Starting mcstransd: [ 99.635669][ T27] audit: type=1400 audit(1579356481.473:37): avc: denied { watch } for pid=10530 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 103.307321][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 103.307336][ T27] audit: type=1400 audit(1579356485.153:41): avc: denied { map } for pid=10619 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.10.58' (ECDSA) to the list of known hosts. 2020/01/18 14:08:12 fuzzer started [ 110.130683][ T27] audit: type=1400 audit(1579356491.973:42): avc: denied { map } for pid=10628 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2020/01/18 14:08:13 dialing manager at 10.128.0.26:38241 2020/01/18 14:08:13 syscalls: 2870 2020/01/18 14:08:13 code coverage: enabled 2020/01/18 14:08:13 comparison tracing: enabled 2020/01/18 14:08:13 extra coverage: enabled 2020/01/18 14:08:13 setuid sandbox: enabled 2020/01/18 14:08:13 namespace sandbox: enabled 2020/01/18 14:08:13 Android sandbox: /sys/fs/selinux/policy does not exist 2020/01/18 14:08:13 fault injection: enabled 2020/01/18 14:08:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/01/18 14:08:13 net packet injection: enabled 2020/01/18 14:08:13 net device setup: enabled 2020/01/18 14:08:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/01/18 14:08:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 14:10:41 executing program 0: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x208000) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000040)={0xd4, 0x93e50dce86c171ca, 0x4, 0x20000, 0x71, {0x77359400}, {0x3, 0x1, 0x2, 0x1, 0x6, 0x3f, "ec65b9fa"}, 0x8, 0x3, @offset=0x5, 0x80000001, 0x0, r1}) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f00000000c0)=0x2, 0x4) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x129800, 0x0) write$P9_RFSYNC(r3, &(0x7f0000000140)={0x7, 0x33, 0x1}, 0x7) r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/checkreqprot\x00', 0x0, 0x0) ioctl$VIDIOC_G_FREQUENCY(r4, 0xc02c5638, &(0x7f00000001c0)={0x0, 0x5, 0x6}) r5 = syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x1f, 0x280001) mq_timedsend(r5, &(0x7f0000000240)="962b088de82c9a7c9fdbb13b9f89906edd5a42", 0x13, 0x0, &(0x7f0000000280)={0x77359400}) r6 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$KDSKBMODE(r6, 0x4b45, &(0x7f0000000300)=0x2) syz_open_dev$ptys(0xc, 0x3, 0x0) r7 = socket$pppl2tp(0x18, 0x1, 0x1) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc) r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r8, 0x8936, &(0x7f0000000400)={@local, 0x2a}) r9 = socket$nl_route(0x10, 0x3, 0x0) getsockname(r9, &(0x7f0000000440)=@alg, &(0x7f00000004c0)=0x80) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer2\x00', 0x101000, 0x0) r10 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm-control\x00', 0x4200, 0x0) fsconfig$FSCONFIG_SET_BINARY(r10, 0x2, &(0x7f0000000580)='+\xaf+}eth0-\x16keyring\x00', &(0x7f00000005c0)="6e42e7408b399042907c08eed11e32", 0xf) r11 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000600)={0x0, 0x3}, &(0x7f0000000640)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r11, 0x84, 0x6d, &(0x7f0000000680)={r12, 0x36, "473dad75f40652e9969201a012b1fb8959c02d712dd0985d3e18ccf1dbcdc975a016dbe07150eecd65969ffa8b6cfebdf8c7994b84b6"}, &(0x7f00000006c0)=0x3e) ioctl$UI_SET_ABSBIT(r3, 0x40045567, 0x0) r13 = socket$nl_xfrm(0x10, 0x3, 0x6) vmsplice(r13, &(0x7f0000000c40)=[{&(0x7f0000000700)="42166dbcb22351df1fc520757e51a8b639fd622ba25d1566ceb59ada04", 0x1d}, {&(0x7f0000000740)}, {&(0x7f0000000780)="3622117b1c06456613d93bcb82b2e298283b34083e99a6ffdeb9daa116653708ef5a60a16987eb8be809b73579a68c360ed38b37445210c8584156e59538921ba049a2841b07a7c0b3cf0eba6f4a200336ba149f86c79abb1043d652b0de961436aeeebd10347423c80b7d180a0a9f241db8c50e69f05307df70b1a736c663fd00f30e100013b7100497d2827afabe", 0x8f}, {&(0x7f0000000840)="3d923110b21dea9a7070a48886c34c7ba26792d93d19506c578ebd98fd3cb7a47b80a1bf5cb7f8d6097ef4423035e3cc7700932808f008a055c3a9baeac2de081661c3f30e24b1076322111bff33b205d302772c407620594470709437b1273927b5fec1752039be8a50f9fe", 0x6c}, {&(0x7f00000008c0)="237dcb2fa0fabca12501d8984c3f127204c82411480fd24e3f73b86b5e631d37b1cca3e599db006954d459903ae2100e91c02088727cacaeb7fc85bb92864c7cc2dba44fa1bee278dbd3e30e8a0a31d90d6bd7560944eba0909d39666ac047c3dcac575faa12a686c3a32e47d52e11b80a0e9dcd7261a500efa4b8337037c586735f01b54a8ff369aa83beb11b052aef6991abc03030e12e10996cd51e1a1c7c24dcfc5fbbf0c8d1b95faf57c0f095328e63e3f2cc6a7faacc744660dccb8e67bc5677ea71526cf4a8282ffc730282eaf4ecf76ec922d5613b80641c2e0d0c43d39c490df93b4cd126fc6974fbb19235521784fd018500a492871508", 0xfc}, {&(0x7f00000009c0)="7d1815f47f74618bfc1a30da3ec6643c53f6aeeacaed99c156eca9b81d5483db3b6eaa8fa7822585c14313cb5d96a7de943a3e9649f210e3f261fcf29ba7a79fc332e2a0404e92f12b0060b2beb8f5b2", 0x50}, {&(0x7f0000000a40)="4173053b98e6b2c94467e7194053eb8988dd9c7057c4dc5c1feb4803e983f7e4ebf005a9f05f6164b9947edd1e6b19ac7724b9fe49afb7251e5fbfa6459812aaa453c512e734c08f19f64437a67392edacb267f1e3b03dcb09b7f62251d791c462c3fa77010ba80b108eedd52644214c731766ef328b27e47e500001e8462dcbc0673e7831dda6505ff560710276f805ec0b25da266d34befa5fda6c5a788165cd5ac01725e64296a1f1fabffd0dd8b9aa5e3b1ad56dfb2044ae060a8af4f999b6b4db2b59620699251d6ffc4709cbf64212d2dda162ab", 0xd7}, {&(0x7f0000000b40)="081761e451cf6d83b5a6d78c246625e65cca59e3673cb6c28a69303c37d16c86d358ced9eae8e161b56fcbafb65159b1646df1d56ca507e26dc2dcbee88b6291a6fa8b451c0f9bd0ec6ebe963895c77d4f663b9a509aca85cc06134534bbf5f4778fecaf2c3934eaa066ad01ab3de0b0e60c", 0x72}, {&(0x7f0000000bc0)="b6fa4511a88bc307a39ea3007510b4df6944b6f65291734d773173773de52d83e8230cd5a0fdc4afd753e6bdff8d3052bf19e6780cf02130e018ef87c5875ba62e800af631e1db6164017bfb8a606c07a3c51d3b07093706a1931979f7e97f557ec5894b89e9de46f2ee61e190f28c71bbab77c8", 0x74}], 0x9, 0x4) r14 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000d00)='/dev/cachefiles\x00', 0x40000, 0x0) ioctl$TIOCMSET(r14, 0x5418, &(0x7f0000000d40)=0x1) [ 260.048255][ T27] audit: type=1400 audit(1579356641.893:43): avc: denied { map } for pid=10645 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=22375 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 14:10:42 executing program 1: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) ioctl$SIOCX25SENDCALLACCPT(r0, 0x89e9) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x1ff) lseek(r1, 0x3, 0x2) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x14d601, 0x0) ioctl$UI_DEV_DESTROY(r2, 0x5502) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000080)) r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_G_PRIORITY(r3, 0x80045643, 0x1) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nvram\x00', 0x200000, 0x0) ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x2000, 0x1}) ioctl$VIDIOC_S_AUDIO(r3, 0x40345622, &(0x7f0000000180)={0x5, "935d5243aa723cae50e6f08bbb177630448ee7cad3136f1b044121291a09eca9", 0x0, 0x1}) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x101000, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000280)={0x200, 0xd, 0x4, 0x400, 0xfffffff8, {}, {0x5, 0x0, 0x1a, 0x8, 0x9, 0x40, "5ef67847"}, 0x7d06, 0x1, @offset=0x2, 0x1, 0x0, r0}) ioctl$EVIOCSKEYCODE(r6, 0x40084504, &(0x7f0000000300)=[0x2, 0x6]) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0x2000, 0x0) ioctl$KVM_SET_TSC_KHZ(r7, 0xaea2, 0xffff) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000380)='/dev/zero\x00', 0x32021, 0x0) ioctl$USBDEVFS_SETINTERFACE(r8, 0x80085504, &(0x7f00000003c0)={0x1, 0x1ff}) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x80, 0x2}, &(0x7f0000000480)=0x10) setsockopt$inet_sctp6_SCTP_RTOINFO(r9, 0x84, 0x0, &(0x7f00000004c0)={r10, 0xfffffff7, 0xdc50, 0xfffffffc}, 0x10) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000500)='}GPLtrustedcpusetselfsecurity[{\x00', &(0x7f0000000540)='/dev/vcs\x00', 0x0) ioctl$ION_IOC_ALLOC(r5, 0xc0184900, &(0x7f0000000580)={0x9, 0x8, 0x0, 0xffffffffffffffff}) ioctl$EXT4_IOC_GROUP_ADD(r11, 0x40286608, &(0x7f00000005c0)={0xfff, 0x7ff, 0xffffffffffffff7f, 0xfff, 0x9578, 0x5}) r12 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dsp1\x00', 0x240000, 0x0) ioctl$FS_IOC_SETFLAGS(r12, 0x40086602, &(0x7f0000000640)=0xff) r13 = dup(0xffffffffffffffff) ioctl$HDIO_GETGEO(r13, 0x301, &(0x7f0000000680)) [ 260.303887][T10646] IPVS: ftp: loaded support on port[0] = 21 [ 260.438818][T10648] IPVS: ftp: loaded support on port[0] = 21 14:10:42 executing program 2: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment={0x6c, 0x0, 0x80, 0x0, 0x0, 0x12, 0x68}, 0x8) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x2002, 0x0) connect$l2tp6(r1, &(0x7f0000000080)={0xa, 0x0, 0x4, @mcast2, 0x1, 0x4}, 0x20) recvmsg$can_raw(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)=""/240, 0xf0}], 0x1, &(0x7f0000000280)=""/52, 0x34}, 0x100) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x4e22, 0xeced, @loopback, 0x7}, 0x1c) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000340)={0x0, 0x10000}, 0x8) r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ttynull\x00', 0x40000, 0x0) ioctl$KDSETMODE(r3, 0x4b3a, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000003c0)={0x0, 0x7, 0x6, 0x3, 0x80, 0x3f}, &(0x7f0000000400)=0x14) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000004c0)={r4, 0x58, &(0x7f0000000440)=[@in={0x2, 0x4e22, @local}, @in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e22, 0x7, @rand_addr="52ba9b78c8731b3d46fba5c48bb03761", 0x3}, @in6={0xa, 0x4e22, 0x400, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xffffff00}]}, &(0x7f0000000500)=0x10) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, &(0x7f0000000540)=0x1, 0x4) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f00000006c0)=@urb_type_bulk={0x3, {}, 0x5e0b, 0x1c0, &(0x7f0000000580)="608e405e8f536318e34632782eab5b6203d68a21d907c90a694a6b35c74e", 0x1e, 0x2, 0x7, 0x488, 0x8000, 0x462, &(0x7f00000005c0)="4227272b807945fa212b5ca9476680a900254da8bffae09a5c1e1b00878cb21411c72adc7bc2c2b028eadde62d6dff973f2e23819b9dbba121ffdd1dc86ebd06ecd80984b9e7cb92ec62ace16f4cd900d0e970f78bbeef6d0d0ce2b2be3d185a7ff6889e771c8179a146b2e8ccb6e6f71f493c6e168ddd658479174e12576319c3b6a1e8056d98adac8286a6dd9fadf7aeaa085f2dc84cd6947a282416bca0f79c337cb4171462669f7204dd2b59996aa133d435c70c58e160929dd9216f7bc865e6d69f401dfd170fcd0f0b4baf2a57e92c4d935e3ed3fcc452f9320413e55e7183217fd973a08582ad09de7a10041c6ebf1ae88780aa4f0a23510cb22d"}) restart_syscall() pipe2(&(0x7f0000000700)={0xffffffffffffffff}, 0x44800) setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000001780)={@tipc=@name={0x1e, 0x2, 0x0, {{0x0, 0x3}, 0x3}}, {&(0x7f0000000740)=""/4096, 0x1000}, &(0x7f0000001740), 0x2}, 0xa0) read(r5, &(0x7f0000001840)=""/8, 0x8) ioctl$NBD_SET_SIZE(r0, 0xab02, 0x1f) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={0xffffffffffffffff, r0, 0x0, 0xd, &(0x7f0000001880)='/dev/ttynull\x00', 0x0}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001900)={r6}, 0xc) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000001940)=0x19) r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001980)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$USBDEVFS_CLAIMINTERFACE(r7, 0x8004550f, &(0x7f00000019c0)=0x1d0) io_setup(0x654, &(0x7f0000001a00)) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000001a40)={0x0, @in={{0x2, 0x4e20, @empty}}}, &(0x7f0000001b00)=0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x73, &(0x7f0000001b40)={r8, 0x100, 0x20, 0xfff, 0x1}, &(0x7f0000001b80)=0x18) r9 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000001bc0)='/selinux/policy\x00', 0x0, 0x0) getsockopt$SO_J1939_SEND_PRIO(r9, 0x6b, 0x3, &(0x7f0000001c00), &(0x7f0000001c40)=0x4) remap_file_pages(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x9, 0x4000) r10 = creat(&(0x7f0000001c80)='./file0\x00', 0x8) setsockopt$XDP_UMEM_COMPLETION_RING(r10, 0x11b, 0x6, &(0x7f0000001cc0)=0x140000, 0x4) [ 260.553604][T10646] chnl_net:caif_netlink_parms(): no params data found [ 260.724684][T10648] chnl_net:caif_netlink_parms(): no params data found [ 260.746148][T10646] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.753447][T10646] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.765276][T10646] device bridge_slave_0 entered promiscuous mode [ 260.806200][T10646] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.813319][T10646] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.827517][T10652] IPVS: ftp: loaded support on port[0] = 21 [ 260.839456][T10646] device bridge_slave_1 entered promiscuous mode [ 260.863786][T10648] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.871436][T10648] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.881959][T10648] device bridge_slave_0 entered promiscuous mode [ 260.903256][T10648] bridge0: port 2(bridge_slave_1) entered blocking state 14:10:42 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000040)=0x3ff, &(0x7f0000000080)=0x2) r1 = socket$rxrpc(0x21, 0x2, 0xa) syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x7, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000140)=0x8) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000180)={0x0, 0x0, {0x38, 0x37, 0x5, 0x16, 0x5, 0x7215, 0x5, 0x97}}) setsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f00000001c0)=0x10001, 0x4) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bsg\x00', 0x101400, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000240)={'NETMAP\x00'}, &(0x7f0000000280)=0x1e) r4 = semget$private(0x0, 0x3, 0x8aeb5a27333d765b) semctl$SETVAL(r4, 0x1, 0x10, &(0x7f00000002c0)=0x10001) mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1) ioctl$SIOCGETLINKNAME(0xffffffffffffffff, 0x89e0, &(0x7f0000000300)={0x3, 0x1}) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000380)='/dev/nvram\x00', 0x40, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r5, 0x80e85411, &(0x7f00000003c0)=""/63) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000400)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x80082102, &(0x7f0000000480)=r6) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000004c0)={0xd5, 0x4, 0x4, 0x4, 0xcea, {}, {0x5, 0x0, 0x8, 0xe1, 0x3, 0x8, "4e972fc1"}, 0x4, 0x4, @userptr=0x7fffffff, 0x5, 0x0, 0xffffffffffffffff}) setsockopt$netrom_NETROM_T4(r7, 0x103, 0x6, &(0x7f0000000540)=0x2, 0x4) gettid() semctl$GETVAL(r4, 0x5, 0xc, &(0x7f0000000580)=""/169) r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000740)='/dev/vcsu\x00', 0x22080, 0x0) getsockopt$bt_BT_SNDMTU(r8, 0x112, 0xc, &(0x7f0000000780)=0x798, &(0x7f00000007c0)=0x2) r9 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000800)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) bind$isdn(r9, &(0x7f0000000840)={0x22, 0x1, 0x2, 0x3, 0x74}, 0x6) r10 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000880)={0xa, 0x0, 0x0, @loopback}, &(0x7f00000008c0)=0x1c, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r10, 0x660c) getsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000900), &(0x7f0000000940)=0x4) r11 = dup2(r2, r9) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000009c0)={0x3, &(0x7f0000000980)=[{}, {}, {0x0}]}) ioctl$DRM_IOCTL_LOCK(r11, 0x4008642a, &(0x7f0000000a00)={r12}) [ 260.925895][T10648] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.933844][T10648] device bridge_slave_1 entered promiscuous mode [ 260.992408][T10646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.028694][T10646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 261.045621][T10648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.092413][T10648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 261.143162][T10646] team0: Port device team_slave_0 added [ 261.170726][T10646] team0: Port device team_slave_1 added [ 261.191234][T10648] team0: Port device team_slave_0 added [ 261.211899][T10648] team0: Port device team_slave_1 added 14:10:43 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x124139116e9bd4ac, 0x0) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000040)=""/88) socket$rxrpc(0x21, 0x2, 0x2) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x111, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x3}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xfffffff9, 0xffffffffffffffff}}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'dummy0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x40000) openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x100, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xc0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=0xfffffffffffffff8, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x9, 0x4}, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0xd, 0x3fe0000, 0x80}, &(0x7f0000000300)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=0x1000}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000480)={r2}, 0xc) openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000004c0)='/selinux/relabel\x00', 0x2, 0x0) r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000500)='/selinux/status\x00', 0x0, 0x0) sendmsg$NL80211_CMD_GET_MPATH(r3, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x84cf8a76534b17ac}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x44, r1, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="0b69cc19013c"}, @NL80211_ATTR_MAC={0xa, 0x6, @remote}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x8, 0x1}}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @local}]}, 0x44}, 0x1, 0x0, 0x0, 0x8044}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000740)='memory.events\x00', 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000780)={{0xa, 0x4e24, 0xfffffffe, @dev={0xfe, 0x80, [], 0x25}, 0x2}, {0xa, 0x4e20, 0x3, @remote, 0x8}, 0x34, [0xc8, 0x7, 0x7, 0xb34, 0x7, 0x7, 0x3, 0xb1]}, 0x5c) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000800)='/dev/null\x00', 0x880, 0x0) setsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000000840)=0x1, 0x4) r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000880)='/dev/autofs\x00', 0x80, 0x0) ioctl$SNDCTL_DSP_GETTRIGGER(r6, 0x80045010, &(0x7f00000008c0)) prctl$PR_GET_NAME(0x10, &(0x7f0000000900)=""/82) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000980)='vegas\x00', 0x6) ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f00000009c0)={'veth0_virt_wifi\x00', 0x5}) fstat(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r8 = getuid() syz_mount_image$tmpfs(&(0x7f0000000a00)='tmpfs\x00', &(0x7f0000000a40)='./file0\x00', 0x2, 