz4: [ 2168.468637][T15996] anon 2150400 [ 2168.468637][T15996] file 0 [ 2168.468637][T15996] kernel_stack 65536 [ 2168.468637][T15996] slab 802816 [ 2168.468637][T15996] sock 0 [ 2168.468637][T15996] shmem 0 [ 2168.468637][T15996] file_mapped 0 [ 2168.468637][T15996] file_dirty 0 [ 2168.468637][T15996] file_writeback 0 [ 2168.468637][T15996] anon_thp 2097152 [ 2168.468637][T15996] inactive_anon 0 [ 2168.468637][T15996] active_anon 2150400 [ 2168.468637][T15996] inactive_file 135168 [ 2168.468637][T15996] active_file 0 [ 2168.468637][T15996] unevictable 0 [ 2168.468637][T15996] slab_reclaimable 270336 [ 2168.468637][T15996] slab_unreclaimable 532480 [ 2168.468637][T15996] pgfault 211662 [ 2168.468637][T15996] pgmajfault 0 [ 2168.468637][T15996] workingset_refault 0 [ 2168.468637][T15996] workingset_activate 0 [ 2168.468637][T15996] workingset_nodereclaim 0 [ 2168.468637][T15996] pgrefill 148 [ 2168.468637][T15996] pgscan 138 [ 2168.468637][T15996] pgsteal 101 [ 2168.468637][T15996] pgactivate 33 [ 2168.568331][T15996] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15995,uid=0 [ 2168.593408][T15996] Memory cgroup out of memory: Killed process 15995 (syz-executor.4) total-vm:72708kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2168.627110][ T1065] oom_reaper: reaped process 15995 (syz-executor.4), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:02:37 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x400300, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:37 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1a}, 0x20008844) 13:02:37 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x60, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:37 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0xe, 0x0, 0x4000003, 0x0}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:37 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2169.051756][T15985] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2169.116192][T15985] CPU: 1 PID: 15985 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2169.123889][T15985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2169.133966][T15985] Call Trace: [ 2169.137291][T15985] dump_stack+0x172/0x1f0 [ 2169.141650][T15985] dump_header+0x10b/0x82d [ 2169.146091][T15985] ? oom_kill_process+0x94/0x3f0 [ 2169.151056][T15985] oom_kill_process.cold+0x10/0x15 [ 2169.156195][T15985] out_of_memory+0x334/0x1340 [ 2169.160894][T15985] ? lock_downgrade+0x920/0x920 [ 2169.165768][T15985] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2169.171682][T15985] ? oom_killer_disable+0x280/0x280 [ 2169.176916][T15985] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2169.182482][T15985] ? memcg_stat_show+0xc40/0xc40 [ 2169.187438][T15985] ? do_raw_spin_unlock+0x57/0x270 [ 2169.192562][T15985] ? _raw_spin_unlock+0x2d/0x50 [ 2169.197426][T15985] try_charge+0xf4b/0x1440 [ 2169.201861][T15985] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2169.207416][T15985] ? percpu_ref_tryget_live+0x111/0x290 [ 2169.212982][T15985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2169.219244][T15985] ? __kasan_check_read+0x11/0x20 [ 2169.224299][T15985] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2169.229867][T15985] mem_cgroup_try_charge+0x136/0x590 [ 2169.235179][T15985] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2169.240843][T15985] wp_page_copy+0x407/0x1860 [ 2169.245454][T15985] ? find_held_lock+0x35/0x130 [ 2169.250665][T15985] ? do_wp_page+0x53b/0x15c0 [ 2169.255278][T15985] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2169.261106][T15985] ? lock_downgrade+0x920/0x920 [ 2169.266005][T15985] ? swp_swapcount+0x540/0x540 [ 2169.270791][T15985] ? __kasan_check_read+0x11/0x20 [ 2169.275829][T15985] ? do_raw_spin_unlock+0x57/0x270 [ 2169.280962][T15985] do_wp_page+0x543/0x15c0 [ 2169.285397][T15985] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2169.290801][T15985] __handle_mm_fault+0x23ec/0x4040 [ 2169.295939][T15985] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2169.301501][T15985] ? handle_mm_fault+0x292/0xaa0 [ 2169.306469][T15985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2169.312728][T15985] ? __kasan_check_read+0x11/0x20 [ 2169.317777][T15985] handle_mm_fault+0x3b7/0xaa0 [ 2169.322652][T15985] __do_page_fault+0x536/0xdd0 [ 2169.327442][T15985] do_page_fault+0x38/0x590 [ 2169.331968][T15985] page_fault+0x39/0x40 [ 2169.336151][T15985] RIP: 0033:0x430b06 [ 2169.340057][T15985] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2169.359670][T15985] RSP: 002b:00007ffd83b912a0 EFLAGS: 00010206 13:02:37 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1b}, 0x20008844) [ 2169.365739][T15985] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2169.373720][T15985] RDX: 00000000014ee930 RSI: 00000000014f6970 RDI: 0000000000000003 [ 2169.381692][T15985] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000014ed940 [ 2169.389662][T15985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2169.389669][T15985] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2169.407885][T16002] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2169.424071][T16006] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2169.436145][T15985] memory: usage 948kB, limit 0kB, failcnt 388 [ 2169.443361][T15985] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2169.493552][T15985] Memory cgroup stats for /syz4: [ 2169.493660][T15985] anon 0 [ 2169.493660][T15985] file 0 [ 2169.493660][T15985] kernel_stack 0 [ 2169.493660][T15985] slab 802816 [ 2169.493660][T15985] sock 0 [ 2169.493660][T15985] shmem 0 [ 2169.493660][T15985] file_mapped 0 [ 2169.493660][T15985] file_dirty 0 [ 2169.493660][T15985] file_writeback 0 [ 2169.493660][T15985] anon_thp 0 [ 2169.493660][T15985] inactive_anon 0 [ 2169.493660][T15985] active_anon 0 [ 2169.493660][T15985] inactive_file 135168 [ 2169.493660][T15985] active_file 0 [ 2169.493660][T15985] unevictable 0 [ 2169.493660][T15985] slab_reclaimable 270336 [ 2169.493660][T15985] slab_unreclaimable 532480 [ 2169.493660][T15985] pgfault 211662 [ 2169.493660][T15985] pgmajfault 0 [ 2169.493660][T15985] workingset_refault 0 [ 2169.493660][T15985] workingset_activate 0 [ 2169.493660][T15985] workingset_nodereclaim 0 [ 2169.493660][T15985] pgrefill 148 [ 2169.493660][T15985] pgscan 138 [ 2169.493660][T15985] pgsteal 101 [ 2169.493660][T15985] pgactivate 33 13:02:37 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1c}, 0x20008844) [ 2169.588459][T15985] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=15985,uid=0 [ 2169.604769][T15985] Memory cgroup out of memory: Killed process 15985 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 13:02:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2169.653104][ T1065] oom_reaper: reaped process 15985 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:02:37 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x68, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:37 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1d}, 0x20008844) 13:02:37 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2170.263304][T16024] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:38 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:38 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1e}, 0x20008844) 13:02:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2170.306886][T16020] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:38 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x21}, 0x20008844) [ 2170.741119][T16038] IPVS: ftp: loaded support on port[0] = 21 [ 2171.111195][T16038] chnl_net:caif_netlink_parms(): no params data found [ 2171.161241][T16038] bridge0: port 1(bridge_slave_0) entered blocking state [ 2171.170221][T16038] bridge0: port 1(bridge_slave_0) entered disabled state [ 2171.179831][T16038] device bridge_slave_0 entered promiscuous mode [ 2171.279958][T16038] bridge0: port 2(bridge_slave_1) entered blocking state [ 2171.288153][T16038] bridge0: port 2(bridge_slave_1) entered disabled state [ 2171.297618][T16038] device bridge_slave_1 entered promiscuous mode [ 2171.337767][T16038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2171.433233][T16038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2171.466058][T16038] team0: Port device team_slave_0 added [ 2171.475728][T16038] team0: Port device team_slave_1 added [ 2171.588462][T16038] device hsr_slave_0 entered promiscuous mode [ 2171.645511][T16038] device hsr_slave_1 entered promiscuous mode [ 2171.784376][T16038] debugfs: Directory 'hsr0' with parent '/' already present! [ 2172.054332][T16038] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2172.134237][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2172.147703][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2172.156625][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2172.171680][T16038] 8021q: adding VLAN 0 to HW filter on device team0 [ 2172.218317][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2172.228771][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2172.238832][T13302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2172.245983][T13302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2172.310440][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2172.321574][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2172.331688][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2172.341977][T15989] bridge0: port 2(bridge_slave_1) entered blocking state [ 2172.349129][T15989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2172.359189][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2172.379943][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2172.456558][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2172.467008][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2172.477049][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2172.490904][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2172.569406][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2172.578983][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2172.588786][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2172.600134][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2172.609966][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2172.625260][T16038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2172.740129][T16038] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2173.015563][T16049] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2173.025950][T16049] CPU: 1 PID: 16049 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2173.033497][T16049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2173.043568][T16049] Call Trace: [ 2173.043593][T16049] dump_stack+0x172/0x1f0 [ 2173.043613][T16049] dump_header+0x10b/0x82d [ 2173.043630][T16049] oom_kill_process.cold+0x10/0x15 [ 2173.043648][T16049] out_of_memory+0x334/0x1340 [ 2173.043665][T16049] ? __sched_text_start+0x8/0x8 [ 2173.043683][T16049] ? oom_killer_disable+0x280/0x280 [ 2173.075489][T16049] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2173.081042][T16049] ? memcg_stat_show+0xc40/0xc40 [ 2173.085997][T16049] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2173.091807][T16049] ? cgroup_file_notify+0x140/0x1b0 [ 2173.097008][T16049] memory_max_write+0x262/0x3a0 [ 2173.101863][T16049] ? mem_cgroup_write+0x370/0x370 [ 2173.106894][T16049] ? lock_acquire+0x190/0x410 [ 2173.111577][T16049] ? kernfs_fop_write+0x227/0x480 [ 2173.116613][T16049] cgroup_file_write+0x241/0x790 [ 2173.121557][T16049] ? mem_cgroup_write+0x370/0x370 [ 2173.126588][T16049] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2173.132228][T16049] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2173.137862][T16049] kernfs_fop_write+0x2b8/0x480 [ 2173.142719][T16049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2173.149052][T16049] __vfs_write+0x8a/0x110 [ 2173.153385][T16049] ? kernfs_fop_open+0xd80/0xd80 [ 2173.158336][T16049] vfs_write+0x268/0x5d0 [ 2173.162584][T16049] ksys_write+0x14f/0x290 [ 2173.166916][T16049] ? __ia32_sys_read+0xb0/0xb0 [ 2173.171848][T16049] ? do_syscall_64+0x26/0x760 [ 2173.176539][T16049] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2173.182617][T16049] ? do_syscall_64+0x26/0x760 [ 2173.187313][T16049] __x64_sys_write+0x73/0xb0 [ 2173.191915][T16049] do_syscall_64+0xfa/0x760 [ 2173.196426][T16049] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2173.202317][T16049] RIP: 0033:0x459a29 [ 2173.206210][T16049] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2173.225820][T16049] RSP: 002b:00007fce3a435c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2173.234231][T16049] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2173.242212][T16049] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2173.250186][T16049] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2173.258161][T16049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce3a4366d4 [ 2173.266135][T16049] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2173.278735][T16049] memory: usage 3556kB, limit 0kB, failcnt 1171 [ 2173.285390][T16049] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2173.292356][T16049] Memory cgroup stats for /syz2: [ 2173.292477][T16049] anon 2080768 [ 2173.292477][T16049] file 0 [ 2173.292477][T16049] kernel_stack 65536 [ 2173.292477][T16049] slab 1060864 [ 2173.292477][T16049] sock 0 [ 2173.292477][T16049] shmem 0 [ 2173.292477][T16049] file_mapped 0 [ 2173.292477][T16049] file_dirty 0 [ 2173.292477][T16049] file_writeback 0 [ 2173.292477][T16049] anon_thp 2097152 [ 2173.292477][T16049] inactive_anon 0 [ 2173.292477][T16049] active_anon 2080768 [ 2173.292477][T16049] inactive_file 0 [ 2173.292477][T16049] active_file 0 [ 2173.292477][T16049] unevictable 0 [ 2173.292477][T16049] slab_reclaimable 405504 [ 2173.292477][T16049] slab_unreclaimable 655360 [ 2173.292477][T16049] pgfault 192753 [ 2173.292477][T16049] pgmajfault 0 [ 2173.292477][T16049] workingset_refault 0 [ 2173.292477][T16049] workingset_activate 0 [ 2173.292477][T16049] workingset_nodereclaim 0 [ 2173.292477][T16049] pgrefill 70 [ 2173.292477][T16049] pgscan 68 [ 2173.292477][T16049] pgsteal 33 [ 2173.292477][T16049] pgactivate 33 [ 2173.298595][T16049] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16048,uid=0 [ 2173.403266][T16049] Memory cgroup out of memory: Killed process 16048 (syz-executor.2) total-vm:72708kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2173.426577][ T1065] oom_reaper: reaped process 16048 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:02:41 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x22}, 0x20008844) 13:02:41 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:41 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:41 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffee6e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf79e, 0xfffffffffffffffd, 0x4, 0x9, 0xad1, 0x2, 0x3f, 0x0, 0xfffffffffffffff8, 0x100, 0xe4, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x1}, 0x4001, 0x0, 0x2, 0x0, 0x79ca, 0x5, 0x80}, r2, 0xd, r1, 0xa) perf_event_open(0x0, r2, 0xffffffffffffffff, r1, 0x1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={0x0, r1, 0x0, 0x13, &(0x7f0000000380)='cgroup.controllers\x00'}, 0x30) r3 = perf_event_open(&(0x7f0000000400)={0x0, 0x70, 0x0, 0x40, 0x7f, 0x1, 0x0, 0x6, 0x10, 0xd, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7f, 0x2, @perf_bp={&(0x7f0000000200)}, 0x80, 0xffff, 0x349, 0x1, 0x3, 0x6, 0xfffb}, 0x0, 0xf, r1, 0x2) r4 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, r3, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r4, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r8 = openat$cgroup_procs(r6, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r9 = gettid() write$cgroup_pid(r8, &(0x7f0000000500)=r9, 0x12) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r10, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r10, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYRESHEX], 0x0, 0x12, 0x0, 0xffffffffffffffff}, 0x20) r11 = openat$cgroup_int(r5, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r12 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r8, &(0x7f0000000540)=r12, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r5, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r7, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r4, 0x2403, 0x89f) write$cgroup_int(r11, 0x0, 0x0) 13:02:41 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6c, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2173.543207][T16038] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2173.556022][T16038] CPU: 1 PID: 16038 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2173.563605][T16038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2173.573673][T16038] Call Trace: [ 2173.576988][T16038] dump_stack+0x172/0x1f0 [ 2173.581345][T16038] dump_header+0x10b/0x82d [ 2173.585781][T16038] ? oom_kill_process+0x94/0x3f0 13:02:41 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x1010000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2173.590891][T16038] oom_kill_process.cold+0x10/0x15 [ 2173.596020][T16038] out_of_memory+0x334/0x1340 [ 2173.600802][T16038] ? lock_downgrade+0x920/0x920 [ 2173.605670][T16038] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2173.611492][T16038] ? oom_killer_disable+0x280/0x280 [ 2173.616716][T16038] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2173.622279][T16038] ? memcg_stat_show+0xc40/0xc40 [ 2173.627240][T16038] ? do_raw_spin_unlock+0x57/0x270 [ 2173.632371][T16038] ? _raw_spin_unlock+0x2d/0x50 [ 2173.637239][T16038] try_charge+0xf4b/0x1440 [ 2173.641687][T16038] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2173.647244][T16038] ? percpu_ref_tryget_live+0x111/0x290 [ 2173.652808][T16038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2173.659069][T16038] ? __kasan_check_read+0x11/0x20 [ 2173.664117][T16038] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2173.669683][T16038] mem_cgroup_try_charge+0x136/0x590 [ 2173.674990][T16038] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2173.680646][T16038] wp_page_copy+0x407/0x1860 [ 2173.685259][T16038] ? find_held_lock+0x35/0x130 [ 2173.690043][T16038] ? do_wp_page+0x53b/0x15c0 [ 2173.694661][T16038] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2173.700484][T16038] ? lock_downgrade+0x920/0x920 [ 2173.705378][T16038] ? swp_swapcount+0x540/0x540 [ 2173.710164][T16038] ? __kasan_check_read+0x11/0x20 [ 2173.715208][T16038] ? do_raw_spin_unlock+0x57/0x270 [ 2173.720346][T16038] do_wp_page+0x543/0x15c0 [ 2173.724793][T16038] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2173.730191][T16038] __handle_mm_fault+0x23ec/0x4040 [ 2173.735325][T16038] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2173.740972][T16038] ? handle_mm_fault+0x292/0xaa0 [ 2173.745934][T16038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2173.752188][T16038] ? __kasan_check_read+0x11/0x20 [ 2173.757226][T16038] handle_mm_fault+0x3b7/0xaa0 [ 2173.762002][T16038] __do_page_fault+0x536/0xdd0 [ 2173.766788][T16038] do_page_fault+0x38/0x590 [ 2173.771311][T16038] page_fault+0x39/0x40 [ 2173.775472][T16038] RIP: 0033:0x4034f2 [ 2173.779381][T16038] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2173.798996][T16038] RSP: 002b:00007ffcf55ecbf0 EFLAGS: 00010246 [ 2173.805073][T16038] RAX: 0000000000000000 RBX: 0000000000212837 RCX: 0000000000413630 [ 2173.813058][T16038] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffcf55edd20 [ 2173.821040][T16038] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000002683940 [ 2173.829024][T16038] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf55edd20 [ 2173.837005][T16038] R13: 00007ffcf55edd10 R14: 0000000000000000 R15: 00007ffcf55edd20 13:02:41 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x23}, 0x20008844) [ 2173.932826][T16038] memory: usage 1184kB, limit 0kB, failcnt 1179 [ 2173.939409][T16038] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2173.946807][T16038] Memory cgroup stats for /syz2: [ 2173.946905][T16038] anon 8192 [ 2173.946905][T16038] file 0 [ 2173.946905][T16038] kernel_stack 0 [ 2173.946905][T16038] slab 1060864 [ 2173.946905][T16038] sock 0 [ 2173.946905][T16038] shmem 0 [ 2173.946905][T16038] file_mapped 0 [ 2173.946905][T16038] file_dirty 0 [ 2173.946905][T16038] file_writeback 0 [ 2173.946905][T16038] anon_thp 0 [ 2173.946905][T16038] inactive_anon 0 [ 2173.946905][T16038] active_anon 8192 [ 2173.946905][T16038] inactive_file 0 [ 2173.946905][T16038] active_file 0 [ 2173.946905][T16038] unevictable 0 [ 2173.946905][T16038] slab_reclaimable 405504 [ 2173.946905][T16038] slab_unreclaimable 655360 [ 2173.946905][T16038] pgfault 192753 [ 2173.946905][T16038] pgmajfault 0 [ 2173.946905][T16038] workingset_refault 0 [ 2173.946905][T16038] workingset_activate 0 [ 2173.946905][T16038] workingset_nodereclaim 0 [ 2173.946905][T16038] pgrefill 70 [ 2173.946905][T16038] pgscan 68 [ 2173.946905][T16038] pgsteal 33 [ 2173.946905][T16038] pgactivate 33 [ 2173.946905][T16038] pgdeactivate 70 [ 2173.953597][T16038] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16038,uid=0 [ 2174.067123][T16061] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2174.077459][T16058] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2174.094318][T16038] Memory cgroup out of memory: Killed process 16038 (syz-executor.2) total-vm:72444kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2174.114326][ C0] net_ratelimit: 47 callbacks suppressed [ 2174.114333][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2174.120237][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2174.131741][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2174.137574][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2174.143418][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2174.149239][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2174.155119][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2174.160889][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2174.167010][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2174.172797][ C0] protocol 88fb is buggy, dev hsr_slave_1 13:02:42 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x24}, 0x20008844) 13:02:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:42 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x25}, 0x20008844) [ 2174.340818][T16059] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:42 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x74, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:42 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x26}, 0x20008844) 13:02:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xa000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:42 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x27}, 0x20008844) [ 2175.083419][T16077] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2175.203078][T16089] IPVS: ftp: loaded support on port[0] = 21 [ 2175.422779][T16089] chnl_net:caif_netlink_parms(): no params data found [ 2175.515004][T16089] bridge0: port 1(bridge_slave_0) entered blocking state [ 2175.522214][T16089] bridge0: port 1(bridge_slave_0) entered disabled state [ 2175.531583][T16089] device bridge_slave_0 entered promiscuous mode [ 2175.541126][T16089] bridge0: port 2(bridge_slave_1) entered blocking state [ 2175.548567][T16089] bridge0: port 2(bridge_slave_1) entered disabled state [ 2175.557880][T16089] device bridge_slave_1 entered promiscuous mode [ 2175.664893][T16089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2175.678820][T16089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2175.749808][T16089] team0: Port device team_slave_0 added [ 2175.759644][T16089] team0: Port device team_slave_1 added [ 2175.968503][T16089] device hsr_slave_0 entered promiscuous mode [ 2176.025569][T16089] device hsr_slave_1 entered promiscuous mode [ 2176.084384][T16089] debugfs: Directory 'hsr0' with parent '/' already present! [ 2176.357945][T16089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2176.480226][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2176.491416][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2176.577070][T16089] 8021q: adding VLAN 0 to HW filter on device team0 [ 2176.591979][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2176.602809][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2176.612192][T10934] bridge0: port 1(bridge_slave_0) entered blocking state [ 2176.619358][T10934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2176.685789][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2176.695458][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2176.705549][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2176.715938][ T8838] bridge0: port 2(bridge_slave_1) entered blocking state [ 2176.723025][ T8838] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2176.741208][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2176.751821][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2176.776028][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2176.787408][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2176.797261][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2176.809514][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2176.866327][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2176.877353][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2176.888756][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2176.956976][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2176.969459][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2176.980999][T16089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2177.088102][T16089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2177.521319][T16099] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2177.532164][T16099] CPU: 1 PID: 16099 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2177.539743][T16099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2177.549802][T16099] Call Trace: [ 2177.554060][T16099] dump_stack+0x172/0x1f0 [ 2177.558383][T16099] dump_header+0x10b/0x82d [ 2177.562885][T16099] oom_kill_process.cold+0x10/0x15 [ 2177.567978][T16099] out_of_memory+0x334/0x1340 [ 2177.572644][T16099] ? __sched_text_start+0x8/0x8 [ 2177.577475][T16099] ? oom_killer_disable+0x280/0x280 [ 2177.582654][T16099] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2177.588176][T16099] ? memcg_stat_show+0xc40/0xc40 [ 2177.593111][T16099] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2177.598898][T16099] ? cgroup_file_notify+0x140/0x1b0 [ 2177.604261][T16099] memory_max_write+0x262/0x3a0 [ 2177.609122][T16099] ? mem_cgroup_write+0x370/0x370 [ 2177.614142][T16099] ? cgroup_file_write+0x188/0x790 [ 2177.619267][T16099] cgroup_file_write+0x241/0x790 [ 2177.624193][T16099] ? mem_cgroup_write+0x370/0x370 [ 2177.629196][T16099] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2177.634811][T16099] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2177.640460][T16099] kernfs_fop_write+0x2b8/0x480 [ 2177.645313][T16099] __vfs_write+0x8a/0x110 [ 2177.649640][T16099] ? kernfs_fop_open+0xd80/0xd80 [ 2177.654570][T16099] vfs_write+0x268/0x5d0 [ 2177.658836][T16099] ksys_write+0x14f/0x290 [ 2177.663157][T16099] ? __ia32_sys_read+0xb0/0xb0 [ 2177.667911][T16099] ? do_syscall_64+0x26/0x760 [ 2177.672567][T16099] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2177.678609][T16099] ? do_syscall_64+0x26/0x760 [ 2177.683352][T16099] __x64_sys_write+0x73/0xb0 [ 2177.687937][T16099] do_syscall_64+0xfa/0x760 [ 2177.692447][T16099] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2177.698331][T16099] RIP: 0033:0x459a29 [ 2177.702206][T16099] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2177.721791][T16099] RSP: 002b:00007faf4927cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2177.730402][T16099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2177.738492][T16099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2177.746447][T16099] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2177.754397][T16099] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faf4927d6d4 [ 2177.762348][T16099] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2177.806761][T16099] memory: usage 3308kB, limit 0kB, failcnt 389 [ 2177.813332][T16099] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2177.821826][T16099] Memory cgroup stats for /syz4: [ 2177.823228][T16099] anon 2154496 [ 2177.823228][T16099] file 0 [ 2177.823228][T16099] kernel_stack 0 [ 2177.823228][T16099] slab 802816 [ 2177.823228][T16099] sock 0 [ 2177.823228][T16099] shmem 0 [ 2177.823228][T16099] file_mapped 0 [ 2177.823228][T16099] file_dirty 0 [ 2177.823228][T16099] file_writeback 0 [ 2177.823228][T16099] anon_thp 2097152 [ 2177.823228][T16099] inactive_anon 0 [ 2177.823228][T16099] active_anon 2154496 [ 2177.823228][T16099] inactive_file 135168 [ 2177.823228][T16099] active_file 0 [ 2177.823228][T16099] unevictable 0 [ 2177.823228][T16099] slab_reclaimable 270336 [ 2177.823228][T16099] slab_unreclaimable 532480 [ 2177.823228][T16099] pgfault 211728 [ 2177.823228][T16099] pgmajfault 0 [ 2177.823228][T16099] workingset_refault 0 [ 2177.823228][T16099] workingset_activate 0 [ 2177.823228][T16099] workingset_nodereclaim 0 [ 2177.823228][T16099] pgrefill 148 [ 2177.823228][T16099] pgscan 138 [ 2177.823228][T16099] pgsteal 101 [ 2177.823228][T16099] pgactivate 33 [ 2177.924366][T16099] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16098,uid=0 [ 2177.943980][T16099] Memory cgroup out of memory: Killed process 16098 (syz-executor.4) total-vm:72576kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2177.968713][ T1065] oom_reaper: reaped process 16098 (syz-executor.4), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:02:46 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x28}, 0x20008844) 13:02:46 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x1020000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:46 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xe000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:46 