0x3, &(0x7f0000001b80)=[{&(0x7f0000000a80)="7a4000c576871592e08d83dee77d2c9a1cdf665307b4d0446782e383be2aead2bdc8b5c36913b105d15cbb5eccd1ca4cd224a5cb164ac5dece01e92216257b1f1ad8599bebb516689d79a1178a2899d255dbefc0d1421ca56a5709d31c381469ae030d361a441f3c50713e4c82718f55e7d016dd9a9b8bafb258bf118968316ad7c8c192c355e03e27b4c6091ff85ad00b8e5e81d2000ce0846af7410b994689a85425fc363a7efde1f10cca373e36959c74c88df40b1f02bc87c0e68af455652606c8f60ffe8c168b7a3fc644fa7edae31240317811164a93feb584ffc19e5d189b4e0323aeaaf354a6787e52490044a78f66e8c28a1c12fb215d9878e92475eab56eafd33301a3c068b7485d89a5bde48cda0a8f20cd43f6a91efac6425680b83329ffb5ac06c3672f13ab2fb56ea0d908e6c489fba8277b2f9353f4be134e56edf1739c79bde9f8637bb2dffe3ace470b00b0957a9b755c37873d7c969266eb57179caeeb37d7b3da8b8d5c4253b9def5306220b26447acc5c0d0b10f76cd2f859181f538c25953684608eab5d524cd1a74863d162c8bf4892c0ff70e5eb9ec59450340ac97c4a7cbc36c2b2621387d56fa8fc3c969ee7d408de4ba844334b5540dc0512b57aee4a845d5514ca3e1f6ed96d3c04d23e2236cab2875e8b04ce9aa195154e2d42d4fc818460437e64950e0b0047a90a77440a2e64328e89dac3f13e49f6a4b21b33861e032b8039665c9d0f7a981d2deacc4c631340e0f38b19078733294f742c547d33bc28658955c2c81c8c7956d0e1403cc65329ef716b534250a1d63e12cd0d7501b4a8cc3f90ec96f213dccba77cfc47ea927a8b749b50e47d17738aa0d7c02e0156ebba830ae4552aa1e507f2f9f59965e49b74715118193b99a76d1b735a367238da17c5b49f2d451a7cbbb17905b3d8a5d2d65d5f0fc27b55f3c537eca0496a1b63891e0b494dc1a16465d51021bb09fdfa43f8fd03c8b8d15d3e306b960bb8c105649d92a05cb32a75bdcda0a07a3bace3e83b77baab7805a29a18b4a97ea76cb20cfb8bbda482bec5260c35897470a23df4ac18f9e75dde73ff88d89664d6d1d815e7e392007a0d9aa8a4ddd3af8486a260d68bd6b91c707a80ee86927048c752f8cea1bc4d0a9eb44aa41d5c3fd583a8425b6adf77b85ec753f6063ba7c4ab87b9f3bbe449b0ecca77ff428f235e89333b138e4c4371ff470cd5d38387bc607b14d742d41e852609705ee042521dbdcb11228e9e26f5260cb574396cf6d428dff25e7ee19685742951ef9336437ba184bb5cbb136e448ed2189a410f4d6f06a5b68341cfcfcd74adad7c9db018cd31d4ccaf7cb0bac78c8027e3404dda73efb22f8f96ec56cedadc7372ab27e208b3d1fcc1709b0964c28e01e362e724eaba48413a785951f3ebd70552c80d3c3fa6dd97f89a515204c6b98ea246a245ab3354a01833fe59905a0b0a8e70ac9f33127a2c493338e2ec7f1050139318680ce99b7caef5eab02648854cbf00cd6d22c025ee0d8d4c5dd22fece18d7919edc435c726b6f078ea880007c1db4a105a0bf72a1194c7ad2293a7918c9332c8ad367a197ca1601b5bce1a1c74f7922fe69b0d417eaff05a6b51be657daca35d760e46235466e556aaa36e7cdd96b4763359fe08416db1c132385bb23c1efd1837f8146db45c49421572114a89958688e9dfe9921a51e4264cd740ff5e753ccbb17fb8fc57d783d1eb5cac948321d8e9a3bf0f54337097a017f06637e7f6dcd19a2ad2dba7a1509dd013e18e3f7ae916bfdabd90a5a04a3ac4b7e7a11ee203116747932ffba331e822f3692c9eaec401bc33a5875dad1bfca72aed983b76148c5560488717cef98ffc0d623cee00b40d5414e0c1d6f4599162b5c8e29df1688f74c9e4dd1179bb31cf1ca745e91716fd8a80023a734fa0d7d6b8fbff909a61aee73be40d11f536d817203e40365a66d25d23e8daeff8781927cc389afb0b8a1268bdfe0610105c3d550a05f9098b08e33309b6888ebf466d0f096ac272e3d26c3aeed1b80c0d41fb721f02d3a18eae2066c13b5f7132a89cc404c91e105d191e454a5afe696d35f2bb72e0b15e3eb79ed97f4aca1ed665bad701695218bc9edfbdcc9f01b2a2522e259c19b8278b3d205d3baf9e2852c4cee26ef60a28807a3685c6807423e7700a084965952dbc922bdea91c6fcf6853ecafbf73910feeecae759bf5c516e48972cb8207611ad69e0695193245589859f2f4ce8b641050e7e8e80e5d320c4f4dbb854e9cce45560ea4bf1ba78cc5bbdb1d3685c635f83fc95ca8cde4a242b73e0a7820c4067e0136f0e1f9a61046453e19b496409e63c972deef46cf5589d5e3383f7041755a0bd8f73538d3ec03ad6cba1f74e6f78682a4e6b768c0ed3f7f2820e51f012cadbcf43c782208e35cc3aa649f29a09f66e4574b66d0daa7f0e15df45ade214e15b28d0fa9529bc99e69b7914479d85e5e019c3dad1f929f31043d105e357e36f8dd22c229bbd4e06f64639466814e55d72493651861a963fa7194ea40f3a97f9faf1964166f58aac6081dcce14938b41a5a78539b87a57437534a3f495c4406b2e8c8906d84f02935ae94916331c9ef67e7b8282167e4e9f6b9262a16e64ccaef0977a7b395af02e2468a02737cffbbb0487765fc523b93200793fe00afa264d4cc4185804e55324f6ea3e53565b8ff7c928d9c512a80cddf4fc52a2716c33e9f27d6c6e3d0189659e37745edf852ef76b28b4dc12a05f555cedf3bc6c6cad00e9d703f66b993443ce056fee9e10e91c70f5bdb686c2f2ae8839bc194dd69e6e9ddb6a46f4fbbca9078fa75c083791c59afc4e5cda758abe9faa71c9b5a72e1e956f4cf3763a8214e77613c19c907e12adb395da10b73d0eda16fe5a37954ffe485450a3643c12aa6a30e58ff0a11c9dca8bd5ebe615dc207fc0ad93fc20a96f2d1e951c2e651b44aad0e1140a2be5cb351b8765d0c86a2db97dcca3d8cf9f17a95080563d1061d3cbb7808991ce0654b693ffd6e4419c2ea5250924bd9021d685264461f18b1fb0b83e433ad8430b243b16ac72186136c26d8d17f773cc6c3d61a9912a5937fd9562932b9e8b28ad39f7700bed5410214d597aefc948ac6984585573a5978a6dba120dc05b19cfcb30fd7ea190d4b6be5fb7afacf2fadf78ca2fe003dd51e7c756016ad4057e56bddb06cbc95fb2ea545a083b139f61208c31822970a2ea1835c4956b4c6918241f9648e4dac380840e79076a8565b2af5a5ae1f17b18fb9eec0a49815ff0f5408cbd43bc0abeb00fbc20bf49759371058278c59b866b14a3afc2bcf9d4f43082068a89f1f9671657582c877bd6c56bee9a739e613e23231ecf6074f2c434b7be2c1160e0a20770d44f08ec1a5b90c428c701454cd465cb6eedfdb081f31eb849d2c67e0a60fddb48ce95e55c33d8ff18af39b0c41d84c11af591abb6a44a1312c3ebb8e32ca8a8a7d66828c535990358d69ed071ec4547443e46b6f9a1269844686e0bcfb438c950bc6d3352edcb563f1d17f416d7a67528dbb44af503024d8ad741f309a616855ec5bb53540d4672b13faf58723906603c4ff2917d99f3248f18f85936058343496e92b28828b8d6c525086d4bdb465db5c7dc7f775924759ccbcb4f9fa702daee4c7543059aadc794af2a98ad03ffb96db9c4b067a67eca02ca1c7514f761e09f624f6d2ec28a9b5ea19cf9d6e56fa1986c3fa29b3d7256ea004827343c4eda612da977724dfbca06bc7465b1830743837eb939d2a94c31e0c6928d1b37bb7ba78e6dbd5d14f03e62b9ffe514278e62f78c7965c6703e04e5e3e454382aed4d2c47ae0e775a7c19b22a6c3b383a69b90a7ba21fa94ec6680aac8d31d048d087e473e46bbf1e5fb7b91bed944f30a6c3e90174ac778dc60f6264592ea088ef07acea484261ec77cfbac738eb8533ff4d83f3274f7ff3996e20eb372064608e17828aa86c8046e29f8e14704dcddc9c0db004819f73e44288a1f522870fdcaffd1b147e8c2b6a5303ee66fbab537df9eaa1444ee0170b1803856fb5f5620db6e90dc7c1ffc306079e56344c46e5b6e17a1664f7bbb997daaebbf4ea80d49965f4af1274aa2800f021b044e239a24c38edc66b762ad763433c56c3ff31706f341600a33d03af651a51b4598b2d14864c5e2b6a4b669251457245ec42f0de7b3ee5ba2314f43b8cdb2c9f588246925b4e0c1c8dbba1d2ac113b46c38b4dde40aa3e091367bc7b3913ef2f0bf2d90636133e74e123655eddd7a8898099f7f54d0cee927ee6d0df508cdebe9b141e4b254a0afd3d95ffe6ac008992a57f1c182edca723eb1ced8419f6f144bebba80daaa7d256c840a20da7df2607fc1f3f0205a5edca1d38d48d3e3b82a5b9ea395fb551d8d8d05e748f2eb8dedb2f5a0451690357af5d98a2ed5d7dca4234c7282f696df23900583f99b62a97b74e8e824b68f92be9a81780e3716da0d3c462355b1af71abc8c91ec034c768ced7c9482e1a52626393cae7bc5842bd7ec805cad346f28a1cfc454a5aa2d2f1d1bd0cea0257567ecc17ad87a281ceda413e1e618d64d1dd752fac6b032aee2c62de77fb683e135af39c6042eeece7617f7bb293cd0e5842ebcc34c3965c76bf3b5c1990d11c1b1bbcde19f807a4f1c3a618965ae1f84af047b0ce3ad401e5472c2a3f04d4839737651ab4c0d5962c6b2b4ffe1b85682e7e622c50bc63c4b81009dd1f08cf0dd318c453a33ffc16c5e9841f4916f70a8c98eef3ecaaf61534d9de6fee88bc14ebdfec22112c06106fe72a5141bdf3751b6864bd7ac179686cc9eb579542b88bd81f07ce16cd9857b56b9ab279c5b5fe876aa2f6a488a6425fa0f95f64b71120b18122f3b19bd56565064f3e827e7ffda8fc86b881cc687de87b046a176bfbaeb58366891c317abb1cc86526716b45707f07d50b935911203cba899fd62bab23b41cdeac6a4eeb122d0930b10202202bbcefc1ab0f1db92310bcddbf7ed99ab05fb84d1fac6fc9f80181f4c41efad945d20dd26194731d2c0c16126a37a44295d6a6a288f001f3a1c4bf3cb44e982a897458f030d4d1eba6a9e0c763f4cbff901c0f0fa8a8186004f3ab00c8fabf6c2041ca56e68a092dd9815e818dbec86bc7d975c0dd60fa900ee310c38fa1c34b00c58ba3b5820f96c619090182531330d14f9da7267c531318c78105d712262d6308fd7b8bc847a8065a25eb5cb679f6104d640c8683ed5c89fa79fc9802faa2763e3f0e38eafa8ec0e352b944dec795002313e25032b0a2404a8cae50dcaa52928dd9137c1d05cced64983d4e0ea621d5133d9266739190380a39f6dfb33bdd5a956fd5a7bb2a83b27afbd0f9f9202c728e20839c92cb660be08f74e37a52209d4a6cb48259f702ace9e33f01be21523fb49e158fe94704ebf64d4430cbc50914735bc65ee4032cd1ce378da4bfa6d64de467f56083c3bed318295c8a07b1da47d2f7cb347c4e74e6b43f072a59dbcb874c0ea870de81be1f9d276717e890c0a6c811268f08450c85461f4af2847656d2382aa6687667a5c32144590f9de88b5f4fb1c9f7d2d017cb28d15e24dfe133f07bdd511ebbc45e7dffde453473bd8482b93c67f9218a029163c8d9db20bf1f9e461a611f64e10afea81da40af2d24ca07897d16d21bc191f0a35e443a395262aa185a73a39b56d8258ff5ab713c494b93fb63436ff29d3efd903995b96d45c9edbc8638733909ff8b8ca2a6378692dc57f14d905590b395e8", 0x1000, 0x1}, {&(0x7f0000001a80)="620b0f5c0b3d4a22f654f09b07", 0xd, 0x2}, {&(0x7f0000001ac0)="8d8fa6741968fed2a5c76f8cd3141f820addf1559db0ee89fb6dfc2832db612f47e4cf6df8fe5d8db5392623a00101767a436368668b90326153311ad851e604cf3fbbdba35bf91aebc2b36974d7a9a26910be6d13482c3899abf0fcb3b386b8b3a620e5fa3f8a84ddb8d78975e5f5a721042e51b7639aa58e44c0185cad2b3db27e9adefcc716bf40cdf755df87a09c8e3c188e5b237588bae7bc", 0x9b, 0x5}], 0x1008, &(0x7f0000001c80)={[{@huge_always={'huge=always'}}, {@huge_within_size={'huge=within_size', 0x3d, 'vegas\x00'}}, {@huge_advise={'huge=advise', 0x3d, 'nl80211\x00'}}, {@mode={'mode', 0x3d, 0xffffffff}}, {@mode={'mode', 0x3d, 0x5}}, {@huge_always={'huge=always', 0x3d, '!'}}], [{@fsmagic={'fsmagic', 0x3d, 0x1f}}, {@uid_eq={'uid', 0x3d, r7}}, {@hash='hash'}, {@audit='audit'}, {@uid_gt={'uid>', r8}}]}) r9 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000001d80)='/dev/btrfs-control\x00', 0x100, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001e00)='nl80211\x00') sendmsg$NL80211_CMD_DEL_STATION(r9, &(0x7f0000001ec0)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0xc005a226}, 0xc, &(0x7f0000001e80)={&(0x7f0000001e40)={0x1c, r10, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_VLAN_ID={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0xc000020) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000001f00)={0x60, 0xffffffff, 0x37b}) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000001f80)=0xaa81, 0x4) r11 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000001fc0)='/dev/dlm-control\x00', 0x14282, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r11, 0x40086432, &(0x7f0000002000)=0x1) [ 261.349648][T10648] device hsr_slave_0 entered promiscuous mode [ 261.406305][T10648] device hsr_slave_1 entered promiscuous mode [ 261.501527][T10646] device hsr_slave_0 entered promiscuous mode 14:10:43 executing program 5: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x8) recvfrom$ax25(r0, &(0x7f0000000000)=""/241, 0xf1, 0x0, &(0x7f0000000100)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x4}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r1 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x6, 0x1ace9719895c2f61) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0)={0x9, 0xfdd, 0xfffffb2d, 0x101, 0x9}, 0x14) connect$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1e) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bsg\x00', 0x10000, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r2, 0x65, 0x6, &(0x7f0000000280), &(0x7f00000002c0)=0x4) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000340)={0x40, 0xf, 0x4, 0x100000, 0x101, {r3, r4/1000+30000}, {0x0, 0x0, 0xa6, 0x77, 0xc9, 0x80, "0e8b57b3"}, 0x2, 0x19ad436970a5d709, @offset=0xb719, 0x7fffffff, 0x0, r0}) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f00000003c0)) r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000004340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000004380)=0x14) sendmsg$nl_route(r6, &(0x7f00000044c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000004480)={&(0x7f00000043c0)=@ipv6_deladdr={0xa8, 0x15, 0x20, 0x70bd29, 0x25dfdbfd, {0xa, 0x4, 0x0, 0x0, r7}, [@IFA_FLAGS={0x8, 0x8, 0xa85}, @IFA_LOCAL={0x14, 0x2, @empty}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0x7fffffff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @empty}, @IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0xdc11d6918f49d1e9}, @IFA_FLAGS={0x8, 0x8, 0x88}, @IFA_ADDRESS={0x14, 0x1, @mcast1}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0xfffff800, 0x0, 0x7fff}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000004}, 0x40) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000004500)={{0x2, 0x4e22, @multicast1}, {0x1, @local}, 0x32, {0x2, 0x4e24, @broadcast}, 'vxcan1\x00'}) r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000004580)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$ppp(r8, &(0x7f00000045c0)="f5db1ffd469d82d5fd1e11cf518a9c23aa41434b67e9d2485e483834a000f698f3fd47701f1f2d6097b8ebbbe1f4e85b48d42044e5812b69e40038472882e17d64ed58a55c93e4c5bec205f3e3cd002d608ed9dd33ebff3a91ddb5daf8f4604282f1f03fa366dd07e88e8cc0bd24a703b765ec078094c214fa94f89f6627e0dfb51d83d6e0c9cc8e04315641a745fce3ee643a19ae7e85960c764cd3b8398dc4a1c19334bdca01bed65e8c5ddeb7c7154ab8e8484de1c8d4eb6f9359a5836204de3f62aa61afe12878a6e60cbd30c9a997afe0aa855c7d1a104793d7b20f5085a6cc89a3b84ef9494f8e8b54423e2114af285e6cb6441415c0964057081b3f0c776a8c9dc078e5d629322fa049db207c337b8f3bd4b584b92ad8d077cf53c457ac2e0052b45484571cd05a99345ba07292bf664e5e2d2a46623b80bd7637ec7e7d4441422990ab5df8291415ab61e8744d000ce40b3792cb792fea06777162c68cd94f980f6dbff0bf6e7d921d141dee178981aa005860fdf6b7c148ce565f158858afeff57237a752cabcb440d0c763c530c2680f9c8c4c4d0e74f3104df011be53af8ae059171e60d11dbb5ca68dc21b34b2bff50499ef69e89b22a8b0d4c46ebd432ba43972498df256fef32d9cb9e43b3bc0e018c25ebde6329b5f63a1e1cadb065676f12c932d601ca4b6702260a238c4b7b9434b334cb449506816948d1f7b7264bb9e182e65a8eb51210edcec0e312e8c59b154df80bf67e5a67cee474a9c9890c4ce92524916e302112012251566b932889246a3317ba5344fca390238b0bb9d19a3710e23010331a94434606fbe1d6e8bcd7e78a548ad26b215c5dd506cfd53828d0d8fe98bff3c9013950c08cf24b681e2b51e39f8a31d9313ad11ec5ef9a1c92db9f8b6e172a23cb6b1a7eaa89d947120dc1ba78b11e536214e2c501ed51ffcf4614a0f530158c1117a51a09731e276df94a9fb15ac16b0bce910b40b735626d30b817df6a9584650b38c295bc5c4c0674d6dde8592bd26d40c51d667111b89aca7c78f1327dae05b468f4504f4b5d5fb8739097a34d4dd4435c321366d8282bb012191d8112707302bde4607c4c0458472049df90291d58412bb2b70dc8f3b3bd9cc8567cc24156f2685f72b471dec42e9a399dcee961262a6b9f19e09728081db9531bccfe87270dee92b971d71e12db831a564580b4de851accbfb5bdde771a4a7aad5e8f601d392f859dfa7d10806473867ba02cf90556b423a0822d80b053ad1ee9391d87933863fd052ad57cef3741c34369fe9da29342feb2ceac7251d7ed445bca1bc461f969b2c5d02e0578ebfdb7af95979c923d8062af02f404f35cf531879a7c92bceab019a35b574af86d002393f3e77afa5663be4d94bba37f70ea0379b3ad28ded37d28199d021b716f9f4d603073727d16d05e2f48fd50fed19e70a2736907b6b0750f7d4f662871bab6b0a2cfbbad8dcf4999c8a3368f9b8cd00f6f4f7f5be713df7f66631bca7fe9996b2b8022b87b650f061fe82bd0e19d61604b580a50734c249f2b655c3b5ccb4274a7a0d38fe07fefe649dfbd90ffa5c1eda90b67a1929d460ddf987b48e3c50256711ba8f72f01add95f16f6ca09b59914e4bbc14f0a27a80a8f43aaa6b52a86c4c94c8e1a2b335bff08cf0c7fb3f02981d3768492e0f89a3ed089a7694a395231df2e254d20cfce6072ab0846e651da9667a36e98c5f30e1d64ea7b0220453094cbb973addd9e0976093d67ea2697e86e4ace17b2d614d50e4816ebcdb1313b62c488071f3dc1987f057b9cc1618610847d85bc949a2220d9c13d706b4a39715fcb73ee64d657cbb5b6b2b1c35929d2862b385420a8c681ef5614ef4cf4625ab8588b11ec9cbc3145f0882bb694ec528aad992e387ce4696f555b357b99652df90388a5ee93df7e47f5f39d87eb7ed46005ca214682ae54506285d415d82fef918dc218bfe2ce400d0ba88c3ef6808d68c3335cfff99761208dc0f5cae893ff26d3de2ce76965c6c1eb166bb2c46e8d9281c7d3a52819c61560dfdd2f5b471a7fc7642b53180bb559f49e682e7384a3ff805e9e427640555c6affcb98bb59d84646849c63ef8a16beaf827b2b65dd6429cde93106e6319b1ea0deba5721685b2bd8395bca46290387ccf4893d959e85972cd05c7908a7746e4f337105ad6f4db02a15125ec22a94dfecc54263c84f7af8fa4806ab5f86616f111dfdba30695d667a02a34e870c74df7401c85ecdee75d46c05a3e0c019d44ae2f2a39d162439b2cb211bab4f4d3298b852ac244d37d5d07c6c906caf18eefb976c2c0f32923f872fb167af05dc382cf3a9157f92a82f4ed0fd2e0fc3c23db67017630c189ffbb8e8f5fbd864f89d7108b9a1e7684a043a8eee2ea0239df4e2374741c87e16e325436547b41517f01fe51e60dcc51d34c37b3f05cdf06e0994e26fe75be385eb250b2955bd442429a47351b9c54e446eccf207d3969b9784a5f24a292055ec923d764bf36c3a423093ddad4e6e474afa2ea25ccc3cb2e067e411745dd366f7c054b5521d7d48d717f709577a67677805a55388ade851d037f9ca57d772b8f8d436b26df5e439690c6aac7908144228d7983491b589535c1accf65fdf799ff9413a6c7314e1b26898d9c67fc4052326a8b74887b5b5cd702703d628bdf66dbe97a1446ad176b46ace95ae593f753915285abf73e2106597cb9e31e2e619d1fd6087d9e2e9cabbf5082e4e9bce07f87b1a9952172e68ccde67f2cc4e254b5c864317b324dcc27fa1e5fad5c4cf3d475276f8ef74abda52796862a5c924390cb4aeb28593eee88c306b153d7eaeeddc70eebe5868194f54b544b775792ca2693d7b429b1eef3d0c52597fcc5e0cfd9ed38f23f549f12b85f0579163bacc99a551cac182cdbfe448683a5c7279a2d1681ae740b3439493cd9e2372f6c4e035b13fce4c39ffec9d62788ed78c45733d402d22a21ff364dc25c477ad3956c0298c9d54afd1805c0ba266d3d7b18f9d751825807e1ab8ec1d8936c6e81d3785717460e6c2dc5ad687e0524003d9189c7645d8b781f95b0630fd15d9dfb39c036fde868ba26d62c2692cea674f900a41b3f857c1dc8d8dd3a9d4804ffb20e238e42c323dd5ca7db27db60f671045786272832266cf8453918bdb5e9d8d5701d401cf76d996ba5713a1a69aa65c0bbb38c6e13c038fafb393a2aac9f6eb3ca08ab77dd829d7a454408e37e2264d61276084fc6d77fa30b9bf12daf13490b71e267b047208d2894d0e163376104cafd48791a6da1535f0989ba04241fd2ccc59d59657433ff26a0900e8b7e742a6d4a09a2e7a200cb0440d867834e71e8121b575d919d25a98fe136f9f1e5668455a87c5176476bbf70cadcd1eec0a4af55c1f53046cd87a45c0382634e4912dc03f879eecf97a063a5b8a332858185c1a5ba08b557f1a0f79ffff4f4f9a09707658bbb04588a62eb03412ec15b537a75daf7f73d1ad49922e5fa26f96026d6a167ae4f75c0ad4f9765d70238feded033d38f36ec0311ad3bb2a65ca45f6a9f44bd686770d16f7d1890a9c7789496228e83ef1d51ab451b3dd72997e4fa7b2e83586faa8733288718bfed2cd0d5cafe4f29b9662bd1b4f852b2f1d8c3eb4b0ec1a55864b6dcd7b6af8472517509fabe8b605d41d9446558caad9df7117e0bd572a9b6b37b20745f1986a834855ae0c9ec82ff152f36bf57297df334a82ca8e66daef2ea304aca8f64fe2ef4ee59f75e7dc0027116a792f384eb4cc8205772666bd7efef0bb2f44292d9964dbf3c3181424951fcd502cb7b6303a38179590e6ffd85fdedddb72a1cc2f6d54db651411b6b9dd28d53ce2dd55f040901e9e8c991f68dd3ce48bf73db7bcd74bcfe8ccd945774df0666bccf1a7c5c1340803e22de0ec55d579b4a8f8acdd063096c76bc089a7e7e9f65593a29a3efbccf59473a0b1c8e270a5cd62763e415b564352dff7ae1927bfeec4b5606e3bf9a140730cb3b02a7b0e08e5ef720f097eb099578d524e331c39881ae4a702254f6ad6cdfb3607f4714eab0ec059e53c5e6d822bd1d79883cb1622b58a312da5fcab018047d45a0fef80864f60d3efa3519e4615840f2f1de905a9a786a58b7f9ce105726bbfb297a097c8c8449e6528e7406cd457744323174485580e6f4693369a5d83eb15cee8c52f4e478029780a4db0b04c8cbf68219dc5a7f7addd3aba32ccf3e9bb7c670131924049a3aed4629e1daf0aa8c78e6b8830314164717387e50d70a489eaa9850eeced5fd5c32bf340046c602c3e484c8ce12ae8cea8629ccc458030c0ec46d263983f8f0bb262ce51d7e2aacc2b0e51485652531704a48df3caec55b04a0e28fe1f1bf9a9aed6cbbc2d313e601ff0f92de9de4a00b32d396f4906800181ae24c99336af02c6201cb1b6f41030241e36f646595f50742757d5dcbd29deca1d1f8e6399554dfbbd1c78b9b85e202cc6e596523d918ee60f1ec0ddcd0ad6602984a434737712f19dd2a4a441952e4465b87bce2c1f2dd1394ef858685d81ae9eee9e5ef69c9dfff7a1167efffb8089ddeeea2822ba3cf2b1573d88438adae38a575030da54a0a42d2da971a2936fa3486738530cb978ebfd892f202326310f84fd6a78eb50958daf1cfcb10143cc9e0f3ea4cc4d0a079c03662b579a0d472c16982b6abcad9a9ad7cfe197ba94427796140b38d5126c61b2a36e70766f33db83eb8e2ce25990deb17bc9b3a3a92f05c15c19548ad8eb4164a80fb431135c40fc56ce979e7732ad90337a060062508b39860ecff8da519d052be9a75b67c0e1fd00b7ac13cbd58ec582ae192f9d218cd334df6d384eb5bc37b6cdc93cc511e05741e3af481d139dff8ddf5a355a6d24a345be3c4f581e2516ed3d7b723cdb2638d70716ccec69031d97bc7a844a252a326a04b10480ddcb95f45c280f47cfda89cd6f7067839e2ca612e583add789fa01735cf9e8510a2c13ba0eaef41e43123af8fef11b4147ee04d4d98bf47a9a74329c31ffc0f9bfec10d5b74a44ec598b86d45de303cd238f964126eba426bcbf4da46dd3526a7ad5450a9ce5816600a988d7a64b7288b130c450c10d7b1f36c2471c1bbf7e56cb1456a6893a583d93c89ad04906b450ac1734a4ac6c146d51a49d8937f9806d2f953a6c88fa46c14e975d9d2e3e4f049cb46b56f3dc521782cf33356719ff2ad07a0cb94d8a6eefe73fa5d153eb66d1fd8c77e3d3fef79cd512d9752bb1f948d030c75ec6d5ea36ec0b497cd8f4db522e4e41c8a4318ba260f96d3f2d60761d60905ae37479a453144249b0ddae06528c9ad81eae04762f7496c0201fad01f6799d3b66f0b29e8437b37ea5b7d0710b4297feb86e50442252a8dab6b71b004922812d0d3d41d976293962c0fb388c6ee9b78d3754a745d566377a710c70ad40cfe4d6d3d96a668f0a47069de53827f30ea7f2fe8c4f78e1195910c12aa2f4fb64bec9e370e423bc1ebbbfa185071003d46a2153578a7e24cba2f73fac8600cbfcbf7d600c46696b89683cb8e3f4a71af7f7652bf4338e9948e4ab68d60350ab765f67c9c76a4b85f316bac16249638ff981f5d66cf1238de5b88bcf35dec44223523477a8051253edd179a81cca292be660644164c7483ab21591483cd1cf3cef236a2b7fff994c945dfa24db313c4bac261308fc9406d5eff777192e15ecbc0eb44195e7dac9981fcbe8a3df67ba1584692b1ac1260cfba8eaf93cd207388f2069853c33d08d1f489b8fd", 0x1000) bind$inet(r2, &(0x7f00000055c0)={0x2, 0x4e21, @multicast2}, 0x10) r9 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000005600)='/dev/vcsa\x00', 0x400, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r9, 0x65, 0x4, &(0x7f0000005640)=0x1, 0x4) r10 = syz_open_dev$media(&(0x7f0000005680)='/dev/media#\x00', 0xffff, 0x2) ioctl$SIOCAX25ADDFWD(r10, 0x89ea, &(0x7f00000056c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) r11 = openat$vcs(0xffffffffffffff9c, &(0x7f0000005700)='/dev/vcs\x00', 0x400, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000006800)={r11, &(0x7f0000005740)="0dffff54fd8adac76c7b052775512b053344b92f0944bb06d162ad71c9a8c365f21e04d01f20185a99f42d1cc41a4588c11dc3aa028c7428972484a22c680d0903e9450287f00c52eb7568088d4c5ea3f60595806d0d3cc6263f87b5aa1a1ad2748c120cced3bab9896c21fb2cf867be66be14a8a6df7c2172c1bd793513eca6c0cb5b8ef60836b73fe0585c8db0484f7da4876982594df77aebae9410455c8a08a565bc7f1e0ab6ce906f267c221bd5956dd6232396dbf82fe08b5caad32439157f9a7239d432c14a040ea1c7115785245f5029e59fdd58363bc70102486e36a7dd8a8dcf87ef61b79a3f7b1724408d8dbca1ddab051e1a2b064ce0b092ac29f16cdf686b0e558fb87e79312432a2dc4ea877d2c948fe371dd0f2ac373d5bff123292266da0eb23f775d316501d2b4396dc9e33b8e318a76b2f853a2f6e4a943f0c0962e210cfafea82e07ebb7dd90e474a8c5b380097ee9fa5a4db0356ad6a62c1fc6c803274d27fbcc35343ea648c81f30365cc120ca34e17b6d8888c2d7275cbb490451d843581a32c698f5aa925a658ebb8f4c51b6f969a681550ea9c8d71b3c8cfe403aa733558024916dce7ef496facaad2cb938d62f0e983a94a3e0ea387a479da239070c275c02daa5ee6e9f4d8e1ca0202159f1f497c8034a87023450fa36a87624b76d933f9513ef8c4108fed6f3b39e2e7be1b4649d3493797c97f9354f5a0e90eef0fb4bf4afe87d223bdb56f6c00e7271579be38b0a8452e397ff6a33667bf87f0921cd0414a4f7d9fb6e9920eece6140a2b88317950cdf5bd668801be4e91e9f367a074a63654ce8f61d7a44399d967bb92ef985f98d0dde70d469e89e512c8046aa4cd1a2c2e5be0af1bf106b13c3845342c2e8dfc075056ab86c32285e56ca5987b347bf2cd14ef8f3875b71db9451b5a054659d19c64ac0fec5b73a8011807e4fea3f562af8d9392063335dd20c9d0b2bd0dad6331af5c7c5b7c7b7d8d851cf984eb167c1108a4cdb82f4a59564503327feef5409604a6b54f66d7d338ba548078a609307cf8edc8cc7926c3d55ac66288c70a969b82ccb6f5aaef5a4499b64f8b6cc6f5650c2c3756b6788c7ce13dd09a116a1d22c1e7a35827a84133a8711a875f00c100ca5298cf2088d54418bd2c5a1ed289b985247c41776196db47cca46b04499d915a83790865adc36cac14fab4812438e37dc0fc403f1052ee681f3a0c20bd923bad2b90851968d1e44ae5d45d500557882e6e1241415fa69c5f30bb07437eaa274be6324aba7c069e8cd7d51db563ea3d6154fb999a57c8ed692f9e3a8401d6ababacf79b47937340f0b8ad89d9a64b0f1aef558f73b46851f2498d76115197c8bd314f7fc1488d8931d334b05c73a2aa837d6f82497468dd8cc6a75fe87e50eabcaaffa0085b9defa751efe98ef6f4cd0969a1909b5d296e488f1e65d2dde77e8bcb3c639f7dbaedd1fba6390e16103373b0b4dbcf919b1deda4b290c7bbc8040cb5c085232aab56d3c8bb970793a931240f623c39a8eb21bbf1f026ab5ccb4dca1512ec7cb1437e9a6312ed3e4d80355bd916cefd0696d15cbbc9b9fe7fac0a073b756bad3ff77904e1de73bdc902c1742c2133bb812758d4dd02a59e9b54d427e457a4502e45baa78bb8ed81934ba0e5b16e3408080eef92f37849c3ecb7b8ccc32ba0dd34312fa8fc1e369a1dd2b492b8f395242ca63b455a5d7ba306d4a7f0c90b469525f0a0972775bb030d59e81e69b713a2472df92fc94f682b4f40b79913b6e539672eadf8e6ccedb8ba1bb497cb965a13b05cb6f78c4f92dff0a581609c70d4c6787df33ffb4c2c12360e97da0727b8de1d0b400aca80914f8b2718d84068e42628e7e0201f23a1860852cdabc105265df66265ab534161a03810a11fecdcdb62fd7d45e81d7ab83142f84d1a800abddbd7f5dc34eaee7fb333b38d61922fcd478a83780e2d56db231ba26df2ab939d13ef73a0eb1e693e737fcacc140dfb42bc91c53f16013720782854daf9a425ce06e60a8c864bf7bd361f25a5235fb9d4e1cb74ba048ca7f96dfccf3478c8036ab03023994fe3083ff42c597fdf223d0cfdf610f1211ab7ad81fb8f0215030b4da63cc14fd1522fb839ae35a4ce51b3718fa9e5bad104e705cb158ca20b95ad513d015498dd962151ee8f65c6608