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x2000}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c00dc9c28d6041ed4810000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:46 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x7a, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2178.325970][T16089] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0 [ 2178.360391][T16089] CPU: 0 PID: 16089 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2178.368008][T16089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2178.378073][T16089] Call Trace: [ 2178.381366][T16089] dump_stack+0x172/0x1f0 [ 2178.385696][T16089] dump_header+0x10b/0x82d [ 2178.390096][T16089] ? oom_kill_process+0x94/0x3f0 [ 2178.395022][T16089] oom_kill_process.cold+0x10/0x15 [ 2178.400120][T16089] out_of_memory+0x334/0x1340 [ 2178.404786][T16089] ? lock_downgrade+0x920/0x920 [ 2178.409640][T16089] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2178.415443][T16089] ? oom_killer_disable+0x280/0x280 [ 2178.420637][T16089] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2178.426168][T16089] ? memcg_stat_show+0xc40/0xc40 [ 2178.431096][T16089] ? do_raw_spin_unlock+0x57/0x270 [ 2178.436199][T16089] ? _raw_spin_unlock+0x2d/0x50 [ 2178.441042][T16089] try_charge+0xf4b/0x1440 [ 2178.445454][T16089] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2178.451037][T16089] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2178.456588][T16089] ? cache_grow_begin+0x122/0xd20 [ 2178.461611][T16089] ? find_held_lock+0x35/0x130 [ 2178.466368][T16089] ? cache_grow_begin+0x122/0xd20 [ 2178.471389][T16089] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2178.476919][T16089] ? lock_downgrade+0x920/0x920 [ 2178.481769][T16089] ? memcg_kmem_put_cache+0x50/0x50 [ 2178.486954][T16089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2178.493182][T16089] ? __kasan_check_read+0x11/0x20 [ 2178.498199][T16089] cache_grow_begin+0x629/0xd20 [ 2178.503036][T16089] ? __sanitizer_cov_trace_cmp4+0x1/0x20 [ 2178.508667][T16089] ? mempolicy_slab_node+0x139/0x390 [ 2178.513942][T16089] fallback_alloc+0x1fd/0x2d0 [ 2178.518616][T16089] ____cache_alloc_node+0x1bc/0x1d0 [ 2178.523803][T16089] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2178.530034][T16089] kmem_cache_alloc+0x1ef/0x710 [ 2178.534874][T16089] ? stack_trace_save+0xac/0xe0 [ 2178.539715][T16089] __alloc_file+0x27/0x340 [ 2178.544137][T16089] alloc_empty_file+0x72/0x170 [ 2178.548909][T16089] path_openat+0xef/0x46d0 [ 2178.553314][T16089] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2178.559115][T16089] ? kasan_slab_alloc+0xf/0x20 [ 2178.563861][T16089] ? kmem_cache_alloc+0x121/0x710 [ 2178.568868][T16089] ? getname_flags+0xd6/0x5b0 [ 2178.573614][T16089] ? getname+0x1a/0x20 [ 2178.577668][T16089] ? do_sys_open+0x2c9/0x5d0 [ 2178.582240][T16089] ? __x64_sys_open+0x7e/0xc0 [ 2178.586903][T16089] ? __kasan_check_read+0x11/0x20 [ 2178.591914][T16089] ? mark_lock+0xc2/0x1220 [ 2178.596313][T16089] ? __kasan_check_read+0x11/0x20 [ 2178.601336][T16089] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 2178.606705][T16089] ? __alloc_fd+0x487/0x620 [ 2178.611202][T16089] do_filp_open+0x1a1/0x280 [ 2178.615722][T16089] ? may_open_dev+0x100/0x100 [ 2178.620385][T16089] ? lock_downgrade+0x920/0x920 [ 2178.625218][T16089] ? rwlock_bug.part.0+0x90/0x90 [ 2178.630146][T16089] ? __kasan_check_read+0x11/0x20 [ 2178.635689][T16089] ? do_raw_spin_unlock+0x57/0x270 [ 2178.640787][T16089] ? _raw_spin_unlock+0x2d/0x50 [ 2178.645621][T16089] ? __alloc_fd+0x487/0x620 [ 2178.650127][T16089] do_sys_open+0x3fe/0x5d0 [ 2178.654535][T16089] ? filp_open+0x80/0x80 [ 2178.658761][T16089] ? __detach_mounts+0x2a0/0x2a0 [ 2178.663686][T16089] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2178.669131][T16089] ? do_syscall_64+0x26/0x760 [ 2178.673795][T16089] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2178.679845][T16089] ? do_syscall_64+0x26/0x760 [ 2178.684525][T16089] __x64_sys_open+0x7e/0xc0 [ 2178.689025][T16089] do_syscall_64+0xfa/0x760 [ 2178.693520][T16089] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2178.699396][T16089] RIP: 0033:0x4579a0 [ 2178.703283][T16089] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 [ 2178.722873][T16089] RSP: 002b:00007ffd88aa5050 EFLAGS: 00000206 ORIG_RAX: 0000000000000002 [ 2178.731280][T16089] RAX: ffffffffffffffda RBX: 00000000002139a6 RCX: 00000000004579a0 [ 2178.739249][T16089] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffd88aa6230 [ 2178.747217][T16089] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001cf0940 [ 2178.755176][T16089] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffd88aa6230 [ 2178.763130][T16089] R13: 00007ffd88aa6220 R14: 0000000000000000 R15: 00007ffd88aa6230 13:02:46 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x29}, 0x20008844) [ 2178.808324][T16111] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2178.840969][T16112] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:46 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xf0, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2179.034362][T16089] memory: usage 980kB, limit 0kB, failcnt 401 [ 2179.040511][T16089] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 13:02:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2a}, 0x20008844) [ 2179.075762][T16089] Memory cgroup stats for /syz4: [ 2179.075865][T16089] anon 0 [ 2179.075865][T16089] file 0 [ 2179.075865][T16089] kernel_stack 0 [ 2179.075865][T16089] slab 802816 [ 2179.075865][T16089] sock 0 [ 2179.075865][T16089] shmem 0 [ 2179.075865][T16089] file_mapped 0 [ 2179.075865][T16089] file_dirty 0 [ 2179.075865][T16089] file_writeback 0 [ 2179.075865][T16089] anon_thp 0 [ 2179.075865][T16089] inactive_anon 0 [ 2179.075865][T16089] active_anon 0 [ 2179.075865][T16089] inactive_file 135168 [ 2179.075865][T16089] active_file 0 13:02:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2b}, 0x20008844) [ 2179.075865][T16089] unevictable 0 [ 2179.075865][T16089] slab_reclaimable 270336 [ 2179.075865][T16089] slab_unreclaimable 532480 [ 2179.075865][T16089] pgfault 211728 [ 2179.075865][T16089] pgmajfault 0 [ 2179.075865][T16089] workingset_refault 0 [ 2179.075865][T16089] workingset_activate 0 [ 2179.075865][T16089] workingset_nodereclaim 0 [ 2179.075865][T16089] pgrefill 148 [ 2179.075865][T16089] pgscan 138 [ 2179.075865][T16089] pgsteal 101 [ 2179.075865][T16089] pgactivate 33 13:02:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2c}, 0x20008844) [ 2179.234231][ C0] net_ratelimit: 29 callbacks suppressed [ 2179.234240][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2179.234247][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2179.234293][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2179.240020][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2179.245787][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2179.251456][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2179.257848][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2179.263544][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2179.269323][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2179.292156][ C1] protocol 88fb is buggy, dev hsr_slave_1 13:02:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2d}, 0x20008844) [ 2179.398866][T16089] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16089,uid=0 [ 2179.431518][T16122] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2179.439069][T16089] Memory cgroup out of memory: Killed process 16089 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2179.503905][ T1065] oom_reaper: reaped process 16089 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 13:02:47 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:47 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:47 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xfc, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:47 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2e}, 0x20008844) [ 2180.035816][T16144] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2180.304814][T16149] IPVS: ftp: loaded support on port[0] = 21 [ 2180.573606][T16149] chnl_net:caif_netlink_parms(): no params data found [ 2180.660043][T16149] bridge0: port 1(bridge_slave_0) entered blocking state [ 2180.669242][T16149] bridge0: port 1(bridge_slave_0) entered disabled state [ 2180.678900][T16149] device bridge_slave_0 entered promiscuous mode [ 2180.688814][T16149] bridge0: port 2(bridge_slave_1) entered blocking state [ 2180.696571][T16149] bridge0: port 2(bridge_slave_1) entered disabled state [ 2180.706654][T16149] device bridge_slave_1 entered promiscuous mode [ 2180.832624][T16149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2180.860558][T16149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2180.890999][T16149] team0: Port device team_slave_0 added [ 2180.906331][T16149] team0: Port device team_slave_1 added [ 2181.068393][T16149] device hsr_slave_0 entered promiscuous mode [ 2181.125364][T16149] device hsr_slave_1 entered promiscuous mode [ 2181.214531][T16149] debugfs: Directory 'hsr0' with parent '/' already present! [ 2181.496010][T16149] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2181.572199][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2181.581749][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2181.597635][T16149] 8021q: adding VLAN 0 to HW filter on device team0 [ 2181.748158][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2181.758022][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2181.767344][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 2181.774450][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2181.783722][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2181.794280][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2181.803425][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 2181.810641][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2181.819353][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2181.829823][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2181.906739][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2181.929585][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2181.940192][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2181.950181][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2181.961773][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2181.973074][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2182.005907][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2182.016070][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2182.025930][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2182.091467][T16149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2182.180446][T16149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2182.473666][T16157] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2182.485721][T16157] CPU: 1 PID: 16157 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2182.493298][T16157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2182.503356][T16157] Call Trace: [ 2182.506656][T16157] dump_stack+0x172/0x1f0 [ 2182.511038][T16157] dump_header+0x10b/0x82d [ 2182.515454][T16157] oom_kill_process.cold+0x10/0x15 [ 2182.520569][T16157] out_of_memory+0x334/0x1340 [ 2182.525249][T16157] ? __sched_text_start+0x8/0x8 [ 2182.530098][T16157] ? oom_killer_disable+0x280/0x280 [ 2182.535292][T16157] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2182.540920][T16157] ? memcg_stat_show+0xc40/0xc40 [ 2182.545892][T16157] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2182.551737][T16157] ? cgroup_file_notify+0x140/0x1b0 [ 2182.556941][T16157] memory_max_write+0x262/0x3a0 [ 2182.561773][T16157] ? mem_cgroup_write+0x370/0x370 [ 2182.566785][T16157] ? lock_acquire+0x190/0x410 [ 2182.571459][T16157] ? kernfs_fop_write+0x227/0x480 [ 2182.576525][T16157] cgroup_file_write+0x241/0x790 [ 2182.581443][T16157] ? mem_cgroup_write+0x370/0x370 [ 2182.586448][T16157] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2182.592062][T16157] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2182.597676][T16157] kernfs_fop_write+0x2b8/0x480 [ 2182.602505][T16157] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2182.608745][T16157] __vfs_write+0x8a/0x110 [ 2182.613051][T16157] ? kernfs_fop_open+0xd80/0xd80 [ 2182.617975][T16157] vfs_write+0x268/0x5d0 [ 2182.622197][T16157] ksys_write+0x14f/0x290 [ 2182.626503][T16157] ? __ia32_sys_read+0xb0/0xb0 [ 2182.631249][T16157] ? do_syscall_64+0x26/0x760 [ 2182.635906][T16157] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2182.641974][T16157] ? do_syscall_64+0x26/0x760 [ 2182.646637][T16157] __x64_sys_write+0x73/0xb0 [ 2182.651208][T16157] do_syscall_64+0xfa/0x760 [ 2182.655691][T16157] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2182.661572][T16157] RIP: 0033:0x459a29 [ 2182.665570][T16157] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2182.685162][T16157] RSP: 002b:00007fddccca9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2182.693560][T16157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2182.701511][T16157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2182.709470][T16157] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2182.717419][T16157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fddcccaa6d4 [ 2182.725380][T16157] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2182.752038][T16157] memory: usage 3512kB, limit 0kB, failcnt 1180 [ 2182.770826][T16157] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2182.779388][T16157] Memory cgroup stats for /syz2: [ 2182.780762][T16157] anon 2125824 [ 2182.780762][T16157] file 0 [ 2182.780762][T16157] kernel_stack 65536 [ 2182.780762][T16157] slab 1060864 [ 2182.780762][T16157] sock 0 [ 2182.780762][T16157] shmem 0 [ 2182.780762][T16157] file_mapped 0 [ 2182.780762][T16157] file_dirty 0 [ 2182.780762][T16157] file_writeback 0 [ 2182.780762][T16157] anon_thp 2097152 [ 2182.780762][T16157] inactive_anon 0 [ 2182.780762][T16157] active_anon 2125824 [ 2182.780762][T16157] inactive_file 0 [ 2182.780762][T16157] active_file 0 [ 2182.780762][T16157] unevictable 0 [ 2182.780762][T16157] slab_reclaimable 405504 [ 2182.780762][T16157] slab_unreclaimable 655360 [ 2182.780762][T16157] pgfault 192819 [ 2182.780762][T16157] pgmajfault 0 [ 2182.780762][T16157] workingset_refault 0 [ 2182.780762][T16157] workingset_activate 0 [ 2182.780762][T16157] workingset_nodereclaim 0 [ 2182.780762][T16157] pgrefill 70 [ 2182.780762][T16157] pgscan 68 [ 2182.780762][T16157] pgsteal 33 [ 2182.780762][T16157] pgactivate 33 [ 2182.883489][T16157] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16156,uid=0 [ 2182.909705][T16157] Memory cgroup out of memory: Killed process 16156 (syz-executor.2) total-vm:72576kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 13:02:50 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2f}, 0x20008844) 13:02:50 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:50 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x300, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:50 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x40000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2182.944474][ T1065] oom_reaper: reaped process 16156 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB 13:02:50 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:51 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) getpid() r2 = getpid() perf_event_open(&(0x7f0000000400)={0x1, 0x70, 0x0, 0x80, 0x0, 0x0, 0x0, 0x72, 0x406, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5, 0x100000000000000}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r6 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r7 = gettid() write$cgroup_pid(r6, &(0x7f0000000500)=r7, 0x12) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r8, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r8, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r0], 0x0, 0x12, 0x0, 0xffffffffffffffff}, 0xfdf0) r11 = openat$cgroup_int(r3, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r12 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r6, &(0x7f0000000540)=r12, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r3, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r5, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r11, 0x0, 0x0) [ 2183.026474][T16149] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2183.049344][T16161] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2183.077045][T16163] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2183.081845][T16149] CPU: 0 PID: 16149 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2183.093949][T16149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2183.104010][T16149] Call Trace: [ 2183.107303][T16149] dump_stack+0x172/0x1f0 [ 2183.111632][T16149] dump_header+0x10b/0x82d [ 2183.116046][T16149] ? oom_kill_process+0x94/0x3f0 [ 2183.116062][T16149] oom_kill_process.cold+0x10/0x15 [ 2183.116075][T16149] out_of_memory+0x334/0x1340 [ 2183.116087][T16149] ? lock_downgrade+0x920/0x920 [ 2183.116103][T16149] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2183.116115][T16149] ? oom_killer_disable+0x280/0x280 [ 2183.116135][T16149] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2183.116148][T16149] ? memcg_stat_show+0xc40/0xc40 [ 2183.116163][T16149] ? do_raw_spin_unlock+0x57/0x270 [ 2183.116178][T16149] ? _raw_spin_unlock+0x2d/0x50 [ 2183.116193][T16149] try_charge+0xf4b/0x1440 [ 2183.116213][T16149] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2183.116224][T16149] ? percpu_ref_tryget_live+0x111/0x290 [ 2183.116239][T16149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2183.116258][T16149] ? __kasan_check_read+0x11/0x20 [ 2183.171692][T16149] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2183.199543][T16149] mem_cgroup_try_charge+0x136/0x590 [ 2183.199567][T16149] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2183.210478][T16149] wp_page_copy+0x407/0x1860 [ 2183.215089][T16149] ? find_held_lock+0x35/0x130 [ 2183.219875][T16149] ? do_wp_page+0x53b/0x15c0 [ 2183.224484][T16149] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2183.230320][T16149] ? lock_downgrade+0x920/0x920 [ 2183.235177][T16149] ? swp_swapcount+0x540/0x540 [ 2183.239953][T16149] ? __kasan_check_read+0x11/0x20 [ 2183.244984][T16149] ? do_raw_spin_unlock+0x57/0x270 [ 2183.250110][T16149] do_wp_page+0x543/0x15c0 [ 2183.254555][T16149] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2183.254577][T16149] __handle_mm_fault+0x23ec/0x4040 [ 2183.254595][T16149] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2183.254608][T16149] ? handle_mm_fault+0x292/0xaa0 [ 2183.254635][T16149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2183.254654][T16149] ? __kasan_check_read+0x11/0x20 [ 2183.254670][T16149] handle_mm_fault+0x3b7/0xaa0 [ 2183.254692][T16149] __do_page_fault+0x536/0xdd0 [ 2183.275674][T16149] do_page_fault+0x38/0x590 [ 2183.300912][T16149] page_fault+0x39/0x40 [ 2183.305063][T16149] RIP: 0033:0x430b06 [ 2183.305080][T16149] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2183.329244][T16149] RSP: 002b:00007ffc6f607600 EFLAGS: 00010206 [ 2183.329255][T16149] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2183.329262][T16149] RDX: 00000000026e4930 RSI: 00000000026ec970 RDI: 0000000000000003 [ 2183.329270][T16149] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000026e3940 [ 2183.329276][T16149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2183.329284][T16149] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 13:02:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x30}, 0x20008844) [ 2183.354279][T16149] memory: usage 1188kB, limit 0kB, failcnt 1192 [ 2183.367870][T16149] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2183.413512][T16149] Memory cgroup stats for /syz2: [ 2183.413616][T16149] anon 20480 [ 2183.413616][T16149] file 0 [ 2183.413616][T16149] kernel_stack 0 [ 2183.413616][T16149] slab 1060864 [ 2183.413616][T16149] sock 0 [ 2183.413616][T16149] shmem 0 [ 2183.413616][T16149] file_mapped 0 [ 2183.413616][T16149] file_dirty 0 [ 2183.413616][T16149] file_writeback 0 [ 2183.413616][T16149] anon_thp 0 [ 2183.413616][T16149] inactive_anon 0 [ 2183.413616][T16149] active_anon 20480 [ 2183.413616][T16149] inactive_file 0 [ 2183.413616][T16149] active_file 0 [ 2183.413616][T16149] unevictable 0 [ 2183.413616][T16149] slab_reclaimable 405504 [ 2183.413616][T16149] slab_unreclaimable 655360 [ 2183.413616][T16149] pgfault 192819 13:02:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x31}, 0x20008844) [ 2183.413616][T16149] pgmajfault 0 [ 2183.413616][T16149] workingset_refault 0 [ 2183.413616][T16149] workingset_activate 0 [ 2183.413616][T16149] workingset_nodereclaim 0 [ 2183.413616][T16149] pgrefill 70 [ 2183.413616][T16149] pgscan 68 [ 2183.413616][T16149] pgsteal 33 [ 2183.413616][T16149] pgactivate 33 13:02:51 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x60000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x32}, 0x20008844) [ 2183.670653][T16149] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16149,uid=0 13:02:51 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x500, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2183.714676][T16149] Memory cgroup out of memory: Killed process 16149 (syz-executor.2) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 [ 2183.744602][ T1065] oom_reaper: reaped process 16149 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:02:51 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x33}, 0x20008844) [ 2183.869945][T16183] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:02:52 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x34}, 0x20008844) [ 2184.358805][T16181] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:52 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x2010000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:02:52 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x9effffff, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:52 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x35}, 0x20008844) [ 2184.766563][T16202] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2184.963239][T16206] IPVS: ftp: loaded support on port[0] = 21 [ 2184.994539][ C1] net_ratelimit: 48 callbacks suppressed [ 2184.994548][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2185.004219][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2185.006074][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2185.011734][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2185.017521][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2185.028938][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2185.034817][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2185.040577][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2185.046443][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2185.052198][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2185.186432][T16202] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2185.501343][T16206] chnl_net:caif_netlink_parms(): no params data found [ 2185.619387][T16206] bridge0: port 1(bridge_slave_0) entered blocking state [ 2185.627402][T16206] bridge0: port 1(bridge_slave_0) entered disabled state [ 2185.637032][T16206] device bridge_slave_0 entered promiscuous mode [ 2185.646883][T16206] bridge0: port 2(bridge_slave_1) entered blocking state [ 2185.654032][T16206] bridge0: port 2(bridge_slave_1) entered disabled state [ 2185.664695][T16206] device bridge_slave_1 entered promiscuous mode [ 2185.748926][T16206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2185.762993][T16206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2185.851436][T16206] team0: Port device team_slave_0 added [ 2185.861372][T16206] team0: Port device team_slave_1 added [ 2185.917883][T16206] device hsr_slave_0 entered promiscuous mode [ 2185.977148][T16206] device hsr_slave_1 entered promiscuous mode [ 2186.014278][T16206] debugfs: Directory 'hsr0' with parent '/' already present! [ 2186.153963][T16206] bridge0: port 2(bridge_slave_1) entered blocking state [ 2186.161122][T16206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2186.168726][T16206] bridge0: port 1(bridge_slave_0) entered blocking state [ 2186.175835][T16206] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2186.317894][T16206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2186.467616][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2186.486077][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 2186.505173][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 2186.526897][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2186.597496][T16206] 8021q: adding VLAN 0 to HW filter on device team0 [ 2186.612063][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2186.622239][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2186.632145][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 2186.639311][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2186.709673][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2186.737458][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2186.746654][T13302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2186.753732][T13302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2186.762094][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2186.825346][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2186.844840][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2186.856401][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2186.924323][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2186.933235][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2186.945260][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2186.955473][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2186.965342][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2186.985988][T16206] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2186.998211][T16206] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2187.018444][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2187.029249][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2187.128972][T16206] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2187.422483][T16215] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2187.433006][T16215] CPU: 0 PID: 16215 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2187.440562][T16215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2187.450621][T16215] Call Trace: [ 2187.453921][T16215] dump_stack+0x172/0x1f0 [ 2187.458268][T16215] dump_header+0x10b/0x82d [ 2187.462678][T16215] oom_kill_process.cold+0x10/0x15 [ 2187.467770][T16215] out_of_memory+0x334/0x1340 [ 2187.472582][T16215] ? __sched_text_start+0x8/0x8 [ 2187.477461][T16215] ? oom_killer_disable+0x280/0x280 [ 2187.482641][T16215] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2187.488612][T16215] ? memcg_stat_show+0xc40/0xc40 [ 2187.493751][T16215] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2187.499537][T16215] ? cgroup_file_notify+0x140/0x1b0 [ 2187.504718][T16215] memory_max_write+0x262/0x3a0 [ 2187.509547][T16215] ? mem_cgroup_write+0x370/0x370 [ 2187.514586][T16215] ? lock_acquire+0x190/0x410 [ 2187.519285][T16215] ? kernfs_fop_write+0x227/0x480 [ 2187.524291][T16215] cgroup_file_write+0x241/0x790 [ 2187.529212][T16215] ? mem_cgroup_write+0x370/0x370 [ 2187.534216][T16215] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2187.539841][T16215] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2187.545556][T16215] kernfs_fop_write+0x2b8/0x480 [ 2187.550385][T16215] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2187.556956][T16215] __vfs_write+0x8a/0x110 [ 2187.561281][T16215] ? kernfs_fop_open+0xd80/0xd80 [ 2187.566212][T16215] vfs_write+0x268/0x5d0 [ 2187.570434][T16215] ksys_write+0x14f/0x290 [ 2187.574756][T16215] ? __ia32_sys_read+0xb0/0xb0 [ 2187.579502][T16215] ? do_syscall_64+0x26/0x760 [ 2187.584158][T16215] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2187.590198][T16215] ? do_syscall_64+0x26/0x760 [ 2187.594914][T16215] __x64_sys_write+0x73/0xb0 [ 2187.599483][T16215] do_syscall_64+0xfa/0x760 [ 2187.603966][T16215] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2187.609836][T16215] RIP: 0033:0x459a29 [ 2187.613710][T16215] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2187.633465][T16215] RSP: 002b:00007f4ca8e9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2187.641852][T16215] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2187.649804][T16215] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2187.657752][T16215] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2187.665700][T16215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4ca8e9d6d4 [ 2187.673662][T16215] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2187.686633][T16215] memory: usage 3348kB, limit 0kB, failcnt 402 [ 2187.692834][T16215] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2187.699805][T16215] Memory cgroup stats for /syz4: [ 2187.699922][T16215] anon 2052096 [ 2187.699922][T16215] file 0 [ 2187.699922][T16215] kernel_stack 65536 [ 2187.699922][T16215] slab 802816 [ 2187.699922][T16215] sock 0 [ 2187.699922][T16215] shmem 0 [ 2187.699922][T16215] file_mapped 0 [ 2187.699922][T16215] file_dirty 0 [ 2187.699922][T16215] file_writeback 0 [ 2187.699922][T16215] anon_thp 2097152 [ 2187.699922][T16215] inactive_anon 0 [ 2187.699922][T16215] active_anon 2052096 [ 2187.699922][T16215] inactive_file 135168 [ 2187.699922][T16215] active_file 0 [ 2187.699922][T16215] unevictable 0 [ 2187.699922][T16215] slab_reclaimable 270336 [ 2187.699922][T16215] slab_unreclaimable 532480 [ 2187.699922][T16215] pgfault 211794 [ 2187.699922][T16215] pgmajfault 0 [ 2187.699922][T16215] workingset_refault 0 [ 2187.699922][T16215] workingset_activate 0 [ 2187.699922][T16215] workingset_nodereclaim 0 [ 2187.699922][T16215] pgrefill 148 [ 2187.699922][T16215] pgscan 138 [ 2187.699922][T16215] pgsteal 101 [ 2187.699922][T16215] pgactivate 33 [ 2187.704988][T16215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16214,uid=0 [ 2187.814631][T16215] Memory cgroup out of memory: Killed process 16214 (syz-executor.4) total-vm:72708kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2187.836809][ T1065] oom_reaper: reaped process 16214 (syz-executor.4), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:02:56 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:02:56 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x14, 0x1, 0x1, 0x0, 0xff91}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:02:56 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x36}, 0x20008844) 13:02:56 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x600, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:02:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf0ffffff, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:56 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x2020000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2188.078794][T16206] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2188.102478][T16206] CPU: 1 PID: 16206 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2188.110083][T16206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2188.120163][T16206] Call Trace: [ 2188.123467][T16206] dump_stack+0x172/0x1f0 [ 2188.127857][T16206] dump_header+0x10b/0x82d [ 2188.132993][T16206] ? oom_kill_process+0x94/0x3f0 [ 2188.137959][T16206] oom_kill_process.cold+0x10/0x15 [ 2188.143097][T16206] out_of_memory+0x334/0x1340 [ 2188.147797][T16206] ? lock_downgrade+0x920/0x920 [ 2188.152677][T16206] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2188.158507][T16206] ? oom_killer_disable+0x280/0x280 [ 2188.163736][T16206] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2188.169304][T16206] ? memcg_stat_show+0xc40/0xc40 [ 2188.174262][T16206] ? do_raw_spin_unlock+0x57/0x270 [ 2188.176727][T16227] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2188.179389][T16206] ? _raw_spin_unlock+0x2d/0x50 [ 2188.179411][T16206] try_charge+0xf4b/0x1440 [ 2188.197971][T16206] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2188.203535][T16206] ? percpu_ref_tryget_live+0x111/0x290 [ 2188.209099][T16206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2188.215363][T16206] ? __kasan_check_read+0x11/0x20 [ 2188.220415][T16206] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2188.225986][T16206] mem_cgroup_try_charge+0x136/0x590 [ 2188.231827][T16206] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2188.237480][T16206] __handle_mm_fault+0x1f0d/0x4040 [ 2188.242617][T16206] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2188.248177][T16206] ? handle_mm_fault+0x292/0xaa0 [ 2188.253149][T16206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2188.253169][T16206] ? __kasan_check_read+0x11/0x20 [ 2188.264613][T16206] handle_mm_fault+0x3b7/0xaa0 [ 2188.269408][T16206] __do_page_fault+0x536/0xdd0 [ 2188.274201][T16206] do_page_fault+0x38/0x590 [ 2188.278720][T16206] page_fault+0x39/0x40 [ 2188.282881][T16206] RIP: 0033:0x4034f2 [ 2188.286781][T16206] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2188.306384][T16206] RSP: 002b:00007ffe0e612e60 EFLAGS: 00010246 [ 2188.306395][T16206] RAX: 0000000000000000 RBX: 000000000021607d RCX: 0000000000413630 [ 2188.306401][T16206] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe0e613f90 13:02:56 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x37}, 0x20008844) [ 2188.306408][T16206] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001348940 [ 2188.306416][T16206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe0e613f90 [ 2188.306424][T16206] R13: 00007ffe0e613f80 R14: 0000000000000000 R15: 00007ffe0e613f90 [ 2188.361281][T16225] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:56 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x38}, 0x20008844) 13:02:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xfcffffff, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:02:56 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x39}, 0x20008844) 13:02:56 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3a}, 0x20008844) [ 2188.684038][T16221] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:02:56 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x700, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2188.804595][T16206] memory: usage 980kB, limit 0kB, failcnt 410 [ 2188.824365][T16206] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2188.831267][T16206] Memory cgroup stats for /syz4: [ 2188.831370][T16206] anon 0 [ 2188.831370][T16206] file 0 [ 2188.831370][T16206] kernel_stack 0 [ 2188.831370][T16206] slab 802816 [ 2188.831370][T16206] sock 0 [ 2188.831370][T16206] shmem 0 [ 2188.831370][T16206] file_mapped 0 [ 2188.831370][T16206] file_dirty 0 [ 2188.831370][T16206] file_writeback 0 [ 2188.831370][T16206] anon_thp 0 [ 2188.831370][T16206] inactive_anon 0 [ 2188.831370][T16206] active_anon 0 [ 2188.831370][T16206] inactive_file 135168 [ 2188.831370][T16206] active_file 0 [ 2188.831370][T16206] unevictable 0 [ 2188.831370][T16206] slab_reclaimable 270336 [ 2188.831370][T16206] slab_unreclaimable 532480 [ 2188.831370][T16206] pgfault 211794 [ 2188.831370][T16206] pgmajfault 0 [ 2188.831370][T16206] workingset_refault 0 [ 2188.831370][T16206] workingset_activate 0 [ 2188.831370][T16206] workingset_nodereclaim 0 [ 2188.831370][T16206] pgrefill 148 [ 2188.831370][T16206] pgscan 138 [ 2188.831370][T16206] pgsteal 101 [ 2188.831370][T16206] pgactivate 33 [ 2188.934075][T16206] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16206,uid=0 [ 2188.964853][T16227] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2188.974348][T16206] Memory cgroup out of memory: Killed process 16206 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2189.002184][T16246] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2189.035247][ T1065] oom_reaper: reaped process 16206 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 13:02:57 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2189.748196][T16251] IPVS: ftp: loaded support on port[0] = 21 [ 2190.012549][T16251] chnl_net:caif_netlink_parms(): no params data found [ 2190.105174][T16251] bridge0: port 1(bridge_slave_0) entered blocking state [ 2190.112359][T16251] bridge0: port 1(bridge_slave_0) entered disabled state [ 2190.121877][T16251] device bridge_slave_0 entered promiscuous mode [ 2190.131469][T16251] bridge0: port 2(bridge_slave_1) entered blocking state [ 2190.139117][T16251] bridge0: port 2(bridge_slave_1) entered disabled state [ 2190.148746][T16251] device bridge_slave_1 entered promiscuous mode [ 2190.249611][T16251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2190.263049][T16251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2190.291423][T16251] team0: Port device team_slave_0 added [ 2190.355873][T16251] team0: Port device team_slave_1 added [ 2190.428534][T16251] device hsr_slave_0 entered promiscuous mode [ 2190.505608][T16251] device hsr_slave_1 entered promiscuous mode [ 2190.545145][T16251] debugfs: Directory 'hsr0' with parent '/' already present! [ 2190.615655][T16251] bridge0: port 2(bridge_slave_1) entered blocking state [ 2190.622765][T16251] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2190.630223][T16251] bridge0: port 1(bridge_slave_0) entered blocking state [ 2190.637347][T16251] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2190.846310][T16251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2190.918043][T15989] bridge0: port 1(bridge_slave_0) entered disabled state [ 2190.936469][T15989] bridge0: port 2(bridge_slave_1) entered disabled state [ 2190.956644][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2190.980178][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2190.989698][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2191.005326][T16251] 8021q: adding VLAN 0 to HW filter on device team0 [ 2191.100398][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2191.111338][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2191.121287][T15989] bridge0: port 1(bridge_slave_0) entered blocking state [ 2191.128429][T15989] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2191.137521][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2191.147552][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2191.157286][T15989] bridge0: port 2(bridge_slave_1) entered blocking state [ 2191.164432][T15989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2191.249296][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2191.330055][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2191.343632][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2191.355772][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2191.391363][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2191.415904][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2191.426468][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2191.439194][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2191.449066][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2191.517909][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2191.527774][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2191.542144][T16251] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2191.626864][T16251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2191.973262][T16260] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2191.985001][T16260] CPU: 1 PID: 16260 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2191.995965][T16260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2192.006039][T16260] Call Trace: [ 2192.010383][T16260] dump_stack+0x172/0x1f0 [ 2192.014726][T16260] dump_header+0x10b/0x82d [ 2192.019147][T16260] oom_kill_process.cold+0x10/0x15 [ 2192.024260][T16260] out_of_memory+0x334/0x1340 [ 2192.028940][T16260] ? __sched_text_start+0x8/0x8 [ 2192.033790][T16260] ? oom_killer_disable+0x280/0x280 [ 2192.039013][T16260] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2192.044564][T16260] ? memcg_stat_show+0xc40/0xc40 [ 2192.049513][T16260] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2192.055431][T16260] ? cgroup_file_notify+0x140/0x1b0 [ 2192.060634][T16260] memory_max_write+0x262/0x3a0 [ 2192.065486][T16260] ? mem_cgroup_write+0x370/0x370 [ 2192.070509][T16260] ? lock_acquire+0x190/0x410 [ 2192.075189][T16260] ? kernfs_fop_write+0x227/0x480 [ 2192.080218][T16260] cgroup_file_write+0x241/0x790 [ 2192.085158][T16260] ? mem_cgroup_write+0x370/0x370 [ 2192.090187][T16260] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2192.095827][T16260] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2192.101461][T16260] kernfs_fop_write+0x2b8/0x480 [ 2192.106311][T16260] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2192.112556][T16260] __vfs_write+0x8a/0x110 [ 2192.116892][T16260] ? kernfs_fop_open+0xd80/0xd80 [ 2192.121832][T16260] vfs_write+0x268/0x5d0 [ 2192.126077][T16260] ksys_write+0x14f/0x290 [ 2192.130407][T16260] ? __ia32_sys_read+0xb0/0xb0 [ 2192.135190][T16260] ? do_syscall_64+0x26/0x760 [ 2192.139885][T16260] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2192.145962][T16260] ? do_syscall_64+0x26/0x760 [ 2192.150663][T16260] __x64_sys_write+0x73/0xb0 [ 2192.155282][T16260] do_syscall_64+0xfa/0x760 [ 2192.159815][T16260] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2192.165719][T16260] RIP: 0033:0x459a29 [ 2192.169616][T16260] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2192.189233][T16260] RSP: 002b:00007fbe6f390c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2192.197840][T16260] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2192.205897][T16260] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2192.213868][T16260] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2192.221838][T16260] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe6f3916d4 [ 2192.229810][T16260] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2192.250817][T16260] memory: usage 3468kB, limit 0kB, failcnt 1193 [ 2192.257331][T16260] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2192.264810][T16260] Memory cgroup stats for /syz2: [ 2192.264919][T16260] anon 2113536 [ 2192.264919][T16260] file 0 [ 2192.264919][T16260] kernel_stack 65536 [ 2192.264919][T16260] slab 1060864 [ 2192.264919][T16260] sock 0 [ 2192.264919][T16260] shmem 0 [ 2192.264919][T16260] file_mapped 0 [ 2192.264919][T16260] file_dirty 0 [ 2192.264919][T16260] file_writeback 0 [ 2192.264919][T16260] anon_thp 2097152 [ 2192.264919][T16260] inactive_anon 0 [ 2192.264919][T16260] active_anon 2113536 [ 2192.264919][T16260] inactive_file 0 [ 2192.264919][T16260] active_file 0 [ 2192.264919][T16260] unevictable 0 [ 2192.264919][T16260] slab_reclaimable 405504 [ 2192.264919][T16260] slab_unreclaimable 655360 [ 2192.264919][T16260] pgfault 192885 [ 2192.264919][T16260] pgmajfault 0 [ 2192.264919][T16260] workingset_refault 0 [ 2192.264919][T16260] workingset_activate 0 [ 2192.264919][T16260] workingset_nodereclaim 0 [ 2192.264919][T16260] pgrefill 70 [ 2192.264919][T16260] pgscan 68 [ 2192.264919][T16260] pgsteal 33 [ 2192.264919][T16260] pgactivate 33 [ 2192.362466][T16260] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16258,uid=0 [ 2192.379978][T16260] Memory cgroup out of memory: Killed process 16258 (syz-executor.2) total-vm:72708kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2192.401694][ T1065] oom_reaper: reaped process 16258 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:03:00 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3b}, 0x20008844) 13:03:00 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xfffff000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:00 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x900, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:00 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:03:00 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:00 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r1, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) r2 = perf_event_open$cgroup(&(0x7f0000000440)={0x3, 0x70, 0x8, 0xe0, 0xf2, 0x1, 0x0, 0x200, 0x11600, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfc, 0x1, @perf_bp={&(0x7f0000000400), 0x6}, 0x1002, 0x6, 0xfc, 0x6, 0x8, 0x4, 0x5}, r1, 0x1, 0xffffffffffffffff, 0x8) r3 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r2, 0x8) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r3, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000040000000000000c00000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r7 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r8 = gettid() write$cgroup_pid(r7, &(0x7f0000000500)=r8, 0x12) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r9, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r9, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r10 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r11 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r7, &(0x7f0000000540)=r11, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r4, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r12, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) r13 = openat$cgroup(r12, &(0x7f0000000200)='syz1\x00', 0x200002, 0x0) openat$cgroup_int(r13, 0x0, 0x2, 0x0) openat$cgroup_subtree(r6, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x89f) write$cgroup_int(r10, 0x0, 0x0) [ 2192.513507][T16251] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2192.564459][T16264] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2192.584265][T16251] CPU: 1 PID: 16251 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2192.591870][T16251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2192.591994][T16268] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2192.602020][T16251] Call Trace: [ 2192.602046][T16251] dump_stack+0x172/0x1f0 [ 2192.602064][T16251] dump_header+0x10b/0x82d [ 2192.602075][T16251] ? oom_kill_process+0x94/0x3f0 [ 2192.602091][T16251] oom_kill_process.cold+0x10/0x15 [ 2192.602107][T16251] out_of_memory+0x334/0x1340 [ 2192.602119][T16251] ? lock_downgrade+0x920/0x920 [ 2192.602136][T16251] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2192.602151][T16251] ? oom_killer_disable+0x280/0x280 [ 2192.602173][T16251] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2192.602184][T16251] ? memcg_stat_show+0xc40/0xc40 [ 2192.602201][T16251] ? do_raw_spin_unlock+0x57/0x270 [ 2192.602217][T16251] ? _raw_spin_unlock+0x2d/0x50 [ 2192.602234][T16251] try_charge+0xf4b/0x1440 [ 2192.602257][T16251] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2192.602269][T16251] ? percpu_ref_tryget_live+0x111/0x290 [ 2192.602287][T16251] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2192.602303][T16251] ? __kasan_check_read+0x11/0x20 [ 2192.602321][T16251] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2192.602341][T16251] mem_cgroup_try_charge+0x136/0x590 13:03:00 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3c}, 0x20008844) [ 2192.602361][T16251] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2192.602376][T16251] wp_page_copy+0x407/0x1860 [ 2192.602392][T16251] ? find_held_lock+0x35/0x130 [ 2192.602404][T16251] ? do_wp_page+0x53b/0x15c0 [ 2192.602419][T16251] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2192.602434][T16251] ? lock_downgrade+0x920/0x920 [ 2192.602451][T16251] ? swp_swapcount+0x540/0x540 [ 2192.602464][T16251] ? __kasan_check_read+0x11/0x20 [ 2192.602473][T16251] ? do_raw_spin_unlock+0x57/0x270 [ 2192.602487][T16251] do_wp_page+0x543/0x15c0 [ 2192.602504][T16251] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2192.602525][T16251] __handle_mm_fault+0x23ec/0x4040 [ 2192.602543][T16251] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2192.602556][T16251] ? handle_mm_fault+0x292/0xaa0 [ 2192.602581][T16251] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2192.602595][T16251] ? __kasan_check_read+0x11/0x20 [ 2192.602613][T16251] handle_mm_fault+0x3b7/0xaa0 [ 2192.602633][T16251] __do_page_fault+0x536/0xdd0 [ 2192.602655][T16251] do_page_fault+0x38/0x590 [ 2192.602673][T16251] page_fault+0x39/0x40 [ 2192.602684][T16251] RIP: 0033:0x4034f2 [ 2192.602699][T16251] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2192.602706][T16251] RSP: 002b:00007fff7ea02da0 EFLAGS: 00010246 [ 2192.602716][T16251] RAX: 0000000000000000 RBX: 0000000000217362 RCX: 0000000000413630 [ 2192.602724][T16251] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007fff7ea03ed0 [ 2192.602733][T16251] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000002410940 [ 2192.602741][T16251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff7ea03ed0 [ 2192.602750][T16251] R13: 00007fff7ea03ec0 R14: 0000000000000000 R15: 00007fff7ea03ed0 [ 2192.622566][T16251] memory: usage 1100kB, limit 0kB, failcnt 1201 [ 2192.729783][T16251] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2192.741064][T16251] Memory cgroup stats for /syz2: [ 2192.741157][T16251] anon 49152 [ 2192.741157][T16251] file 0 [ 2192.741157][T16251] kernel_stack 0 [ 2192.741157][T16251] slab 1060864 [ 2192.741157][T16251] sock 0 [ 2192.741157][T16251] shmem 0 [ 2192.741157][T16251] file_mapped 0 [ 2192.741157][T16251] file_dirty 0 [ 2192.741157][T16251] file_writeback 0 [ 2192.741157][T16251] anon_thp 0 [ 2192.741157][T16251] inactive_anon 0 [ 2192.741157][T16251] active_anon 49152 [ 2192.741157][T16251] inactive_file 0 [ 2192.741157][T16251] active_file 0 [ 2192.741157][T16251] unevictable 0 [ 2192.741157][T16251] slab_reclaimable 405504 [ 2192.741157][T16251] slab_unreclaimable 655360 [ 2192.741157][T16251] pgfault 192885 [ 2192.741157][T16251] pgmajfault 0 [ 2192.741157][T16251] workingset_refault 0 [ 2192.741157][T16251] workingset_activate 0 [ 2192.741157][T16251] workingset_nodereclaim 0 [ 2192.741157][T16251] pgrefill 70 [ 2192.741157][T16251] pgscan 68 [ 2192.741157][T16251] pgsteal 33 [ 2192.741157][T16251] pgactivate 33 [ 2192.754233][ C0] net_ratelimit: 44 callbacks suppressed [ 2192.754241][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2192.755447][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2192.760508][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2192.764924][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2192.770318][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2192.775461][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2192.780915][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2192.785877][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2192.792178][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2192.797183][ C1] protocol 88fb is buggy, dev hsr_slave_0 13:03:01 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3d}, 0x20008844) [ 2192.921143][T16251] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16251,uid=0 13:03:01 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xa00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:01 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xffffff7f, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:01 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x3e}, 0x20008844) [ 2193.235645][T16251] Memory cgroup out of memory: Killed process 16251 (syz-executor.2) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 13:03:01 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x41}, 0x20008844) 13:03:01 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x300}, 0x20008844) [ 2193.518816][T16285] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:01 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x301}, 0x20008844) 13:03:01 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xffffff9e, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2194.091208][T16292] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:03:02 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x3010000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2194.420378][T16307] IPVS: ftp: loaded support on port[0] = 21 [ 2194.495322][T16310] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2194.938252][T16310] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2195.095940][T16307] chnl_net:caif_netlink_parms(): no params data found [ 2195.233894][T16307] bridge0: port 1(bridge_slave_0) entered blocking state [ 2195.256292][T16307] bridge0: port 1(bridge_slave_0) entered disabled state [ 2195.273958][T16307] device bridge_slave_0 entered promiscuous mode [ 2195.350092][T16307] bridge0: port 2(bridge_slave_1) entered blocking state [ 2195.358371][T16307] bridge0: port 2(bridge_slave_1) entered disabled state [ 2195.368705][T16307] device bridge_slave_1 entered promiscuous mode [ 2195.406067][T16307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2195.420079][T16307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2195.516411][T16307] team0: Port device team_slave_0 added [ 2195.526169][T16307] team0: Port device team_slave_1 added [ 2195.608902][T16307] device hsr_slave_0 entered promiscuous mode [ 2195.675541][T16307] device hsr_slave_1 entered promiscuous mode [ 2195.755196][T16307] debugfs: Directory 'hsr0' with parent '/' already present! [ 2196.036126][T16307] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2196.103226][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2196.112612][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2196.128035][T16307] 8021q: adding VLAN 0 to HW filter on device team0 [ 2196.220319][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2196.232402][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2196.241836][T13302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2196.248984][T13302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2196.265794][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2196.276212][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2196.286016][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2196.296611][T13302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2196.303694][T13302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2196.376685][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2196.391900][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2196.435921][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2196.446846][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2196.523813][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2196.535096][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2196.545988][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2196.612793][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2196.623221][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2196.632998][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2196.642820][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2196.657283][T16307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2196.700841][T16307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2197.101052][T16321] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2197.113018][T16321] CPU: 0 PID: 16321 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2197.120581][T16321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2197.130657][T16321] Call Trace: [ 2197.133969][T16321] dump_stack+0x172/0x1f0 [ 2197.139626][T16321] dump_header+0x10b/0x82d [ 2197.144051][T16321] oom_kill_process.cold+0x10/0x15 [ 2197.149170][T16321] out_of_memory+0x334/0x1340 [ 2197.153849][T16321] ? __sched_text_start+0x8/0x8 [ 2197.158713][T16321] ? oom_killer_disable+0x280/0x280 [ 2197.164073][T16321] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2197.169636][T16321] ? memcg_stat_show+0xc40/0xc40 [ 2197.174603][T16321] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2197.180499][T16321] ? cgroup_file_notify+0x140/0x1b0 [ 2197.185707][T16321] memory_max_write+0x262/0x3a0 [ 2197.190563][T16321] ? mem_cgroup_write+0x370/0x370 [ 2197.195592][T16321] ? lock_acquire+0x190/0x410 [ 2197.200266][T16321] ? kernfs_fop_write+0x227/0x480 [ 2197.205301][T16321] cgroup_file_write+0x241/0x790 [ 2197.210243][T16321] ? mem_cgroup_write+0x370/0x370 [ 2197.215271][T16321] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2197.220912][T16321] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2197.226544][T16321] kernfs_fop_write+0x2b8/0x480 [ 2197.231402][T16321] __vfs_write+0x8a/0x110 [ 2197.235733][T16321] ? kernfs_fop_open+0xd80/0xd80 [ 2197.240669][T16321] vfs_write+0x268/0x5d0 [ 2197.244913][T16321] ksys_write+0x14f/0x290 [ 2197.249244][T16321] ? __ia32_sys_read+0xb0/0xb0 [ 2197.254004][T16321] ? do_syscall_64+0x26/0x760 [ 2197.258700][T16321] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2197.264763][T16321] ? do_syscall_64+0x26/0x760 [ 2197.269457][T16321] __x64_sys_write+0x73/0xb0 [ 2197.274054][T16321] do_syscall_64+0xfa/0x760 [ 2197.278561][T16321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2197.284451][T16321] RIP: 0033:0x459a29 [ 2197.288342][T16321] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2197.307950][T16321] RSP: 002b:00007f61db4cec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2197.316367][T16321] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2197.324364][T16321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2197.332335][T16321] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2197.340306][T16321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61db4cf6d4 [ 2197.348279][T16321] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2197.380483][T16321] memory: usage 3380kB, limit 0kB, failcnt 411 [ 2197.387196][T16321] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2197.398841][T16321] Memory cgroup stats for /syz4: [ 2197.400376][T16321] anon 2117632 [ 2197.400376][T16321] file 0 [ 2197.400376][T16321] kernel_stack 65536 [ 2197.400376][T16321] slab 802816 [ 2197.400376][T16321] sock 0 [ 2197.400376][T16321] shmem 0 [ 2197.400376][T16321] file_mapped 0 [ 2197.400376][T16321] file_dirty 0 [ 2197.400376][T16321] file_writeback 0 [ 2197.400376][T16321] anon_thp 2097152 [ 2197.400376][T16321] inactive_anon 0 [ 2197.400376][T16321] active_anon 2117632 [ 2197.400376][T16321] inactive_file 135168 [ 2197.400376][T16321] active_file 0 [ 2197.400376][T16321] unevictable 0 [ 2197.400376][T16321] slab_reclaimable 270336 [ 2197.400376][T16321] slab_unreclaimable 532480 [ 2197.400376][T16321] pgfault 211860 [ 2197.400376][T16321] pgmajfault 0 [ 2197.400376][T16321] workingset_refault 0 [ 2197.400376][T16321] workingset_activate 0 [ 2197.400376][T16321] workingset_nodereclaim 0 [ 2197.400376][T16321] pgrefill 148 [ 2197.400376][T16321] pgscan 138 [ 2197.400376][T16321] pgsteal 101 [ 2197.400376][T16321] pgactivate 33 [ 2197.532667][T16321] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16319,uid=0 [ 2197.549521][T16321] Memory cgroup out of memory: Killed process 16319 (syz-executor.4) total-vm:72708kB, anon-rss:2192kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2197.572717][ T1065] oom_reaper: reaped process 16319 (syz-executor.4), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB 13:03:05 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:05 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x901}, 0x20008844) 13:03:05 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:05 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xb00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:05 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xfffffff0, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:05 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x3020000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2197.766494][T16307] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2197.813017][T16325] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2197.841264][T16307] CPU: 0 PID: 16307 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2197.848863][T16307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2197.856338][T16329] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2197.858922][T16307] Call Trace: [ 2197.858943][T16307] dump_stack+0x172/0x1f0 [ 