e67deee87f14c6fa41529382bffbf71b52ce3882eca703ccc715e7eaafeccc82a87e8016ca73c133e7bdd05f135aa9648c3b2598e0573a7c77e0c1fd6f20f78aa610d81fbe60ab69a3ccf5795051a0ac07c78398b6cc6d506824d9619c1831957e3aa3a96c5c6d8db23fd95c467263d166eff5ee2a7701cc1be1e97ec20ae23b230b6c7be464668a6b670d11cb0eedc764935eaa8b281310727e37d43761eef0c90a2804964a4ef9939350bb754807f3a2eb7da779dd176cd46a5791907d670ee34b1aaa8aa277b2d56c609f6edcdab0156f98d254fe5cf23bf5648d5cfb6e76da85c7bebf768db8940b14c854e1b563c85bc799e9877ad494eaaf183ce596537358b856e31fd94fccdbb6ec143f87f53238c0a95c336a7cc20b9300dd2f0897cfcc20879cf6197b188756cd7921d367f3d292f2f66d70663a6a62c46a8cfbe4c2dfc19883cfe5a74b537c63b8b89db0e0575bedeb2dd97062d1bbffd1665b67a9543f1b77eabc122339583a5b09c8b410fc2c745d6cf91596d7388bcdc4067a6fa952746c3c89040634426e9b9cb6f28d98dad2a24f199a90857a9e2bed0dbb852ac3368ee9b9facbf59267591909ffac96b7a7526998edd18ed69be44b613af0875415df0acfecca86ac11b87f981038b47a01d489646e46bc945d3c301daa743128b536566e70744387e9db0c95a0d3cae4285777eb4d24777d0722b727b0f106687ee589d045543bba7c1b8462269a1e5bba90880e09d3cc2e8c740221abd6021821b87e4505e79a1b4bf10e8f394caa2fecac9a0b4c76ac223a27b606eeaf0cdd215e937dced6872bcb9e8b4646b9e6bfe6e201a957bc6a4c62c01ec1842edf4fcaf2b2182ad2f6546bfbc881be35e1e71bb27bb773380b140817178c6122a112e6e82ea0e0c367264bd6773882a5854232dba6b900f4c831b18f93175d1355b899335da8cd6795fecaefcc89158308c389f2ec3a222f95672e7f8aae882a403013f3bfe74b2daaeb1d1e581cd82ae6758e8ce0d6dbcea3f56e1c9aaacb2ba5306e764b03cfc553de6f6c2a07824dd2eba3dd4966d0eeac17bf4bba0d5ebafbcf8a72a6718ed08522e25f2aaada9c7ebde25c0ce6a4afbbcd4ae972834561a4c8d65d083ad376445b9d595ec2470b6ed47d101560810b4c2778476f7569bf0458df633a42af478b74772bdd19df3a66a6b6b8c97812a985af68a134eeb99f724d92f6bb516633734650a24803f3ccef78abfe6d2eda266607319af460517a56697401cbf6d00a9ec88d29ea8f8043b59409445884eb5b363b80d8d26c0b62772dc602c14df454713bea7a2d4407b46f3393b71cce1b9f2385c0314b343279b2243b64af0e5d5b77cfb228383ebf7456c49d80fcd57e125626b8e124c28c817d6ad1cb15f4dd101102910ad39d28540677e2ad8fd5a4453fe1fa4c69e59cbd01096a9d973432d6710360c855a9a9e5629311e40b94530da721072dc0659b51f0849cfd1be9b12b4bcd75ba8192cc09ebb6ad6fb17671900a9187cd7709467834141ac37e85d4d48335f274dd104924a33cb0574e776716c492a72e538e1ae5a2e59c40890edc4e5401baed135b78d7fb2cde1af4c5352251ffca52d3f3da05e501311a4363167431b1f8302a3dbcfb9a33160e0d086d8c2cc8e04330c92e9d20e6f2acc2176b7286f1ca0c1f1925e2125e0fd7ac190a6e90e40c093ba162d6f43a3645df379111f38f8198b2f96a1450cdd6a72c2236587f7fe6d9b4a95150973dbcbc31eda8e548a20d3019b77801c3b046887416e9a541d292242220b08e1c9fbb30565d4d3a440ac1c6d58f68a5708afc56c7b963c83daf72fb76ddd3fa258696d1db56c1fdf8b44f5f4a988081c77f117dc3f7b86520b9ea10654cbe613a4a2ce863814bd56e79fdb1d509471963e7f1543a5f7470ec3271bc722bcb44f42dbf56d8cd57fc39a6f1c1d92e2a8993953199373dbe880baeeb3d7058cd2d90d189e645d83b797def4929251aff48da5221467ad46e62aba9f957b583fcc15479964040ac5fe900a3f4bd5d10038533e79fbc24d4b0f111efa2fefad8a8983fb544cb29124c7db4e186441d3f6e525fa0389364a96e0719352a86090463b08dc4dfa29dfc2cd510fca9c15934fd16f4908205311d38df10c97adf9c2529ef3f89b307d6786b5ad13c4cbf6829e52fb1a056d80e61fc60c0143c0d0b07f92ac9abffab551504db97efc7bb3a36522aceb31793b759791824a1a56421c719fdfca93a27729107c967b1c4bdad8da0b4e92ce7bcce17d68bb768c6679761b65822ce7588986d25f5845d0ac7562c113de81611cafb2bdb0f1d30d4b23774701b0e20824d82e8590a5571696cd03c62a8e44e314b5cc768460b05bcc0326b93236cf525afdc5fa8e198ae2ec6680eb8affe04c0e4c7b7b3248ba7c2484b77f5b66ad02828caf11314f2dcdcb65a63a0a3b50dd039806e34ae6d7f445a37e735436380ba8c068b2d9fb9017544c3b6000df393d2dcbb0b7859adf13fea9a87c21dfdf73d442cac8fcfd0dad599f8b2074c3d3f616f20d0d6fc3edd357860db00e959f7f6260faf83fff041bcef06751c59f890431bcd9b7d745b7ec98c649b86e9587b6f4981503eb1ca31d1bf1ba9d8edae3321be3e5c36499c09e5e6ee6e0bbd54a46d4e1a0b422a86892f9be7000726e31f253d41fc356395074871a53a2646b48ef7ed11bd29c3c35c902f5ab7f6479a2fae46353b4d89c44f81ceb99eadace31126a4dc989cc6bff8c781c98984f71b6e495fff50d095240a5aa0f23343bccdbd6ba9a21fb3fccb7d79ab6665f1894b9c796f5689791eb3de1a5d1f178141754ef41601bbd7b28db6a8697537301fa584d7355074edc949b2692ad8b077547799e423890ae488fd92be9cfaae1d06059da36218ed9d91af73d9c072914a46f1820a8a717d5e8bedc52142b7df2d5089929b6acf7db69d251ac7b5f36a35aa2ec832e117fa608e71054012b151a28b89ea80a056ba2f4f7b45116dd445891877614af83699b71775e8c94e00d38dcd6dab7c6bb0067c024eb2963aa3e02ad0c2d2ba7a5246d7cd536cc272a7f754e4f9dc12af469ad55e6568c0c1f674a5f2e0d44710d73d04b54b890d3f5c6a4396c9dacde4bca314442f86605ef37fd1a7c580f6e1cd254654e23ed1b0cd13613bc2ef7866c57d1ed12da03fa11fe6810fb9cde9fc47bf83de902d4aea9971b0758fb68a50ed79f1e2c83a86dad5086a9d04cb24b385095676676888d13991507569487eabeb4c2f6020cfeafa04f05487d63dc67e532bf2807e8c2a342413450f54c1cb8ae8b61bcc0b222f6939fd2280e1441e91e5fd0d6faeaa6f8b7bf378293df1a4fdec90440e8fb0efeaaa837fa072c72ead5ce679f02a50df0a2feb81c657d8c07bd90d95f5f4bb613a2911bce7b553c18c1b34066c43fb919cafc03a137115fe8805cfcb333c1ce9271e3ed0bd60691593ff754c9f804717ec6bdf5254261292857d1d86a0cf216febad5827a83b2718e7f00eddaadd5f22476f0aa6c4b6eace38edf288db6c3aa076eaf35a25babadc8a13ef40d22dcdcf8a59163e2", &(0x7f0000006740)=""/129, 0x2}, 0x20) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r8, 0x84, 0x1b, &(0x7f0000006840)={0x0, 0xf7, "5fb5e1b240465ae8a80c2198b048d4e2e22d4e220cb9f38faed9a6b4160067990244f9d1cf7cc4ab66e88d9395bb564ca4e48e7dd46c0689982b39b94a06a1cc815b8797f06c3b6572207d5484be357efc322152df8d11941913e4dea88b789754e2629378aea882964041151ab6a327358525341e9279973cb15fe19095662468a50be90f9c1c13b871bb194f6e56a58ebb4071682765e4c487c3faa78c0ca5a97e1197c5e1ec4c7d4a1b4fc21e4e7d9b5711ac92f24250c89887f70cf2b258553b792d8fe6c011c5d6389c63789db79a77165108fc5bfec482ebd586e4fe853f1dd5a1314e93db63afe8fc60f0f091eff7668eb5c3c5"}, &(0x7f0000006940)=0xff) setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000006980)={r12, 0x8ecd, 0xb5, 0x401, 0x4, 0x7}, 0x14) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000006a00)={0x8, &(0x7f00000069c0)=[{0x8001, 0x8c, 0xf4, 0x81}, {0x6, 0xc8, 0x65, 0x2}, {0xce, 0x80}, {0x3, 0x33, 0x3f, 0x1}, {0xfff, 0x7, 0x0, 0x2}, {0x3f8, 0x1f, 0x4, 0x593}, {0x20, 0x3, 0xb8, 0x1}, {0x876, 0x1, 0x79, 0xcb1}]}) openat$selinux_context(0xffffffffffffff9c, &(0x7f0000006a40)='/selinux/context\x00', 0x2, 0x0) r13 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(r13, 0x29, 0x23, &(0x7f0000006a80)={{{@in=@dev, @in6=@local}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000006b80)=0xe8) openat(r11, &(0x7f0000006bc0)='./file0\x00', 0x842, 0x180) [ 261.636747][T10646] device hsr_slave_1 entered promiscuous mode [ 261.666054][T10646] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 261.674544][T10646] Cannot create hsr debugfs directory [ 261.692916][T10654] IPVS: ftp: loaded support on port[0] = 21 [ 261.768768][T10652] chnl_net:caif_netlink_parms(): no params data found [ 261.779684][T10657] IPVS: ftp: loaded support on port[0] = 21 [ 261.910240][T10659] IPVS: ftp: loaded support on port[0] = 21 [ 261.974699][T10652] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.982444][T10652] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.992616][T10652] device bridge_slave_0 entered promiscuous mode [ 262.003300][T10652] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.010664][T10652] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.020015][T10652] device bridge_slave_1 entered promiscuous mode [ 262.034871][ T27] audit: type=1400 audit(1579356643.873:44): avc: denied { create } for pid=10648 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 262.069410][T10648] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 262.077402][ T27] audit: type=1400 audit(1579356643.913:45): avc: denied { write } for pid=10648 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 262.102456][ T27] audit: type=1400 audit(1579356643.913:46): avc: denied { read } for pid=10648 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 262.151185][T10648] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 262.203085][T10648] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 262.249438][T10648] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 262.319333][T10652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.333768][T10652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.349002][T10646] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 262.401582][T10646] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 262.451738][T10646] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 262.528557][T10646] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 262.647749][T10652] team0: Port device team_slave_0 added [ 262.678070][T10654] chnl_net:caif_netlink_parms(): no params data found [ 262.690058][T10652] team0: Port device team_slave_1 added [ 262.728641][T10657] chnl_net:caif_netlink_parms(): no params data found [ 262.798791][T10652] device hsr_slave_0 entered promiscuous mode [ 262.836244][T10652] device hsr_slave_1 entered promiscuous mode [ 262.885887][T10652] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 262.893491][T10652] Cannot create hsr debugfs directory [ 262.937502][T10654] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.944875][T10654] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.956207][T10654] device bridge_slave_0 entered promiscuous mode [ 262.985017][T10654] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.995299][T10654] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.003596][T10654] device bridge_slave_1 entered promiscuous mode [ 263.108844][T10654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.122400][T10657] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.129856][T10657] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.137914][T10657] device bridge_slave_0 entered promiscuous mode [ 263.148215][T10657] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.155405][T10657] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.163599][T10657] device bridge_slave_1 entered promiscuous mode [ 263.185007][T10654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.258476][T10659] chnl_net:caif_netlink_parms(): no params data found [ 263.292051][T10654] team0: Port device team_slave_0 added [ 263.300743][T10657] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.329876][T10654] team0: Port device team_slave_1 added [ 263.351529][T10657] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.378748][T10648] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.391391][T10652] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 263.474702][T10657] team0: Port device team_slave_0 added [ 263.491292][T10652] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 263.541525][T10657] team0: Port device team_slave_1 added [ 263.618366][T10654] device hsr_slave_0 entered promiscuous mode [ 263.666349][T10654] device hsr_slave_1 entered promiscuous mode [ 263.709366][T10654] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 263.717661][T10654] Cannot create hsr debugfs directory [ 263.723887][T10652] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 263.779744][T10652] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 263.845630][T10659] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.852952][T10659] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.864230][T10659] device bridge_slave_0 entered promiscuous mode [ 263.875591][T10659] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.883603][T10659] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.891825][T10659] device bridge_slave_1 entered promiscuous mode [ 263.904540][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 263.918031][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 263.930981][T10648] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.988115][T10657] device hsr_slave_0 entered promiscuous mode [ 264.028012][T10657] device hsr_slave_1 entered promiscuous mode [ 264.065941][T10657] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 264.073743][T10657] Cannot create hsr debugfs directory [ 264.128261][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 264.140217][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 264.148940][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.156221][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.164646][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 264.174031][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 264.182687][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.189933][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.241401][T10659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.251919][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 264.263701][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 264.292582][T10659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.305299][T10646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.317314][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 264.390756][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 264.399589][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 264.410999][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 264.420646][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 264.442067][T10659] team0: Port device team_slave_0 added [ 264.454219][T10646] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.469925][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 264.494685][T10659] team0: Port device team_slave_1 added [ 264.526503][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 264.539420][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 264.548363][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 264.558151][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 264.567482][ T2867] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.574555][ T2867] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.618050][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 264.630065][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 264.639351][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 264.649858][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 264.658822][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 264.670177][ T2867] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.677350][ T2867] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.685130][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 264.694227][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 264.710920][T10657] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 264.774700][T10657] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 264.833036][T10648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 264.879696][T10659] device hsr_slave_0 entered promiscuous mode [ 264.936444][T10659] device hsr_slave_1 entered promiscuous mode [ 264.985992][T10659] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 264.993710][T10659] Cannot create hsr debugfs directory [ 265.000108][T10657] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 265.048655][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 265.059600][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 265.071191][T10654] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 265.129286][T10654] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 265.189719][T10654] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 265.238753][T10657] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 265.309064][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 265.318566][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 265.336267][T10654] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 265.416290][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 265.424464][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 265.437785][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 265.447659][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 265.455247][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 265.476045][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 265.484699][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 265.497865][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 265.506935][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 265.557074][T10646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 265.592034][T10648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.635305][T10652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.708306][T10652] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.723491][T10659] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 265.778493][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 265.786462][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 265.794431][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 265.803871][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 265.839999][T10659] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 265.869658][T10659] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 265.933551][T10659] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 265.978604][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 265.987485][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 265.995087][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.004230][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.013108][ T2699] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.020420][ T2699] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.039860][T10648] device veth0_vlan entered promiscuous mode [ 266.068610][T10654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.078549][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 266.090819][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 266.099486][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 266.116977][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 266.125452][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 266.137732][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 266.147544][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.156645][ T2695] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.164294][ T2695] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.187192][T10648] device veth1_vlan entered promiscuous mode [ 266.204955][T10646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.244086][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 266.252884][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 266.262110][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 266.270747][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 266.280443][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 266.310937][ T27] audit: type=1400 audit(1579356648.153:47): avc: denied { associate } for pid=10648 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 266.327925][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 266.358172][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 266.368669][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 266.379449][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 266.392406][T10654] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.410762][T10657] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.425903][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 266.438136][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 266.461607][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 266.477002][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 266.515183][T10652] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 266.532110][T10652] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 266.562296][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.579438][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.596332][ T2695] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.603541][ T2695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.613370][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 266.622125][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 266.630942][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 266.643045][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 266.652469][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 14:10:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) sched_setscheduler(0x0, 0x0, &(0x7f0000000380)) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x5, 0x0, 0x0, 0x0, 0x0, 0x80a11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x6) syz_emit_ethernet(0x7e, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa008100000086dd60eaa83600442f00fe8000000000000000000000000000bbfe8000000000000000000000000000dd13c25e9127684a5608eca6aa042065580000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000100000000000000"], 0x0) socket$caif_stream(0x25, 0x1, 0x0) r0 = getpid() r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/enforce\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000480)) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200000) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x280, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="0f01be22a966b9800000c00f326635008000000f30baf80c66b82ec2ec8e66efbafc0cb80000efdbe2f3ae0f3266b91f0300000f320f320f221e0fc71a", 0x3d}], 0x1, 0x2, &(0x7f0000000300)=[@cr0={0x0, 