2197.858961][T16307] dump_header+0x10b/0x82d [ 2197.858980][T16307] ? oom_kill_process+0x94/0x3f0 [ 2197.885665][T16307] oom_kill_process.cold+0x10/0x15 [ 2197.890797][T16307] out_of_memory+0x334/0x1340 [ 2197.895477][T16307] ? lock_downgrade+0x920/0x920 [ 2197.901115][T16307] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2197.906920][T16307] ? oom_killer_disable+0x280/0x280 [ 2197.906942][T16307] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2197.906953][T16307] ? memcg_stat_show+0xc40/0xc40 [ 2197.906969][T16307] ? do_raw_spin_unlock+0x57/0x270 [ 2197.906985][T16307] ? _raw_spin_unlock+0x2d/0x50 [ 2197.907000][T16307] try_charge+0xf4b/0x1440 [ 2197.907022][T16307] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2197.907032][T16307] ? percpu_ref_tryget_live+0x111/0x290 [ 2197.907049][T16307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2197.907065][T16307] ? __kasan_check_read+0x11/0x20 [ 2197.907084][T16307] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2197.907101][T16307] mem_cgroup_try_charge+0x136/0x590 [ 2197.907119][T16307] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2197.907134][T16307] __handle_mm_fault+0x1f0d/0x4040 [ 2197.907152][T16307] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2197.907172][T16307] ? handle_mm_fault+0x292/0xaa0 [ 2197.970836][T16307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2197.981557][T16307] ? __kasan_check_read+0x11/0x20 [ 2198.003267][T16307] handle_mm_fault+0x3b7/0xaa0 [ 2198.008073][T16307] __do_page_fault+0x536/0xdd0 [ 2198.012868][T16307] do_page_fault+0x38/0x590 [ 2198.017381][T16307] page_fault+0x39/0x40 [ 2198.021558][T16307] RIP: 0033:0x4579c1 [ 2198.025454][T16307] Code: 48 81 ec 98 00 00 00 0f 05 48 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 00 48 89 e2 89 de bf 01 00 00 00 ba 13 00 00 85 c0 0f 88 98 00 00 00 8b 44 24 18 25 00 f0 00 00 [ 2198.034293][ C1] net_ratelimit: 52 callbacks suppressed [ 2198.034302][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2198.045070][T16307] RSP: 002b:00007ffc10266ff0 EFLAGS: 00010206 [ 2198.045083][T16307] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 00000000004579a0 [ 2198.045090][T16307] RDX: 00007ffc10266ff0 RSI: 0000000000000003 RDI: 0000000000000001 [ 2198.045097][T16307] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000014f2940 [ 2198.045104][T16307] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffc102681d0 [ 2198.045118][T16307] R13: 00007ffc102681c0 R14: 0000000000000000 R15: 00007ffc102681d0 [ 2198.050787][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2198.057351][ C0] protocol 88fb is buggy, dev hsr_slave_0 13:03:06 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xc00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:06 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1101}, 0x20008844) [ 2198.062643][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2198.070615][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2198.078588][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2198.086639][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2198.094593][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2198.102683][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2198.108446][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2198.234415][T16307] memory: usage 1008kB, limit 0kB, failcnt 419 [ 2198.240673][T16307] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2198.269732][T16307] Memory cgroup stats for /syz4: [ 2198.269836][T16307] anon 8192 [ 2198.269836][T16307] file 0 [ 2198.269836][T16307] kernel_stack 65536 [ 2198.269836][T16307] slab 802816 [ 2198.269836][T16307] sock 0 [ 2198.269836][T16307] shmem 0 [ 2198.269836][T16307] file_mapped 0 [ 2198.269836][T16307] file_dirty 0 [ 2198.269836][T16307] file_writeback 0 [ 2198.269836][T16307] anon_thp 0 [ 2198.269836][T16307] inactive_anon 0 [ 2198.269836][T16307] active_anon 8192 [ 2198.269836][T16307] inactive_file 135168 [ 2198.269836][T16307] active_file 0 [ 2198.269836][T16307] unevictable 0 [ 2198.269836][T16307] slab_reclaimable 270336 [ 2198.269836][T16307] slab_unreclaimable 532480 13:03:06 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xfef4}, 0x20008844) [ 2198.269836][T16307] pgfault 211860 [ 2198.269836][T16307] pgmajfault 0 [ 2198.269836][T16307] workingset_refault 0 [ 2198.269836][T16307] workingset_activate 0 [ 2198.269836][T16307] workingset_nodereclaim 0 [ 2198.269836][T16307] pgrefill 148 [ 2198.269836][T16307] pgscan 138 [ 2198.269836][T16307] pgsteal 101 [ 2198.269836][T16307] pgactivate 33 13:03:06 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xfffffffc, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2198.428473][T16339] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:06 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x2465a}, 0x20008844) [ 2198.498543][T16307] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16307,uid=0 [ 2198.520269][T16307] Memory cgroup out of memory: Killed process 16307 (syz-executor.4) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2198.538596][T16336] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:06 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0xe00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2198.617534][ T1065] oom_reaper: reaped process 16307 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 2198.707214][T16351] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2198.776559][T16333] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:03:07 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:07 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x34000}, 0x20008844) [ 2199.831112][T16364] IPVS: ftp: loaded support on port[0] = 21 [ 2200.157021][T16364] chnl_net:caif_netlink_parms(): no params data found [ 2200.249858][T16364] bridge0: port 1(bridge_slave_0) entered blocking state [ 2200.259524][T16364] bridge0: port 1(bridge_slave_0) entered disabled state [ 2200.268993][T16364] device bridge_slave_0 entered promiscuous mode [ 2200.279298][T16364] bridge0: port 2(bridge_slave_1) entered blocking state [ 2200.287533][T16364] bridge0: port 2(bridge_slave_1) entered disabled state [ 2200.297004][T16364] device bridge_slave_1 entered promiscuous mode [ 2200.384785][T16364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2200.463668][T16364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2200.492444][T16364] team0: Port device team_slave_0 added [ 2200.502454][T16364] team0: Port device team_slave_1 added [ 2200.618436][T16364] device hsr_slave_0 entered promiscuous mode [ 2200.695503][T16364] device hsr_slave_1 entered promiscuous mode [ 2200.774309][T16364] debugfs: Directory 'hsr0' with parent '/' already present! [ 2200.988527][T16364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2201.071086][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2201.085844][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2201.095178][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2201.111542][T16364] 8021q: adding VLAN 0 to HW filter on device team0 [ 2201.138439][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2201.151746][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2201.161908][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 2201.169057][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2201.290996][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2201.301483][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2201.311606][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2201.331501][T15989] bridge0: port 2(bridge_slave_1) entered blocking state [ 2201.338658][T15989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2201.430762][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2201.468583][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2201.538080][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2201.550703][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2201.571337][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2201.580770][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2201.591272][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2201.674173][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2201.683563][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2201.701333][T16364] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2201.714050][T16364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2201.724843][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2201.735177][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2201.775479][T16364] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2202.080689][T16372] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2202.094541][T16372] CPU: 0 PID: 16372 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2202.102118][T16372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2202.112187][T16372] Call Trace: [ 2202.115491][T16372] dump_stack+0x172/0x1f0 [ 2202.119834][T16372] dump_header+0x10b/0x82d [ 2202.124257][T16372] oom_kill_process.cold+0x10/0x15 [ 2202.129378][T16372] out_of_memory+0x334/0x1340 [ 2202.134066][T16372] ? __sched_text_start+0x8/0x8 [ 2202.138939][T16372] ? oom_killer_disable+0x280/0x280 [ 2202.144152][T16372] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2202.149708][T16372] ? memcg_stat_show+0xc40/0xc40 [ 2202.154659][T16372] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2202.160487][T16372] ? cgroup_file_notify+0x140/0x1b0 [ 2202.165710][T16372] memory_max_write+0x262/0x3a0 [ 2202.170582][T16372] ? mem_cgroup_write+0x370/0x370 [ 2202.175615][T16372] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2202.181085][T16372] cgroup_file_write+0x241/0x790 [ 2202.186031][T16372] ? mem_cgroup_write+0x370/0x370 [ 2202.191059][T16372] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2202.196702][T16372] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2202.202344][T16372] kernfs_fop_write+0x2b8/0x480 [ 2202.207198][T16372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2202.213446][T16372] __vfs_write+0x8a/0x110 [ 2202.217777][T16372] ? kernfs_fop_open+0xd80/0xd80 [ 2202.222747][T16372] vfs_write+0x268/0x5d0 [ 2202.227007][T16372] ksys_write+0x14f/0x290 [ 2202.231344][T16372] ? __ia32_sys_read+0xb0/0xb0 [ 2202.236112][T16372] ? do_syscall_64+0x26/0x760 [ 2202.240791][T16372] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2202.246866][T16372] ? do_syscall_64+0x26/0x760 [ 2202.251550][T16372] __x64_sys_write+0x73/0xb0 [ 2202.256145][T16372] do_syscall_64+0xfa/0x760 [ 2202.260654][T16372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2202.266804][T16372] RIP: 0033:0x459a29 [ 2202.270695][T16372] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2202.290395][T16372] RSP: 002b:00007f72e864ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2202.298826][T16372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2202.306799][T16372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2202.314772][T16372] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2202.322753][T16372] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f72e864b6d4 [ 2202.330730][T16372] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2202.395463][T16372] memory: usage 3424kB, limit 0kB, failcnt 1202 [ 2202.402051][T16372] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2202.414751][T16372] Memory cgroup stats for /syz2: [ 2202.416487][T16372] anon 2162688 [ 2202.416487][T16372] file 0 [ 2202.416487][T16372] kernel_stack 65536 [ 2202.416487][T16372] slab 1060864 [ 2202.416487][T16372] sock 0 [ 2202.416487][T16372] shmem 0 [ 2202.416487][T16372] file_mapped 0 [ 2202.416487][T16372] file_dirty 0 [ 2202.416487][T16372] file_writeback 0 [ 2202.416487][T16372] anon_thp 2097152 [ 2202.416487][T16372] inactive_anon 0 [ 2202.416487][T16372] active_anon 2162688 [ 2202.416487][T16372] inactive_file 0 [ 2202.416487][T16372] active_file 0 [ 2202.416487][T16372] unevictable 0 [ 2202.416487][T16372] slab_reclaimable 405504 [ 2202.416487][T16372] slab_unreclaimable 655360 [ 2202.416487][T16372] pgfault 192984 [ 2202.416487][T16372] pgmajfault 0 [ 2202.416487][T16372] workingset_refault 0 [ 2202.416487][T16372] workingset_activate 0 [ 2202.416487][T16372] workingset_nodereclaim 0 [ 2202.416487][T16372] pgrefill 70 [ 2202.416487][T16372] pgscan 68 [ 2202.416487][T16372] pgsteal 33 [ 2202.416487][T16372] pgactivate 33 [ 2202.520675][T16372] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16371,uid=0 [ 2202.548156][T16372] Memory cgroup out of memory: Killed process 16371 (syz-executor.2) total-vm:72576kB, anon-rss:2140kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2202.571135][ T1065] oom_reaper: reaped process 16371 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 13:03:10 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x26010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000, 0x0, @perf_bp={&(0x7f0000000200), 0x2}, 0x20000, 0x1, 0x0, 0x5, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:10 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x1100, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:10 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x40030000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:10 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x20000041}, 0x20008844) 13:03:10 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:10 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2202.852693][T16364] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2202.920681][T16364] CPU: 1 PID: 16364 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2202.928282][T16364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2202.938344][T16364] Call Trace: [ 2202.941631][T16364] dump_stack+0x172/0x1f0 [ 2202.945955][T16364] dump_header+0x10b/0x82d [ 2202.952219][T16364] ? oom_kill_process+0x94/0x3f0 [ 2202.957163][T16364] oom_kill_process.cold+0x10/0x15 [ 2202.962274][T16364] out_of_memory+0x334/0x1340 [ 2202.966936][T16364] ? lock_downgrade+0x920/0x920 [ 2202.971772][T16364] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2202.977561][T16364] ? oom_killer_disable+0x280/0x280 [ 2202.982757][T16364] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2202.988287][T16364] ? memcg_stat_show+0xc40/0xc40 [ 2202.993223][T16364] ? do_raw_spin_unlock+0x57/0x270 [ 2202.998321][T16364] ? _raw_spin_unlock+0x2d/0x50 [ 2203.003178][T16364] try_charge+0xf4b/0x1440 [ 2203.007583][T16364] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2203.013129][T16364] ? percpu_ref_tryget_live+0x111/0x290 [ 2203.018685][T16364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2203.024908][T16364] ? __kasan_check_read+0x11/0x20 [ 2203.029918][T16364] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2203.035447][T16364] mem_cgroup_try_charge+0x136/0x590 [ 2203.040727][T16364] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2203.046346][T16364] __handle_mm_fault+0x1f0d/0x4040 [ 2203.051444][T16364] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2203.056969][T16364] ? handle_mm_fault+0x292/0xaa0 [ 2203.061898][T16364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2203.068121][T16364] ? __kasan_check_read+0x11/0x20 [ 2203.073128][T16364] handle_mm_fault+0x3b7/0xaa0 [ 2203.077880][T16364] __do_page_fault+0x536/0xdd0 [ 2203.082631][T16364] do_page_fault+0x38/0x590 [ 2203.087121][T16364] page_fault+0x39/0x40 [ 2203.091291][T16364] RIP: 0033:0x4034f2 [ 2203.095180][T16364] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 59 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 79 44 05 00 48 [ 2203.114767][T16364] RSP: 002b:00007ffeee61cfe0 EFLAGS: 00010246 [ 2203.120818][T16364] RAX: 0000000000000000 RBX: 0000000000219998 RCX: 0000000000413630 [ 2203.128782][T16364] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffeee61e110 [ 2203.136737][T16364] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001fab940 [ 2203.144695][T16364] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeee61e110 [ 2203.152649][T16364] R13: 00007ffeee61e100 R14: 0000000000000000 R15: 00007ffeee61e110 13:03:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x7ffff000}, 0x20008844) [ 2203.190524][T16382] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2203.217685][T16381] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2203.235116][ C1] net_ratelimit: 44 callbacks suppressed [ 2203.235125][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2203.245210][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2203.246600][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2203.252298][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2203.258087][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2203.263730][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2203.269416][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2203.275132][ C0] protocol 88fb is buggy, dev hsr_slave_1 13:03:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xfffffdef}, 0x20008844) [ 2203.280886][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2203.286612][ C0] protocol 88fb is buggy, dev hsr_slave_0 13:03:11 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x1200, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffff1f}, 0x20008844) [ 2203.444148][T16364] memory: usage 1092kB, limit 0kB, failcnt 1210 [ 2203.450471][T16364] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2203.528516][T16364] Memory cgroup stats for /syz2: [ 2203.528627][T16364] anon 53248 [ 2203.528627][T16364] file 0 [ 2203.528627][T16364] kernel_stack 0 [ 2203.528627][T16364] slab 1060864 [ 2203.528627][T16364] sock 0 [ 2203.528627][T16364] shmem 0 [ 2203.528627][T16364] file_mapped 0 [ 2203.528627][T16364] file_dirty 0 [ 2203.528627][T16364] file_writeback 0 [ 2203.528627][T16364] anon_thp 0 [ 2203.528627][T16364] inactive_anon 0 [ 2203.528627][T16364] active_anon 53248 [ 2203.528627][T16364] inactive_file 0 [ 2203.528627][T16364] active_file 0 [ 2203.528627][T16364] unevictable 0 [ 2203.528627][T16364] slab_reclaimable 405504 [ 2203.528627][T16364] slab_unreclaimable 655360 [ 2203.528627][T16364] pgfault 192984 [ 2203.528627][T16364] pgmajfault 0 [ 2203.528627][T16364] workingset_refault 0 [ 2203.528627][T16364] workingset_activate 0 [ 2203.528627][T16364] workingset_nodereclaim 0 [ 2203.528627][T16364] pgrefill 70 [ 2203.528627][T16364] pgscan 68 [ 2203.528627][T16364] pgsteal 33 [ 2203.528627][T16364] pgactivate 33 [ 2203.633588][T16364] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16364,uid=0 [ 2203.650297][T16364] Memory cgroup out of memory: Killed process 16364 (syz-executor.2) total-vm:72444kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 13:03:11 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf0ffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:11 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffff80}, 0x20008844) [ 2203.676848][ T1065] oom_reaper: reaped process 16364 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2203.806854][T16395] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2204.195544][T16379] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:03:12 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000070000000e0208000000000000000000000000000400a3e11d5624b3000000005f00000000"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:12 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffff82}, 0x20008844) 13:03:12 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x100000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:12 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x1300, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2204.396207][T16408] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2204.761787][T16417] IPVS: ftp: loaded support on port[0] = 21 [ 2205.029585][T16417] chnl_net:caif_netlink_parms(): no params data found [ 2205.079646][T16417] bridge0: port 1(bridge_slave_0) entered blocking state [ 2205.087671][T16417] bridge0: port 1(bridge_slave_0) entered disabled state [ 2205.097775][T16417] device bridge_slave_0 entered promiscuous mode [ 2205.188025][T16417] bridge0: port 2(bridge_slave_1) entered blocking state [ 2205.196049][T16417] bridge0: port 2(bridge_slave_1) entered disabled state [ 2205.207200][T16417] device bridge_slave_1 entered promiscuous mode [ 2205.238672][T16417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2205.353847][T16417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2205.385550][T16417] team0: Port device team_slave_0 added [ 2205.395488][T16417] team0: Port device team_slave_1 added [ 2205.480708][T16417] device hsr_slave_0 entered promiscuous mode [ 2205.535498][T16417] device hsr_slave_1 entered promiscuous mode [ 2205.574323][T16417] debugfs: Directory 'hsr0' with parent '/' already present! [ 2205.868188][T16417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2205.890936][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2205.900633][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2205.969147][T16417] 8021q: adding VLAN 0 to HW filter on device team0 [ 2205.984818][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2205.995431][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2206.005545][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 2206.012664][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2206.126365][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2206.135945][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2206.146018][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2206.156333][T10934] bridge0: port 2(bridge_slave_1) entered blocking state [ 2206.163572][T10934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2206.239027][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2206.267178][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2206.277867][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2206.290640][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2206.303485][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2206.359131][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2206.376126][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2206.408920][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2206.418764][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2206.428709][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2206.447530][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2206.540568][T16417] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2206.581354][T16417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2206.979247][T16425] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2206.991958][T16425] CPU: 1 PID: 16425 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2206.999533][T16425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2207.009595][T16425] Call Trace: [ 2207.012894][T16425] dump_stack+0x172/0x1f0 [ 2207.017235][T16425] dump_header+0x10b/0x82d [ 2207.021653][T16425] oom_kill_process.cold+0x10/0x15 [ 2207.026757][T16425] out_of_memory+0x334/0x1340 [ 2207.031421][T16425] ? __sched_text_start+0x8/0x8 [ 2207.036251][T16425] ? oom_killer_disable+0x280/0x280 [ 2207.041479][T16425] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2207.047002][T16425] ? memcg_stat_show+0xc40/0xc40 [ 2207.051972][T16425] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2207.057758][T16425] ? cgroup_file_notify+0x140/0x1b0 [ 2207.062936][T16425] memory_max_write+0x262/0x3a0 [ 2207.067769][T16425] ? mem_cgroup_write+0x370/0x370 [ 2207.072929][T16425] ? lock_acquire+0x190/0x410 [ 2207.077598][T16425] ? kernfs_fop_write+0x227/0x480 [ 2207.082615][T16425] cgroup_file_write+0x241/0x790 [ 2207.087538][T16425] ? mem_cgroup_write+0x370/0x370 [ 2207.092542][T16425] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2207.098185][T16425] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2207.103796][T16425] kernfs_fop_write+0x2b8/0x480 [ 2207.108640][T16425] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.114870][T16425] __vfs_write+0x8a/0x110 [ 2207.119178][T16425] ? kernfs_fop_open+0xd80/0xd80 [ 2207.124098][T16425] vfs_write+0x268/0x5d0 [ 2207.128328][T16425] ksys_write+0x14f/0x290 [ 2207.132657][T16425] ? __ia32_sys_read+0xb0/0xb0 [ 2207.137419][T16425] ? do_syscall_64+0x26/0x760 [ 2207.142094][T16425] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2207.148157][T16425] ? do_syscall_64+0x26/0x760 [ 2207.152841][T16425] __x64_sys_write+0x73/0xb0 [ 2207.157462][T16425] do_syscall_64+0xfa/0x760 [ 2207.161986][T16425] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2207.167864][T16425] RIP: 0033:0x459a29 [ 2207.171742][T16425] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2207.191325][T16425] RSP: 002b:00007ff5c8d4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2207.199713][T16425] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2207.207663][T16425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 2207.215612][T16425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2207.223580][T16425] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff5c8d506d4 [ 2207.231638][T16425] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2207.270592][T16425] memory: usage 3400kB, limit 0kB, failcnt 420 [ 2207.281303][T16425] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2207.289392][T16425] Memory cgroup stats for /syz4: [ 2207.290973][T16425] anon 2158592 [ 2207.290973][T16425] file 0 [ 2207.290973][T16425] kernel_stack 65536 [ 2207.290973][T16425] slab 802816 [ 2207.290973][T16425] sock 0 [ 2207.290973][T16425] shmem 0 [ 2207.290973][T16425] file_mapped 0 [ 2207.290973][T16425] file_dirty 0 [ 2207.290973][T16425] file_writeback 0 [ 2207.290973][T16425] anon_thp 2097152 [ 2207.290973][T16425] inactive_anon 0 [ 2207.290973][T16425] active_anon 2158592 [ 2207.290973][T16425] inactive_file 135168 [ 2207.290973][T16425] active_file 0 [ 2207.290973][T16425] unevictable 0 [ 2207.290973][T16425] slab_reclaimable 270336 [ 2207.290973][T16425] slab_unreclaimable 532480 [ 2207.290973][T16425] pgfault 211959 [ 2207.290973][T16425] pgmajfault 0 [ 2207.290973][T16425] workingset_refault 0 [ 2207.290973][T16425] workingset_activate 0 [ 2207.290973][T16425] workingset_nodereclaim 0 [ 2207.290973][T16425] pgrefill 148 [ 2207.290973][T16425] pgscan 138 [ 2207.290973][T16425] pgsteal 101 [ 2207.290973][T16425] pgactivate 33 [ 2207.403691][T16425] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16424,uid=0 [ 2207.422743][T16425] Memory cgroup out of memory: Killed process 16424 (syz-executor.4) total-vm:72708kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2207.445540][ T1065] oom_reaper: reaped process 16424 (syz-executor.4), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:03:15 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:15 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffff89}, 0x20008844) 13:03:15 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0xd}, 0x8825, 0x0, 0x0, 0x5}, 0x0, 0xb, r0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e02abe0445f3a9274ed3b8208000080000000000000000000000400200000e45e21dc8176ade1a0f36bb8ad5a9a57a9bcae99324f28f1bd4e59ab6a4388527bd990a65676df99a7640da0dda15240d299a515652e467cc04f1019cca8fb074ca051617f8e28512a8c3db64c13388abcd22ad7cf7f00000000000000303e6ffd96505a2eb98545c0da7fda"], &(0x7f0000000280)=""/237, 0xffffffffffffffa2, 0xed, 0x1}, 0x20) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e0000001c008104e00f80ecdb4cb91a02c804a001000000810040fb12030100040eda1b40d819a906000500000f", 0x223}], 0x1, 0x0, 0x0, 0x10}, 0x0) setsockopt$sock_attach_bpf(r7, 0x107, 0xe, &(0x7f0000000000), 0xfffffffffffffe01) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_sys\x00', 0x0, 0x0) r9 = openat$cgroup_int(r8, &(0x7f0000000040)='mex', 0x2, 0x0) r10 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r4, &(0x7f0000000540)=r10, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r1, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x89f) write$cgroup_int(r9, 0x0, 0x0) 13:03:15 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x4010000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:03:15 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x200000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:15 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x1400, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2207.967068][T16417] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2208.005888][T16433] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2208.020835][T16431] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2208.054689][T16417] CPU: 1 PID: 16417 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2208.062293][T16417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2208.072360][T16417] Call Trace: [ 2208.075655][T16417] dump_stack+0x172/0x1f0 [ 2208.079986][T16417] dump_header+0x10b/0x82d [ 2208.084395][T16417] ? oom_kill_process+0x94/0x3f0 [ 2208.089352][T16417] oom_kill_process.cold+0x10/0x15 [ 2208.094465][T16417] out_of_memory+0x334/0x1340 [ 2208.099129][T16417] ? lock_downgrade+0x920/0x920 [ 2208.103972][T16417] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2208.109768][T16417] ? oom_killer_disable+0x280/0x280 [ 2208.115482][T16417] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2208.121015][T16417] ? memcg_stat_show+0xc40/0xc40 [ 2208.125948][T16417] ? do_raw_spin_unlock+0x57/0x270 [ 2208.131053][T16417] ? _raw_spin_unlock+0x2d/0x50 [ 2208.135895][T16417] try_charge+0xf4b/0x1440 [ 2208.140395][T16417] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2208.145946][T16417] ? percpu_ref_tryget_live+0x111/0x290 [ 2208.151503][T16417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.157753][T16417] ? __kasan_check_read+0x11/0x20 [ 2208.162795][T16417] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2208.168354][T16417] mem_cgroup_try_charge+0x136/0x590 [ 2208.173674][T16417] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2208.179295][T16417] wp_page_copy+0x407/0x1860 [ 2208.183886][T16417] ? find_held_lock+0x35/0x130 [ 2208.188644][T16417] ? do_wp_page+0x53b/0x15c0 [ 