0x40000000}], 0x1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendto$rose(r5, &(0x7f00000003c0)="e4fcba3632ca18e2be2c7f0fe5ce16b4738ca7b3fa7333b30aa5f7cd32ff79df077db7087566e484265ad5cf8a39ae7bb18698946a07ca752e889e35caebb595af3035bded5ce44d03e96daf04ad98b458e6c277de8e7816d7", 0x59, 0x0, &(0x7f0000000340)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @default}, 0x1c) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r6 = socket(0x840000000002, 0x3, 0x200000000000ff) sysfs$1(0x1, &(0x7f00000004c0)='!posix_acl_access(wlan0:$ppp1\x00') ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000001c0)={0x7, 0xc, 0x4, 0x800, 0x3, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x6, 0x0, 0x5, "8bfc165c"}, 0x1, 0x0, @offset=0x7fff, 0x84b4}) sendmmsg$inet(r6, &(0x7f0000002b40)=[{{&(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000022c0)=[{&(0x7f00000000c0)="721452c6179abb49cb2d", 0xa}], 0x1, &(0x7f0000002440)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xe}, @empty}}}], 0x20}}, {{&(0x7f0000002480)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000002540)=[@ip_pktinfo={{0x1c, 0x0, 0x2, {0x0, @multicast2, @dev}}}], 0x20}}], 0x2, 0x0) [ 266.661761][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 266.670908][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 266.680513][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.689832][ T2695] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.696984][ T2695] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.711222][T10657] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.742542][ T27] audit: type=1400 audit(1579356648.583:48): avc: denied { open } for pid=10669 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 266.798897][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 266.813717][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 266.822267][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 266.831702][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 266.847374][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.864518][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.875061][ T2867] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.882459][ T2867] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.890729][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 266.908473][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 266.918487][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 266.928430][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 266.936818][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 14:10:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) ptrace$peekuser(0x3, r0, 0x7) setpgid(0x0, 0xffffffffffffffff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x200002, 0x0) fchdir(r1) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/commit_pending_bools\x00', 0x1, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x3e1165ae3eb1f51c}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000000001b39f2376ec99ab29e69f45dbd0af6365fb4312b078e9a899bb019e9d39330a8939a72339969c3367efd6dc29584dbc9ed14cb1a8c984b659ff2b7e611da1cc0a7cceeb1d2a002e11c763dcb1f8ef1c3f6f877606414b53739944e153acb5fc3036bea23f832b009d5a20b3d135ac3ffced1983e0e4f29559933f5a2d5357970ba8b82cb2eb79251debcee23c91dee4e6aba6a8ce246b6b2ff9d2108808928f24d6f43388809da3783daa58c7b48eee02af2bc479e3a2", @ANYRES16=r3, @ANYBLOB="7fc627bd7000fcdbdf2501000000000000000c41000000000014"], 0x30}}, 0x40000) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) r4 = syz_open_dev$media(&(0x7f0000000780)='/dev/media#\x00', 0x38, 0x101001) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000840)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000800)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, &(0x7f0000000880)={0x16, 0x98, 0xfa00, {&(0x7f00000007c0), 0x2, r5, 0x1c, 0x1, @in6={0xa, 0x4e20, 0x2, @local, 0x5}}}, 0xa0) shmctl$SHM_INFO(0x0, 0xe, 0x0) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x9) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000080), 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f0000000740)={&(0x7f0000000440), 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x44, 0x0, 0x930bad2b9003609a, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x10, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x18}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x40}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x67f}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000040}, 0x20000191) r6 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) readv(r6, &(0x7f0000000400)=[{&(0x7f0000000140)=""/160, 0xa0}, {&(0x7f0000000000)=""/85, 0x55}], 0x2) sendmsg$NFNL_MSG_ACCT_DEL(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80040008}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x3, 0x7, 0x801, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x9}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFACCT_PKTS={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x40009) ioctl$SG_SET_DEBUG(r6, 0x227e, &(0x7f0000000180)) [ 266.970762][T10646] device veth0_vlan entered promiscuous mode [ 266.994474][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 267.012546][ T27] audit: type=1400 audit(1579356648.853:49): avc: denied { kernel } for pid=10673 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 267.012707][ C0] hrtimer: interrupt took 30940 ns [ 267.051493][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 267.060708][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 267.076517][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 267.085043][ T2863] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.092195][ T2863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.107678][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 267.121167][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 267.132869][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 267.165159][T10659] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.232036][T10652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.251352][T10646] device veth1_vlan entered promiscuous mode [ 267.300970][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 267.327196][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 267.367990][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 267.384701][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 267.394851][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 267.404438][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 14:10:49 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) ptrace$peekuser(0x3, r0, 0x7) setpgid(0x0, 0xffffffffffffffff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x200002, 0x0) fchdir(r1) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/commit_pending_bools\x00', 0x1, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x3e1165ae3eb1f51c}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000000001b39f2376ec99ab29e69f45dbd0af6365fb4312b078e9a899bb019e9d39330a8939a72339969c3367efd6dc29584dbc9ed14cb1a8c984b659ff2b7e611da1cc0a7cceeb1d2a002e11c763dcb1f8ef1c3f6f877606414b53739944e153acb5fc3036bea23f832b009d5a20b3d135ac3ffced1983e0e4f29559933f5a2d5357970ba8b82cb2eb79251debcee23c91dee4e6aba6a8ce246b6b2ff9d2108808928f24d6f43388809da3783daa58c7b48eee02af2bc479e3a2", @ANYRES16=r3, @ANYBLOB="7fc627bd7000fcdbdf2501000000000000000c41000000000014"], 0x30}}, 0x40000) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) r4 = syz_open_dev$media(&(0x7f0000000780)='/dev/media#\x00', 0x38, 0x101001) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000840)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000800)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, &(0x7f0000000880)={0x16, 0x98, 0xfa00, {&(0x7f00000007c0), 0x2, r5, 0x1c, 0x1, @in6={0xa, 0x4e20, 0x2, @local, 0x5}}}, 0xa0) shmctl$SHM_INFO(0x0, 0xe, 0x0) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x9) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000080), 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f0000000740)={&(0x7f0000000440), 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x44, 0x0, 0x930bad2b9003609a, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x10, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x18}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x40}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x67f}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000040}, 0x20000191) r6 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) readv(r6, &(0x7f0000000400)=[{&(0x7f0000000140)=""/160, 0xa0}, {&(0x7f0000000000)=""/85, 0x55}], 0x2) sendmsg$NFNL_MSG_ACCT_DEL(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80040008}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x3, 0x7, 0x801, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x9}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFACCT_PKTS={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x40009) ioctl$SG_SET_DEBUG(r6, 0x227e, &(0x7f0000000180)) [ 267.420780][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 267.432557][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 267.448797][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 267.463119][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 267.472895][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 267.484800][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 267.514748][T10654] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 267.566489][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 267.575065][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 267.591644][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 267.603376][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 267.623881][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 267.634916][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 267.648667][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 267.657162][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 267.699784][T10657] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 267.730019][T10659] 8021q: adding VLAN 0 to HW filter on device team0 [ 267.801111][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 267.811015][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 267.824018][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 267.832324][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 14:10:49 executing program 1: socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) socket(0x4000000000010, 0x1000000000080002, 0x0) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r8) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r10, 0x0, r9) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r11) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r12) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r13) r14 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) getsockname$packet(r16, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r14, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010000193acb1d2ebf7c83399b4aa08bcd2fc5c0800"/36, @ANYRES32=r17, @ANYBLOB="00000000000000003768210c000100aaaaaaaaaaaa0000"], 0x2c}}, 0x0) [ 267.863299][T10654] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.874108][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 267.893034][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 267.927604][ T2878] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.934711][ T2878] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.006027][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 268.014218][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 14:10:49 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_open_procfs(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f0000000200)={0x0, 0x2a, &(0x7f00000001c0)={&(0x7f0000000280)={0x2c, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x18, 0x1, [@TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'veth0_to_hsr\x00'}}]}]}, 0x2c}}, 0x8004) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x300, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4904) [ 268.052166][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 268.073366][ T2863] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.080825][ T2863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.109322][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 268.146844][T10657] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 268.191212][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 268.212607][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 268.221142][ T2863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 268.242356][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 268.257203][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 268.267040][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 268.275411][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 268.284137][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 268.292926][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 268.304307][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 268.313917][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 268.322510][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 268.354898][T10652] device veth0_vlan entered promiscuous mode [ 268.368823][T10696] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 268.391446][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 14:10:50 executing program 0: open(&(0x7f0000000240)='./bus\x00', 0x100000141042, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mknod(&(0x7f0000000040)='./bus\x00', 0x8000, 0x9) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='0']) 14:10:50 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) [ 268.406212][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 268.425512][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 268.447131][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 268.486911][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 268.494832][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 268.503929][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 268.525163][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 268.564058][T10707] overlayfs: unrecognized mount option "0" or missing value [ 268.582456][T10654] device veth0_vlan entered promiscuous mode [ 268.612475][T10659] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 268.634872][T10712] overlayfs: unrecognized mount option "0" or missing value [ 268.644900][T10659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 268.659315][ T27] audit: type=1400 audit(1579356650.493:50): avc: denied { name_bind } for pid=10709 comm="syz-executor.1" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 268.685019][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 14:10:50 executing program 0: openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x111400, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r1, r0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r3 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r3, r2, 0x0) r4 = dup2(r0, r2) setsockopt$inet_mreqn(r4, 0x0, 0x20, 0x0, 0x6a767cc9c1ab2c8e) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r5, 0x0) shmget(0x2, 0x1000, 0x1c, &(0x7f000096d000/0x1000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x20309}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$admmidi(&(0x7f00000015c0)='/dev/admmidi#\x00', 0x8, 0x0) r6 = socket$inet(0x2, 0x4000000805, 0x0) r7 = socket$inet_sctp(0x2, 0x5, 0x84) r8 = dup3(r6, r7, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r8, &(0x7f00000000c0)='\t', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r7, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r8, 0x84, 0x7a, &(0x7f000059aff8), &(0x7f000034f000)=0x2059b000) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getpid() [ 268.714163][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 268.714966][ T27] audit: type=1400 audit(1579356650.503:51): avc: denied { node_bind } for pid=10709 comm="syz-executor.1" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 [ 268.752139][T10652] device veth1_vlan entered promiscuous mode [ 268.847210][T10654] device veth1_vlan entered promiscuous mode [ 268.870876][ T27] audit: type=1400 audit(1579356650.713:52): avc: denied { map } for pid=10715 comm="syz-executor.0" path="/dev/nullb0" dev="devtmpfs" ino=23145 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=blk_file permissive=1 [ 268.936273][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 268.944304][ T2699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 269.057571][T10659] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.066661][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 269.107957][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 269.302576][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 269.320228][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 269.358121][T10657] device veth0_vlan entered promiscuous mode [ 269.384534][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 269.436740][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 269.474817][T10740] mmap: syz-executor.2 (10740) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 269.482056][T10657] device veth1_vlan entered promiscuous mode [ 269.556091][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready 14:10:51 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) 14:10:51 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) [ 269.701604][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 269.751127][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 269.862915][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 269.880453][ T2878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 269.943059][T10659] device veth0_vlan entered promiscuous mode [ 269.996971][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 270.005251][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 270.113602][T10659] device veth1_vlan entered promiscuous mode 14:10:52 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) [ 270.426439][T10771] nvme_fabrics: unknown parameter or missing value 'õÛýF‚ÕýÏQŠœ#ªACKgéÒH^H84 ' in ctrl creation request [ 270.556510][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 270.565012][ T2867] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready 14:10:53 executing program 2: openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x111400, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r1, r0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r3 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r3, r2, 0x0) r4 = dup2(r0, r2) setsockopt$inet_mreqn(r4, 0x0, 0x20, 0x0, 0x6a767cc9c1ab2c8e) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r5, 0x0) shmget(0x2, 0x1000, 0x1c, &(0x7f000096d000/0x1000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x20309}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$admmidi(&(0x7f00000015c0)='/dev/admmidi#\x00', 0x8, 0x0) r6 = socket$inet(0x2, 0x4000000805, 0x0) r7 = socket$inet_sctp(0x2, 0x5, 0x84) r8 = dup3(r6, r7, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r8, &(0x7f00000000c0)='\t', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r7, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r8, 0x84, 0x7a, &(0x7f000059aff8), &(0x7f000034f000)=0x2059b000) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getpid() 14:10:53 executing program 0: openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x111400, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r1, r0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) r3 = syz_open_dev$loop(0x0, 0x0, 0x0) dup3(r3, r2, 0x0) r4 = dup2(r0, r2) setsockopt$inet_mreqn(r4, 0x0, 0x20, 0x0, 0x6a767cc9c1ab2c8e) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r5, 0x0) shmget(0x2, 0x1000, 0x1c, &(0x7f000096d000/0x1000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x20309}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$admmidi(&(0x7f00000015c0)='/dev/admmidi#\x00', 0x8, 0x0) r6 = socket$inet(0x2, 0x4000000805, 0x0) r7 = socket$inet_sctp(0x2, 0x5, 0x84) r8 = dup3(r6, r7, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r8, &(0x7f00000000c0)='\t', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r7, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r8, 0x84, 0x7a, &(0x7f000059aff8), &(0x7f000034f000)=0x2059b000) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) getpid() 14:10:53 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) 14:10:53 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) 14:10:53 executing program 5: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x8) recvfrom$ax25(r0, &(0x7f0000000000)=""/241, 0xf1, 0x0, &(0x7f0000000100)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x4}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r1 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x6, 0x1ace9719895c2f61) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0)={0x9, 0xfdd, 0xfffffb2d, 0x101, 0x9}, 0x14) connect$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1e) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bsg\x00', 0x10000, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r2, 0x65, 0x6, &(0x7f0000000280), &(0x7f00000002c0)=0x4) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000340)={0x40, 0xf, 0x4, 0x100000, 0x101, {r3, r4/1000+30000}, {0x0, 0x0, 0xa6, 0x77, 0xc9, 0x80, "0e8b57b3"}, 0x2, 0x19ad436970a5d709, @offset=0xb719, 0x7fffffff, 0x0, r0}) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f00000003c0)) r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000004340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000004380)=0x14) sendmsg$nl_route(r6, &(0x7f00000044c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000004480)={&(0x7f00000043c0)=@ipv6_deladdr={0xa8, 0x15, 0x20, 0x70bd29, 0x25dfdbfd, {0xa, 0x4, 0x0, 0x0, r7}, [@IFA_FLAGS={0x8, 0x8, 0xa85}, @IFA_LOCAL={0x14, 0x2, @empty}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0x7fffffff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @empty}, @IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0xdc11d6918f49d1e9}, @IFA_FLAGS={0x8, 0x8, 0x88}, @IFA_ADDRESS={0x14, 0x1, @mcast1}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0xfffff800, 0x0, 0x7fff}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000004}, 0x40) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000004500)={{0x2, 0x4e22, @multicast1}, {0x1, @local}, 0x32, {0x2, 0x4e24, @broadcast}, 'vxcan1\x00'}) r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000004580)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$ppp(r8, &(0x7f00000045c0)="f5db1ffd469d82d5fd1e11cf518a9c23aa41434b67e9d2485e483834a000f698f3fd47701f1f2d6097b8ebbbe1f4e85b48d42044e5812b69e40038472882e17d64ed58a55c93e4c5bec205f3e3cd002d608ed9dd33ebff3a91ddb5daf8f4604282f1f03fa366dd07e88e8cc0bd24a703b765ec078094c214fa94f89f6627e0dfb51d83d6e0c9cc8e04315641a745fce3ee643a19ae7e85960c764cd3b8398dc4a1c19334bdca01bed65e8c5ddeb7c7154ab8e8484de1c8d4eb6f9359a5836204de3f62aa61afe12878a6e60cbd30c9a997afe0aa855c7d1a104793d7b20f5085a6cc89a3b84ef9494f8e8b54423e2114af285e6cb6441415c0964057081b3f0c776a8c9dc078e5d629322fa049db207c337b8f3bd4b584b92ad8d077cf53c457ac2e0052b45484571cd05a99345ba07292bf664e5e2d2a46623b80bd7637ec7e7d4441422990ab5df8291415ab61e8744d000ce40b3792cb792fea06777162c68cd94f980f6dbff0bf6e7d921d141dee178981aa005860fdf6b7c148ce565f158858afeff57237a752cabcb440d0c763c530c2680f9c8c4c4d0e74f3104df011be53af8ae059171e60d11dbb5ca68dc21b34b2bff50499ef69e89b22a8b0d4c46ebd432ba43972498df256fef32d9cb9e43b3bc0e018c25ebde6329b5f63a1e1cadb065676f12c932d601ca4b6702260a238c4b7b9434b334cb449506816948d1f7b7264bb9e182e65a8eb51210edcec0e312e8c59b154df80bf67e5a67cee474a9c9890c4ce92524916e302112012251566b932889246a3317ba5344fca390238b0bb9d19a3710e23010331a94434606fbe1d6e8bcd7e78a548ad26b215c5dd506cfd53828d0d8fe98bff3c9013950c08cf24b681e2b51e39f8a31d9313ad11ec5ef9a1c92db9f8b6e172a23cb6b1a7eaa89d947120dc1ba78b11e536214e2c501ed51ffcf4614a0f530158c1117a51a09731e276df94a9fb15ac16b0bce910b40b735626d30b817df6a9584650b38c295bc5c4c0674d6dde8592bd26d40c51d667111b89aca7c78f1327dae05b468f4504f4b5d5fb8739097a34d4dd4435c321366d8282bb012191d8112707302bde4607c4c0458472049df90291d58412bb2b70dc8f3b3bd9cc8567cc24156f2685f72b471dec42e9a399dcee961262a6b9f19e09728081db9531bccfe87270dee92b971d71e12db831a564580b4de851accbfb5bdde771a4a7aad5e8f601d392f859dfa7d10806473867ba02cf90556b423a0822d80b053ad1ee9391d87933863fd052ad57cef3741c34369fe9da29342feb2ceac7251d7ed445bca1bc461f969b2c5d02e0578ebfdb7af95979c923d8062af02f404f35cf531879a7c92bceab019a35b574af86d002393f3e77afa5663be4d94bba37f70ea0379b3ad28ded37d28199d021b716f9f4d603073727d16d05e2f48fd50fed19e70a2736907b6b0750f7d4f662871bab6b0a2cfbbad8dcf4999c8a3368f9b8cd00f6f4f7f5be713df7f66631bca7fe9996b2b8022b87b650f061fe82bd0e19d61604b580a50734c249f2b655c3b5ccb4274a7a0d38fe07fefe649dfbd90ffa5c1eda90b67a1929d460ddf987b48e3c50256711ba8f72f01add95f16f6ca09b59914e4bbc14f0a27a80a8f43aaa6b52a86c4c94c8e1a2b335bff08cf0c7fb3f02981d3768492e0f89a3ed089a7694a395231df2e254d20cfce6072ab0846e651da9667a36e98c5f30e1d64ea7b0220453094cbb973addd9e0976093d67ea2697e86e4ace17b2d614d50e4816ebcdb1313b62c488071f3dc1987f057b9cc1618610847d85bc949a2220d9c13d706b4a39715fcb73ee64d657cbb5b6b2b1c35929d2862b385420a8c681ef5614ef4cf4625ab8588b11ec9cbc3145f0882bb694ec528aad992e387ce4696f555b357b99652df90388a5ee93df7e47f5f39d87eb7ed46005ca214682ae54506285d415d82fef918dc218bfe2ce400d0ba88c3ef6808d68c3335cfff99761208dc0f5cae893ff26d3de2ce76965c6c1eb166bb2c46e8d9281c7d3a52819c61560dfdd2f5b471a7fc7642b53180bb559f49e682e7384a3ff805e9e427640555c6affcb98bb59d84646849c63ef8a16beaf827b2b65dd6429cde93106e6319b1ea0deba5721685b2bd8395bca46290387ccf4893d959e85972cd05c7908a7746e4f337105ad6f4db02a15125ec22a94dfecc54263c84f7af8fa4806ab5f86616f111dfdba30695d667a02a34e870c74df7401c85ecdee75d46c05a3e0c019d44ae2f2a39d162439b2cb211bab4f4d3298b852ac244d37d5d07c6c906caf18eefb976c2c0f32923f872fb167af05dc382cf3a9157f92a82f4ed0fd2e0fc3c23db67017630c189ffbb8e8f5fbd864f89d7108b9a1e7684a043a8eee2ea0239df4e2374741c87e16e325436547b41517f01fe51e60dcc51d34c37b3f05cdf06e0994e26fe75be385eb250b2955bd442429a47351b9c54e446eccf207d3969b9784a5f24a292055ec923d764bf36c3a423093ddad4e6e474afa2ea25ccc3cb2e067e411745dd366f7c054b5521d7d48d717f709577a67677805a55388ade851d037f9ca57d772b8f8d436b26df5e439690c6aac7908144228d7983491b589535c1accf65fdf799ff9413a6c7314e1b26898d9c67fc4052326a8b74887b5b5cd702703d628bdf66dbe97a1446ad176b46ace95ae593f753915285abf73e2106597cb9e31e2e619d1fd6087d9e2e9cabbf5082e4e9bce07f87b1a9952172e68ccde67f2cc4e254b5c864317b324dcc27fa1e5fad5c4cf3d475276f8ef74abda52796862a5c924390cb4aeb28593eee88c306b153d7eaeeddc70eebe5868194f54b544b775792ca2693d7b429b1eef3d0c52597fcc5e0cfd9ed38f23f549f12b85f0579163bacc99a551cac182cdbfe448683a5c7279a2d1681ae740b3439493cd9e2372f6c4e035b13fce4c39ffec9d62788ed78c45733d402d22a21ff364dc25c477ad3956c0298c9d54afd1805c0ba266d3d7b18f9d751825807e1ab8ec1d8936c6e81d3785717460e6c2dc5ad687e0524003d9189c7645d8b781f95b0630fd15d9dfb39c036fde868ba26d62c2692cea674f900a41b3f857c1dc8d8dd3a9d4804ffb20e238e42c323dd5ca7db27db60f671045786272832266cf8453918bdb5e9d8d5701d401cf76d996ba5713a1a69aa65c0bbb38c6e13c038fafb393a2aac9f6eb3ca08ab77dd829d7a454408e37e2264d61276084fc6d77fa30b9bf12daf13490b71e267b047208d2894d0e163376104cafd48791a6da1535f0989ba04241fd2ccc59d59657433ff26a0900e8b7e742a6d4a09a2e7a200cb0440d867834e71e8121b575d919d25a98fe136f9f1e5668455a87c5176476bbf70cadcd1eec0a4af55c1f53046cd87a45c0382634e4912dc03f879eecf97a063a5b8a332858185c1a5ba08b557f1a0f79ffff4f4f9a09707658bbb04588a62eb03412ec15b537a75daf7f73d1ad49922e5fa26f96026d6a167ae4f75c0ad4f9765d70238feded033d38f36ec0311ad3bb2a65ca45f6a9f44bd686770d16f7d1890a9c7789496228e83ef1d51ab451b3dd72997e4fa7b2e83586faa8733288718bfed2cd0d5cafe4f29b9662bd1b4f852b2f1d8c3eb4b0ec1a55864b6dcd7b6af8472517509fabe8b605d41d9446558caad9df7117e0bd572a9b6b37b20745f1986a834855ae0c9ec82ff152f36bf57297df334a82ca8e66daef2ea304aca8f64fe2ef4ee59f75e7dc0027116a792f384eb4cc8205772666bd7efef0bb2f44292d9964dbf3c3181424951fcd502cb7b6303a38179590e6ffd85fdedddb72a1cc2f6d54db651411b6b9dd28d53ce2dd55f040901e9e8c991f68dd3ce48bf73db7bcd74bcfe8ccd945774df0666bccf1a7c5c1340803e22de0ec55d579b4a8f8acdd063096c76bc089a7e7e9f65593a29a3efbccf59473a0b1c8e270a5cd62763e415b564352dff7ae1927bfeec4b5606e3bf9a140730cb3b02a7b0e08e5ef720f097eb099578d524e331c39881ae4a702254f6ad6cdfb3607f4714eab0ec059e53c5e6d822bd1d79883cb1622b58a312da5fcab018047d45a0fef80864f60d3efa3519e4615840f2f1de905a9a786a58b7f9ce105726bbfb297a097c8c8449e6528e7406cd457744323174485580e6f4693369a5d83eb15cee8c52f4e478029780a4db0b04c8cbf68219dc5a7f7addd3aba32ccf3e9bb7c670131924049a3aed4629e1daf0aa8c78e6b8830314164717387e50d70a489eaa9850eeced5fd5c32bf340046c602c3e484c8ce12ae8cea8629ccc458030c0ec46d263983f8f0bb262ce51d7e2aacc2b0e51485652531704a48df3caec55b04a0e28fe1f1bf9a9aed6cbbc2d313e601ff0f92de9de4a00b32d396f4906800181ae24c99336af02c6201cb1b6f41030241e36f646595f50742757d5dcbd29deca1d1f8e6399554dfbbd1c78b9b85e202cc6e596523d918ee60f1ec0ddcd0ad6602984a434737712f19dd2a4a441952e4465b87bce2c1f2dd1394ef858685d81ae9eee9e5ef69c9dfff7a1167efffb8089ddeeea2822ba3cf2b1573d88438adae38a575030da54a0a42d2da971a2936fa3486738530cb978ebfd892f202326310f84fd6a78eb50958daf1cfcb10143cc9e0f3ea4cc4d0a079c03662b579a0d472c16982b6abcad9a9ad7cfe197ba94427796140b38d5126c61b2a36e70766f33db83eb8e2ce25990deb17bc9b3a3a92f05c15c19548ad8eb4164a80fb431135c40fc56ce979e7732ad90337a060062508b39860ecff8da519d052be9a75b67c0e1fd00b7ac13cbd58ec582ae192f9d218cd334df6d384eb5bc37b6cdc93cc511e05741e3af481d139dff8ddf5a355a6d24a345be3c4f581e2516ed3d7b723cdb2638d70716ccec69031d97bc7a844a252a326a04b10480ddcb95f45c280f47cfda89cd6f7067839e2ca612e583add789fa01735cf9e8510a2c13ba0eaef41e43123af8fef11b4147ee04d4d98bf47a9a74329c31ffc0f9bfec10d5b74a44ec598b86d45de303cd238f964126eba426bcbf4da46dd3526a7ad5450a9ce5816600a988d7a64b7288b130c450c10d7b1f36c2471c1bbf7e56cb1456a6893a583d93c89ad04906b450ac1734a4ac6c146d51a49d8937f9806d2f953a6c88fa46c14e975d9d2e3e4f049cb46b56f3dc521782cf33356719ff2ad07a0cb94d8a6eefe73fa5d153eb66d1fd8c77e3d3fef79cd512d9752bb1f948d030c75ec6d5ea36ec0b497cd8f4db522e4e41c8a4318ba260f96d3f2d60761d60905ae37479a453144249b0ddae06528c9ad81eae04762f7496c0201fad01f6799d3b66f0b29e8437b37ea5b7d0710b4297feb86e50442252a8dab6b71b004922812d0d3d41d976293962c0fb388c6ee9b78d3754a745d566377a710c70ad40cfe4d6d3d96a668f0a47069de53827f30ea7f2fe8c4f78e1195910c12aa2f4fb64bec9e370e423bc1ebbbfa185071003d46a2153578a7e24cba2f73fac8600cbfcbf7d600c46696b89683cb8e3f4a71af7f7652bf4338e9948e4ab68d60350ab765f67c9c76a4b85f316bac16249638ff981f5d66cf1238de5b88bcf35dec44223523477a8051253edd179a81cca292be660644164c7483ab21591483cd1cf3cef236a2b7fff994c945dfa24db313c4bac261308fc9406d5eff777192e15ecbc0eb44195e7dac9981fcbe8a3df67ba1584692b1ac1260cfba8eaf93cd207388f2069853c33d08d1f489b8fd", 0x1000) bind$inet(r2, &(0x7f00000055c0)={0x2, 0x4e21, @multicast2}, 0x10) r9 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000005600)='/dev/vcsa\x00', 0x400, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r9, 0x65, 0x4, &(0x7f0000005640)=0x1, 0x4) r10 = syz_open_dev$media(&(0x7f0000005680)='/dev/media#\x00', 0xffff, 0x2) ioctl$SIOCAX25ADDFWD(r10, 0x89ea, &(0x7f00000056c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) r11 = openat$vcs(0xffffffffffffff9c, &(0x7f0000005700)='/dev/vcs\x00', 0x400, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000006800)={r11, &(0x7f0000005740)="0dffff54fd8adac76c7b052775512b053344b92f0944bb06d162ad71c9a8c365f21e04d01f20185a99f42d1cc41a4588c11dc3aa028c7428972484a22c680d0903e9450287f00c52eb7568088d4c5ea3f60595806d0d3cc6263f87b5aa1a1ad2748c120cced3bab9896c21fb2cf867be66be14a8a6df7c2172c1bd793513eca6c0cb5b8ef60836b73fe0585c8db0484f7da4876982594df77aebae9410455c8a08a565bc7f1e0ab6ce906f267c221bd5956dd6232396dbf82fe08b5caad32439157f9a7239d432c14a040ea1c7115785245f5029e59fdd58363bc70102486e36a7dd8a8dcf87ef61b79a3f7b1724408d8dbca1ddab051e1a2b064ce0b092ac29f16cdf686b0e558fb87e79312432a2dc4ea877d2c948fe371dd0f2ac373d5bff123292266da0eb23f775d316501d2b4396dc9e33b8e318a76b2f853a2f6e4a943f0c0962e210cfafea82e07ebb7dd90e474a8c5b380097ee9fa5a4db0356ad6a62c1fc6c803274d27fbcc35343ea648c81f30365cc120ca34e17b6d8888c2d7275cbb490451d843581a32c698f5aa925a658ebb8f4c51b6f969a681550ea9c8d71b3c8cfe403aa733558024916dce7ef496facaad2cb938d62f0e983a94a3e0ea387a479da239070c275c02daa5ee6e9f4d8e1ca0202159f1f497c8034a87023450fa36a87624b76d933f9513ef8c4108fed6f3b39e2e7be1b4649d3493797c97f9354f5a0e90eef0fb4bf4afe87d223bdb56f6c00e7271579be38b0a8452e397ff6a33667bf87f0921cd0414a4f7d9fb6e9920eece6140a2b88317950cdf5bd668801be4e91e9f367a074a63654ce8f61d7a44399d967bb92ef985f98d0dde70d469e89e512c8046aa4cd1a2c2e5be0af1bf106b13c3845342c2e8dfc075056ab86c32285e56ca5987b347bf2cd14ef8f3875b71db9451b5a054659d19c64ac0fec5b73a8011807e4fea3f562af8d9392063335dd20c9d0b2bd0dad6331af5c7c5b7c7b7d8d851cf984eb167c1108a4cdb82f4a59564503327feef5409604a6b54f66d7d338ba548078a609307cf8edc8cc7926c3d55ac66288c70a969b82ccb6f5aaef5a4499b64f8b6cc6f5650c2c3756b6788c7ce13dd09a116a1d22c1e7a35827a84133a8711a875f00c100ca5298cf2088d54418bd2c5a1ed289b985247c41776196db47cca46b04499d915a83790865adc36cac14fab4812438e37dc0fc403f1052ee681f3a0c20bd923bad2b90851968d1e44ae5d45d500557882e6e1241415fa69c5f30bb07437eaa274be6324aba7c069e8cd7d51db563ea3d6154fb999a57c8ed692f9e3a8401d6ababacf79b47937340f0b8ad89d9a64b0f1aef558f73b46851f2498d76115197c8bd314f7fc1488d8931d334b05c73a2aa837d6f82497468dd8cc6a75fe87e50eabcaaffa0085b9defa751efe98ef6f4cd0969a1909b5d296e488f1e65d2dde77e8bcb3c639f7dbaedd1fba6390e16103373b0b4dbcf919b1deda4b290c7bbc8040cb5c085232aab56d3c8bb970793a931240f623c39a8eb21bbf1f026ab5ccb4dca1512ec7cb1437e9a6312ed3e4d80355bd916cefd0696d15cbbc9b9fe7fac0a073b756bad3ff77904e1de73bdc902c1742c2133bb812758d4dd02a59e9b54d427e457a4502e45baa78bb8ed81934ba0e5b16e3408080eef92f37849c3ecb7b8ccc32ba0dd34312fa8fc1e369a1dd2b492b8f395242ca63b455a5d7ba306d4a7f0c90b469525f0a0972775bb030d59e81e69b713a2472df92fc94f682b4f40b79913b6e539672eadf8e6ccedb8ba1bb497cb965a13b05cb6f78c4f92dff0a581609c70d4c6787df33ffb4c2c12360e97da0727b8de1d0b400aca80914f8b2718d84068e42628e7e0201f23a1860852cdabc105265df66265ab534161a03810a11fecdcdb62fd7d45e81d7ab83142f84d1a800abddbd7f5dc34eaee7fb333b38d61922fcd478a83780e2d56db231ba26df2ab939d13ef73a0eb1e693e737fcacc140dfb42bc91c53f16013720782854daf9a425ce06e60a8c864bf7bd361f25a5235fb9d4e1cb74ba048ca7f96dfccf3478c8036ab03023994fe3083ff42c597fdf223d0cfdf610f1211ab7ad81fb8f0215030b4da63cc14fd1522fb839ae35a4ce51b3718fa9e5bad104e705cb158ca20b95ad513d015498dd962151ee8f65c6608e67deee87f14c6fa41529382bffbf71b52ce3882eca703ccc715e7eaafeccc82a87e8016ca73c133e7bdd05f135aa9648c3b2598e0573a7c77e0c1fd6f20f78aa610d81fbe60ab69a3ccf5795051a0ac07c78398b6cc6d506824d9619c1831957e3aa3a96c5c6d8db23fd95c467263d166eff5ee2a7701cc1be1e97ec20ae23b230b6c7be464668a6b670d11cb0eedc764935eaa8b281310727e37d43761eef0c90a2804964a4ef9939350bb754807f3a2eb7da779dd176cd46a5791907d670ee34b1aaa8aa277b2d56c609f6edcdab0156f98d254fe5cf23bf5648d5cfb6e76da85c7bebf768db8940b14c854e1b563c85bc799e9877ad494eaaf183ce596537358b856e31fd94fccdbb6ec143f87f53238c0a95c336a7cc20b9300dd2f0897cfcc20879cf6197b188756cd7921d367f3d292f2f66d70663a6a62c46a8cfbe4c2dfc19883cfe5a74b537c63b8b89db0e0575bedeb2dd97062d1bbffd1665b67a9543f1b77eabc122339583a5b09c8b410fc2c745d6cf91596d7388bcdc4067a6fa952746c3c89040634426e9b9cb6f28d98dad2a24f199a90857a9e2bed0dbb852ac3368ee9b9facbf59267591909ffac96b7a7526998edd18ed69be44b613af0875415df0acfecca86ac11b87f981038b47a01d489646e46bc945d3c301daa743128b536566e70744387e9db0c95a0d3cae4285777eb4d24777d0722b727b0f106687ee589d045543bba7c1b8462269a1e5bba90880e09d3cc2e8c740221abd6021821b87e4505e79a1b4bf10e8f394caa2fecac9a0b4c76ac223a27b606eeaf0cdd215e937dced6872bcb9e8b4646b9e6bfe6e201a957bc6a4c62c01ec1842edf4fcaf2b2182ad2f6546bfbc881be35e1e71bb27bb773380b140817178c6122a112e6e82ea0e0c367264bd6773882a5854232dba6b900f4c831b18f93175d1355b899335da8cd6795fecaefcc89158308c389f2ec3a222f95672e7f8aae882a403013f3bfe74b2daaeb1d1e581cd82ae6758e8ce0d6dbcea3f56e1c9aaacb2ba5306e764b03cfc553de6f6c2a07824dd2eba3dd4966d0eeac17bf4bba0d5ebafbcf8a72a6718ed08522e25f2aaada9c7ebde25c0ce6a4afbbcd4ae972834561a4c8d65d083ad376445b9d595ec2470b6ed47d101560810b4c2778476f7569bf0458df633a42af478b74772bdd19df3a66a6b6b8c97812a985af68a134eeb99f724d92f6bb516633734650a24803f3ccef78abfe6d2eda266607319af460517a56697401cbf6d00a9ec88d29ea8f8043b59409445884eb5b363b80d8d26c0b62772dc602c14df454713bea7a2d4407b46f3393b71cce1b9f2385c0314b343279b2243b64af0e5d5b77cfb228383ebf7456c49d80fcd57e125626b8e124c28c817d6ad1cb15f4dd101102910ad39d28540677e2ad8fd5a4453fe1fa4c69e59cbd01096a9d973432d6710360c855a9a9e5629311e40b94530da721072dc0659b51f0849cfd1be9b12b4bcd75ba8192cc09ebb6ad6fb17671900a9187cd7709467834141ac37e85d4d48335f274dd104924a33cb0574e776716c492a72e538e1ae5a2e59c40890edc4e5401baed135b78d7fb2cde1af4c5352251ffca52d3f3da05e501311a4363167431b1f8302a3dbcfb9a33160e0d086d8c2cc8e04330c92e9d20e6f2acc2176b7286f1ca0c1f1925e2125e0fd7ac190a6e90e40c093ba162d6f43a3645df379111f38f8198b2f96a1450cdd6a72c2236587f7fe6d9b4a95150973dbcbc31eda8e548a20d3019b77801c3b046887416e9a541d292242220b08e1c9fbb30565d4d3a440ac1c6d58f68a5708afc56c7b963c83daf72fb76ddd3fa258696d1db56c1fdf8b44f5f4a988081c77f117dc3f7b86520b9ea10654cbe613a4a2ce863814bd56e79fdb1d509471963e7f1543a5f7470ec3271bc722bcb44f42dbf56d8cd57fc39a6f1c1d92e2a8993953199373dbe880baeeb3d7058cd2d90d189e645d83b797def4929251aff48da5221467ad46e62aba9f957b583fcc15479964040ac5fe900a3f4bd5d10038533e79fbc24d4b0f111efa2fefad8a8983fb544cb29124c7db4e186441d3f6e525fa0389364a96e0719352a86090463b08dc4dfa29dfc2cd510fca9c15934fd16f4908205311d38df10c97adf9c2529ef3f89b307d6786b5ad13c4cbf6829e52fb1a056d80e61fc60c0143c0d0b07f92ac9abffab551504db97efc7bb3a36522aceb31793b759791824a1a56421c719fdfca93a27729107c967b1c4bdad8da0b4e92ce7bcce17d68bb768c6679761b65822ce7588986d25f5845d0ac7562c113de81611cafb2bdb0f1d30d4b23774701b0e20824d82e8590a5571696cd03c62a8e44e314b5cc768460b05bcc0326b93236cf525afdc5fa8e198ae2ec6680eb8affe04c0e4c7b7b3248ba7c2484b77f5b66ad02828caf11314f2dcdcb65a63a0a3b50dd039806e34ae6d7f445a37e735436380ba8c068b2d9fb9017544c3b6000df393d2dcbb0b7859adf13fea9a87c21dfdf73d442cac8fcfd0dad599f8b2074c3d3f616f20d0d6fc3edd357860db00e959f7f6260faf83fff041bcef06751c59f890431bcd9b7d745b7ec98c649b86e9587b6f4981503eb1ca31d1bf1ba9d8edae3321be3e5c36499c09e5e6ee6e0bbd54a46d4e1a0b422a86892f9be7000726e31f253d41fc356395074871a53a2646b48ef7ed11bd29c3c35c902f5ab7f6479a2fae46353b4d89c44f81ceb99eadace31126a4dc989cc6bff8c781c98984f71b6e495fff50d095240a5aa0f23343bccdbd6ba9a21fb3fccb7d79ab6665f1894b9c796f5689791eb3de1a5d1f178141754ef41601bbd7b28db6a8697537301fa584d7355074edc949b2692ad8b077547799e423890ae488fd92be9cfaae1d06059da36218ed9d91af73d9c072914a46f1820a8a717d5e8bedc52142b7df2d5089929b6acf7db69d251ac7b5f36a35aa2ec832e117fa608e71054012b151a28b89ea80a056ba2f4f7b45116dd445891877614af83699b71775e8c94e00d38dcd6dab7c6bb0067c024eb2963aa3e02ad0c2d2ba7a5246d7cd536cc272a7f754e4f9dc12af469ad55e6568c0c1f674a5f2e0d44710d73d04b54b890d3f5c6a4396c9dacde4bca314442f86605ef37fd1a7c580f6e1cd254654e23ed1b0cd13613bc2ef7866c57d1ed12da03fa11fe6810fb9cde9fc47bf83de902d4aea9971b0758fb68a50ed79f1e2c83a86dad5086a9d04cb24b385095676676888d13991507569487eabeb4c2f6020cfeafa04f05487d63dc67e532bf2807e8c2a342413450f54c1cb8ae8b61bcc0b222f6939fd2280e1441e91e5fd0d6faeaa6f8b7bf378293df1a4fdec90440e8fb0efeaaa837fa072c72ead5ce679f02a50df0a2feb81c657d8c07bd90d95f5f4bb613a2911bce7b553c18c1b34066c43fb919cafc03a137115fe8805cfcb333c1ce9271e3ed0bd60691593ff754c9f804717ec6bdf5254261292857d1d86a0cf216febad5827a83b2718e7f00eddaadd5f22476f0aa6c4b6eace38edf288db6c3aa076eaf35a25babadc8a13ef40d22dcdcf8a59163e2", &(0x7f0000006740)=""/129, 0x2}, 0x20) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r8, 0x84, 0x1b, &(0x7f0000006840)={0x0, 0xf7, "5fb5e1b240465ae8a80c2198b048d4e2e22d4e220cb9f38faed9a6b4160067990244f9d1cf7cc4ab66e88d9395bb564ca4e48e7dd46c0689982b39b94a06a1cc815b8797f06c3b6572207d5484be357efc322152df8d11941913e4dea88b789754e2629378aea882964041151ab6a327358525341e9279973cb15fe19095662468a50be90f9c1c13b871bb194f6e56a58ebb4071682765e4c487c3faa78c0ca5a97e1197c5e1ec4c7d4a1b4fc21e4e7d9b5711ac92f24250c89887f70cf2b258553b792d8fe6c011c5d6389c63789db79a77165108fc5bfec482ebd586e4fe853f1dd5a1314e93db63afe8fc60f0f091eff7668eb5c3c5"}, &(0x7f0000006940)=0xff) setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000006980)={r12, 0x8ecd, 0xb5, 0x401, 0x4, 0x7}, 0x14) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000006a00)={0x8, &(0x7f00000069c0)=[{0x8001, 0x8c, 0xf4, 0x81}, {0x6, 0xc8, 0x65, 0x2}, {0xce, 0x80}, {0x3, 0x33, 0x3f, 0x1}, {0xfff, 0x7, 0x0, 0x2}, {0x3f8, 0x1f, 0x4, 0x593}, {0x20, 0x3, 0xb8, 0x1}, {0x876, 0x1, 0x79, 0xcb1}]}) openat$selinux_context(0xffffffffffffff9c, &(0x7f0000006a40)='/selinux/context\x00', 0x2, 0x0) r13 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(r13, 0x29, 0x23, &(0x7f0000006a80)={{{@in=@dev, @in6=@local}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000006b80)=0xe8) openat(r11, &(0x7f0000006bc0)='./file0\x00', 0x842, 0x180) 14:10:53 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) [ 271.170058][T10778] nvme_fabrics: unknown parameter or missing value 'õÛýF‚ÕýÏQŠœ#ªACKgéÒH^H84 ' in ctrl creation request [ 271.448859][T10800] nvme_fabrics: unknown parameter or missing value 'õÛýF‚ÕýÏQŠœ#ªACKgéÒH^H84 ' in ctrl creation request 14:10:53 executing program 4: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x8) recvfrom$ax25(r0, &(0x7f0000000000)=""/241, 0xf1, 0x0, &(0x7f0000000100)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x4}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r1 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x6, 0x1ace9719895c2f61) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0)={0x9, 0xfdd, 0xfffffb2d, 0x101, 0x9}, 0x14) connect$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1e) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bsg\x00', 0x10000, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r2, 0x65, 0x6, &(0x7f0000000280), &(0x7f00000002c0)=0x4) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000340)={0x40, 0xf, 0x4, 0x100000, 0x101, {r3, r4/1000+30000}, {0x0, 0x0, 0xa6, 0x77, 0xc9, 0x80, "0e8b57b3"}, 0x2, 0x19ad436970a5d709, @offset=0xb719, 0x7fffffff, 