2208.193232][T16417] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2208.199034][T16417] ? lock_downgrade+0x920/0x920 [ 2208.203880][T16417] ? swp_swapcount+0x540/0x540 [ 2208.208667][T16417] ? __kasan_check_read+0x11/0x20 [ 2208.213687][T16417] ? do_raw_spin_unlock+0x57/0x270 [ 2208.218803][T16417] do_wp_page+0x543/0x15c0 [ 2208.223213][T16417] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2208.228585][T16417] __handle_mm_fault+0x23ec/0x4040 [ 2208.233688][T16417] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2208.239253][T16417] ? handle_mm_fault+0x292/0xaa0 [ 2208.244215][T16417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.250449][T16417] ? __kasan_check_read+0x11/0x20 [ 2208.255468][T16417] handle_mm_fault+0x3b7/0xaa0 [ 2208.260236][T16417] __do_page_fault+0x536/0xdd0 [ 2208.264998][T16417] do_page_fault+0x38/0x590 [ 2208.269522][T16417] page_fault+0x39/0x40 [ 2208.273664][T16417] RIP: 0033:0x430b06 [ 2208.277554][T16417] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2208.297154][T16417] RSP: 002b:00007fffe635d110 EFLAGS: 00010206 [ 2208.303204][T16417] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2208.311165][T16417] RDX: 00000000020c7930 RSI: 00000000020cf970 RDI: 0000000000000003 [ 2208.319122][T16417] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000020c6940 [ 2208.327086][T16417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2208.335043][T16417] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2208.343306][ C1] net_ratelimit: 22 callbacks suppressed [ 2208.343315][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.354847][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2208.360741][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.366607][ C1] protocol 88fb is buggy, dev hsr_slave_1 13:03:16 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffffc0}, 0x20008844) [ 2208.435538][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.441366][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2208.447287][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.453077][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2208.504208][T16417] memory: usage 1032kB, limit 0kB, failcnt 428 [ 2208.514194][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.514508][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2208.528383][T16417] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2208.558299][T16417] Memory cgroup stats for /syz4: [ 2208.558407][T16417] anon 49152 [ 2208.558407][T16417] file 0 [ 2208.558407][T16417] kernel_stack 0 [ 2208.558407][T16417] slab 802816 [ 2208.558407][T16417] sock 0 [ 2208.558407][T16417] shmem 0 [ 2208.558407][T16417] file_mapped 0 [ 2208.558407][T16417] file_dirty 0 [ 2208.558407][T16417] file_writeback 0 [ 2208.558407][T16417] anon_thp 0 [ 2208.558407][T16417] inactive_anon 0 [ 2208.558407][T16417] active_anon 49152 [ 2208.558407][T16417] inactive_file 135168 [ 2208.558407][T16417] active_file 0 13:03:16 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffffc2}, 0x20008844) [ 2208.558407][T16417] unevictable 0 [ 2208.558407][T16417] slab_reclaimable 270336 [ 2208.558407][T16417] slab_unreclaimable 532480 [ 2208.558407][T16417] pgfault 211959 [ 2208.558407][T16417] pgmajfault 0 [ 2208.558407][T16417] workingset_refault 0 [ 2208.558407][T16417] workingset_activate 0 [ 2208.558407][T16417] workingset_nodereclaim 0 [ 2208.558407][T16417] pgrefill 148 [ 2208.558407][T16417] pgscan 138 [ 2208.558407][T16417] pgsteal 101 [ 2208.558407][T16417] pgactivate 33 [ 2208.765671][T16417] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16417,uid=0 [ 2208.791191][T16417] Memory cgroup out of memory: Killed process 16417 (syz-executor.4) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 13:03:16 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0xffffffe0}, 0x20008844) 13:03:16 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x3f00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2208.820160][ T1065] oom_reaper: reaped process 16417 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:03:16 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x300000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x2}, 0x20008844) [ 2209.028349][T16433] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2209.379811][T16450] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:17 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:03:17 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x3}, 0x20008844) [ 2209.911885][T16465] IPVS: ftp: loaded support on port[0] = 21 [ 2210.138619][T16465] chnl_net:caif_netlink_parms(): no params data found [ 2210.236955][T16465] bridge0: port 1(bridge_slave_0) entered blocking state [ 2210.245128][T16465] bridge0: port 1(bridge_slave_0) entered disabled state [ 2210.255056][T16465] device bridge_slave_0 entered promiscuous mode [ 2210.370343][T16465] bridge0: port 2(bridge_slave_1) entered blocking state [ 2210.379509][T16465] bridge0: port 2(bridge_slave_1) entered disabled state [ 2210.389357][T16465] device bridge_slave_1 entered promiscuous mode [ 2210.421686][T16465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2210.485227][T16465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2210.518918][T16465] team0: Port device team_slave_0 added [ 2210.529914][T16465] team0: Port device team_slave_1 added [ 2210.648530][T16465] device hsr_slave_0 entered promiscuous mode [ 2210.705463][T16465] device hsr_slave_1 entered promiscuous mode [ 2210.744248][T16465] debugfs: Directory 'hsr0' with parent '/' already present! [ 2211.025054][T16465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2211.049058][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2211.065431][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2211.074914][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2211.188229][T16465] 8021q: adding VLAN 0 to HW filter on device team0 [ 2211.204772][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2211.215343][ T1144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2211.226003][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 2211.233089][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2211.307818][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2211.321835][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2211.332479][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2211.342710][T15989] bridge0: port 2(bridge_slave_1) entered blocking state [ 2211.349852][T15989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2211.368097][ T9232] device bridge_slave_1 left promiscuous mode [ 2211.375972][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2211.436218][ T9232] device bridge_slave_0 left promiscuous mode [ 2211.442704][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2211.518189][ T9232] device bridge_slave_1 left promiscuous mode [ 2211.525399][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2211.621658][ T9232] device bridge_slave_0 left promiscuous mode [ 2211.628864][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2214.735352][ T9232] device hsr_slave_0 left promiscuous mode [ 2214.824448][ T9232] device hsr_slave_1 left promiscuous mode [ 2214.908977][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2214.928835][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2214.948965][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2215.008531][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2215.152640][ T9232] bond0 (unregistering): Released all slaves [ 2215.435201][ T9232] device hsr_slave_0 left promiscuous mode [ 2215.544481][ T9232] device hsr_slave_1 left promiscuous mode [ 2215.638873][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2215.658466][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2215.678440][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2215.776567][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2215.983888][ T9232] bond0 (unregistering): Released all slaves [ 2216.136082][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2216.146716][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2216.178924][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2216.189025][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2216.200203][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2216.210182][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2216.220513][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2216.259126][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2216.268694][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2216.280501][T16465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2216.437776][T16465] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2216.673520][T16473] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2216.735175][T16474] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.2'. 13:03:24 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="0000001c0800000000000003000000010000000000000e020800000000000000000000000000499db31774a70d7400ed00000000000000a7acc76688553b6a04980ea5add6d76666a17bbaffa802f346c1da797cd99b31cc749edd9f93699183f5a665468d88bd6bf7b7bddb5d933e53d76b143ddc77f40a38ab94806ac80030d51424b6dcabca6eb6e8e5a1de875aae5b013dba4a534a4858c9f116ecfa716f2e5cfe59"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:03:24 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x400000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:24 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x4000, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:24 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x4}, 0x20008844) 13:03:24 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:03:24 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x4020000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) [ 2216.848512][T16480] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:24 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x5}, 0x20008844) [ 2216.928146][T16482] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:03:24 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x4800, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:25 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x6}, 0x20008844) 13:03:25 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xa00000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) [ 2217.244852][ C0] net_ratelimit: 40 callbacks suppressed [ 2217.244893][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2217.257287][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2217.265138][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2217.271717][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2217.307847][T16494] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2217.315082][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2217.323974][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2217.367181][T16494] CPU: 0 PID: 16494 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2217.376001][T16494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2217.387120][T16494] Call Trace: [ 2217.390428][T16494] dump_stack+0x172/0x1f0 [ 2217.394874][T16494] dump_header+0x10b/0x82d [ 2217.399313][T16494] oom_kill_process.cold+0x10/0x15 [ 2217.404431][T16494] out_of_memory+0x334/0x1340 [ 2217.409123][T16494] ? __sched_text_start+0x8/0x8 13:03:25 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x7}, 0x20008844) [ 2217.413985][T16494] ? oom_killer_disable+0x280/0x280 [ 2217.419200][T16494] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2217.424752][T16494] ? memcg_stat_show+0xc40/0xc40 [ 2217.424780][T16494] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2217.424799][T16494] ? cgroup_file_notify+0x140/0x1b0 [ 2217.424815][T16494] memory_max_write+0x262/0x3a0 [ 2217.424836][T16494] ? mem_cgroup_write+0x370/0x370 [ 2217.435580][T16494] ? cgroup_file_write+0x86/0x790 [ 2217.435601][T16494] cgroup_file_write+0x241/0x790 [ 2217.435619][T16494] ? mem_cgroup_write+0x370/0x370 [ 2217.435634][T16494] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2217.435655][T16494] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2217.435670][T16494] kernfs_fop_write+0x2b8/0x480 [ 2217.435686][T16494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.435713][T16494] __vfs_write+0x8a/0x110 [ 2217.450827][T16494] ? kernfs_fop_open+0xd80/0xd80 [ 2217.471402][T16494] vfs_write+0x268/0x5d0 [ 2217.471423][T16494] ksys_write+0x14f/0x290 [ 2217.471440][T16494] ? __ia32_sys_read+0xb0/0xb0 [ 2217.471457][T16494] ? do_syscall_64+0x26/0x760 [ 2217.471480][T16494] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2217.481935][T16494] ? do_syscall_64+0x26/0x760 [ 2217.481957][T16494] __x64_sys_write+0x73/0xb0 [ 2217.481975][T16494] do_syscall_64+0xfa/0x760 [ 2217.481997][T16494] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2217.482012][T16494] RIP: 0033:0x459a29 [ 2217.545149][T16494] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2217.545158][T16494] RSP: 002b:00007f0ce0c5bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2217.545173][T16494] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2217.545181][T16494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2217.545190][T16494] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2217.545198][T16494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ce0c5c6d4 [ 2217.545205][T16494] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2217.576133][T16494] memory: usage 3532kB, limit 0kB, failcnt 1211 [ 2217.634214][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2217.640059][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2217.645939][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2217.651721][ C1] protocol 88fb is buggy, dev hsr_slave_1 13:03:25 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x8}, 0x20008844) [ 2217.666062][T16494] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2217.703062][T16497] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2217.722185][T16494] Memory cgroup stats for /syz2: [ 2217.725705][T16494] anon 2256896 [ 2217.725705][T16494] file 0 [ 2217.725705][T16494] kernel_stack 65536 [ 2217.725705][T16494] slab 1060864 [ 2217.725705][T16494] sock 0 [ 2217.725705][T16494] shmem 0 [ 2217.725705][T16494] file_mapped 0 [ 2217.725705][T16494] file_dirty 0 [ 2217.725705][T16494] file_writeback 0 [ 2217.725705][T16494] anon_thp 2097152 [ 2217.725705][T16494] inactive_anon 0 [ 2217.725705][T16494] active_anon 2183168 [ 2217.725705][T16494] inactive_file 0 [ 2217.725705][T16494] active_file 0 [ 2217.725705][T16494] unevictable 0 [ 2217.725705][T16494] slab_reclaimable 405504 [ 2217.725705][T16494] slab_unreclaimable 655360 [ 2217.725705][T16494] pgfault 193083 [ 2217.725705][T16494] pgmajfault 0 [ 2217.725705][T16494] workingset_refault 0 [ 2217.725705][T16494] workingset_activate 0 [ 2217.725705][T16494] workingset_nodereclaim 0 [ 2217.725705][T16494] pgrefill 70 [ 2217.725705][T16494] pgscan 68 [ 2217.725705][T16494] pgsteal 33 [ 2217.725705][T16494] pgactivate 33 [ 2218.085491][T16494] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16488,uid=0 [ 2218.160960][T16494] Memory cgroup out of memory: Killed process 16488 (syz-executor.2) total-vm:72836kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2218.218588][ T1065] oom_reaper: reaped process 16488 (syz-executor.2), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 13:03:26 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x40000000000, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000400), 0x2}, 0x800, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYRES64], &(0x7f0000000280)=""/237, 0x8, 0xed, 0x1}, 0x20) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x6, 0x0) r6 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r7 = gettid() write$cgroup_pid(r6, &(0x7f0000000500)=r7, 0x12) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r8, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r8, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYRES64=r3], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0x20) r9 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r10 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r6, &(0x7f0000000540)=r10, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r5, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r9, 0x0, 0x0) 13:03:26 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xe00000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:26 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x9}, 0x20008844) 13:03:26 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x4c00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2218.339273][T16465] syz-executor.2 invoked oom-killer: gfp_mask=0x40c50(GFP_NOFS|__GFP_COMP|__GFP_RECLAIMABLE), order=0, oom_score_adj=0 [ 2218.365375][T16519] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2218.384169][T16465] CPU: 0 PID: 16465 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2218.391764][T16465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2218.401830][T16465] Call Trace: [ 2218.405142][T16465] dump_stack+0x172/0x1f0 [ 2218.409496][T16465] dump_header+0x10b/0x82d [ 2218.413922][T16465] ? oom_kill_process+0x94/0x3f0 [ 2218.418875][T16465] oom_kill_process.cold+0x10/0x15 [ 2218.424006][T16465] out_of_memory+0x334/0x1340 [ 2218.428702][T16465] ? lock_downgrade+0x920/0x920 [ 2218.433583][T16465] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2218.439399][T16465] ? oom_killer_disable+0x280/0x280 [ 2218.444619][T16465] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2218.444633][T16465] ? memcg_stat_show+0xc40/0xc40 [ 2218.444650][T16465] ? do_raw_spin_unlock+0x57/0x270 [ 2218.444667][T16465] ? _raw_spin_unlock+0x2d/0x50 [ 2218.444682][T16465] try_charge+0xf4b/0x1440 [ 2218.444704][T16465] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2218.475098][T16465] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2218.480678][T16465] ? cache_grow_begin+0x122/0xd20 [ 2218.485718][T16465] ? find_held_lock+0x35/0x130 [ 2218.490499][T16465] ? cache_grow_begin+0x122/0xd20 [ 2218.495570][T16465] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2218.501123][T16465] ? lock_downgrade+0x920/0x920 [ 2218.506004][T16465] ? memcg_kmem_put_cache+0x50/0x50 [ 2218.511211][T16465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.517462][T16465] ? __kasan_check_read+0x11/0x20 [ 2218.522508][T16465] cache_grow_begin+0x629/0xd20 [ 2218.527372][T16465] ? __sanitizer_cov_trace_cmp4+0x1/0x20 [ 2218.533013][T16465] ? mempolicy_slab_node+0x139/0x390 [ 2218.538308][T16465] fallback_alloc+0x1fd/0x2d0 [ 2218.542997][T16465] ____cache_alloc_node+0x1bc/0x1d0 [ 2218.548217][T16465] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2218.554467][T16465] kmem_cache_alloc+0x1ef/0x710 [ 2218.559329][T16465] ? ratelimit_state_init+0xb0/0xb0 [ 2218.564534][T16465] ext4_alloc_inode+0x1f/0x640 [ 2218.569296][T16465] ? ratelimit_state_init+0xb0/0xb0 [ 2218.574494][T16465] alloc_inode+0x68/0x1e0 [ 2218.578823][T16465] new_inode_pseudo+0x19/0xf0 [ 2218.583506][T16465] new_inode+0x1f/0x40 [ 2218.587573][T16465] __ext4_new_inode+0x3d5/0x4ee0 [ 2218.592522][T16465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.598770][T16465] ? __dquot_initialize+0x525/0xd80 [ 2218.603973][T16465] ? ext4_free_inode+0x1490/0x1490 [ 2218.609094][T16465] ? dqget+0x10d0/0x10d0 [ 2218.613352][T16465] ? putname+0xef/0x130 [ 2218.617511][T16465] ext4_mkdir+0x3df/0xe20 [ 2218.621849][T16465] ? ext4_init_dot_dotdot+0x520/0x520 [ 2218.627225][T16465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.633469][T16465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.639709][T16465] ? security_inode_permission+0xcb/0x100 [ 2218.645433][T16465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.651676][T16465] ? security_inode_mkdir+0xe4/0x120 [ 2218.656962][T16465] vfs_mkdir+0x42e/0x670 [ 2218.661209][T16465] do_mkdirat+0x234/0x2a0 [ 2218.665538][T16465] ? __ia32_sys_mknod+0xb0/0xb0 [ 2218.670384][T16465] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2218.675851][T16465] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2218.681935][T16465] ? do_syscall_64+0x26/0x760 [ 2218.686613][T16465] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2218.691901][T16465] __x64_sys_mkdir+0x5c/0x80 [ 2218.696491][T16465] do_syscall_64+0xfa/0x760 [ 2218.700998][T16465] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2218.706882][T16465] RIP: 0033:0x458e47 [ 2218.710777][T16465] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2218.730402][T16465] RSP: 002b:00007fff47c795f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 2218.738821][T16465] RAX: ffffffffffffffda RBX: 000000000021d748 RCX: 0000000000458e47 [ 2218.746796][T16465] RDX: 00007fff47c79643 RSI: 00000000000001ff RDI: 00007fff47c79640 [ 2218.754768][T16465] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000003 [ 2218.762750][T16465] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000020 [ 2218.770721][T16465] R13: 00007fff47c79630 R14: 000000000021d3dd R15: 00007fff47c79640 [ 2218.801998][T16465] memory: usage 1148kB, limit 0kB, failcnt 1232 [ 2218.808697][T16465] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2218.815746][T16465] Memory cgroup stats for /syz2: [ 2218.815842][T16465] anon 155648 [ 2218.815842][T16465] file 0 [ 2218.815842][T16465] kernel_stack 0 [ 2218.815842][T16465] slab 1060864 [ 2218.815842][T16465] sock 0 [ 2218.815842][T16465] shmem 0 [ 2218.815842][T16465] file_mapped 0 [ 2218.815842][T16465] file_dirty 0 [ 2218.815842][T16465] file_writeback 0 [ 2218.815842][T16465] anon_thp 0 [ 2218.815842][T16465] inactive_anon 0 [ 2218.815842][T16465] active_anon 81920 [ 2218.815842][T16465] inactive_file 0 [ 2218.815842][T16465] active_file 0 [ 2218.815842][T16465] unevictable 0 [ 2218.815842][T16465] slab_reclaimable 405504 [ 2218.815842][T16465] slab_unreclaimable 655360 [ 2218.815842][T16465] pgfault 193116 [ 2218.815842][T16465] pgmajfault 0 [ 2218.815842][T16465] workingset_refault 0 [ 2218.815842][T16465] workingset_activate 0 [ 2218.815842][T16465] workingset_nodereclaim 0 [ 2218.815842][T16465] pgrefill 70 [ 2218.815842][T16465] pgscan 68 [ 2218.815842][T16465] pgsteal 33 [ 2218.815842][T16465] pgactivate 33 [ 2218.914936][T16465] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16465,uid=0 [ 2218.964562][T16465] Memory cgroup out of memory: Killed process 16465 (syz-executor.2) total-vm:72440kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2219.015388][ T1065] oom_reaper: reaped process 16465 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2219.375744][T16527] IPVS: ftp: loaded support on port[0] = 21 [ 2219.564671][T16527] chnl_net:caif_netlink_parms(): no params data found [ 2219.610811][T16527] bridge0: port 1(bridge_slave_0) entered blocking state [ 2219.618112][T16527] bridge0: port 1(bridge_slave_0) entered disabled state [ 2219.628315][T16527] device bridge_slave_0 entered promiscuous mode [ 2219.637675][T16527] bridge0: port 2(bridge_slave_1) entered blocking state [ 2219.654265][T16527] bridge0: port 2(bridge_slave_1) entered disabled state [ 2219.663310][T16527] device bridge_slave_1 entered promiscuous mode [ 2219.705531][T16527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2219.728508][T16527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2219.773955][T16527] team0: Port device team_slave_0 added [ 2219.806446][T16527] team0: Port device team_slave_1 added [ 2219.908493][T16527] device hsr_slave_0 entered promiscuous mode [ 2219.975716][T16527] device hsr_slave_1 entered promiscuous mode [ 2220.064348][T16527] debugfs: Directory 'hsr0' with parent '/' already present! [ 2220.180434][T16527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2220.214031][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2220.226284][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2220.250672][T16527] 8021q: adding VLAN 0 to HW filter on device team0 [ 2220.282298][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2220.293858][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2220.315434][T15989] bridge0: port 1(bridge_slave_0) entered blocking state [ 2220.322536][T15989] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2220.355525][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2220.365198][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2220.375298][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2220.385714][ T1923] bridge0: port 2(bridge_slave_1) entered blocking state [ 2220.392800][ T1923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2220.412229][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2220.422829][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2220.446274][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2220.457103][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2220.467203][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2220.479967][ T1923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2220.501443][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2220.510863][T13302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2220.528774][T16527] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2220.542651][T16527] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2220.554688][T15989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2220.672876][T16527] 8021q: adding VLAN 0 to HW filter on device batadv0 13:03:29 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r5 = gettid() write$cgroup_pid(r4, &(0x7f0000000500)=r5, 0x12) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r6, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r6, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r7 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r8 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r8, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r7, 0x0, 0x0) 13:03:29 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x5000000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:03:29 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x5865, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:29 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0xa}, 0x20008844) 13:03:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf00000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:29 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00040000000000000000"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2221.311522][T16558] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:29 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0xe}, 0x20008844) [ 2221.390129][T16555] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 13:03:29 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6000, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:03:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x4000000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:29 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0xf}, 0x20008844) 13:03:29 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x10}, 0x20008844) [ 2221.814000][T16572] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. 