0x0, r0}) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f00000003c0)) r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000004340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000004380)=0x14) sendmsg$nl_route(r6, &(0x7f00000044c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000004480)={&(0x7f00000043c0)=@ipv6_deladdr={0xa8, 0x15, 0x20, 0x70bd29, 0x25dfdbfd, {0xa, 0x4, 0x0, 0x0, r7}, [@IFA_FLAGS={0x8, 0x8, 0xa85}, @IFA_LOCAL={0x14, 0x2, @empty}, @IFA_CACHEINFO={0x14, 0x6, {0x5, 0x7fffffff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @empty}, @IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0xdc11d6918f49d1e9}, @IFA_FLAGS={0x8, 0x8, 0x88}, @IFA_ADDRESS={0x14, 0x1, @mcast1}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0xfffff800, 0x0, 0x7fff}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000004}, 0x40) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000004500)={{0x2, 0x4e22, @multicast1}, {0x1, @local}, 0x32, {0x2, 0x4e24, @broadcast}, 'vxcan1\x00'}) r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000004580)='/dev/nvme-fabrics\x00', 0x1, 0x0) write$ppp(r8, &(0x7f00000045c0)="f5db1ffd469d82d5fd1e11cf518a9c23aa41434b67e9d2485e483834a000f698f3fd47701f1f2d6097b8ebbbe1f4e85b48d42044e5812b69e40038472882e17d64ed58a55c93e4c5bec205f3e3cd002d608ed9dd33ebff3a91ddb5daf8f4604282f1f03fa366dd07e88e8cc0bd24a703b765ec078094c214fa94f89f6627e0dfb51d83d6e0c9cc8e04315641a745fce3ee643a19ae7e85960c764cd3b8398dc4a1c19334bdca01bed65e8c5ddeb7c7154ab8e8484de1c8d4eb6f9359a5836204de3f62aa61afe12878a6e60cbd30c9a997afe0aa855c7d1a104793d7b20f5085a6cc89a3b84ef9494f8e8b54423e2114af285e6cb6441415c0964057081b3f0c776a8c9dc078e5d629322fa049db207c337b8f3bd4b584b92ad8d077cf53c457ac2e0052b45484571cd05a99345ba07292bf664e5e2d2a46623b80bd7637ec7e7d4441422990ab5df8291415ab61e8744d000ce40b3792cb792fea06777162c68cd94f980f6dbff0bf6e7d921d141dee178981aa005860fdf6b7c148ce565f158858afeff57237a752cabcb440d0c763c530c2680f9c8c4c4d0e74f3104df011be53af8ae059171e60d11dbb5ca68dc21b34b2bff50499ef69e89b22a8b0d4c46ebd432ba43972498df256fef32d9cb9e43b3bc0e018c25ebde6329b5f63a1e1cadb065676f12c932d601ca4b6702260a238c4b7b9434b334cb449506816948d1f7b7264bb9e182e65a8eb51210edcec0e312e8c59b154df80bf67e5a67cee474a9c9890c4ce92524916e302112012251566b932889246a3317ba5344fca390238b0bb9d19a3710e23010331a94434606fbe1d6e8bcd7e78a548ad26b215c5dd506cfd53828d0d8fe98bff3c9013950c08cf24b681e2b51e39f8a31d9313ad11ec5ef9a1c92db9f8b6e172a23cb6b1a7eaa89d947120dc1ba78b11e536214e2c501ed51ffcf4614a0f530158c1117a51a09731e276df94a9fb15ac16b0bce910b40b735626d30b817df6a9584650b38c295bc5c4c0674d6dde8592bd26d40c51d667111b89aca7c78f1327dae05b468f4504f4b5d5fb8739097a34d4dd4435c321366d8282bb012191d8112707302bde4607c4c0458472049df90291d58412bb2b70dc8f3b3bd9cc8567cc24156f2685f72b471dec42e9a399dcee961262a6b9f19e09728081db9531bccfe87270dee92b971d71e12db831a564580b4de851accbfb5bdde771a4a7aad5e8f601d392f859dfa7d10806473867ba02cf90556b423a0822d80b053ad1ee9391d87933863fd052ad57cef3741c34369fe9da29342feb2ceac7251d7ed445bca1bc461f969b2c5d02e0578ebfdb7af95979c923d8062af02f404f35cf531879a7c92bceab019a35b574af86d002393f3e77afa5663be4d94bba37f70ea0379b3ad28ded37d28199d021b716f9f4d603073727d16d05e2f48fd50fed19e70a2736907b6b0750f7d4f662871bab6b0a2cfbbad8dcf4999c8a3368f9b8cd00f6f4f7f5be713df7f66631bca7fe9996b2b8022b87b650f061fe82bd0e19d61604b580a50734c249f2b655c3b5ccb4274a7a0d38fe07fefe649dfbd90ffa5c1eda90b67a1929d460ddf987b48e3c50256711ba8f72f01add95f16f6ca09b59914e4bbc14f0a27a80a8f43aaa6b52a86c4c94c8e1a2b335bff08cf0c7fb3f02981d3768492e0f89a3ed089a7694a395231df2e254d20cfce6072ab0846e651da9667a36e98c5f30e1d64ea7b0220453094cbb973addd9e0976093d67ea2697e86e4ace17b2d614d50e4816ebcdb1313b62c488071f3dc1987f057b9cc1618610847d85bc949a2220d9c13d706b4a39715fcb73ee64d657cbb5b6b2b1c35929d2862b385420a8c681ef5614ef4cf4625ab8588b11ec9cbc3145f0882bb694ec528aad992e387ce4696f555b357b99652df90388a5ee93df7e47f5f39d87eb7ed46005ca214682ae54506285d415d82fef918dc218bfe2ce400d0ba88c3ef6808d68c3335cfff99761208dc0f5cae893ff26d3de2ce76965c6c1eb166bb2c46e8d9281c7d3a52819c61560dfdd2f5b471a7fc7642b53180bb559f49e682e7384a3ff805e9e427640555c6affcb98bb59d84646849c63ef8a16beaf827b2b65dd6429cde93106e6319b1ea0deba5721685b2bd8395bca46290387ccf4893d959e85972cd05c7908a7746e4f337105ad6f4db02a15125ec22a94dfecc54263c84f7af8fa4806ab5f86616f111dfdba30695d667a02a34e870c74df7401c85ecdee75d46c05a3e0c019d44ae2f2a39d162439b2cb211bab4f4d3298b852ac244d37d5d07c6c906caf18eefb976c2c0f32923f872fb167af05dc382cf3a9157f92a82f4ed0fd2e0fc3c23db67017630c189ffbb8e8f5fbd864f89d7108b9a1e7684a043a8eee2ea0239df4e2374741c87e16e325436547b41517f01fe51e60dcc51d34c37b3f05cdf06e0994e26fe75be385eb250b2955bd442429a47351b9c54e446eccf207d3969b9784a5f24a292055ec923d764bf36c3a423093ddad4e6e474afa2ea25ccc3cb2e067e411745dd366f7c054b5521d7d48d717f709577a67677805a55388ade851d037f9ca57d772b8f8d436b26df5e439690c6aac7908144228d7983491b589535c1accf65fdf799ff9413a6c7314e1b26898d9c67fc4052326a8b74887b5b5cd702703d628bdf66dbe97a1446ad176b46ace95ae593f753915285abf73e2106597cb9e31e2e619d1fd6087d9e2e9cabbf5082e4e9bce07f87b1a9952172e68ccde67f2cc4e254b5c864317b324dcc27fa1e5fad5c4cf3d475276f8ef74abda52796862a5c924390cb4aeb28593eee88c306b153d7eaeeddc70eebe5868194f54b544b775792ca2693d7b429b1eef3d0c52597fcc5e0cfd9ed38f23f549f12b85f0579163bacc99a551cac182cdbfe448683a5c7279a2d1681ae740b3439493cd9e2372f6c4e035b13fce4c39ffec9d62788ed78c45733d402d22a21ff364dc25c477ad3956c0298c9d54afd1805c0ba266d3d7b18f9d751825807e1ab8ec1d8936c6e81d3785717460e6c2dc5ad687e0524003d9189c7645d8b781f95b0630fd15d9dfb39c036fde868ba26d62c2692cea674f900a41b3f857c1dc8d8dd3a9d4804ffb20e238e42c323dd5ca7db27db60f671045786272832266cf8453918bdb5e9d8d5701d401cf76d996ba5713a1a69aa65c0bbb38c6e13c038fafb393a2aac9f6eb3ca08ab77dd829d7a454408e37e2264d61276084fc6d77fa30b9bf12daf13490b71e267b047208d2894d0e163376104cafd48791a6da1535f0989ba04241fd2ccc59d59657433ff26a0900e8b7e742a6d4a09a2e7a200cb0440d867834e71e8121b575d919d25a98fe136f9f1e5668455a87c5176476bbf70cadcd1eec0a4af55c1f53046cd87a45c0382634e4912dc03f879eecf97a063a5b8a332858185c1a5ba08b557f1a0f79ffff4f4f9a09707658bbb04588a62eb03412ec15b537a75daf7f73d1ad49922e5fa26f96026d6a167ae4f75c0ad4f9765d70238feded033d38f36ec0311ad3bb2a65ca45f6a9f44bd686770d16f7d1890a9c7789496228e83ef1d51ab451b3dd72997e4fa7b2e83586faa8733288718bfed2cd0d5cafe4f29b9662bd1b4f852b2f1d8c3eb4b0ec1a55864b6dcd7b6af8472517509fabe8b605d41d9446558caad9df7117e0bd572a9b6b37b20745f1986a834855ae0c9ec82ff152f36bf57297df334a82ca8e66daef2ea304aca8f64fe2ef4ee59f75e7dc0027116a792f384eb4cc8205772666bd7efef0bb2f44292d9964dbf3c3181424951fcd502cb7b6303a38179590e6ffd85fdedddb72a1cc2f6d54db651411b6b9dd28d53ce2dd55f040901e9e8c991f68dd3ce48bf73db7bcd74bcfe8ccd945774df0666bccf1a7c5c1340803e22de0ec55d579b4a8f8acdd063096c76bc089a7e7e9f65593a29a3efbccf59473a0b1c8e270a5cd62763e415b564352dff7ae1927bfeec4b5606e3bf9a140730cb3b02a7b0e08e5ef720f097eb099578d524e331c39881ae4a702254f6ad6cdfb3607f4714eab0ec059e53c5e6d822bd1d79883cb1622b58a312da5fcab018047d45a0fef80864f60d3efa3519e4615840f2f1de905a9a786a58b7f9ce105726bbfb297a097c8c8449e6528e7406cd457744323174485580e6f4693369a5d83eb15cee8c52f4e478029780a4db0b04c8cbf68219dc5a7f7addd3aba32ccf3e9bb7c670131924049a3aed4629e1daf0aa8c78e6b8830314164717387e50d70a489eaa9850eeced5fd5c32bf340046c602c3e484c8ce12ae8cea8629ccc458030c0ec46d263983f8f0bb262ce51d7e2aacc2b0e51485652531704a48df3caec55b04a0e28fe1f1bf9a9aed6cbbc2d313e601ff0f92de9de4a00b32d396f4906800181ae24c99336af02c6201cb1b6f41030241e36f646595f50742757d5dcbd29deca1d1f8e6399554dfbbd1c78b9b85e202cc6e596523d918ee60f1ec0ddcd0ad6602984a434737712f19dd2a4a441952e4465b87bce2c1f2dd1394ef858685d81ae9eee9e5ef69c9dfff7a1167efffb8089ddeeea2822ba3cf2b1573d88438adae38a575030da54a0a42d2da971a2936fa3486738530cb978ebfd892f202326310f84fd6a78eb50958daf1cfcb10143cc9e0f3ea4cc4d0a079c03662b579a0d472c16982b6abcad9a9ad7cfe197ba94427796140b38d5126c61b2a36e70766f33db83eb8e2ce25990deb17bc9b3a3a92f05c15c19548ad8eb4164a80fb431135c40fc56ce979e7732ad90337a060062508b39860ecff8da519d052be9a75b67c0e1fd00b7ac13cbd58ec582ae192f9d218cd334df6d384eb5bc37b6cdc93cc511e05741e3af481d139dff8ddf5a355a6d24a345be3c4f581e2516ed3d7b723cdb2638d70716ccec69031d97bc7a844a252a326a04b10480ddcb95f45c280f47cfda89cd6f7067839e2ca612e583add789fa01735cf9e8510a2c13ba0eaef41e43123af8fef11b4147ee04d4d98bf47a9a74329c31ffc0f9bfec10d5b74a44ec598b86d45de303cd238f964126eba426bcbf4da46dd3526a7ad5450a9ce5816600a988d7a64b7288b130c450c10d7b1f36c2471c1bbf7e56cb1456a6893a583d93c89ad04906b450ac1734a4ac6c146d51a49d8937f9806d2f953a6c88fa46c14e975d9d2e3e4f049cb46b56f3dc521782cf33356719ff2ad07a0cb94d8a6eefe73fa5d153eb66d1fd8c77e3d3fef79cd512d9752bb1f948d030c75ec6d5ea36ec0b497cd8f4db522e4e41c8a4318ba260f96d3f2d60761d60905ae37479a453144249b0ddae06528c9ad81eae04762f7496c0201fad01f6799d3b66f0b29e8437b37ea5b7d0710b4297feb86e50442252a8dab6b71b004922812d0d3d41d976293962c0fb388c6ee9b78d3754a745d566377a710c70ad40cfe4d6d3d96a668f0a47069de53827f30ea7f2fe8c4f78e1195910c12aa2f4fb64bec9e370e423bc1ebbbfa185071003d46a2153578a7e24cba2f73fac8600cbfcbf7d600c46696b89683cb8e3f4a71af7f7652bf4338e9948e4ab68d60350ab765f67c9c76a4b85f316bac16249638ff981f5d66cf1238de5b88bcf35dec44223523477a8051253edd179a81cca292be660644164c7483ab21591483cd1cf3cef236a2b7fff994c945dfa24db313c4bac261308fc9406d5eff777192e15ecbc0eb44195e7dac9981fcbe8a3df67ba1584692b1ac1260cfba8eaf93cd207388f2069853c33d08d1f489b8fd", 0x1000) bind$inet(r2, &(0x7f00000055c0)={0x2, 0x4e21, @multicast2}, 0x10) r9 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000005600)='/dev/vcsa\x00', 0x400, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r9, 0x65, 0x4, &(0x7f0000005640)=0x1, 0x4) r10 = syz_open_dev$media(&(0x7f0000005680)='/dev/media#\x00', 0xffff, 0x2) ioctl$SIOCAX25ADDFWD(r10, 0x89ea, &(0x7f00000056c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) r11 = openat$vcs(0xffffffffffffff9c, &(0x7f0000005700)='/dev/vcs\x00', 0x400, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000006800)={r11, &(0x7f0000005740)="0dffff54fd8adac76c7b052775512b053344b92f0944bb06d162ad71c9a8c365f21e04d01f20185a99f42d1cc41a4588c11dc3aa028c7428972484a22c680d0903e9450287f00c52eb7568088d4c5ea3f60595806d0d3cc6263f87b5aa1a1ad2748c120cced3bab9896c21fb2cf867be66be14a8a6df7c2172c1bd793513eca6c0cb5b8ef60836b73fe0585c8db0484f7da4876982594df77aebae9410455c8a08a565bc7f1e0ab6ce906f267c221bd5956dd6232396dbf82fe08b5caad32439157f9a7239d432c14a040ea1c7115785245f5029e59fdd58363bc70102486e36a7dd8a8dcf87ef61b79a3f7b1724408d8dbca1ddab051e1a2b064ce0b092ac29f16cdf686b0e558fb87e79312432a2dc4ea877d2c948fe371dd0f2ac373d5bff123292266da0eb23f775d316501d2b4396dc9e33b8e318a76b2f853a2f6e4a943f0c0962e210cfafea82e07ebb7dd90e474a8c5b380097ee9fa5a4db0356ad6a62c1fc6c803274d27fbcc35343ea648c81f30365cc120ca34e17b6d8888c2d7275cbb490451d843581a32c698f5aa925a658ebb8f4c51b6f969a681550ea9c8d71b3c8cfe403aa733558024916dce7ef496facaad2cb938d62f0e983a94a3e0ea387a479da239070c275c02daa5ee6e9f4d8e1ca0202159f1f497c8034a87023450fa36a87624b76d933f9513ef8c4108fed6f3b39e2e7be1b4649d3493797c97f9354f5a0e90eef0fb4bf4afe87d223bdb56f6c00e7271579be38b0a8452e397ff6a33667bf87f0921cd0414a4f7d9fb6e9920eece6140a2b88317950cdf5bd668801be4e91e9f367a074a63654ce8f61d7a44399d967bb92ef985f98d0dde70d469e89e512c8046aa4cd1a2c2e5be0af1bf106b13c3845342c2e8dfc075056ab86c32285e56ca5987b347bf2cd14ef8f3875b71db9451b5a054659d19c64ac0fec5b73a8011807e4fea3f562af8d9392063335dd20c9d0b2bd0dad6331af5c7c5b7c7b7d8d851cf984eb167c1108a4cdb82f4a59564503327feef5409604a6b54f66d7d338ba548078a609307cf8edc8cc7926c3d55ac66288c70a969b82ccb6f5aaef5a4499b64f8b6cc6f5650c2c3756b6788c7ce13dd09a116a1d22c1e7a35827a84133a8711a875f00c100ca5298cf2088d54418bd2c5a1ed289b985247c41776196db47cca46b04499d915a83790865adc36cac14fab4812438e37dc0fc403f1052ee681f3a0c20bd923bad2b90851968d1e44ae5d45d500557882e6e1241415fa69c5f30bb07437eaa274be6324aba7c069e8cd7d51db563ea3d6154fb999a57c8ed692f9e3a8401d6ababacf79b47937340f0b8ad89d9a64b0f1aef558f73b46851f2498d76115197c8bd314f7fc1488d8931d334b05c73a2aa837d6f82497468dd8cc6a75fe87e50eabcaaffa0085b9defa751efe98ef6f4cd0969a1909b5d296e488f1e65d2dde77e8bcb3c639f7dbaedd1fba6390e16103373b0b4dbcf919b1deda4b290c7bbc8040cb5c085232aab56d3c8bb970793a931240f623c39a8eb21bbf1f026ab5ccb4dca1512ec7cb1437e9a6312ed3e4d80355bd916cefd0696d15cbbc9b9fe7fac0a073b756bad3ff77904e1de73bdc902c1742c2133bb812758d4dd02a59e9b54d427e457a4502e45baa78bb8ed81934ba0e5b16e3408080eef92f37849c3ecb7b8ccc32ba0dd34312fa8fc1e369a1dd2b492b8f395242ca63b455a5d7ba306d4a7f0c90b469525f0a0972775bb030d59e81e69b713a2472df92fc94f682b4f40b79913b6e539672eadf8e6ccedb8ba1bb497cb965a13b05cb6f78c4f92dff0a581609c70d4c6787df33ffb4c2c12360e97da0727b8de1d0b400aca80914f8b2718d84068e42628e7e0201f23a1860852cdabc105265df66265ab534161a03810a11fecdcdb62fd7d45e81d7ab83142f84d1a800abddbd7f5dc34eaee7fb333b38d61922fcd478a83780e2d56db231ba26df2ab939d13ef73a0eb1e693e737fcacc140dfb42bc91c53f16013720782854daf9a425ce06e60a8c864bf7bd361f25a5235fb9d4e1cb74ba048ca7f96dfccf3478c8036ab03023994fe3083ff42c597fdf223d0cfdf610f1211ab7ad81fb8f0215030b4da63cc14fd1522fb839ae35a4ce51b3718fa9e5bad104e705cb158ca20b95ad513d015498dd962151ee8f65c6608e67deee87f14c6fa41529382bffbf71b52ce3882eca703ccc715e7eaafeccc82a87e8016ca73c133e7bdd05f135aa9648c3b2598e0573a7c77e0c1fd6f20f78aa610d81fbe60ab69a3ccf5795051a0ac07c78398b6cc6d506824d9619c1831957e3aa3a96c5c6d8db23fd95c467263d166eff5ee2a7701cc1be1e97ec20ae23b230b6c7be464668a6b670d11cb0eedc764935eaa8b281310727e37d43761eef0c90a2804964a4ef9939350bb754807f3a2eb7da779dd176cd46a5791907d670ee34b1aaa8aa277b2d56c609f6edcdab0156f98d254fe5cf23bf5648d5cfb6e76da85c7bebf768db8940b14c854e1b563c85bc799e9877ad494eaaf183ce596537358b856e31fd94fccdbb6ec143f87f53238c0a95c336a7cc20b9300dd2f0897cfcc20879cf6197b188756cd7921d367f3d292f2f66d70663a6a62c46a8cfbe4c2dfc19883cfe5a74b537c63b8b89db0e0575bedeb2dd97062d1bbffd1665b67a9543f1b77eabc122339583a5b09c8b410fc2c745d6cf91596d7388bcdc4067a6fa952746c3c89040634426e9b9cb6f28d98dad2a24f199a90857a9e2bed0dbb852ac3368ee9b9facbf59267591909ffac96b7a7526998edd18ed69be44b613af0875415df0acfecca86ac11b87f981038b47a01d489646e46bc945d3c301daa743128b536566e70744387e9db0c95a0d3cae4285777eb4d24777d0722b727b0f106687ee589d045543bba7c1b8462269a1e5bba90880e09d3cc2e8c740221abd6021821b87e4505e79a1b4bf10e8f394caa2fecac9a0b4c76ac223a27b606eeaf0cdd215e937dced6872bcb9e8b4646b9e6bfe6e201a957bc6a4c62c01ec1842edf4fcaf2b2182ad2f6546bfbc881be35e1e71bb27bb773380b140817178c6122a112e6e82ea0e0c367264bd6773882a5854232dba6b900f4c831b18f93175d1355b899335da8cd6795fecaefcc89158308c389f2ec3a222f95672e7f8aae882a403013f3bfe74b2daaeb1d1e581cd82ae6758e8ce0d6dbcea3f56e1c9aaacb2ba5306e764b03cfc553de6f6c2a07824dd2eba3dd4966d0eeac17bf4bba0d5ebafbcf8a72a6718ed08522e25f2aaada9c7ebde25c0ce6a4afbbcd4ae972834561a4c8d65d083ad376445b9d595ec2470b6ed47d101560810b4c2778476f7569bf0458df633a42af478b74772bdd19df3a66a6b6b8c97812a985af68a134eeb99f724d92f6bb516633734650a24803f3ccef78abfe6d2eda266607319af460517a56697401cbf6d00a9ec88d29ea8f8043b59409445884eb5b363b80d8d26c0b62772dc602c14df454713bea7a2d4407b46f3393b71cce1b9f2385c0314b343279b2243b64af0e5d5b77cfb228383ebf7456c49d80fcd57e125626b8e124c28c817d6ad1cb15f4dd101102910ad39d28540677e2ad8fd5a4453fe1fa4c69e59cbd01096a9d973432d6710360c855a9a9e5629311e40b94530da721072dc0659b51f0849cfd1be9b12b4bcd75ba8192cc09ebb6ad6fb17671900a9187cd7709467834141ac37e85d4d48335f274dd104924a33cb0574e776716c492a72e538e1ae5a2e59c40890edc4e5401baed135b78d7fb2cde1af4c5352251ffca52d3f3da05e501311a4363167431b1f8302a3dbcfb9a33160e0d086d8c2cc8e04330c92e9d20e6f2acc2176b7286f1ca0c1f1925e2125e0fd7ac190a6e90e40c093ba162d6f43a3645df379111f38f8198b2f96a1450cdd6a72c2236587f7fe6d9b4a95150973dbcbc31eda8e548a20d3019b77801c3b046887416e9a541d292242220b08e1c9fbb30565d4d3a440ac1c6d58f68a5708afc56c7b963c83daf72fb76ddd3fa258696d1db56c1fdf8b44f5f4a988081c77f117dc3f7b86520b9ea10654cbe613a4a2ce863814bd56e79fdb1d509471963e7f1543a5f7470ec3271bc722bcb44f42dbf56d8cd57fc39a6f1c1d92e2a8993953199373dbe880baeeb3d7058cd2d90d189e645d83b797def4929251aff48da5221467ad46e62aba9f957b583fcc15479964040ac5fe900a3f4bd5d10038533e79fbc24d4b0f111efa2fefad8a8983fb544cb29124c7db4e186441d3f6e525fa0389364a96e0719352a86090463b08dc4dfa29dfc2cd510fca9c15934fd16f4908205311d38df10c97adf9c2529ef3f89b307d6786b5ad13c4cbf6829e52fb1a056d80e61fc60c0143c0d0b07f92ac9abffab551504db97efc7bb3a36522aceb31793b759791824a1a56421c719fdfca93a27729107c967b1c4bdad8da0b4e92ce7bcce17d68bb768c6679761b65822ce7588986d25f5845d0ac7562c113de81611cafb2bdb0f1d30d4b23774701b0e20824d82e8590a5571696cd03c62a8e44e314b5cc768460b05bcc0326b93236cf525afdc5fa8e198ae2ec6680eb8affe04c0e4c7b7b3248ba7c2484b77f5b66ad02828caf11314f2dcdcb65a63a0a3b50dd039806e34ae6d7f445a37e735436380ba8c068b2d9fb9017544c3b6000df393d2dcbb0b7859adf13fea9a87c21dfdf73d442cac8fcfd0dad599f8b2074c3d3f616f20d0d6fc3edd357860db00e959f7f6260faf83fff041bcef06751c59f890431bcd9b7d745b7ec98c649b86e9587b6f4981503eb1ca31d1bf1ba9d8edae3321be3e5c36499c09e5e6ee6e0bbd54a46d4e1a0b422a86892f9be7000726e31f253d41fc356395074871a53a2646b48ef7ed11bd29c3c35c902f5ab7f6479a2fae46353b4d89c44f81ceb99eadace31126a4dc989cc6bff8c781c98984f71b6e495fff50d095240a5aa0f23343bccdbd6ba9a21fb3fccb7d79ab6665f1894b9c796f5689791eb3de1a5d1f178141754ef41601bbd7b28db6a8697537301fa584d7355074edc949b2692ad8b077547799e423890ae488fd92be9cfaae1d06059da36218ed9d91af73d9c072914a46f1820a8a717d5e8bedc52142b7df2d5089929b6acf7db69d251ac7b5f36a35aa2ec832e117fa608e71054012b151a28b89ea80a056ba2f4f7b45116dd445891877614af83699b71775e8c94e00d38dcd6dab7c6bb0067c024eb2963aa3e02ad0c2d2ba7a5246d7cd536cc272a7f754e4f9dc12af469ad55e6568c0c1f674a5f2e0d44710d73d04b54b890d3f5c6a4396c9dacde4bca314442f86605ef37fd1a7c580f6e1cd254654e23ed1b0cd13613bc2ef7866c57d1ed12da03fa11fe6810fb9cde9fc47bf83de902d4aea9971b0758fb68a50ed79f1e2c83a86dad5086a9d04cb24b385095676676888d13991507569487eabeb4c2f6020cfeafa04f05487d63dc67e532bf2807e8c2a342413450f54c1cb8ae8b61bcc0b222f6939fd2280e1441e91e5fd0d6faeaa6f8b7bf378293df1a4fdec90440e8fb0efeaaa837fa072c72ead5ce679f02a50df0a2feb81c657d8c07bd90d95f5f4bb613a2911bce7b553c18c1b34066c43fb919cafc03a137115fe8805cfcb333c1ce9271e3ed0bd60691593ff754c9f804717ec6bdf5254261292857d1d86a0cf216febad5827a83b2718e7f00eddaadd5f22476f0aa6c4b6eace38edf288db6c3aa076eaf35a25babadc8a13ef40d22dcdcf8a59163e2", &(0x7f0000006740)=""/129, 0x2}, 0x20) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r8, 0x84, 0x1b, &(0x7f0000006840)={0x0, 0xf7, "5fb5e1b240465ae8a80c2198b048d4e2e22d4e220cb9f38faed9a6b4160067990244f9d1cf7cc4ab66e88d9395bb564ca4e48e7dd46c0689982b39b94a06a1cc815b8797f06c3b6572207d5484be357efc322152df8d11941913e4dea88b789754e2629378aea882964041151ab6a327358525341e9279973cb15fe19095662468a50be90f9c1c13b871bb194f6e56a58ebb4071682765e4c487c3faa78c0ca5a97e1197c5e1ec4c7d4a1b4fc21e4e7d9b5711ac92f24250c89887f70cf2b258553b792d8fe6c011c5d6389c63789db79a77165108fc5bfec482ebd586e4fe853f1dd5a1314e93db63afe8fc60f0f091eff7668eb5c3c5"}, &(0x7f0000006940)=0xff) setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000006980)={r12, 0x8ecd, 0xb5, 0x401, 0x4, 0x7}, 0x14) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000006a00)={0x8, &(0x7f00000069c0)=[{0x8001, 0x8c, 0xf4, 0x81}, {0x6, 0xc8, 0x65, 0x2}, {0xce, 0x80}, {0x3, 0x33, 0x3f, 0x1}, {0xfff, 0x7, 0x0, 0x2}, {0x3f8, 0x1f, 0x4, 0x593}, {0x20, 0x3, 0xb8, 0x1}, {0x876, 0x1, 0x79, 0xcb1}]}) openat$selinux_context(0xffffffffffffff9c, &(0x7f0000006a40)='/selinux/context\x00', 0x2, 0x0) r13 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(r13, 0x29, 0x23, &(0x7f0000006a80)={{{@in=@dev, @in6=@local}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000006b80)=0xe8) openat(r11, &(0x7f0000006bc0)='./file0\x00', 0x842, 0x180) 14:10:53 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r3 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x2, 0x0, 0x1, 0x2, 0x9, 0x6}, 0x20) 14:10:53 executing program 1: io_uring_setup(0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) connect(r0, &(0x7f0000000000)=@pppol2tpv3={0x2}, 0x80) creat(&(0x7f0000000080)='./file0\x00', 0x10b) sendmmsg(r0, &(0x7f0000001540), 0x553, 0x0) 14:10:53 executing program 0: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000008c0)={0x0, 0x296, &(0x7f00000004c0)={&(0x7f0000000480)=@ipv4_delrule={0x28, 0x21, 0x331, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x28}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000040)=""/103) [ 271.980621][T10814] nvme_fabrics: unknown parameter or missing value 'õÛýF‚ÕýÏQŠœ#ªACKgéÒH^H84 ' in ctrl creation request 14:10:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000000)={0x100000, 0x0, 0x0, 0x100000, 0x400}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00') ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x0, 0x0) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x104800) getsockopt$SO_COOKIE(r4, 0x1, 0x39, &(0x7f00000002c0), &(0x7f0000000300)=0x8) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x405, 0x0, 0x0, 0x0, 0x0, 0xfff]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:10:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f00000000c0)=0x8, 0x4) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r4, &(0x7f00000017c0), 0x19e, 0x0) accept(r4, &(0x7f00000003c0)=@alg, &(0x7f0000000440)=0x80) setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000080), 0x8) sendmmsg$sock(r3, &(0x7f0000000100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@txtime={{0x18}}], 0x18}}], 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x0, &(0x7f0000000300)=0xc8a, 