13:03:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x6000000000000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:29 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) [ 2222.069739][T16585] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2222.144508][T16584] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2222.180572][T16584] CPU: 0 PID: 16584 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2222.188253][T16584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2222.198315][T16584] Call Trace: [ 2222.201616][T16584] dump_stack+0x172/0x1f0 [ 2222.205936][T16584] dump_header+0x10b/0x82d [ 2222.210358][T16584] oom_kill_process.cold+0x10/0x15 [ 2222.215456][T16584] out_of_memory+0x334/0x1340 [ 2222.220120][T16584] ? __sched_text_start+0x8/0x8 [ 2222.224954][T16584] ? oom_killer_disable+0x280/0x280 [ 2222.230150][T16584] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2222.235687][T16584] ? memcg_stat_show+0xc40/0xc40 [ 2222.240611][T16584] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2222.246401][T16584] ? cgroup_file_notify+0x140/0x1b0 [ 2222.251584][T16584] memory_max_write+0x262/0x3a0 [ 2222.256442][T16584] ? mem_cgroup_write+0x370/0x370 [ 2222.261467][T16584] ? lock_acquire+0x190/0x410 [ 2222.266144][T16584] ? kernfs_fop_write+0x227/0x480 [ 2222.271159][T16584] cgroup_file_write+0x241/0x790 [ 2222.276083][T16584] ? mem_cgroup_write+0x370/0x370 [ 2222.281089][T16584] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2222.286808][T16584] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2222.292439][T16584] kernfs_fop_write+0x2b8/0x480 [ 2222.297277][T16584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2222.303516][T16584] __vfs_write+0x8a/0x110 [ 2222.307829][T16584] ? kernfs_fop_open+0xd80/0xd80 [ 2222.312753][T16584] vfs_write+0x268/0x5d0 [ 2222.316986][T16584] ksys_write+0x14f/0x290 [ 2222.321300][T16584] ? __ia32_sys_read+0xb0/0xb0 [ 2222.326065][T16584] ? do_syscall_64+0x26/0x760 [ 2222.330728][T16584] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2222.336778][T16584] ? do_syscall_64+0x26/0x760 [ 2222.341439][T16584] __x64_sys_write+0x73/0xb0 [ 2222.346015][T16584] do_syscall_64+0xfa/0x760 [ 2222.350506][T16584] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2222.356384][T16584] RIP: 0033:0x459a29 [ 2222.360265][T16584] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2222.379950][T16584] RSP: 002b:00007f7744e92c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2222.389037][T16584] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2222.396993][T16584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 2222.404947][T16584] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2222.412930][T16584] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7744e936d4 [ 2222.420883][T16584] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2222.429925][ C0] net_ratelimit: 77 callbacks suppressed [ 2222.429933][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2222.435681][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2222.436592][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2222.436646][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2222.436750][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2222.436799][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2222.436942][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2222.436990][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2222.437097][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2222.437144][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2222.573485][T16584] memory: usage 3516kB, limit 0kB, failcnt 429 [ 2222.582193][T16584] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2222.599616][T16584] Memory cgroup stats for /syz4: [ 2222.599725][T16584] anon 2179072 [ 2222.599725][T16584] file 0 [ 2222.599725][T16584] kernel_stack 65536 [ 2222.599725][T16584] slab 937984 [ 2222.599725][T16584] sock 0 [ 2222.599725][T16584] shmem 0 [ 2222.599725][T16584] file_mapped 0 [ 2222.599725][T16584] file_dirty 0 [ 2222.599725][T16584] file_writeback 0 [ 2222.599725][T16584] anon_thp 2097152 [ 2222.599725][T16584] inactive_anon 0 [ 2222.599725][T16584] active_anon 2179072 [ 2222.599725][T16584] inactive_file 135168 [ 2222.599725][T16584] active_file 0 [ 2222.599725][T16584] unevictable 0 [ 2222.599725][T16584] slab_reclaimable 270336 [ 2222.599725][T16584] slab_unreclaimable 667648 [ 2222.599725][T16584] pgfault 212157 [ 2222.599725][T16584] pgmajfault 0 [ 2222.599725][T16584] workingset_refault 0 [ 2222.599725][T16584] workingset_activate 0 [ 2222.599725][T16584] workingset_nodereclaim 0 [ 2222.599725][T16584] pgrefill 148 [ 2222.599725][T16584] pgscan 138 [ 2222.599725][T16584] pgsteal 101 [ 2222.599725][T16584] pgactivate 33 [ 2222.695380][T16584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16583,uid=0 13:03:30 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x5010000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:03:30 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x11}, 0x20008844) 13:03:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x9effffff00000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:03:30 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6558, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2222.711454][T16584] Memory cgroup out of memory: Killed process 16583 (syz-executor.4) total-vm:72572kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2222.730572][ T1065] oom_reaper: reaped process 16583 (syz-executor.4), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 2222.795741][T16594] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2222.869102][T16600] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2222.909990][T16527] syz-executor.4 invoked oom-killer: gfp_mask=0x40c50(GFP_NOFS|__GFP_COMP|__GFP_RECLAIMABLE), order=0, oom_score_adj=0 [ 2222.975781][T16527] CPU: 1 PID: 16527 Comm: syz-executor.4 Not tainted 5.3.0+ #0 [ 2222.983387][T16527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2222.993586][T16527] Call Trace: [ 2222.996884][T16527] dump_stack+0x172/0x1f0 [ 2223.001227][T16527] dump_header+0x10b/0x82d [ 2223.005650][T16527] ? oom_kill_process+0x94/0x3f0 [ 2223.010599][T16527] oom_kill_process.cold+0x10/0x15 [ 2223.015737][T16527] out_of_memory+0x334/0x1340 [ 2223.020429][T16527] ? lock_downgrade+0x920/0x920 [ 2223.025298][T16527] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2223.031117][T16527] ? oom_killer_disable+0x280/0x280 [ 2223.036333][T16527] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2223.041880][T16527] ? memcg_stat_show+0xc40/0xc40 [ 2223.046824][T16527] ? do_raw_spin_unlock+0x57/0x270 [ 2223.052123][T16527] ? _raw_spin_unlock+0x2d/0x50 [ 2223.056978][T16527] try_charge+0xf4b/0x1440 [ 2223.061404][T16527] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2223.066951][T16527] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2223.072505][T16527] ? cache_grow_begin+0x122/0xd20 [ 2223.077536][T16527] ? find_held_lock+0x35/0x130 [ 2223.082302][T16527] ? cache_grow_begin+0x122/0xd20 [ 2223.087336][T16527] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2223.092886][T16527] ? lock_downgrade+0x920/0x920 [ 2223.097752][T16527] ? memcg_kmem_put_cache+0x50/0x50 [ 2223.102953][T16527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.109198][T16527] ? __kasan_check_read+0x11/0x20 [ 2223.114236][T16527] cache_grow_begin+0x629/0xd20 [ 2223.119099][T16527] ? __sanitizer_cov_trace_cmp4+0x1/0x20 [ 2223.124732][T16527] ? mempolicy_slab_node+0x139/0x390 [ 2223.130049][T16527] fallback_alloc+0x1fd/0x2d0 [ 2223.134736][T16527] ____cache_alloc_node+0x1bc/0x1d0 [ 2223.140195][T16527] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2223.146457][T16527] kmem_cache_alloc+0x1ef/0x710 [ 2223.146472][T16527] ? lock_downgrade+0x920/0x920 [ 2223.146484][T16527] ? rwlock_bug.part.0+0x90/0x90 [ 2223.146501][T16527] ? ratelimit_state_init+0xb0/0xb0 [ 2223.146517][T16527] ext4_alloc_inode+0x1f/0x640 [ 2223.156195][T16527] ? ratelimit_state_init+0xb0/0xb0 [ 2223.156209][T16527] alloc_inode+0x68/0x1e0 [ 2223.156223][T16527] iget_locked+0x1a6/0x4b0 [ 2223.156242][T16527] __ext4_iget+0x265/0x3e20 [ 2223.156265][T16527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.156287][T16527] ? ext4_get_projid+0x190/0x190 [ 2223.166403][T16527] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2223.166417][T16527] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2223.166431][T16527] ? d_alloc_parallel+0xa78/0x1c30 [ 2223.166453][T16527] ext4_lookup+0x3b1/0x7a0 [ 2223.166469][T16527] ? ext4_cross_rename+0x1430/0x1430 [ 2223.166483][T16527] ? __lock_acquire+0x16f2/0x4a00 [ 2223.166500][T16527] ? __kasan_check_read+0x11/0x20 [ 2223.189680][T16527] ? lockdep_init_map+0x1be/0x6d0 [ 2223.189701][T16527] __lookup_slow+0x279/0x500 [ 2223.206408][T16527] ? vfs_unlink+0x620/0x620 [ 2223.206447][T16527] lookup_slow+0x58/0x80 [ 2223.206463][T16527] path_mountpoint+0x5d2/0x1e60 [ 2223.206483][T16527] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2223.217544][T16527] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2223.217565][T16527] ? path_openat+0x46d0/0x46d0 [ 2223.217589][T16527] filename_mountpoint+0x18e/0x390 [ 2223.217604][T16527] ? filename_parentat.isra.0+0x410/0x410 [ 2223.217623][T16527] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2223.227298][T16527] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2223.227313][T16527] ? __phys_addr_symbol+0x30/0x70 [ 2223.227326][T16527] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2223.227339][T16527] ? __check_object_size+0x3d/0x437 [ 2223.227362][T16527] ? strncpy_from_user+0x2b4/0x400 [ 2223.237385][T16527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.237401][T16527] ? getname_flags+0x277/0x5b0 [ 2223.237419][T16527] user_path_mountpoint_at+0x3a/0x50 [ 2223.237435][T16527] ksys_umount+0x164/0xf00 [ 2223.237452][T16527] ? __ia32_sys_rmdir+0x40/0x40 [ 2223.247046][T16527] ? __detach_mounts+0x2a0/0x2a0 [ 2223.247062][T16527] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2223.247078][T16527] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2223.247092][T16527] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2223.247104][T16527] ? do_syscall_64+0x26/0x760 [ 2223.247123][T16527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2223.255821][T16527] ? do_syscall_64+0x26/0x760 [ 2223.255837][T16527] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2223.255855][T16527] __x64_sys_umount+0x54/0x80 [ 2223.255870][T16527] do_syscall_64+0xfa/0x760 [ 2223.255892][T16527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2223.266233][T16527] RIP: 0033:0x45c457 [ 2223.266248][T16527] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 2f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2223.266255][T16527] RSP: 002b:00007ffc9f432a38 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 2223.266268][T16527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c457 [ 2223.266282][T16527] RDX: 0000000000403520 RSI: 0000000000000002 RDI: 00007ffc9f432ae0 [ 2223.266288][T16527] RBP: 0000000000000008 R08: 0000000000000000 R09: 000000000000000e [ 2223.266301][T16527] R10: 000000000000000a R11: 0000000000000206 R12: 00007ffc9f433b70 [ 2223.277003][T16527] R13: 0000000002669940 R14: 0000000000000000 R15: 00007ffc9f433b70 [ 2223.498619][T16605] IPVS: ftp: loaded support on port[0] = 21 [ 2223.577083][T16527] memory: usage 1172kB, limit 0kB, failcnt 441 [ 2223.583288][T16527] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2223.607195][T16527] Memory cgroup stats for /syz4: [ 2223.607304][T16527] anon 49152 [ 2223.607304][T16527] file 0 [ 2223.607304][T16527] kernel_stack 0 [ 2223.607304][T16527] slab 937984 [ 2223.607304][T16527] sock 0 [ 2223.607304][T16527] shmem 0 [ 2223.607304][T16527] file_mapped 0 [ 2223.607304][T16527] file_dirty 0 [ 2223.607304][T16527] file_writeback 0 [ 2223.607304][T16527] anon_thp 0 [ 2223.607304][T16527] inactive_anon 0 [ 2223.607304][T16527] active_anon 49152 [ 2223.607304][T16527] inactive_file 135168 [ 2223.607304][T16527] active_file 0 [ 2223.607304][T16527] unevictable 0 [ 2223.607304][T16527] slab_reclaimable 270336 [ 2223.607304][T16527] slab_unreclaimable 667648 [ 2223.607304][T16527] pgfault 212157 [ 2223.607304][T16527] pgmajfault 0 [ 2223.607304][T16527] workingset_refault 0 [ 2223.607304][T16527] workingset_activate 0 [ 2223.607304][T16527] workingset_nodereclaim 0 [ 2223.607304][T16527] pgrefill 148 [ 2223.607304][T16527] pgscan 138 [ 2223.607304][T16527] pgsteal 101 [ 2223.607304][T16527] pgactivate 33 [ 2223.703729][T16527] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=16527,uid=0 [ 2223.723257][T16527] Memory cgroup out of memory: Killed process 16527 (syz-executor.4) total-vm:72440kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2223.741686][ T1065] oom_reaper: reaped process 16527 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2223.792899][T16605] chnl_net:caif_netlink_parms(): no params data found [ 2224.110747][T16605] bridge0: port 1(bridge_slave_0) entered blocking state [ 2224.118059][T16605] bridge0: port 1(bridge_slave_0) entered disabled state [ 2224.127080][T16605] device bridge_slave_0 entered promiscuous mode [ 2234.780175][T16605] bridge0: port 2(bridge_slave_1) entered blocking state [ 2234.794219][T16605] bridge0: port 2(bridge_slave_1) entered disabled state [ 2234.814911][T16605] device bridge_slave_1 entered promiscuous mode [ 2234.893233][T16605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2240.193551][T16605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2240.233223][T16605] team0: Port device team_slave_0 added [ 2240.243498][T16605] team0: Port device team_slave_1 added [ 2245.668596][T16605] device hsr_slave_0 entered promiscuous mode [ 2245.725335][T16605] device hsr_slave_1 entered promiscuous mode [ 2245.764266][T16605] debugfs: Directory 'hsr0' with parent '/' already present! [ 2256.511505][T16605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2256.534322][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2256.543536][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2256.558249][T16605] 8021q: adding VLAN 0 to HW filter on device team0 [ 2256.573553][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2256.586483][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2256.596416][ T5357] bridge0: port 1(bridge_slave_0) entered blocking state [ 2256.603496][ T5357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2256.624744][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2256.634616][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2256.644703][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2256.653623][T10934] bridge0: port 2(bridge_slave_1) entered blocking state [ 2256.660755][T10934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2256.670450][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2262.013443][ T5357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2262.036936][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2262.047558][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2262.057084][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2262.067736][T10934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2262.089764][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2262.099216][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2262.108699][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2262.119596][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2262.129230][ T8838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2262.142789][T16605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2267.541601][T16605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2273.045591][T16616] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2273.074751][T16616] CPU: 0 PID: 16616 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2273.082348][T16616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2273.092417][T16616] Call Trace: [ 2273.095721][T16616] dump_stack+0x172/0x1f0 [ 2273.100064][T16616] dump_header+0x10b/0x82d [ 2273.104500][T16616] oom_kill_process.cold+0x10/0x15 [ 2273.109625][T16616] out_of_memory+0x334/0x1340 [ 2273.114306][T16616] ? cgroup_file_notify+0x140/0x1b0 [ 2273.119513][T16616] ? oom_killer_disable+0x280/0x280 [ 2273.124724][T16616] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2273.130274][T16616] ? memcg_stat_show+0xc40/0xc40 [ 2273.135222][T16616] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2273.141028][T16616] ? cgroup_file_notify+0x140/0x1b0 [ 2273.146346][T16616] memory_max_write+0x262/0x3a0 [ 2273.151219][T16616] ? mem_cgroup_write+0x370/0x370 [ 2273.156260][T16616] ? lock_acquire+0x190/0x410 [ 2273.161096][T16616] ? kernfs_fop_write+0x227/0x480 [ 2273.166150][T16616] cgroup_file_write+0x241/0x790 [ 2273.171105][T16616] ? mem_cgroup_write+0x370/0x370 [ 2273.176141][T16616] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2273.181788][T16616] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2273.187519][T16616] kernfs_fop_write+0x2b8/0x480 [ 2273.192382][T16616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2273.198637][T16616] __vfs_write+0x8a/0x110 [ 2273.202978][T16616] ? kernfs_fop_open+0xd80/0xd80 [ 2273.207934][T16616] vfs_write+0x268/0x5d0 [ 2273.212197][T16616] ksys_write+0x14f/0x290 [ 2273.216546][T16616] ? __ia32_sys_read+0xb0/0xb0 [ 2273.221321][T16616] ? do_syscall_64+0x26/0x760 [ 2273.226002][T16616] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2273.232074][T16616] ? do_syscall_64+0x26/0x760 [ 2273.236760][T16616] __x64_sys_write+0x73/0xb0 [ 2273.241364][T16616] do_syscall_64+0xfa/0x760 [ 2273.245893][T16616] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2273.251785][T16616] RIP: 0033:0x459a29 [ 2273.255683][T16616] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2273.275294][T16616] RSP: 002b:00007f2dae4bbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2273.283713][T16616] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2273.291700][T16616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 2273.299708][T16616] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 2273.307687][T16616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2dae4bc6d4 [ 2273.315667][T16616] R13: 00000000004c9e0f R14: 00000000004e1a10 R15: 00000000ffffffff [ 2273.344242][T16616] memory: usage 3536kB, limit 0kB, failcnt 1233 [ 2273.350539][T16616] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2273.358037][T16616] Memory cgroup stats for /syz2: [ 2273.358159][T16616] anon 2240512 [ 2273.358159][T16616] file 0 [ 2273.358159][T16616] kernel_stack 131072 [ 2273.358159][T16616] slab 1060864 [ 2273.358159][T16616] sock 0 [ 2273.358159][T16616] shmem 0 [ 2273.358159][T16616] file_mapped 0 [ 2273.358159][T16616] file_dirty 0 [ 2273.358159][T16616] file_writeback 0 [ 2273.358159][T16616] anon_thp 2097152 [ 2273.358159][T16616] inactive_anon 0 [ 2273.358159][T16616] active_anon 2240512 [ 2273.358159][T16616] inactive_file 0 [ 2273.358159][T16616] active_file 0 [ 2273.358159][T16616] unevictable 0 [ 2273.358159][T16616] slab_reclaimable 405504 [ 2273.358159][T16616] slab_unreclaimable 655360 [ 2273.358159][T16616] pgfault 193182 [ 2273.358159][T16616] pgmajfault 0 [ 2273.358159][T16616] workingset_refault 0 [ 2273.358159][T16616] workingset_activate 0 [ 2273.358159][T16616] workingset_nodereclaim 0 [ 2273.358159][T16616] pgrefill 70 [ 2273.358159][T16616] pgscan 68 [ 2273.358159][T16616] pgsteal 33 [ 2273.358159][T16616] pgactivate 33 [ 2273.465072][T16616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16613,uid=0 [ 2273.494391][T16616] Memory cgroup out of memory: Killed process 16613 (syz-executor.2) total-vm:72840kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2273.537447][ T1065] oom_reaper: reaped process 16613 (syz-executor.2), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 2276.037827][T16605] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2276.064174][T16605] CPU: 1 PID: 16605 Comm: syz-executor.2 Not tainted 5.3.0+ #0 [ 2276.071761][T16605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2276.081820][T16605] Call Trace: [ 2276.085119][T16605] dump_stack+0x172/0x1f0 [ 2276.089449][T16605] dump_header+0x10b/0x82d [ 2276.093887][T16605] ? oom_kill_process+0x94/0x3f0 [ 2276.098822][T16605] oom_kill_process.cold+0x10/0x15 [ 2276.104019][T16605] out_of_memory+0x334/0x1340 [ 2276.108696][T16605] ? lock_downgrade+0x920/0x920 [ 2276.113669][T16605] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2276.119497][T16605] ? oom_killer_disable+0x280/0x280 [ 2276.124799][T16605] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2276.130351][T16605] ? memcg_stat_show+0xc40/0xc40 [ 2276.135288][T16605] ? do_raw_spin_unlock+0x57/0x270 [ 2276.140398][T16605] ? _raw_spin_unlock+0x2d/0x50 [ 2276.145249][T16605] try_charge+0xf4b/0x1440 [ 2276.149675][T16605] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2276.155214][T16605] ? percpu_ref_tryget_live+0x111/0x290 [ 2276.160928][T16605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2276.167182][T16605] ? __kasan_check_read+0x11/0x20 [ 2276.172211][T16605] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2276.177757][T16605] mem_cgroup_try_charge+0x136/0x590 [ 2276.183059][T16605] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2276.188699][T16605] wp_page_copy+0x407/0x1860 [ 2276.193291][T16605] ? find_held_lock+0x35/0x130 [ 2276.198056][T16605] ? do_wp_page+0x53b/0x15c0 [ 2276.202646][T16605] ? pmd_devmap_trans_unstable+0x220/0x220 [ 2276.208458][T16605] ? lock_downgrade+0x920/0x920 [ 2276.213309][T16605] ? swp_swapcount+0x540/0x540 [ 2276.218070][T16605] ? __kasan_check_read+0x11/0x20 [ 2276.223090][T16605] ? do_raw_spin_unlock+0x57/0x270 [ 2276.228200][T16605] do_wp_page+0x543/0x15c0 [ 2276.232618][T16605] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2276.237997][T16605] __handle_mm_fault+0x23ec/0x4040 [ 2276.243111][T16605] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2276.248657][T16605] ? handle_mm_fault+0x292/0xaa0 [ 2276.253601][T16605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2276.259842][T16605] ? __kasan_check_read+0x11/0x20 [ 2276.264866][T16605] handle_mm_fault+0x3b7/0xaa0 [ 2276.269638][T16605] __do_page_fault+0x536/0xdd0 [ 2276.274440][T16605] do_page_fault+0x38/0x590 [ 2276.278947][T16605] page_fault+0x39/0x40 [ 2276.283096][T16605] RIP: 0033:0x430b06 [ 2276.286990][T16605] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 5c 44 64 00 85 c0 0f 84 [ 2276.306762][T16605] RSP: 002b:00007ffc7f6dc1d0 EFLAGS: 00010206 [ 2276.312921][T16605] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2276.320887][T16605] RDX: 00000000027d4930 RSI: 00000000027dc970 RDI: 0000000000000003 [ 2276.329176][T16605] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000027d3940 [ 2276.337143][T16605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2276.345106][T16605] R13: 0000000000716698 R14: 000000000022ae7e R15: 0000000000002710 [ 2276.354516][T16605] memory: usage 1308kB, limit 0kB, failcnt 1245 [ 2276.360789][T16605] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2276.368144][T16605] Memory cgroup stats for /syz2: [ 2276.368239][T16605] anon 0 [ 2276.368239][T16605] file 0 [ 2276.368239][T16605] kernel_stack 65536 [ 2276.368239][T16605] slab 1060864 [ 2276.368239][T16605] sock 0 [ 2276.368239][T16605] shmem 0 [ 2276.368239][T16605] file_mapped 0 [ 2276.368239][T16605] file_dirty 0 [ 2276.368239][T16605] file_writeback 0 [ 2276.368239][T16605] anon_thp 0 [ 2276.368239][T16605] inactive_anon 0 [ 2276.368239][T16605] active_anon 0 [ 2276.368239][T16605] inactive_file 0 [ 2276.368239][T16605] active_file 0 [ 2276.368239][T16605] unevictable 0 [ 2276.368239][T16605] slab_reclaimable 405504 [ 2276.368239][T16605] slab_unreclaimable 655360 [ 2276.368239][T16605] pgfault 193182 [ 2276.368239][T16605] pgmajfault 0 [ 2276.368239][T16605] workingset_refault 0 [ 2276.368239][T16605] workingset_activate 0 [ 2276.368239][T16605] workingset_nodereclaim 0 [ 2276.368239][T16605] pgrefill 70 [ 2276.368239][T16605] pgscan 68 [ 2276.368239][T16605] pgsteal 33 [ 2276.368239][T16605] pgactivate 33 [ 2276.368239][T16605] pgdeactivate 70 [ 2276.466113][T16605] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16605,uid=0 [ 2276.482140][T16605] Memory cgroup out of memory: Killed process 16605 (syz-executor.2) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2276.500606][ T1065] oom_reaper: reaped process 16605 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 13:04:27 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:04:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0xfc}, 0x20008844) 13:04:27 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6800, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) 13:04:27 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0000001c0000001c00000003000000010000000000000e0208000000000000000000000000000400000000005f00"/55], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x89f) write$cgroup_int(r8, 0x0, 0x0) 13:04:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xf0ffffff00000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:04:27 executing program 0: socket$kcm(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xc00, 0x5e, &(0x7f00000012c0)="a0c819ed284d0f5515e421c3c383953be303e8571d75f2b25bb16eb34c7cf4413e09bfcf55fa662c1507d3e181024d6ee2f558b833c71d7471e1abe97ad8cc98db6b048531aa71cabf64a8d5b91f867d055e401ecc4c181fb1d8d2a44e03e18ee73e313c45353bb855c086da60e74e0908a0364c0aa6d775489fcdbb85bc8a197ed3c00374bafc639a2a5c8b1d52ac70b64af29426392c14a64d56c38c0c143340b390da8e852fdba107565893f68c8f70e2a539b5075ddeae60509d5eae53a018e4bae4b98f97556192b45d153dc543d400c91a3a9b0a0f95cbffeb52d8150ccfff9c54fbbd0860dc9260e604cd8d5b7003d607a957ebe7e99248806889e18acb87b599bf1fbb53f4dd1f90004c855e619832b3641f057602a2a0dc31dace36508cbdd6d102d4d4e40ed7a15b0f3cac8d7778acb215dec95b6eafee4755e34be571d7e5ca7ca4c0fe2b5221cca148cf81f1b05a4ae85ecd5de09d5e15f08177566d8f9fa09f8e2a10f672e9430ac078b6f8ebda8e32dbeb4ab414f8e57caa4c9aeb8796272cea8447602d86efc37d5a046e2552d80bf1df088f23ecb21bf8f8bbc5c171eaec75357dcd1f83244c489053d10b92854aea1731b9fb551b1a8d798187eacb5244950f4cf24dfe5eb342262e72cc5918ef4233b395224efeba047947067a7fec8ede215406775d1dc1fe00e3f151e3377a0f5d3a76683a8ecd8274f2a30245d3e94ccf7371b2cd2f838ec063f9ec2181e34f29936be40a39fdeb5144231e9d49c49a64c87d4bf453ae2aa6ce6d05d35c674097ffe452749d8849840aa55421da33564e14b6c2f0dced27a304890a2d8b742b94705835b4601bbfe8979bdfd9a85a3d73b17ea460e1ab2b647b3ec4ad149352eadb7ea9bf65374bff8176c841d4f45ef1f21d9596fa33ea8c41f2a4ba5e44a15b66f349a85ebc5c58c508f456fd49d6b044b064dc0b3998fe57fbe38ebd030b260e50726d8605db2fce840d51c7c10240d7b8935b3d69249519b8d4f4722abadeaf19aed3bae9ccc0faef7541131452dc5d0f2140a0aa2abbc4399aa0b819a3846eaaca046931f53fb374ccdf696656b06591cefc301a5cf35698ddb74c30c7fa2fc30f117b8224a6a51edea6b01939b0bb48c9fa47fe41c0510e3e593953d43030c8699dcd68baf9a56bc1009164c71d2960ca57422ae4b988e1acfe78c51b3fe05d362b7abe77f32bba22c94d46c720718fe83501e67a2181c94f43f8aed04016515bd63bb0e17bf0381596b0e96836f8b32004cfa2e4d977fa227a57b3beba5fa20cddebde7ed0fd19d86e3702059f87b9151649a68bdd4a76633f3f5b163391e20f79cd8cb0ef6be79a832e4c2d1c1c8139b677477e9127ba5e9b83a2ac4cf4ecb079d8e7b5be81a04ffb215caf013edca09d963843d12e1f414e4c05f45b6b80fbd35b99a3e58085aa858c2d4f21528d2eee50b1c14810bf065229537d886960e7e916bd94de7a416330fce24014ed7dc26dc4bda952197277f795f24cec46de96c7b44c7888c6cb8d2be718742936a825865fcb699eebf64ef87ba0c10193929a5824c49fd75d8b2680e7c5948eb1932a66af087fdaed18dba4ad9d705b8c569a2133ed37be45a0679807931399be6146ae846556b0e9f60c71fdf080681b4b28bd8d1827ee7ecb1bfcadad01d2702292e9ca1381835a084763e2639775f7bc6e7532098f227829500b997ccfc8b23542f124f9f12c2e3094af178036099ac5419fedc346ff08effb3290e2939e6a8a82abadc273f7b1255bad40c2b815f58885fe59f29009d923763f9723b6390bcf5d070cf498fae16314678898535d71c5fbb4f42ce190cd1d10ce132c935541fdbc24533b53ad974e36d65ab6c0ef2e9c507c56917ea3418fb38a0ce7cea9fc671e3772de083cc1606b45448b9ce3d400ac8eb8540a1d13b7d6b75fd2502792628eca7381b8f66f3b4373b1afc0c452c0a4a5e9d3af24f9cbbe8bbee64e2ca35550e11f74ad89cc83f9a0ebdcc3436227fe14173f5ffb1babf79dd6c40da9c8e6a26ae872d2b0d02bc994c2c9ede230a74d0ca74106ad3d7dd195aaaa830905dff26f5cac2b11ebc76c49b96abde51a0e0c7ea10674e26544c745987fb72ebcbbca1042d19cbef92a6a52e64e9cf34176686e892b937011899392b045613fcf0a9ecea5e4d0da803c62b59aae57471b1b492a94bde304e17be742b3b6b470dfab7b72fb72bd084b2bb99471bf798841f176940b09f9d54ee74a573309b8ffccce39e7b49a62adc383dd009000423a2af83b7ad115c488c26be5f87293acef7002effd40799d1adc1a09000bdd5aba887a4ba58807603237d36b3f56f1c3ae42142e69639226c99670c3547e0bd3940a3a1d042d98fc735559aee1b86005faeb87ae5edf81dd4af26aa3733e98c6a13c623fc72f87492f3bf7abb15a57589f755a0dfc15261cf3c518217e321a050f5f9f01265d946b70b1536074dccc047b4660bd90e4f7b65dd872b5c43619e7d279e579582869c01a8a15261700e7210d15d45f32810bafed7859ec75f547ba59fc3e80d1d835074904d048fc326a77097d5e0c6e2386ea1235762bfec3e9bf4f36204a68354272c5f8465e4a76055ee313c39d23577e01abfaa9948a19eb1fae8751cc93da45a43bd03ac3752346394e0a8700486e6910a6ecd6d36e90c6f11db46cb6e329210a6a38ede81d2d9f329bb8449e9fe0dcb5f8816ea9c5f616e0f14a929185fae236685849fbcf3c4db4d0fc29718fe335d4bed3c09ff26c5543d9fa981666b2ea9ef002c92203458fbf5803ca2db249e77db86b7e6a5c601b1baa601a00f6d0c54a15bf84a4e0658046a965af80219a0a1d38f3abf34b509f1066a34575d4cf43f3d108d0108b8844c3afb91c4f61cbfb19904653aae8e1eeca51b563e0067487b9ec6a4aee97207851bf39efaedc7e0346f31170190166f04f911889dcae7498684f56fcbcc37d7a187c0a01318c3ad2006cf06299449812f8a0597b31274febef12348d3c45d07b2befb926207278ab20247832ef5e247a8d546a53b19406526df121d31986244537d0c92fdeb256e72a5595f18159dda627738d2fd9a9a8dab103dfccc5dccfae15adbf837a46205d8ffaec364a8bcf7f87dfc837a343a5a8be972ab9b911851944b4dbea9556e04f047b0a0cc92de09f4947d24f70b5baaa19b48cd6bec04e23c95dbf8f836489f68ee08682d822eb391551e382b3aeb9977e7291a18cacab5599fced51a35456ad8ee53bac434e234ee5ff11f8e37ee8152a5587f2050540398d40acc260f62c917b7e048cc921b12588b05f3a150b70e974f84671e5f6ce6b6b95f2d51ac0a52bf641c10bc0f2dd654d9161845a5af6faed8a81177a992cba200e74b8aeb233ffd9686b2103318d8bd5282d39f7f8a77ff424f5c02f22c89b840bb377c1d51af064a2684dd2dc70e4946df1139814f4c8ad229cf43bf75e3b893b372b533128aa85abad7457dfc8ee5d9dfe8c17548bc4985f34afab6dd209ce9166c88012acb54eaa6dfd2749d87636f92092cebf78ebba3c68f329f7cc133b028c71ee509270a29b23359cb5d72e1414f050147e46c05fe62a8251146fa009117a551297e48e5551333194f801ef2f949404b8563ef49d90af5db088dde3a7e8ca3eab2d6565cd96d4f24e65205be4ed5aadb930bb76a73a03a96d2fa1f8ceed5fdf5bb0158e2167a33abd3595dfd10fda67aae90399fcfe11d1974936a01406adb1e52555108b33de2c005b87f60cd57155bf223aeceb43b25ab823aade4b0e18db1675fcee7206950fc29512172d9c948f25366d833fba9f2410505688619f6f22a0d2e6f5349d853539d40a57dce3b66852a31c17bcba39e9ba275bf4dd16c31fff8fffabe91192240dcfe85f5e38e5185d86641aa7707e87844c8f0f47ff28ff4424a6a2404f2ee94c069df486c931651a972b43738267e8126b63eddcd4976a9734dbd5ba4b1c740e2194f77fd1491e98b83fa3257f0bec421a1146a30a7e2a5a98a6436fa89c798b9128272a7a383af465d77f1a5a6c93b39c88eab9a37cde1143274a572ebcdccb5868b749b270138e14489400b3092fe6698b2fdbbf607ebc0096927f38ab551fbb981ba026fe912fce3a80651325e33140951537b898d24bebb4b56bf0d07c7b6a49328eaa482de6875f70e6b9787a0591017ead1f71ae4fcb6163c500c65f17eeb5a41ac223c97c97cdd380b6b500cf658e2a66509c651b85a2f57f28db3d1b47b2301d0b4fbb17a60ef4d0dfd2c146d56a6d6b11afa7ed7876c8bd0fbd5163f430237d3813c01339ed54c5dd", &(0x7f0000000040)=""/94, 0x8, 0x0, 0x0, 0xa5, &(0x7f0000000000), &(0x7f0000001200)="8bea0c2ff8f361faa75246c148b47fa8251b5a58a262dd029bfc4c75375e512f12a27fe6aedaf27c624dbff3997276120a041273ac6782c5d001b71bc31e41aa83db875f5373045d47af0362fe11d5f407361568d3b7e12ca866e2759018aa7f52646152da485e33724c19f72f2d734d9cf6c5f5d0af96ad5a547845fda21ec247c923e40bd0edbc50f15e2ea9e7dadc1d6c35bb66fddf9a002c27fc347e207cfec3fbad9f"}, 0x40) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180)=r1, 0x4) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) recvmsg(r2, &(0x7f00000009c0)={&(0x7f0000000400)=@nfc_llcp, 0x80, &(0x7f0000000840)=[{&(0x7f0000000740)=""/246, 0xf6}], 0x293, &(0x7f0000000900)=""/121, 0x79}, 0x2a5ad864553312d6) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000800, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xbffffffffffffffe, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000006c0)='./file0\x00') r4 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x28, 0x0, 0xfffffffffffffe28) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4000003fc) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x200008c4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x1ff) socket$kcm(0x29, 0x2, 0x0) r5 = socket$kcm(0x29, 0x1, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)={&(0x7f00000004c0)='./file0\x00'}, 0x10) close(0xffffffffffffffff) socket$kcm(0x29, 0x5, 0x0) socket$kcm(0x29, 0x7, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x80001) sendmsg$kcm(r4, &(0x7f0000000300)={&(0x7f0000000540)=@isdn={0x22, 