0x4) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) r6 = socket(0x2000000000000010, 0x3, 0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f00000002c0)={0x2, 0x1}) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r6, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x503}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/udp6\x00') pread64(r8, 0x0, 0x300, 0x300) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/udp6\x00') pread64(r9, 0x0, 0x300, 0x300) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) r11 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r10, 0x84, 0x23, &(0x7f00000000c0)={r12}, 0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000480)={r12, @in6={{0xa, 0x4e24, 0x2, @mcast2, 0x20}}, 0x4, 0xfff9, 0x3f, 0x5, 0x20}, &(0x7f0000000540)=0x98) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, &(0x7f00000006c0)={r13, 0x3}, 0x8) sendmsg$IPVS_CMD_GET_INFO(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, r7, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newlink={0x54, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r14}, @IFLA_LINKINFO={0x2c, 0x12, @ip6ip6={{0xc, 0x1, 'ip6tnl\x00'}, {0x1c, 0x2, [@tunl6_policy=[@IFLA_IPTUN_LOCAL={0x14, 0x2, @mcast2}], @tunl6_policy=[@tunl_policy=[@IFLA_IPTUN_COLLECT_METADATA={0x4}]]]}}}]}, 0x54}}, 0x0) [ 272.445228][T10830] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 14:10:54 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) 14:10:54 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r2) 14:10:54 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=@ipv4_newroute={0x24, 0x18, 0x331, 0x0, 0x0, {}, [@RTA_OIF={0x8}]}, 0x24}}, 0x0) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="edbf259659a927b189017950e3bc25e604851088077877f8f376519576f04f73e3d394a55ec727ff9847524ca3d7b4af1a6e4a80c4807c54283808838692df5950052ddbfb76642184e7529d543580d7fa4e29f837adcba637654384a6216ef0922dc9f2caf2f36534e331f3ee4444533fa8b127d7d299d1507bcbd2d1c9e2ec468e7c8c5602c5a4a41867e9db8bc01b1d20b12be472f2f78b417cc72628c16cd11cebe63d12f702a739e3ff0839bb2c683cf3b052e706ac939dc8ad8682ce33398cdfaace9d346d6b4bde38400285fdecf49496a65928537f2ffe986690243df5dc326c36504ad61ce40d5867ce789e35d8d61a4c51a6abe01d481c46ea0cb80f95657c9c6179c9e43e088e38e57dae59bbb4a15441f9924340ae45042d715946d691f025228827a2432c72bf6484d466b1452a157718a6cd2323d33de4d5c4d0e34c7baacc951f665ae62e743d0d9ed572414c8d2a8c2a52c273349d57730cc0b7da7a5ed7a476d8fdb73f5073eefdb7e76700295eb5875d0356c16041"], 0xa) close(r2) socket(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) recvmsg$can_raw(r4, &(0x7f00000001c0)={&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f00000026c0)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000000100)=""/112, 0x70}, {&(0x7f0000000240)=""/158, 0x9e}, {&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000000300)=""/104, 0x68}, {&(0x7f0000002640)=""/111, 0x6f}], 0x6, &(0x7f0000002740)=""/184, 0xb8}, 0x40000002) r6 = syz_open_dev$audion(&(0x7f0000002840)='/dev/audio#\x00', 0xffffffffffffffff, 0x781380) clock_gettime(0x0, &(0x7f00000028c0)={0x0, 0x0}) utimensat(r6, &(0x7f0000002880)='./file0\x00', &(0x7f0000002900)={{r7, r8/1000+30000}}, 0x100) getsockopt$inet_udp_int(r5, 0x11, 0x67, &(0x7f00000005c0), &(0x7f0000002800)=0x4) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = fcntl$dupfd(r9, 0x0, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) [ 272.950854][ T27] audit: type=1400 audit(1579356654.793:53): avc: denied { prog_load } for pid=10840 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 14:10:55 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:10:55 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f00000000c0)=0x8, 0x4) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r4, &(0x7f00000017c0), 0x19e, 0x0) accept(r4, &(0x7f00000003c0)=@alg, &(0x7f0000000440)=0x80) setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000080), 0x8) sendmmsg$sock(r3, &(0x7f0000000100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@txtime={{0x18}}], 0x18}}], 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x0, &(0x7f0000000300)=0xc8a, 0x4) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) r6 = socket(0x2000000000000010, 0x3, 0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f00000002c0)={0x2, 0x1}) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r6, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x503}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/udp6\x00') pread64(r8, 0x0, 0x300, 0x300) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/udp6\x00') pread64(r9, 0x0, 0x300, 0x300) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) r11 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r10, 0x84, 0x23, &(0x7f00000000c0)={r12}, 0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000480)={r12, @in6={{0xa, 0x4e24, 0x2, @mcast2, 0x20}}, 0x4, 0xfff9, 0x3f, 0x5, 0x20}, &(0x7f0000000540)=0x98) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, &(0x7f00000006c0)={r13, 0x3}, 0x8) sendmsg$IPVS_CMD_GET_INFO(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, r7, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newlink={0x54, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r14}, @IFLA_LINKINFO={0x2c, 0x12, @ip6ip6={{0xc, 0x1, 'ip6tnl\x00'}, {0x1c, 0x2, [@tunl6_policy=[@IFLA_IPTUN_LOCAL={0x14, 0x2, @mcast2}], @tunl6_policy=[@tunl_policy=[@IFLA_IPTUN_COLLECT_METADATA={0x4}]]]}}}]}, 0x54}}, 0x0) [ 273.189360][ T27] audit: type=1400 audit(1579356655.033:54): avc: denied { prog_run } for pid=10840 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 14:10:55 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) 14:10:55 executing program 1: io_uring_setup(0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) connect(r0, &(0x7f0000000000)=@pppol2tpv3={0x2}, 0x80) creat(&(0x7f0000000080)='./file0\x00', 0x10b) sendmmsg(r0, &(0x7f0000001540), 0x553, 0x0) 14:10:55 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) 14:10:55 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x23f}, 0x293) socket$kcm(0x10, 0x2, 0x10) 14:10:56 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r2) 14:10:56 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) close(r2) 14:10:56 executing program 0: r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781500000000f601000800000007000000402c110000000000090000070081ffffff00000000000000385a58000000000000000000000000000001000000e6ff00000000ea0000000060000000000009a1e5aa21c6c5d51c73a79e41736248630a739f1bffdc0831baba3c020000004fda59ec8ffd73202fba7ba2c294483b5b88e2d04e8628b5c4d8836e0ddd368f0e8d39ef2ca29d4d027f1cfc8edce2bf7a2f24e2bfdb2b372d033ca074f8197bef3cc9ee2ad492fdeee2de2048f50000040000000000006254da3932c1e639c1c35648385da4696823023246aefb26bb960739b70e56882fb305187484b4b59833ed5572ec1846800997402c6d50fd859486bfedefc653e4cc76904a000000000000000070d320e95b60d9260ea382b86af38da7229a50ec8f16a5235758020b2125c0772841aa339708524351cb563f9d39a82296dfba1e41a48ccfa11d93ca3cd92cd155acadf4542d4c96c87a3e3a29348622a779f6807a81070e49ba96faea879b83f6c64439bf7d69e92d76256ab0eef0b60c2a56a4ec04c7adc4cdaf491d03c159f56fa67699faa85bcd8e444e5917e90545bb0ff3412803c1bc3b4039f27bc861ce58c19559a7a97fe7e72b7c6c14926b224128f89140c92cf57adbb3d6b6d3352c93f84a8cf55392489d6689177725000000000000000000", @ANYPTR], 0x153) [ 274.644239][T10885] SELinux: failed to load policy 14:10:56 executing program 0: statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_open_dev$mice(0x0, 0x0, 0x181021) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x100082) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000002c0)={0x7, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffe]}}) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x8001, 0x4000) ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7b60bddaab9ab6723f51c64ffbaccb5ebaa5153b934d1b48504982322f754320483c0a5000001c00000000000000000700"], 0x1) r0 = memfd_create(&(0x7f0000000540)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40804, &(0x7f0000000200)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) socket$inet6(0xa, 0x40000080806, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f00000003c0)=""/148, 0x94, 0x100, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x3ff}) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x3ff, 0x0, 0x3}) r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000680)="5846534200007ca580b57fffffff100000000000000000000000000000000000984f0b5042b64b06bc86cba3e6cc3f8002000038c8000000000000000000000000800000f9ffffffff8000000000000000825c000001000010000000002100000000000806c034a40275d4396b12a7057ee53d3bc089f0ce8eaca05a263c4376b79bb460a0a91d74fdf72feab1263318984a604ee65a4b4b59aec0c9e222ff2e1c49038c47f4f474bec398caf89a93b66ef1b9455f8e2f3f000000000000009349a30a7199d0b3adbaa940f4439c473fc92f474f7308147a67fa5c89c675", 0xde}, {&(0x7f0000000200)="059aa00080dc5ddf42b7a38b0a6a33e0ccbb3c78d0a84406ac91e8a6c8cf8436a9f3e56588060c2f754c7c221714c40e38a3443dcc6a25dc33f650825fda409f984c36384675493cf704eaadb3f232254dca2aac0c41149ca0f1a71ed81b34f35e1f7720c644f9301146b21df3aaac11ffd727b61555d95124209c29f103241c26e52c3cda247c7a1978a684f97624fc2ddaeca5ecc1c2a8f639eae48da8096fbefa9cb9e299bd6b8443ca79786890b49d76cfa245b9978f6975571db258f9f981f177972f517ff9bc00373ee44e9b52780f710e2d9289dfe3ff8c9c04541735b892c96c4940719e92ace6d187b7a613d30043858cd91ae1ad2e8724c5770cb031b29e652723349d38a25d87dd4a13f897c3be1d505213f174cccf7d32bffd67abf4d97e92daa973e20c3c1f146e1674c3b28fff788f393bad67e812b09b0ff086787d1b39b6d8e01cdfb3782841cc2d3f47758e796b6a6dbd6f3e939716ed6ed4dfa6a72a732b3eb725c59825595a0fdf8967f3c9ebbbc968ec4ec804db6b3eac1a532e213d03e54bcf1f4c71219b94895970f9", 0x194, 0x6c}], 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0xff00) 14:10:56 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r2) 14:10:57 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={0x0, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, @ethernet={0x306, @remote}, @xdp={0x2c, 0xc031c1e0aa38d5e1, 0x0, 0x33}, 0x1ff, 0x0, 0x0, 0x0, 0xfff7, &(0x7f0000000000)='bond_slave_0\x00', 0x800, 0xfffffffffffffffe, 0x6}) r5 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x100, 0x0) sendto$packet(r5, &(0x7f0000000100)="dbf7dee68c3b04cf80c3e08f2cef4509d13eeb6f5f11e8e8622f872601fc7ec1a282aa35597436b16c798d3e7140c72966f4f07fc01dfdab2052018145f38273775d908f41606dffec3e8a03b4edd35ae6936abb61f59dbd22df1c23e2831185731c22eadd06cda2158a3df36074b7959c59b73b6367cae3d19a83489350a1361dccf7a3f44ee6b8c4b916e9a6e930a9e7a7afc5bbc0b76b479827a4d7e3922966d464177a08db70777598825c932147dbbb844ffd82916e016505e80e782ce626f7fce2ccb218aeaf3f24b942a7624346aa6ea20fd03ddff36e22e6063dc385153a3d14d7240b269e5937e2", 0x32, 0x50, &(0x7f0000000040)={0x11, 0x11, r4, 0x1, 0xbf, 0x6, @random="59cd52c68088"}, 0x14) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) bind$nfc_llcp(r9, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "9e7b0fbabb8c4f3152c4acc918d125cb7db320befdc6f3187885ee6579e33bffe664ecacff015186c94b87828855a89b16c8d2f5391c56729fb5519f42dcaf"}, 0x60) dup2(r0, r1) 14:10:58 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:10:58 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) ioctl$SNDRV_PCM_IOCTL_LINK(0xffffffffffffffff, 0x40044160, &(0x7f00000001c0)=0x40) 14:10:58 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket(0x10, 0x80002, 0x0) bind(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x1, 0x3, {0xa, 0x4e20, 0x0, @loopback, 0x2}}}, 0x80) ioctl(r1, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8697071") write$binfmt_elf64(r0, &(0x7f0000000100)={{0x1b, 0x5b, 0x7, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, [{}]}, 0x1a6) 14:10:58 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r2) 14:10:58 executing program 0: statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_open_dev$mice(0x0, 0x0, 0x181021) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x100082) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000002c0)={0x7, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffe]}}) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x8001, 0x4000) ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7b60bddaab9ab6723f51c64ffbaccb5ebaa5153b934d1b48504982322f754320483c0a5000001c00000000000000000700"], 0x1) r0 = memfd_create(&(0x7f0000000540)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40804, &(0x7f0000000200)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) socket$inet6(0xa, 0x40000080806, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f00000003c0)=""/148, 0x94, 0x100, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x3ff}) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x3ff, 0x0, 0x3}) r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000680)="5846534200007ca580b57fffffff100000000000000000000000000000000000984f0b5042b64b06bc86cba3e6cc3f8002000038c8000000000000000000000000800000f9ffffffff8000000000000000825c000001000010000000002100000000000806c034a40275d4396b12a7057ee53d3bc089f0ce8eaca05a263c4376b79bb460a0a91d74fdf72feab1263318984a604ee65a4b4b59aec0c9e222ff2e1c49038c47f4f474bec398caf89a93b66ef1b9455f8e2f3f000000000000009349a30a7199d0b3adbaa940f4439c473fc92f474f7308147a67fa5c89c675", 0xde}, {&(0x7f0000000200)="059aa00080dc5ddf42b7a38b0a6a33e0ccbb3c78d0a84406ac91e8a6c8cf8436a9f3e56588060c2f754c7c221714c40e38a3443dcc6a25dc33f650825fda409f984c36384675493cf704eaadb3f232254dca2aac0c41149ca0f1a71ed81b34f35e1f7720c644f9301146b21df3aaac11ffd727b61555d95124209c29f103241c26e52c3cda247c7a1978a684f97624fc2ddaeca5ecc1c2a8f639eae48da8096fbefa9cb9e299bd6b8443ca79786890b49d76cfa245b9978f6975571db258f9f981f177972f517ff9bc00373ee44e9b52780f710e2d9289dfe3ff8c9c04541735b892c96c4940719e92ace6d187b7a613d30043858cd91ae1ad2e8724c5770cb031b29e652723349d38a25d87dd4a13f897c3be1d505213f174cccf7d32bffd67abf4d97e92daa973e20c3c1f146e1674c3b28fff788f393bad67e812b09b0ff086787d1b39b6d8e01cdfb3782841cc2d3f47758e796b6a6dbd6f3e939716ed6ed4dfa6a72a732b3eb725c59825595a0fdf8967f3c9ebbbc968ec4ec804db6b3eac1a532e213d03e54bcf1f4c71219b94895970f9", 0x194, 0x6c}], 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0xff00) 14:10:59 executing program 1: r0 = socket(0x1e, 0x5, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x80000000}, 0x1c) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x1c) recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000000)={0x7e, 0x31303553, 0x3, @discrete={0x3ff, 0x8001}}) sendmsg(r1, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, 0x0}, 0x0) accept$alg(r0, 0x713000, 0x715000) 14:10:59 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) close(0xffffffffffffffff) 14:10:59 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) close(0xffffffffffffffff) 14:10:59 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) close(0xffffffffffffffff) [ 277.597815][T10929] attempt to access beyond end of device [ 277.619713][T10929] loop0: rw=4096, want=27, limit=1 [ 277.634488][T10929] XFS (loop0): SB validate failed with error -5. 14:10:59 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:10:59 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x80840) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:10:59 executing program 1: r0 = socket(0x1e, 0x5, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x80000000}, 0x1c) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x1c) recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000000)={0x7e, 0x31303553, 0x3, @discrete={0x3ff, 0x8001}}) sendmsg(r1, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, 0x0}, 0x0) accept$alg(r0, 0x713000, 0x715000) 14:11:00 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:00 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:00 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:00 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:00 executing program 0: statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_open_dev$mice(0x0, 0x0, 0x181021) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x100082) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000002c0)={0x7, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffe]}}) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x8001, 0x4000) ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7b60bddaab9ab6723f51c64ffbaccb5ebaa5153b934d1b48504982322f754320483c0a5000001c00000000000000000700"], 0x1) r0 = memfd_create(&(0x7f0000000540)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40804, &(0x7f0000000200)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) socket$inet6(0xa, 0x40000080806, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f00000003c0)=""/148, 0x94, 0x100, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x3ff}) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x3ff, 0x0, 0x3}) r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000680)="5846534200007ca580b57fffffff100000000000000000000000000000000000984f0b5042b64b06bc86cba3e6cc3f8002000038c8000000000000000000000000800000f9ffffffff8000000000000000825c000001000010000000002100000000000806c034a40275d4396b12a7057ee53d3bc089f0ce8eaca05a263c4376b79bb460a0a91d74fdf72feab1263318984a604ee65a4b4b59aec0c9e222ff2e1c49038c47f4f474bec398caf89a93b66ef1b9455f8e2f3f000000000000009349a30a7199d0b3adbaa940f4439c473fc92f474f7308147a67fa5c89c675", 0xde}, {&(0x7f0000000200)="059aa00080dc5ddf42b7a38b0a6a33e0ccbb3c78d0a84406ac91e8a6c8cf8436a9f3e56588060c2f754c7c221714c40e38a3443dcc6a25dc33f650825fda409f984c36384675493cf704eaadb3f232254dca2aac0c41149ca0f1a71ed81b34f35e1f7720c644f9301146b21df3aaac11ffd727b61555d95124209c29f103241c26e52c3cda247c7a1978a684f97624fc2ddaeca5ecc1c2a8f639eae48da8096fbefa9cb9e299bd6b8443ca79786890b49d76cfa245b9978f6975571db258f9f981f177972f517ff9bc00373ee44e9b52780f710e2d9289dfe3ff8c9c04541735b892c96c4940719e92ace6d187b7a613d30043858cd91ae1ad2e8724c5770cb031b29e652723349d38a25d87dd4a13f897c3be1d505213f174cccf7d32bffd67abf4d97e92daa973e20c3c1f146e1674c3b28fff788f393bad67e812b09b0ff086787d1b39b6d8e01cdfb3782841cc2d3f47758e796b6a6dbd6f3e939716ed6ed4dfa6a72a732b3eb725c59825595a0fdf8967f3c9ebbbc968ec4ec804db6b3eac1a532e213d03e54bcf1f4c71219b94895970f9", 0x194, 0x6c}], 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0xff00) 14:11:00 executing program 1: r0 = socket(0x1e, 0x5, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x80000000}, 0x1c) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x1c) recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000000)={0x7e, 0x31303553, 0x3, @discrete={0x3ff, 0x8001}}) sendmsg(r1, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, 0x0}, 0x0) accept$alg(r0, 0x713000, 0x715000) 14:11:01 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 279.229727][T10981] attempt to access beyond end of device [ 279.235414][T10981] loop0: rw=4096, want=27, limit=1 14:11:01 executing program 1: r0 = socket(0x1e, 0x5, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x80000000}, 0x1c) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x1c) recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000000)={0x7e, 0x31303553, 0x3, @discrete={0x3ff, 0x8001}}) sendmsg(r1, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, 0x0}, 0x0) accept$alg(r0, 0x713000, 0x715000) [ 279.357149][T10981] XFS (loop0): SB validate failed with error -5. 14:11:01 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:01 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:01 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:01 executing program 0: statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_open_dev$mice(0x0, 0x0, 0x181021) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x100082) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000002c0)={0x7, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffe]}}) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x8001, 0x4000) ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7b60bddaab9ab6723f51c64ffbaccb5ebaa5153b934d1b48504982322f754320483c0a5000001c00000000000000000700"], 0x1) r0 = memfd_create(&(0x7f0000000540)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40804, &(0x7f0000000200)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) socket$inet6(0xa, 0x40000080806, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f00000003c0)=""/148, 0x94, 0x100, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x3ff}) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0xff00) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x3ff, 0x0, 0x3}) r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000680)="5846534200007ca580b57fffffff100000000000000000000000000000000000984f0b5042b64b06bc86cba3e6cc3f8002000038c8000000000000000000000000800000f9ffffffff8000000000000000825c000001000010000000002100000000000806c034a40275d4396b12a7057ee53d3bc089f0ce8eaca05a263c4376b79bb460a0a91d74fdf72feab1263318984a604ee65a4b4b59aec0c9e222ff2e1c49038c47f4f474bec398caf89a93b66ef1b9455f8e2f3f000000000000009349a30a7199d0b3adbaa940f4439c473fc92f474f7308147a67fa5c89c675", 0xde}, {&(0x7f0000000200)="059aa00080dc5ddf42b7a38b0a6a33e0ccbb3c78d0a84406ac91e8a6c8cf8436a9f3e56588060c2f754c7c221714c40e38a3443dcc6a25dc33f650825fda409f984c36384675493cf704eaadb3f232254dca2aac0c41149ca0f1a71ed81b34f35e1f7720c644f9301146b21df3aaac11ffd727b61555d95124209c29f103241c26e52c3cda247c7a1978a684f97624fc2ddaeca5ecc1c2a8f639eae48da8096fbefa9cb9e299bd6b8443ca79786890b49d76cfa245b9978f6975571db258f9f981f177972f517ff9bc00373ee44e9b52780f710e2d9289dfe3ff8c9c04541735b892c96c4940719e92ace6d187b7a613d30043858cd91ae1ad2e8724c5770cb031b29e652723349d38a25d87dd4a13f897c3be1d505213f174cccf7d32bffd67abf4d97e92daa973e20c3c1f146e1674c3b28fff788f393bad67e812b09b0ff086787d1b39b6d8e01cdfb3782841cc2d3f47758e796b6a6dbd6f3e939716ed6ed4dfa6a72a732b3eb725c59825595a0fdf8967f3c9ebbbc968ec4ec804db6b3eac1a532e213d03e54bcf1f4c71219b94895970f9", 0x194, 0x6c}], 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0xff00) [ 280.618174][T11023] attempt to access beyond end of device [ 280.674164][T11023] loop0: rw=4096, want=27, limit=1 [ 280.715968][T11023] XFS (loop0): SB validate failed with error -5. 