0x5fa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000600)="a92409409f3420187b0121b928bf21cc27175d95c06093fc517f3187111c8e5b8163675fda6b712bbbe8f577d9bee468553a0af769f47e5d8ec994f08ad2d0d4d2d8b81dd20be2da0d", 0x49}], 0x1}, 0x1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000340)="c1e4af8e45bd30c8f18ecf3ea375f5fc1390797051f05368815ef79ffcb2d4d0443a3725ef25cbdf36836d8bbc2095042474dedf08447d1215bb216890bee238b85de69d6ed23f06f0c9985ee24b453745c0cba35ae3c5dea0dc5aad1bfa7c51f6c297fbd8a72adeb76905b48161c21b6be9454a0c12833ab2975dd6964fbe2c36c7d87dce4e993bba5b0dc39c76bf495fb2c32d124de801c921fee12b96dc43cb", 0x0}, 0x18) r6 = socket$kcm(0x2b, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r6, 0x6, 0x17, &(0x7f0000000040)=r6, 0x4) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)="79529d222cd8263f444d37d81ef76d27c097e0b9bec95a9b34e62e40dd74e1262099b666d00b5f830dce48927605ddb52eb1d02c55a5c10e51f459f017d3b47379db1fa37a259190918e680e22a212f71a5fce4088f6eada6625f4944e31948c5e3f5065e335d44aedab4c1d649d8f0aa76120f1020175fdaf578822378564c6dc5889a2b2942e2c41e7f3cd89591c9a9cf84474b4d773c30809487121246ed97cfd225b12862435686f876e503dad45b0a4cea2cec2e9a9b54bcbaf154ffa5893f0688816d104e579cfd31514df193825d0890aefca05737b2939be18528fc388d9dbe7", 0xe4}], 0x1}, 0x10) sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x5020000, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r7, 0x1, 0x1, 0x7ff, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000), 0x0) 13:04:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x12c}, 0x20008844) [ 2279.206918][T16623] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2279.267113][T16620] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2279.395080][ C1] net_ratelimit: 56 callbacks suppressed [ 2279.395089][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2279.407991][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2279.413848][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2279.419693][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2279.425636][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2279.431425][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2279.437352][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2279.443146][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2279.449046][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2279.454886][ C1] protocol 88fb is buggy, dev hsr_slave_1 13:04:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xfcffffff00000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:04:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x1f4}, 0x20008844) 13:04:27 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x80, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) socket$kcm(0x2b, 0x1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, @perf_bp={&(0x7f0000000100), 0x2}, 0x800, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0xfffffffffffffef1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000280)=""/237, 0x17, 0xed, 0x1}, 0x20) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0}, 0x20) socket$kcm(0x11, 0x0, 0x0) r5 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0) r6 = gettid() write$cgroup_pid(r5, &(0x7f0000000500)=r6, 0x12) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000006c0)={r7, &(0x7f0000000740)="812a9c87ba4cf0b8b8bdb2ba80cad0f2fd101b5df0336f945bb221cf7664493535056ad3c1f08ead68df100de2c97688967f734b6eb61fa182c9ed22f6ba123086764f1ce9717819df0a47013f6d550cc22af48fff17080e5809f0a00fb468c915972af1be19d066b153219378cf44c56131f2929d2274f7d733dd1e07d0eba7facd53083bd9bdb8df62200cc5a158fa9a79fb3ce25a2bd45b6c6c4a6110e492c466a085236a70c5c2ff8df0d829292a873c2de4d032fbd76b575caef6e6ffe1a0099316a331fbc897217a3f7a28d7540b604123190271"}, 0x10) openat$cgroup_int(r7, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000), 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYRES32=0x0], 0x0, 0x8, 0x0, 0xffffffffffffffff}, 0xfffffffffffffceb) r8 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r9 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) write$cgroup_pid(r5, &(0x7f0000000540)=r9, 0x12) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x20) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000600)='cgroup.subtree_control\x00', 0x2, 0x0) socketpair(0x5, 0x3, 0x0, 0x0) write$cgroup_int(r8, 0x0, 0x0) [ 2279.611625][ T9232] device bridge_slave_1 left promiscuous mode 13:04:27 executing program 5: r0 = socket$kcm(0x10, 0x20000000000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x6c00, &(0x7f00000000c0)=[{&(0x7f0000000780)="d800000018008105e00f80ecdb4cb9040a1d65ef0b007c05e87c55a1bc000900b800069903000000050015000700812fa8001600030063e3e558f030ecf4f39ec1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f020073070000000000000000003f5aeb4edbb57a5025ccca9e00360db798262f3d40ff040000e04adcdf634c0285dc4fc82a9ecbee5de6e4edee3d93452a92954b43370e970300000000b818b824f9cb1337a0d8d0d1e1c0", 0xd8}], 0x1}, 0x0) [ 2279.660081][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state 13:04:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x300}, 0x20008844) [ 2279.756395][ T9232] device bridge_slave_0 left promiscuous mode [ 2279.767706][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2279.847284][ T9232] device bridge_slave_1 left promiscuous mode [ 2279.860752][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state 13:04:27 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xffffff7f00000000, &(0x7f0000000000)=[{&(0x7f0000000200)="1800000036000502d25a80648c6394fb0324fc0004000b40", 0x18}], 0x1}, 0x0) 13:04:27 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x3e8}, 0x20008844) [ 2279.916291][ T9232] device bridge_slave_0 left promiscuous mode [ 2279.925189][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2279.985063][ T9232] device bridge_slave_1 left promiscuous mode [ 2279.995997][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state 13:04:28 executing program 3: r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x1}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000040)='g', 0x1}], 0x1, 0x0, 0x4d8}, 0x20008844) [ 2280.056099][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.067054][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.127407][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.138598][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.186628][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.195324][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.277487][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.283795][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.368383][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.375003][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.427828][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.434927][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.477411][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.483840][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.557670][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.564061][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.617579][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.623972][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.687341][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.698496][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.747035][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.753534][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.827567][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.833969][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2280.886388][ T9232] device bridge_slave_0 left promiscuous mode [ 2280.892762][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2280.977559][ T9232] device bridge_slave_1 left promiscuous mode [ 2280.985182][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.056182][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.066211][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.127486][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.138365][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.196008][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.202414][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.257609][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.263979][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.356196][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.362570][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.418585][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.425690][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.496358][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.502859][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.657655][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.664068][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.736407][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.742842][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.797640][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.804030][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.856050][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.862424][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2281.937500][ T9232] device bridge_slave_1 left promiscuous mode [ 2281.943770][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2281.986428][ T9232] device bridge_slave_0 left promiscuous mode [ 2281.992817][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2282.077574][ T9232] device bridge_slave_1 left promiscuous mode [ 2282.083980][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2282.146450][ T9232] device bridge_slave_0 left promiscuous mode [ 2282.152856][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2282.297603][ T9232] device bridge_slave_1 left promiscuous mode [ 2282.303973][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2282.356207][ T9232] device bridge_slave_0 left promiscuous mode [ 2282.362567][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2282.457501][ T9232] device bridge_slave_1 left promiscuous mode [ 2282.463847][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2282.556253][ T9232] device bridge_slave_0 left promiscuous mode [ 2282.562688][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2282.637418][ T9232] device bridge_slave_1 left promiscuous mode [ 2282.643773][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2282.716201][ T9232] device bridge_slave_0 left promiscuous mode [ 2282.722562][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2282.827418][ T9232] device bridge_slave_1 left promiscuous mode [ 2282.833762][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2282.936007][ T9232] device bridge_slave_0 left promiscuous mode [ 2282.942278][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2283.008172][ T9232] device bridge_slave_1 left promiscuous mode [ 2283.015401][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2283.156195][ T9232] device bridge_slave_0 left promiscuous mode [ 2283.162503][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2283.257045][ T9232] device bridge_slave_1 left promiscuous mode [ 2283.263280][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2283.335954][ T9232] device bridge_slave_0 left promiscuous mode [ 2283.342212][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2283.467122][ T9232] device bridge_slave_1 left promiscuous mode [ 2283.473398][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2283.548337][ T9232] device bridge_slave_0 left promiscuous mode [ 2283.555202][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2283.647054][ T9232] device bridge_slave_1 left promiscuous mode [ 2283.653287][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2283.696062][ T9232] device bridge_slave_0 left promiscuous mode [ 2283.702300][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2283.817357][ T9232] device bridge_slave_1 left promiscuous mode [ 2283.823626][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2283.876366][ T9232] device bridge_slave_0 left promiscuous mode [ 2283.882605][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.007209][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.013455][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.056154][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.062403][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.177250][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.183506][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.255854][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.262111][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.327332][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.333601][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.405885][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.412122][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.467133][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.473551][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.536040][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.542717][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.607118][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.613373][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.726009][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.733205][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2284.787155][ T9232] device bridge_slave_1 left promiscuous mode [ 2284.793398][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2284.936037][ T9232] device bridge_slave_0 left promiscuous mode [ 2284.942296][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.027171][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.033416][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.095905][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.102164][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.177066][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.183323][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.245992][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.252241][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.377281][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.383572][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.495846][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.502108][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.567131][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.573377][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.676157][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.682409][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.727174][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.733422][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.816396][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.822661][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2285.877672][ T9232] device bridge_slave_1 left promiscuous mode [ 2285.883919][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2285.945831][ T9232] device bridge_slave_0 left promiscuous mode [ 2285.952104][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.017327][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.023605][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.075750][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.082002][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.167227][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.173486][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.245844][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.252098][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.336979][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.343238][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.455889][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.462141][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.553726][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.561033][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.615770][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.622118][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.697221][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.703467][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.745941][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.752194][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.857945][ T9232] device bridge_slave_1 left promiscuous mode [ 2286.865004][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2286.945364][ T9232] device bridge_slave_0 left promiscuous mode [ 2286.951632][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2286.997164][ T9232] device bridge_slave_1 left promiscuous mode [ 2287.003416][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2287.066045][ T9232] device bridge_slave_0 left promiscuous mode [ 2287.072385][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2287.127011][ T9232] device bridge_slave_1 left promiscuous mode [ 2287.133264][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2287.225817][ T9232] device bridge_slave_0 left promiscuous mode [ 2287.232118][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2287.317051][ T9232] device bridge_slave_1 left promiscuous mode [ 2287.323293][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2287.365945][ T9232] device bridge_slave_0 left promiscuous mode [ 2287.372188][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2287.427060][ T9232] device bridge_slave_1 left promiscuous mode [ 2287.433302][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state [ 2287.495998][ T9232] device bridge_slave_0 left promiscuous mode [ 2287.502267][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state [ 2427.274716][ T9232] device hsr_slave_0 left promiscuous mode [ 2427.324341][ T9232] device hsr_slave_1 left promiscuous mode [ 2427.408445][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2427.429405][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2427.447306][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2427.526121][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2427.702524][ T9232] bond0 (unregistering): Released all slaves [ 2427.934683][ T9232] device hsr_slave_0 left promiscuous mode [ 2427.994678][ T9232] device hsr_slave_1 left promiscuous mode [ 2428.103761][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2428.121621][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2428.140370][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2428.203079][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2428.358501][ T9232] bond0 (unregistering): Released all slaves [ 2428.566083][ T9232] device hsr_slave_0 left promiscuous mode [ 2428.614462][ T9232] device hsr_slave_1 left promiscuous mode [ 2428.793920][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2428.819439][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2428.838383][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2428.913658][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2429.045904][ T9232] bond0 (unregistering): Released all slaves [ 2429.415155][ T9232] device hsr_slave_0 left promiscuous mode [ 2429.494395][ T9232] device hsr_slave_1 left promiscuous mode [ 2429.563925][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2429.582231][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2429.602370][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2429.667242][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2429.812570][ T9232] bond0 (unregistering): Released all slaves [ 2429.975079][ T9232] device hsr_slave_0 left promiscuous mode [ 2430.014468][ T9232] device hsr_slave_1 left promiscuous mode [ 2430.083811][ T9232] team0 (unregistering): Port device team_slave_1 removed [ 2430.101959][ T9232] team0 (unregistering): Port device team_slave_0 removed [ 2430.120573][ T9232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2430.203183][ T9232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2430.408332][ T9232] bond0 (unregistering): Released all slaves [ 2430.435074][ T1064] INFO: task kworker/0:2:1144 blocked for more than 143 seconds. [ 2430.442914][ T1064] Not tainted 5.3.0+ #0 [ 2430.448288][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2430.457387][ T1064] kworker/0:2 D25840 1144 2 0x80004000 [ 2430.464487][ T1064] Workqueue: events switchdev_deferred_process_work [ 2430.471090][ T1064] Call Trace: [ 2430.475199][ T1064] __schedule+0x94f/0x1e70 [ 2430.479637][ T1064] ? __sched_text_start+0x8/0x8 [ 2430.484910][ T1064] ? __kasan_check_read+0x11/0x20 [ 2430.489963][ T1064] ? _raw_spin_unlock_irq+0x5e/0x90 [ 2430.495617][ T1064] schedule+0xd9/0x260 [ 2430.499710][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2430.505560][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2430.510179][ T1064] ? rtnl_lock+0x17/0x20 [ 2430.515063][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2430.519849][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2430.526501][ T1064] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2430.532695][ T1064] mutex_lock_nested+0x16/0x20 [ 2430.537966][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2430.543458][ T1064] rtnl_lock+0x17/0x20 [ 2430.547939][ T1064] switchdev_deferred_process_work+0xe/0x20 [ 2430.553850][ T1064] process_one_work+0x9af/0x1740 [ 2430.559312][ T1064] ? pwq_dec_nr_in_flight+0x320/0x320 [ 2430.565042][ T1064] ? lock_acquire+0x190/0x410 [ 2430.569741][ T1064] worker_thread+0x98/0xe40 [ 2430.574644][ T1064] kthread+0x361/0x430 [ 2430.578729][ T1064] ? process_one_work+0x1740/0x1740 [ 2430.583927][ T1064] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2430.590626][ T1064] ret_from_fork+0x24/0x30 [ 2430.595709][ T1064] INFO: task kworker/1:1:10934 blocked for more than 143 seconds. [ 2430.603512][ T1064] Not tainted 5.3.0+ #0 [ 2430.608627][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2430.617643][ T1064] kworker/1:1 D26280 10934 2 0x80004000 [ 2430.623996][ T1064] Workqueue: events linkwatch_event [ 2430.629620][ T1064] Call Trace: [ 2430.632923][ T1064] __schedule+0x94f/0x1e70 [ 2430.637711][ T1064] ? __sched_text_start+0x8/0x8 [ 2430.642570][ T1064] ? __kasan_check_read+0x11/0x20 [ 2430.648001][ T1064] ? _raw_spin_unlock_irq+0x5e/0x90 [ 2430.653207][ T1064] schedule+0xd9/0x260 [ 2430.657846][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2430.663320][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2430.668347][ T1064] ? rtnl_lock+0x17/0x20 [ 2430.672609][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2430.678035][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2430.684676][ T1064] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2430.690854][ T1064] mutex_lock_nested+0x16/0x20 [ 2430.696031][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2430.700981][ T1064] rtnl_lock+0x17/0x20 [ 2430.705463][ T1064] linkwatch_event+0xf/0x70 [ 2430.709980][ T1064] process_one_work+0x9af/0x1740 [ 2430.715343][ T1064] ? pwq_dec_nr_in_flight+0x320/0x320 [ 2430.720754][ T1064] ? lock_acquire+0x190/0x410 [ 2430.725849][ T1064] worker_thread+0x98/0xe40 [ 2430.730360][ T1064] ? trace_hardirqs_on+0x67/0x240 [ 2430.735793][ T1064] kthread+0x361/0x430 [ 2430.739879][ T1064] ? process_one_work+0x1740/0x1740 [ 2430.745493][ T1064] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2430.751751][ T1064] ret_from_fork+0x24/0x30 [ 2430.756744][ T1064] INFO: task syz-executor.0:16623 blocked for more than 143 seconds. [ 2430.765235][ T1064] Not tainted 5.3.0+ #0 [ 2430.769915][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2430.779069][ T1064] syz-executor.0 D24768 16623 8822 0x00004004 [ 2430.785785][ T1064] Call Trace: [ 2430.789089][ T1064] __schedule+0x94f/0x1e70 [ 2430.793513][ T1064] ? __sched_text_start+0x8/0x8 [ 2430.798795][ T1064] ? lock_downgrade+0x920/0x920 [ 2430.803651][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2430.809189][ T1064] schedule+0xd9/0x260 [ 2430.813271][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2430.819153][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2430.823750][ T1064] ? rtnl_lock+0x17/0x20 [ 2430.828392][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2430.833162][ T1064] ? up_read+0x1d2/0x810 [ 2430.838806][ T1064] ? down_read_non_owner+0x490/0x490 [ 2430.844485][ T1064] mutex_lock_nested+0x16/0x20 [ 2430.849273][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2430.854588][ T1064] rtnl_lock+0x17/0x20 [ 2430.858664][ T1064] ieee80211_register_hw+0x1951/0x3ac0 [ 2430.864505][ T1064] ? ieee80211_ifa_changed+0xde0/0xde0 [ 2430.869988][ T1064] ? memset+0x32/0x40 [ 2430.873972][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2430.880787][ T1064] ? __hrtimer_init+0x13d/0x280 [ 2430.886070][ T1064] mac80211_hwsim_new_radio+0x20d9/0x4360 [ 2430.891837][ T1064] ? vprintk_func+0x86/0x189 [ 2430.896964][ T1064] ? hwsim_cloned_frame_received_nl+0x1640/0x1640 [ 2430.903393][ T1064] hwsim_new_radio_nl+0x9e3/0x1070 [ 2430.908935][ T1064] ? mac80211_hwsim_new_radio+0x4360/0x4360 [ 2430.915238][ T1064] ? nla_memcpy+0xb0/0xb0 [ 2430.919609][ T1064] ? __nla_parse+0x43/0x60 [ 2430.924048][ T1064] genl_family_rcv_msg+0x74b/0xf90 [ 2430.929886][ T1064] ? genl_unregister_family+0x7b0/0x7b0 [ 2430.935825][ T1064] ? __kasan_check_read+0x11/0x20 [ 2430.940870][ T1064] ? __lock_acquire+0x16f2/0x4a00 [ 2430.946394][ T1064] ? debug_smp_processor_id+0x3c/0x214 [ 2430.951894][ T1064] genl_rcv_msg+0xca/0x170 [ 2430.956769][ T1064] netlink_rcv_skb+0x177/0x450 [ 2430.961550][ T1064] ? genl_family_rcv_msg+0xf90/0xf90 [ 2430.967264][ T1064] ? netlink_ack+0xb50/0xb50 [ 2430.971871][ T1064] ? __kasan_check_write+0x14/0x20 [ 2430.977389][ T1064] ? netlink_deliver_tap+0x254/0xbf0 [ 2430.983049][ T1064] genl_rcv+0x29/0x40 [ 2430.987528][ T1064] netlink_unicast+0x531/0x710 [ 2430.992388][ T1064] ? netlink_attachskb+0x7c0/0x7c0 [ 2430.998409][ T1064] ? _copy_from_iter_full+0x25d/0x8c0 [ 2431.003810][ T1064] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2431.009970][ T1064] ? __check_object_size+0x3d/0x437 [ 2431.015527][ T1064] netlink_sendmsg+0x8a5/0xd60 [ 2431.020366][ T1064] ? netlink_unicast+0x710/0x710 [ 2431.025859][ T1064] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2431.031654][ T1064] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2431.037557][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2431.043814][ T1064] ? security_socket_sendmsg+0x8d/0xc0 [ 2431.050092][ T1064] ? netlink_unicast+0x710/0x710 [ 2431.055407][ T1064] sock_sendmsg+0xd7/0x130 [ 2431.059853][ T1064] ___sys_sendmsg+0x803/0x920 [ 2431.064932][ T1064] ? copy_msghdr_from_user+0x440/0x440 [ 2431.070420][ T1064] ? __kasan_check_read+0x11/0x20 [ 2431.075989][ T1064] ? __fget+0x384/0x560 [ 2431.080163][ T1064] ? ksys_dup3+0x3e0/0x3e0 [ 2431.085031][ T1064] ? __fget_light+0x1a9/0x230 [ 2431.089719][ T1064] ? __fdget+0x1b/0x20 [ 2431.093789][ T1064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2431.100489][ T1064] __sys_sendmsg+0x105/0x1d0 [ 2431.105460][ T1064] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2431.110505][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2431.116366][ T1064] ? do_syscall_64+0x26/0x760 [ 2431.121053][ T1064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2431.127535][ T1064] ? do_syscall_64+0x26/0x760 [ 2431.132242][ T1064] __x64_sys_sendmsg+0x78/0xb0 [ 2431.137409][ T1064] do_syscall_64+0xfa/0x760 [ 2431.141945][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2431.148329][ T1064] RIP: 0033:0x459a29 [ 2431.152251][ T1064] Code: Bad RIP value. [ 2431.156731][ T1064] RSP: 002b:00007f58d5929c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2431.165549][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2431.173548][ T1064] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000c [ 2431.181932][ T1064] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2431.190374][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f58d592a6d4 [ 2431.198742][ T1064] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 00000000ffffffff [ 2431.207137][ T1064] INFO: task syz-executor.0:16625 blocked for more than 144 seconds. [ 2431.215522][ T1064] Not tainted 5.3.0+ #0 [ 2431.220194][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2431.229233][ T1064] syz-executor.0 D27328 16625 8822 0x00000004 [ 2431.236160][ T1064] Call Trace: [ 2431.239468][ T1064] __schedule+0x94f/0x1e70 [ 2431.243891][ T1064] ? __sched_text_start+0x8/0x8 [ 2431.249168][ T1064] ? lock_downgrade+0x920/0x920 [ 2431.254024][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2431.259366][ T1064] schedule+0xd9/0x260 [ 2431.263441][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2431.269290][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2431.273889][ T1064] ? genl_rcv_msg+0x13e/0x170 [ 2431.279115][ T1064] ? mark_lock+0xc2/0x1220 [ 2431.283540][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2431.288691][ T1064] ? __kasan_check_read+0x11/0x20 [ 2431.293720][ T1064] ? __lock_acquire+0x16f2/0x4a00 [ 2431.299196][ T1064] ? __dev_queue_xmit+0xbb5/0x3720 [ 2431.304708][ T1064] mutex_lock_nested+0x16/0x20 [ 2431.309475][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2431.314961][ T1064] genl_rcv_msg+0x13e/0x170 [ 2431.319477][ T1064] netlink_rcv_skb+0x177/0x450 [ 2431.324622][ T1064] ? genl_family_rcv_msg+0xf90/0xf90 [ 2431.329914][ T1064] ? netlink_ack+0xb50/0xb50 [ 2431.334866][ T1064] ? __kasan_check_write+0x14/0x20 [ 2431.340851][ T1064] ? netlink_deliver_tap+0x254/0xbf0 [ 2431.347806][ T1064] genl_rcv+0x29/0x40 [ 2431.351816][ T1064] netlink_unicast+0x531/0x710 [ 2431.356998][ T1064] ? netlink_attachskb+0x7c0/0x7c0 [ 2431.362118][ T1064] ? _copy_from_iter_full+0x25d/0x8c0 [ 2431.367901][ T1064] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2431.373717][ T1064] ? __check_object_size+0x3d/0x437 [ 2431.379306][ T1064] netlink_sendmsg+0x8a5/0xd60 [ 2431.384437][ T1064] ? netlink_unicast+0x710/0x710 [ 2431.389384][ T1064] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2431.395347][ T1064] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2431.400824][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2431.407519][ T1064] ? security_socket_sendmsg+0x8d/0xc0 [ 2431.412989][ T1064] ? netlink_unicast+0x710/0x710 [ 2431.418310][ T1064] sock_sendmsg+0xd7/0x130 [ 2431.422742][ T1064] ___sys_sendmsg+0x803/0x920 [ 2431.427843][ T1064] ? copy_msghdr_from_user+0x440/0x440 [ 2431.433314][ T1064] ? __kasan_check_read+0x11/0x20 [ 2431.438742][ T1064] ? __fget+0x384/0x560 [ 2431.442911][ T1064] ? ksys_dup3+0x3e0/0x3e0 [ 2431.447753][ T1064] ? __fget_light+0x1a9/0x230 [ 2431.452438][ T1064] ? __fdget+0x1b/0x20 [ 2431.456995][ T1064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2431.463254][ T1064] __sys_sendmsg+0x105/0x1d0 [ 2431.468272][ T1064] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2431.473326][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2431.479752][ T1064] ? do_syscall_64+0x26/0x760 [ 2431.484791][ T1064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2431.490953][ T1064] ? do_syscall_64+0x26/0x760 [ 2431.496086][ T1064] __x64_sys_sendmsg+0x78/0xb0 [ 2431.500957][ T1064] do_syscall_64+0xfa/0x760 [ 2431.505883][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2431.511779][ T1064] RIP: 0033:0x459a29 [ 2431.516158][ T1064] Code: Bad RIP value. [ 2431.520231][ T1064] RSP: 002b:00007f58d5908c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2431.529127][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2431.537456][ T1064] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000c [ 2431.545896][ T1064] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2431.553894][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f58d59096d4 [ 2431.562374][ T1064] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 00000000ffffffff [ 2431.571414][ T1064] INFO: task syz-executor.5:16638 blocked for more than 144 seconds. [ 2431.574446][ T9232] kobject: 'rx-0' (00000000713fa8b1): kobject_cleanup, parent 00000000389f8e93 [ 2431.579834][ T1064] Not tainted 5.3.0+ #0 [ 2431.594183][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2431.602874][ T1064] syz-executor.5 D29408 16638 15550 0x00000004 [ 2431.604134][ T9232] kobject: 'rx-0' (00000000713fa8b1): auto cleanup 'remove' event [ 2431.617313][ T9232] kobject: 'rx-0' (00000000713fa8b1): kobject_uevent_env [ 2431.624168][ T1064] Call Trace: [ 2431.624775][ T9232] kobject: 'rx-0' (00000000713fa8b1): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2431.627652][ T1064] __schedule+0x94f/0x1e70 [ 2431.641294][ T9232] kobject: 'rx-0' (00000000713fa8b1): auto cleanup kobject_del [ 2431.653109][ T9232] kobject: 'rx-0' (00000000713fa8b1): calling ktype release [ 2431.654160][ T1064] ? __sched_text_start+0x8/0x8 [ 2431.661093][ T9232] kobject: 'rx-0': free name [ 2431.670269][ T9232] kobject: 'tx-0' (00000000e29dcc6d): kobject_cleanup, parent 00000000389f8e93 [ 2431.679675][ T9232] kobject: 'tx-0' (00000000e29dcc6d): auto cleanup 'remove' event [ 2431.684267][ T1064] ? lock_downgrade+0x920/0x920 [ 2431.687960][ T9232] kobject: 'tx-0' (00000000e29dcc6d): kobject_uevent_env [ 2431.692335][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2431.704187][ T9232] kobject: 'tx-0' (00000000e29dcc6d): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2431.704513][ T1064] schedule+0xd9/0x260 [ 2431.720989][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2431.726888][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2431.731490][ T1064] ? rtnl_lock+0x17/0x20 [ 2431.734145][ T9232] kobject: 'tx-0' (00000000e29dcc6d): auto cleanup kobject_del [ 2431.736143][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2431.743349][ T9232] kobject: 'tx-0' (00000000e29dcc6d): calling ktype release [ 2431.748469][ T1064] ? lock_downgrade+0x920/0x920 [ 2431.760970][ T1064] mutex_lock_nested+0x16/0x20 [ 2431.766082][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2431.771029][ T1064] rtnl_lock+0x17/0x20 [ 2431.774158][ T9232] kobject: 'tx-0': free name [ 2431.775599][ T1064] sock_do_ioctl+0x24e/0x2f0 [ 2431.779883][ T9232] kobject: 'queues' (00000000389f8e93): kobject_cleanup, parent 00000000e056a121 [ 2431.794149][ T1064] ? compat_ifr_data_ioctl+0x160/0x160 [ 2431.794288][ T9232] kobject: 'queues' (00000000389f8e93): calling ktype release [ 2431.799623][ T1064] ? tomoyo_path_number_perm+0x459/0x520 [ 2431.807375][ T9232] kobject: 'queues' (00000000389f8e93): kset_release [ 2431.819831][ T9232] kobject: 'queues': free name [ 2431.824923][ T1064] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2431.825384][ T9232] kobject: 'bridge0' (00000000e42d2a64): kobject_uevent_env [ 2431.831184][ T1064] ? tomoyo_path_number_perm+0x263/0x520 [ 2431.838703][ T9232] kobject: 'bridge0' (00000000e42d2a64): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2431.859542][ T9232] kobject: 'rx-0' (00000000ee7f2661): kobject_cleanup, parent 000000005dfa8771 [ 2431.864209][ T1064] sock_ioctl+0x3ed/0x780 [ 2431.873105][ T1064] ? dlci_ioctl_set+0x40/0x40 [ 2431.877935][ T9232] kobject: 'rx-0' (00000000ee7f2661): auto cleanup 'remove' event [ 2431.877946][ T9232] kobject: 'rx-0' (00000000ee7f2661): kobject_uevent_env [ 2431.877955][ T9232] kobject: 'rx-0' (00000000ee7f2661): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2431.877963][ T9232] kobject: 'rx-0' (00000000ee7f2661): auto cleanup kobject_del [ 2431.878017][ T9232] kobject: 'rx-0' (00000000ee7f2661): calling ktype release [ 2431.878025][ T9232] kobject: 'rx-0': free name [ 2431.878090][ T9232] kobject: 'tx-0' (00000000f4257921): kobject_cleanup, parent 000000005dfa8771 [ 2431.878098][ T9232] kobject: 'tx-0' (00000000f4257921): auto cleanup 'remove' event [ 2431.878106][ T9232] kobject: 'tx-0' (00000000f4257921): kobject_uevent_env [ 2431.878116][ T9232] kobject: 'tx-0' (00000000f4257921): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2431.878124][ T9232] kobject: 'tx-0' (00000000f4257921): auto cleanup kobject_del [ 2431.878211][ T9232] kobject: 'tx-0' (00000000f4257921): calling ktype release [ 2431.886420][ T1064] ? dlci_ioctl_set+0x40/0x40 [ 2431.893648][ T9232] kobject: 'tx-0': free name [ 2431.904571][ T1064] do_vfs_ioctl+0xdb6/0x13e0 [ 2431.924160][ T9232] kobject: 'queues' (000000005dfa8771): kobject_cleanup, parent 00000000e056a121 [ 2431.932930][ T1064] ? ioctl_preallocate+0x210/0x210 [ 2432.002061][ T9232] kobject: 'queues' (000000005dfa8771): calling ktype release [ 2432.009655][ T9232] kobject: 'queues' (000000005dfa8771): kset_release [ 2432.016656][ T9232] kobject: 'queues': free name [ 2432.022098][ T9232] kobject: 'lo' (0000000042f69a02): kobject_uevent_env [ 2432.029064][ T9232] kobject: 'lo' (0000000042f69a02): kobject_uevent_env: uevent_suppress caused the event to drop! [ 2432.045105][ T9232] kobject: 'batman_adv' (0000000088bef1b6): kobject_uevent_env [ 2432.052690][ T9232] kobject: 'batman_adv' (0000000088bef1b6): kobject_uevent_env: filter function caused the event to drop! [ 2432.054153][ T1064] ? __fget+0x384/0x560 [ 2432.064140][ T9232] kobject: 'batman_adv' (0000000088bef1b6): kobject_cleanup, parent 00000000e056a121 [ 2432.078235][ T9232] kobject: 'batman_adv' (0000000088bef1b6): calling ktype release [ 2432.084160][ T1064] ? ksys_dup3+0x3e0/0x3e0 [ 2432.086133][ T9232] kobject: (0000000088bef1b6): dynamic_kobj_release [ 2432.090619][ T1064] ? nsecs_to_jiffies+0x30/0x30 [ 2432.097407][ T9232] kobject: 'batman_adv': free name [ 2432.107875][ T1064] ? tomoyo_file_ioctl+0x23/0x30 [ 2432.112834][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2432.119176][ T1064] ? security_file_ioctl+0x8d/0xc0 [ 2432.124587][ T1064] ksys_ioctl+0xab/0xd0 [ 2432.128759][ T1064] __x64_sys_ioctl+0x73/0xb0 [ 2432.133354][ T1064] do_syscall_64+0xfa/0x760 [ 2432.138029][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2432.144274][ T1064] RIP: 0033:0x459a29 [ 2432.148205][ T1064] Code: Bad RIP value. [ 2432.152282][ T1064] RSP: 002b:00007f133bb77c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2432.161043][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2432.169317][ T1064] RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000005 [ 2432.177360][ T1064] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2432.186360][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f133bb786d4 [ 2432.194401][ T1064] R13: 00000000004c33e9 R14: 00000000004d7000 R15: 00000000ffffffff [ 2432.202820][ T1064] INFO: task syz-executor.5:16640 blocked for more than 145 seconds. [ 2432.211006][ T1064] Not tainted 5.3.0+ #0 [ 2432.215895][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2432.224678][ T1064] syz-executor.5 D28376 16640 15550 0x00000004 [ 2432.231306][ T1064] Call Trace: [ 2432.234688][ T1064] __schedule+0x94f/0x1e70 [ 2432.239335][ T1064] ? __sched_text_start+0x8/0x8 [ 2432.244287][ T1064] ? lock_downgrade+0x920/0x920 [ 2432.249363][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2432.254389][ T1064] schedule+0xd9/0x260 [ 2432.258673][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2432.264226][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2432.269040][ T1064] ? rtnetlink_rcv_msg+0x40a/0xb00 [ 2432.274258][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2432.279246][ T1064] ? find_held_lock+0x35/0x130 [ 2432.284018][ T1064] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 2432.289258][ T1064] ? lock_downgrade+0x920/0x920 [ 2432.294390][ T1064] ? rcu_read_lock_held_common+0x130/0x130 [ 2432.300210][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2432.306558][ T1064] mutex_lock_nested+0x16/0x20 [ 2432.311657][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2432.316703][ T1064] rtnetlink_rcv_msg+0x40a/0xb00 [ 2432.321960][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2432.327348][ T1064] ? netlink_deliver_tap+0x22d/0xbf0 [ 2432.332948][ T1064] ? find_held_lock+0x35/0x130 [ 2432.337822][ T1064] netlink_rcv_skb+0x177/0x450 [ 2432.342810][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2432.348191][ T1064] ? netlink_ack+0xb50/0xb50 [ 2432.353018][ T1064] ? __kasan_check_read+0x11/0x20 [ 2432.358127][ T1064] ? netlink_deliver_tap+0x254/0xbf0 [ 2432.363730][ T1064] rtnetlink_rcv+0x1d/0x30 [ 2432.368255][ T1064] netlink_unicast+0x531/0x710 [ 2432.373248][ T1064] ? netlink_attachskb+0x7c0/0x7c0 [ 2432.378437][ T1064] ? _copy_from_iter_full+0x25d/0x8c0 [ 2432.384033][ T1064] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2432.389863][ T1064] ? __check_object_size+0x3d/0x437 [ 2432.395355][ T1064] netlink_sendmsg+0x8a5/0xd60 [ 2432.400139][ T1064] ? netlink_unicast+0x710/0x710 [ 2432.405166][ T1064] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2432.410953][ T1064] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2432.416492][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2432.422956][ T1064] ? security_socket_sendmsg+0x8d/0xc0 [ 2432.428515][ T1064] ? netlink_unicast+0x710/0x710 [ 2432.433677][ T1064] sock_sendmsg+0xd7/0x130 [ 2432.438220][ T1064] ___sys_sendmsg+0x803/0x920 [ 2432.443115][ T1064] ? copy_msghdr_from_user+0x440/0x440 [ 2432.448676][ T1064] ? __kasan_check_read+0x11/0x20 [ 2432.453953][ T1064] ? __fget+0x384/0x560 [ 2432.458203][ T1064] ? ksys_dup3+0x3e0/0x3e0 [ 2432.462849][ T1064] ? __fget_light+0x1a9/0x230 [ 2432.467629][ T1064] ? __fdget+0x1b/0x20 [ 2432.471926][ T1064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2432.478297][ T1064] __sys_sendmsg+0x105/0x1d0 [ 2432.483115][ T1064] ? __sys_sendmsg_sock+0xd0/0xd0 [ 2432.488264][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2432.494018][ T1064] ? do_syscall_64+0x26/0x760 [ 2432.498821][ T1064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2432.505232][ T1064] ? do_syscall_64+0x26/0x760 [ 2432.509934][ T1064] __x64_sys_sendmsg+0x78/0xb0 [ 2432.515680][ T1064] do_syscall_64+0xfa/0x760 [ 2432.520206][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2432.526184][ T1064] RIP: 0033:0x459a29 [ 2432.530312][ T1064] Code: Bad RIP value. [ 2432.534435][ T1064] RSP: 002b:00007f133bb56c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2432.543140][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 2432.551250][ T1064] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003 [ 2432.559493][ T1064] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 2432.567556][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f133bb576d4 [ 2432.575881][ T1064] R13: 00000000004c7af5 R14: 00000000004dd840 R15: 00000000ffffffff [ 2432.583920][ T1064] INFO: task syz-executor.4:16659 blocked for more than 145 seconds. [ 2432.592102][ T1064] Not tainted 5.3.0+ #0 [ 2432.597376][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2432.606138][ T1064] syz-executor.4 D28080 16659 1 0x00000004 [ 2432.613480][ T1064] Call Trace: [ 2432.616852][ T1064] __schedule+0x94f/0x1e70 [ 2432.621532][ T1064] ? __sched_text_start+0x8/0x8 [ 2432.626829][ T1064] ? lock_downgrade+0x920/0x920 [ 2432.631687][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2432.637077][ T1064] schedule+0xd9/0x260 [ 2432.641162][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2432.646984][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2432.651581][ T1064] ? rtnetlink_rcv_msg+0x40a/0xb00 [ 2432.657050][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2432.661815][ T1064] ? find_held_lock+0x35/0x130 [ 2432.666940][ T1064] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 2432.672066][ T1064] ? lock_downgrade+0x920/0x920 [ 2432.677429][ T1064] ? rcu_read_lock_held_common+0x130/0x130 [ 2432.683242][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2432.689923][ T1064] mutex_lock_nested+0x16/0x20 [ 2432.695017][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2432.699960][ T1064] rtnetlink_rcv_msg+0x40a/0xb00 [ 2432.705281][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2432.710573][ T1064] ? lock_downgrade+0x920/0x920 [ 2432.715802][ T1064] ? netlink_deliver_tap+0x22d/0xbf0 [ 2432.721094][ T1064] ? find_held_lock+0x35/0x130 [ 2432.726299][ T1064] netlink_rcv_skb+0x177/0x450 [ 2432.731070][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2432.736714][ T1064] ? netlink_ack+0xb50/0xb50 [ 2432.741305][ T1064] ? __kasan_check_read+0x11/0x20 [ 2432.746709][ T1064] ? netlink_deliver_tap+0x254/0xbf0 [ 2432.752011][ T1064] rtnetlink_rcv+0x1d/0x30 [ 2432.756790][ T1064] netlink_unicast+0x531/0x710 [ 2432.761563][ T1064] ? netlink_attachskb+0x7c0/0x7c0 [ 2432.767077][ T1064] ? _copy_from_iter_full+0x25d/0x8c0 [ 2432.772455][ T1064] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2432.778548][ T1064] ? __check_object_size+0x3d/0x437 [ 2432.783757][ T1064] netlink_sendmsg+0x8a5/0xd60 [ 2432.788937][ T1064] ? netlink_unicast+0x710/0x710 [ 2432.793882][ T1064] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2432.799916][ T1064] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2432.805726][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2432.811977][ T1064] ? security_socket_sendmsg+0x8d/0xc0 [ 2432.817921][ T1064] ? netlink_unicast+0x710/0x710 [ 2432.822869][ T1064] sock_sendmsg+0xd7/0x130 [ 2432.827671][ T1064] __sys_sendto+0x262/0x380 [ 2432.832181][ T1064] ? __ia32_sys_getpeername+0xb0/0xb0 [ 2432.840335][ T1064] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2432.846885][ T1064] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2432.852437][ T1064] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2432.858792][ T1064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2432.865393][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2432.870855][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2432.876825][ T1064] ? do_syscall_64+0x26/0x760 [ 2432.881592][ T1064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2432.888237][ T1064] __x64_sys_sendto+0xe1/0x1a0 [ 2432.893022][ T1064] do_syscall_64+0xfa/0x760 [ 2432.898330][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2432.904567][ T1064] RIP: 0033:0x413873 [ 2432.908471][ T1064] Code: ff ff ff 0f 1f 40 00 b8 18 fc ff ff e9 56 ff ff ff bf 97 30 44 00 b9 0d 00 00 00 48 89 ee f3 a6 75 0c 48 c7 03 80 39 41 00 e9 <37> ff ff ff bf a4 30 44 00 b9 11 00 00 00 48 89 ee f3 a6 75 0c 48 [ 2432.928633][ T1064] RSP: 002b:00007ffd4b5a38e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2432.937452][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413873 [ 2432.945791][ T1064] RDX: 0000000000000028 RSI: 0000000000a70070 RDI: 0000000000000003 [ 2432.953771][ T1064] RBP: 00007ffd4b5a3950 R08: 00007ffd4b5a38f0 R09: 000000000000000c [ 2432.962441][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2432.970791][ T1064] R13: 00007ffd4b5a3c58 R14: 0000000000000000 R15: 0000000000000000 [ 2432.979168][ T1064] INFO: task syz-executor.2:16661 blocked for more than 145 seconds. [ 2432.988681][ T1064] Not tainted 5.3.0+ #0 [ 2432.993385][ T1064] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2433.002462][ T1064] syz-executor.2 D28136 16661 1 0x00000004 [ 2433.009158][ T1064] Call Trace: [ 2433.012463][ T1064] __schedule+0x94f/0x1e70 [ 2433.017349][ T1064] ? __sched_text_start+0x8/0x8 [ 2433.022209][ T1064] ? lock_downgrade+0x920/0x920 [ 2433.027470][ T1064] ? rwlock_bug.part.0+0x90/0x90 [ 2433.032423][ T1064] schedule+0xd9/0x260 [ 2433.036887][ T1064] schedule_preempt_disabled+0x13/0x20 [ 2433.042346][ T1064] __mutex_lock+0x7b0/0x13c0 [ 2433.047323][ T1064] ? rtnetlink_rcv_msg+0x40a/0xb00 [ 2433.052443][ T1064] ? mutex_trylock+0x2d0/0x2d0 [ 2433.057690][ T1064] ? find_held_lock+0x35/0x130 [ 2433.062473][ T1064] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 2433.067992][ T1064] ? lock_downgrade+0x920/0x920 [ 2433.072854][ T1064] ? rcu_read_lock_held_common+0x130/0x130 [ 2433.079439][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2433.086186][ T1064] mutex_lock_nested+0x16/0x20 [ 2433.090967][ T1064] ? mutex_lock_nested+0x16/0x20 [ 2433.096303][ T1064] rtnetlink_rcv_msg+0x40a/0xb00 [ 2433.101258][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2433.106944][ T1064] ? lock_downgrade+0x920/0x920 [ 2433.111816][ T1064] ? netlink_deliver_tap+0x22d/0xbf0 [ 2433.117502][ T1064] ? find_held_lock+0x35/0x130 [ 2433.122281][ T1064] netlink_rcv_skb+0x177/0x450 [ 2433.127454][ T1064] ? rtnl_bridge_getlink+0x910/0x910 [ 2433.132798][ T1064] ? netlink_ack+0xb50/0xb50 [ 2433.137859][ T1064] ? __kasan_check_read+0x11/0x20 [ 2433.142907][ T1064] ? netlink_deliver_tap+0x254/0xbf0 [ 2433.148641][ T1064] rtnetlink_rcv+0x1d/0x30 [ 2433.153092][ T1064] netlink_unicast+0x531/0x710 [ 2433.158385][ T1064] ? netlink_attachskb+0x7c0/0x7c0 [ 2433.163506][ T1064] ? _copy_from_iter_full+0x25d/0x8c0 [ 2433.169304][ T1064] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2433.175398][ T1064] ? __check_object_size+0x3d/0x437 [ 2433.180609][ T1064] netlink_sendmsg+0x8a5/0xd60 [ 2433.185785][ T1064] ? netlink_unicast+0x710/0x710 [ 2433.190731][ T1064] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 2433.196699][ T1064] ? apparmor_socket_sendmsg+0x2a/0x30 [ 2433.202166][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2433.208805][ T1064] ? security_socket_sendmsg+0x8d/0xc0 [ 2433.214705][ T1064] ? netlink_unicast+0x710/0x710 [ 2433.219650][ T1064] sock_sendmsg+0xd7/0x130 [ 2433.224080][ T1064] __sys_sendto+0x262/0x380 [ 2433.228989][ T1064] ? __ia32_sys_getpeername+0xb0/0xb0 [ 2433.234734][ T1064] ? lock_downgrade+0x920/0x920 [ 2433.239593][ T1064] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2433.245262][ T1064] ? __blkcg_punt_bio_submit+0x1e0/0x1e0 [ 2433.250902][ T1064] ? unlock_page_memcg+0x40/0x40 [ 2433.256215][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2433.261682][ T1064] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 2433.267577][ T1064] ? do_syscall_64+0x26/0x760 [ 2433.272261][ T1064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2433.278724][ T1064] __x64_sys_sendto+0xe1/0x1a0 [ 2433.283516][ T1064] do_syscall_64+0xfa/0x760 [ 2433.288426][ T1064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2433.294653][ T1064] RIP: 0033:0x413873 [ 2433.298549][ T1064] Code: ff ff ff 0f 1f 40 00 b8 18 fc ff ff e9 56 ff ff ff bf 97 30 44 00 b9 0d 00 00 00 48 89 ee f3 a6 75 0c 48 c7 03 80 39 41 00 e9 <37> ff ff ff bf a4 30 44 00 b9 11 00 00 00 48 89 ee f3 a6 75 0c 48 [ 2433.318988][ T1064] RSP: 002b:00007ffef3cd09a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2433.327906][ T1064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413873 [ 2433.336245][ T1064] RDX: 0000000000000028 RSI: 0000000000a70070 RDI: 0000000000000003 [ 2433.344580][ T1064] RBP: 00007ffef3cd0a10 R08: 00007ffef3cd09b0 R09: 000000000000000c [ 2433.352577][ T1064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2433.360985][ T1064] R13: 00007ffef3cd0d18 R14: 0000000000000000 R15: 0000000000000000 [ 2433.369412][ T9232] device hsr_slave_0 left promiscuous mode [ 2433.375640][ T1064] [ 2433.375640][ T1064] Showing all locks held in the system: [ 2433.383369][ T1064] 1 lock held by khungtaskd/1064: [ 2433.388829][ T1064] #0: ffffffff88faad00 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e [ 2433.398632][ T1064] 1 lock held by rsyslogd/8693: [ 2433.403479][ T1064] #0: ffff8880a37ef1a0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 2433.412603][ T1064] 2 locks held by getty/8783: [ 2433.417612][ T1064] #0: ffff888090da1750 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.426928][ T1064] #1: ffffc90005f1d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.437419][ T1064] 2 locks held by getty/8784: [ 2433.442092][ T1064] #0: ffff8880981aee10 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.451746][ T1064] #1: ffffc90005f432e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.461718][ T1064] 2 locks held by getty/8785: [ 2433.466677][ T1064] #0: ffff8880a0cfeb50 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.476015][ T1064] #1: ffffc90005f3f2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.485981][ T1064] 2 locks held by getty/8786: [ 2433.490657][ T1064] #0: ffff8880a0d1cb90 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.500023][ T1064] #1: ffffc90005f392e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.512160][ T1064] 2 locks held by getty/8787: [ 2433.517201][ T1064] #0: ffff8880a31c6090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.526514][ T1064] #1: ffffc90005f352e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.536452][ T1064] 2 locks held by getty/8788: [ 2433.541124][ T1064] #0: ffff8880a5add610 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.550478][ T1064] #1: ffffc90005f2d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.560962][ T1064] 2 locks held by getty/8789: [ 2433.565966][ T1064] #0: ffff8880984e5490 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 2433.575381][ T1064] #1: ffffc90005f112e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 2433.585389][ T1064] 3 locks held by kworker/u4:6/9464: [ 2433.591288][ T1064] 3 locks held by kworker/0:2/1144: [ 2433.596878][ T1064] #0: ffff8880aa4278e8 ((wq_completion)events){+.+.}, at: process_one_work+0x88b/0x1740 [ 2433.607672][ T1064] #1: ffff8880462b7dc0 (deferred_process_work){+.+.}, at: process_one_work+0x8c1/0x1740 [ 2433.618002][ T1064] #2: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.626401][ T1064] 4 locks held by kworker/u4:7/9232: [ 2433.631680][ T1064] #0: ffff8880a99abe68 ((wq_completion)netns){+.+.}, at: process_one_work+0x88b/0x1740 [ 2433.642554][ T1064] #1: ffff8880879c7dc0 (net_cleanup_work){+.+.}, at: process_one_work+0x8c1/0x1740 [ 2433.652344][ T1064] #2: ffffffff8998aa48 (pernet_ops_rwsem){++++}, at: cleanup_net+0xae/0xa60 [ 2433.661495][ T1064] #3: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.669851][ T1064] 3 locks held by kworker/1:1/10934: [ 2433.675494][ T1064] #0: ffff8880aa4278e8 ((wq_completion)events){+.+.}, at: process_one_work+0x88b/0x1740 [ 2433.685686][ T1064] #1: ffff888093f07dc0 ((linkwatch_work).work){+.+.}, at: process_one_work+0x8c1/0x1740 [ 2433.696002][ T1064] #2: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.704034][ T1064] 3 locks held by kworker/0:17/16543: [ 2433.709828][ T1064] #0: ffff88809cd138e8 ((wq_completion)ipv6_addrconf){+.+.}, at: process_one_work+0x88b/0x1740 [ 2433.720772][ T1064] #1: ffff8880306b7dc0 ((addr_chk_work).work){+.+.}, at: process_one_work+0x8c1/0x1740 [ 2433.730907][ T1064] #2: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.739278][ T1064] 3 locks held by syz-executor.0/16623: [ 2433.745121][ T1064] #0: ffffffff899e8a68 (cb_lock){++++}, at: genl_rcv+0x1a/0x40 [ 2433.753265][ T1064] #1: ffffffff899e8b20 (genl_mutex){+.+.}, at: genl_rcv_msg+0x13e/0x170 [ 2433.762238][ T1064] #2: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.770602][ T1064] 2 locks held by syz-executor.0/16625: [ 2433.776492][ T1064] #0: ffffffff899e8a68 (cb_lock){++++}, at: genl_rcv+0x1a/0x40 [ 2433.784475][ T1064] #1: ffffffff899e8b20 (genl_mutex){+.+.}, at: genl_rcv_msg+0x13e/0x170 [ 2433.792933][ T1064] 1 lock held by syz-executor.5/16638: [ 2433.798789][ T1064] #0: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 2433.807188][ T1064] 1 lock held by syz-executor.5/16640: [ 2433.812642][ T1064] #0: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 [ 2433.821965][ T1064] 1 lock held by syz-executor.4/16659: [ 2433.827737][ T1064] #0: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 [ 2433.837083][ T1064] 1 lock held by syz-executor.2/16661: [ 2433.842540][ T1064] #0: ffffffff89997ca0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 [ 2433.851936][ T1064] [ 2433.854718][ T9232] device hsr_slave_1 left promiscuous mode [ 2433.860722][ T1064] ============================================= [ 2433.860722][ T1064] [ 2433.869568][ T1064] NMI backtrace for cpu 1 [ 2433.873901][ T1064] CPU: 1 PID: 1064 Comm: khungtaskd Not tainted 5.3.0+ #0 [ 2433.881002][ T1064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2433.891052][ T1064] Call Trace: [ 2433.894349][ T1064] dump_stack+0x172/0x1f0 [ 2433.898683][ T1064] nmi_cpu_backtrace.cold+0x70/0xb2 [ 2433.903876][ T1064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2433.910253][ T1064] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 2433.915894][ T1064] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 2433.921865][ T1064] arch_trigger_cpumask_backtrace+0x14/0x20 [ 2433.927739][ T1064] watchdog+0x9d0/0xef0 [ 2433.931880][ T1064] kthread+0x361/0x430 [ 2433.935971][ T1064] ? reset_hung_task_detector+0x30/0x30 [ 2433.941601][ T1064] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2433.947850][ T1064] ret_from_fork+0x24/0x30 [ 2433.952687][ T1064] Sending NMI from CPU 1 to CPUs 0: [ 2433.958332][ C0] NMI backtrace for cpu 0 [ 2433.958337][ C0] CPU: 0 PID: 9464 Comm: kworker/u4:6 Not tainted 5.3.0+ #0 [ 2433.958343][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2433.958346][ C0] Workqueue: bat_events batadv_purge_orig [ 2433.958353][ C0] RIP: 0010:do_raw_spin_lock+0x56/0x2e0 [ 2433.958362][ C0] Code: 03 48 83 ec 68 48 c7 45 80 fd 51 a6 88 48 8d 14 03 48 c7 45 88 70 2a 5a 81 48 c7 85 78 ff ff ff b3 8a b5 41 c7 02 f1 f1 f1 f1 42 04 04 f3 f3 f3 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d [ 2433.958366][ C0] RSP: 0018:ffff8880a2347bc8 EFLAGS: 00000292 [ 2433.958373][ C0] RAX: dffffc0000000000 RBX: 1ffff11014468f7a RCX: ffffffff8158f2b2 [ 2433.958377][ C0] RDX: ffffed1014468f7a RSI: 0000000000000008 RDI: ffff88803f3f0534 [ 2433.958382][ C0] RBP: ffff8880a2347c58 R08: 0000000000001ee9 R09: fffffbfff14ee143 [ 2433.958387][ C0] R10: ffff88808b114ae8 R11: ffff88808b114200 R12: ffff88803f3f0530 [ 2433.958391][ C0] R13: 0000000000000100 R14: dffffc0000000000 R15: ffff8880a2347c30 [ 2433.958396][ C0] FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 2433.958400][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2433.958405][ C0] CR2: 0000000002022000 CR3: 0000000098ef2000 CR4: 00000000001406f0 [ 2433.958409][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2433.958414][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2433.958416][ C0] Call Trace: [ 2433.958420][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 2433.958423][ C0] ? lock_acquire+0x190/0x410 [ 2433.958427][ C0] ? batadv_purge_orig_ref+0x11c/0x1060 [ 2433.958430][ C0] _raw_spin_lock_bh+0x3b/0x50 [ 2433.958433][ C0] ? batadv_purge_orig_ref+0x11c/0x1060 [ 2433.958437][ C0] batadv_purge_orig_ref+0x11c/0x1060 [ 2433.958440][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2433.958444][ C0] ? trace_hardirqs_on+0x67/0x240 [ 2433.958447][ C0] batadv_purge_orig+0x1b/0x70 [ 2433.958450][ C0] process_one_work+0x9af/0x1740 [ 2433.958454][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 2433.958457][ C0] ? lock_acquire+0x190/0x410 [ 2433.958460][ C0] worker_thread+0x98/0xe40 [ 2433.958463][ C0] kthread+0x361/0x430 [ 2433.958467][ C0] ? process_one_work+0x1740/0x1740 [ 2433.958470][ C0] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2433.958474][ C0] ret_from_fork+0x24/0x30 [ 2433.959180][ T1064] Kernel panic - not syncing: hung_task: blocked tasks [ 2434.191792][ T1064] CPU: 1 PID: 1064 Comm: khungtaskd Not tainted 5.3.0+ #0 [ 2434.198885][ T1064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2434.208928][ T1064] Call Trace: [ 2434.212204][ T1064] dump_stack+0x172/0x1f0 [ 2434.216516][ T1064] panic+0x2dc/0x755 [ 2434.220398][ T1064] ? add_taint.cold+0x16/0x16 [ 2434.225054][ T1064] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 2434.230683][ T1064] ? ___preempt_schedule+0x16/0x20 [ 2434.235805][ T1064] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 2434.241936][ T1064] ? nmi_trigger_cpumask_backtrace+0x24c/0x28b [ 2434.248071][ T1064] ? nmi_trigger_cpumask_backtrace+0x256/0x28b [ 2434.254202][ T1064] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 2434.260334][ T1064] watchdog+0x9e1/0xef0 [ 2434.264471][ T1064] kthread+0x361/0x430 [ 2434.268517][ T1064] ? reset_hung_task_detector+0x30/0x30 [ 2434.274050][ T1064] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2434.280269][ T1064] ret_from_fork+0x24/0x30 [ 2434.286331][ T1064] Kernel Offset: disabled [ 2434.290676][ T1064] Rebooting in 86400 seconds..