14:11:03 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:03 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:03 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 0: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 0: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:03 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() close(0xffffffffffffffff) 14:11:03 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:03 executing program 0: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:04 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:04 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() close(0xffffffffffffffff) 14:11:04 executing program 0: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:04 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:04 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:04 executing program 4: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:04 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() close(0xffffffffffffffff) 14:11:04 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:05 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:05 executing program 4: syz_open_procfs$namespace(0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:05 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:05 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:05 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:05 executing program 4: syz_open_procfs$namespace(0x0, 0x0) getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:05 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:05 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:06 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:06 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:06 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x2}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r1) 14:11:06 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:06 executing program 1: syz_open_procfs$namespace(0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:06 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:06 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:06 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:07 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:07 executing program 1: syz_open_procfs$namespace(0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:07 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:07 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:07 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:07 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:07 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:07 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:07 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:07 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:07 executing program 1: r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:07 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:08 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:08 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:08 executing program 1: r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:08 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:08 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:08 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:08 executing program 1: r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r0) 14:11:08 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:08 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:08 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:08 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:09 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:09 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:09 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:09 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:09 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:09 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:09 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:09 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:10 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:10 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:10 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:10 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:10 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:11 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:11 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:11 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:11 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:11 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:11 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:11 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:11 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:11 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:11 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:11 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:11 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:12 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:12 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:12 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:12 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:12 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x10, r0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-control\x00', 0x4000, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x96}, 0x2b}}, 0x0, 0x0, 0x35, 0x0, "7daf51d518b54f958e464e043f453fbe3a0f3c8e30cc78f4199afd161232e8f80ad6454e706dcd710a17ff2c933cd8fbf6dbc3d0ab5b14099e0df8c28b9aa0ddfbe70f9e236c9bc54c8e588e8870020a"}, 0xd8) getdents(0xffffffffffffffff, 0x0, 0x0) prctl$PR_MCE_KILL(0x21, 0x0, 0x2) socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(0xffffffffffffffff, &(0x7f000000c280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000010) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$DRM_IOCTL_GEM_OPEN(r5, 0xc010640b, &(0x7f0000000100)={0x0, 0x0, 0x101}) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$DRM_IOCTL_GEM_OPEN(r8, 0xc010640b, &(0x7f0000000180)={0x0, 0x0, 0x4}) ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f00000001c0)={r6, r9}) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000000)=0x9, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x4, 0x278, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x600, 0x0, 0x0, 0x0, [0x0, 0x9]}}, 0xfdef) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000040)=0x8000000) getpid() socket$inet_tcp(0x2, 0x1, 0x0) 14:11:12 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:12 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:12 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:12 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:12 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:13 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:13 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:13 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:13 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:13 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:13 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:13 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:14 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:14 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:15 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:15 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:15 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:15 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:15 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:15 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:15 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:15 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:15 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:15 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:16 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:16 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:16 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:16 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:16 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:16 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:16 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:16 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:16 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:16 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:16 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:17 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:17 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:17 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:17 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:17 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:17 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:17 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:18 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:18 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:18 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:18 executing program 3: socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:18 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:18 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:19 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:19 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:19 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:19 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:19 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:19 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:19 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:19 executing program 4: getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:19 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:19 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:19 executing program 4: getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) 14:11:19 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:20 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:20 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:20 executing program 4: getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) 14:11:20 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:20 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:20 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:20 executing program 4: getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) 14:11:20 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:20 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:20 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:20 executing program 4: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:20 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:21 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:21 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:21 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(r0) 14:11:21 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:21 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:21 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 300.132809][T11668] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 14:11:22 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 300.223560][T11668] CPU: 1 PID: 11668 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 300.232401][T11668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.242482][T11668] Call Trace: [ 300.245811][T11668] dump_stack+0x197/0x210 [ 300.250162][T11668] dump_header+0x10b/0x82d [ 300.254597][T11668] oom_kill_process.cold+0x10/0x15 [ 300.259808][T11668] out_of_memory+0x334/0x13c0 [ 300.264486][T11668] ? find_held_lock+0x35/0x130 [ 300.269253][T11668] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 300.275059][T11668] ? oom_killer_disable+0x280/0x280 [ 300.280278][T11668] mem_cgroup_out_of_memory+0x1d8/0x240 [ 300.285836][T11668] ? memcg_oom_wake_function+0x700/0x700 [ 300.291479][T11668] ? do_raw_spin_unlock+0x181/0x270 [ 300.296703][T11668] ? _raw_spin_unlock+0x28/0x40 [ 300.301563][T11668] try_charge+0xf76/0x14d0 [ 300.305998][T11668] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 300.311559][T11668] ? percpu_ref_tryget+0x102/0x230 [ 300.316676][T11668] ? rcu_read_lock_held+0x9c/0xb0 [ 300.321744][T11668] ? __kasan_check_read+0x11/0x20 [ 300.326791][T11668] ? get_mem_cgroup_from_mm+0x151/0x310 [ 300.332343][T11668] mem_cgroup_try_charge+0x136/0x590 [ 300.337641][T11668] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 300.343283][T11668] __handle_mm_fault+0x1f61/0x3cc0 [ 300.348428][T11668] ? apply_to_existing_page_range+0x50/0x50 [ 300.354339][T11668] ? handle_mm_fault+0x292/0xa50 [ 300.360558][T11668] ? handle_mm_fault+0x7a0/0xa50 [ 300.365582][T11668] ? __kasan_check_read+0x11/0x20 [ 300.370651][T11668] handle_mm_fault+0x3b2/0xa50 [ 300.375565][T11668] __get_user_pages+0x7b2/0x1ac0 [ 300.380520][T11668] ? mark_held_locks+0xf0/0xf0 [ 300.385352][T11668] ? follow_page_mask+0x1dd0/0x1dd0 [ 300.390566][T11668] ? __mm_populate+0x270/0x380 [ 300.395372][T11668] ? __kasan_check_write+0x14/0x20 [ 300.400509][T11668] ? down_read+0x109/0x430 [ 300.404944][T11668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.411227][T11668] populate_vma_page_range+0x20d/0x2a0 [ 300.416718][T11668] __mm_populate+0x204/0x380 [ 300.421329][T11668] ? populate_vma_page_range+0x2a0/0x2a0 [ 300.427111][T11668] ? __kasan_check_write+0x14/0x20 [ 300.432232][T11668] ? up_write+0x150/0x490 [ 300.436570][T11668] ? ns_capable_common+0x93/0x100 [ 300.441628][T11668] __x64_sys_mlockall+0x473/0x520 [ 300.446676][T11668] do_syscall_64+0xfa/0x790 [ 300.451204][T11668] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.457105][T11668] RIP: 0033:0x45aff9 [ 300.461035][T11668] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.480754][T11668] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 300.489194][T11668] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 300.497235][T11668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 300.505228][T11668] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 300.513220][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 300.521216][T11668] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 300.638137][T11668] memory: usage 307200kB, limit 307200kB, failcnt 29 [ 300.657643][T11668] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 300.693797][T11668] Memory cgroup stats for /syz5: [ 300.694233][T11668] anon 309202944 [ 300.694233][T11668] file 0 [ 300.694233][T11668] kernel_stack 552960 [ 300.694233][T11668] slab 1847296 [ 300.694233][T11668] sock 0 [ 300.694233][T11668] shmem 0 [ 300.694233][T11668] file_mapped 0 [ 300.694233][T11668] file_dirty 0 [ 300.694233][T11668] file_writeback 0 [ 300.694233][T11668] anon_thp 274726912 [ 300.694233][T11668] inactive_anon 207962112 [ 300.694233][T11668] active_anon 98304 [ 300.694233][T11668] inactive_file 0 [ 300.694233][T11668] active_file 0 [ 300.694233][T11668] unevictable 101068800 [ 300.694233][T11668] slab_reclaimable 405504 [ 300.694233][T11668] slab_unreclaimable 1441792 [ 300.694233][T11668] pgfault 21252 [ 300.694233][T11668] pgmajfault 0 [ 300.694233][T11668] workingset_refault 0 [ 300.694233][T11668] workingset_activate 0 [ 300.694233][T11668] workingset_nodereclaim 0 [ 300.694233][T11668] pgrefill 37 [ 300.694233][T11668] pgscan 33 [ 300.694233][T11668] pgsteal 0 [ 300.694233][T11668] pgactivate 33 [ 300.863428][T11668] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11651,uid=0 [ 300.891570][T11668] Memory cgroup out of memory: Killed process 11651 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:23 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:23 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x78) close(r0) 14:11:23 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:23 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:23 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:23 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) 14:11:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) 14:11:23 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:24 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:24 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:24 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 302.219612][T11723] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 302.263654][T11723] CPU: 1 PID: 11723 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 302.272465][T11723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.282529][T11723] Call Trace: [ 302.285842][T11723] dump_stack+0x197/0x210 [ 302.290331][T11723] dump_header+0x10b/0x82d [ 302.294784][T11723] oom_kill_process.cold+0x10/0x15 [ 302.299942][T11723] out_of_memory+0x334/0x13c0 [ 302.304643][T11723] ? find_held_lock+0x35/0x130 [ 302.309437][T11723] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 302.315407][T11723] ? oom_killer_disable+0x280/0x280 [ 302.320642][T11723] mem_cgroup_out_of_memory+0x1d8/0x240 [ 302.326337][T11723] ? memcg_oom_wake_function+0x700/0x700 [ 302.332002][T11723] ? do_raw_spin_unlock+0x181/0x270 [ 302.337232][T11723] ? _raw_spin_unlock+0x28/0x40 [ 302.342117][T11723] try_charge+0xf76/0x14d0 [ 302.346568][T11723] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 302.352150][T11723] ? percpu_ref_tryget+0x102/0x230 [ 302.357518][T11723] ? rcu_read_lock_held+0x9c/0xb0 [ 302.362574][T11723] ? __kasan_check_read+0x11/0x20 [ 302.367669][T11723] ? get_mem_cgroup_from_mm+0x151/0x310 [ 302.373353][T11723] mem_cgroup_try_charge+0x136/0x590 [ 302.378714][T11723] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 302.384388][T11723] __handle_mm_fault+0x1f61/0x3cc0 [ 302.389531][T11723] ? apply_to_existing_page_range+0x50/0x50 [ 302.397711][T11723] ? handle_mm_fault+0x292/0xa50 [ 302.402689][T11723] ? handle_mm_fault+0x7a0/0xa50 [ 302.407649][T11723] ? __kasan_check_read+0x11/0x20 [ 302.412813][T11723] handle_mm_fault+0x3b2/0xa50 [ 302.417601][T11723] __get_user_pages+0x7b2/0x1ac0 [ 302.422553][T11723] ? mark_held_locks+0xf0/0xf0 [ 302.427346][T11723] ? follow_page_mask+0x1dd0/0x1dd0 [ 302.432568][T11723] ? __mm_populate+0x270/0x380 [ 302.437361][T11723] ? __kasan_check_write+0x14/0x20 [ 302.442515][T11723] ? down_read+0x109/0x430 [ 302.447127][T11723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.453493][T11723] populate_vma_page_range+0x20d/0x2a0 [ 302.458990][T11723] __mm_populate+0x204/0x380 [ 302.463605][T11723] ? populate_vma_page_range+0x2a0/0x2a0 [ 302.469433][T11723] ? __kasan_check_write+0x14/0x20 [ 302.474565][T11723] ? up_write+0x150/0x490 [ 302.478921][T11723] ? ns_capable_common+0x93/0x100 [ 302.483971][T11723] __x64_sys_mlockall+0x473/0x520 [ 302.490086][T11723] do_syscall_64+0xfa/0x790 [ 302.494735][T11723] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 302.500728][T11723] RIP: 0033:0x45aff9 [ 302.504640][T11723] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 302.524560][T11723] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 302.533009][T11723] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 302.541015][T11723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 302.549095][T11723] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 14:11:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x23}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) close(0xffffffffffffffff) [ 302.557355][T11723] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 302.565349][T11723] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:11:24 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 302.868804][T11723] memory: usage 307200kB, limit 307200kB, failcnt 59 [ 302.903187][T11723] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 302.946013][T11723] Memory cgroup stats for /syz5: [ 302.946140][T11723] anon 309116928 [ 302.946140][T11723] file 0 [ 302.946140][T11723] kernel_stack 552960 [ 302.946140][T11723] slab 1847296 [ 302.946140][T11723] sock 0 [ 302.946140][T11723] shmem 0 [ 302.946140][T11723] file_mapped 0 [ 302.946140][T11723] file_dirty 0 [ 302.946140][T11723] file_writeback 0 [ 302.946140][T11723] anon_thp 272629760 [ 302.946140][T11723] inactive_anon 208224256 [ 302.946140][T11723] active_anon 98304 [ 302.946140][T11723] inactive_file 0 [ 302.946140][T11723] active_file 0 [ 302.946140][T11723] unevictable 100970496 [ 302.946140][T11723] slab_reclaimable 405504 [ 302.946140][T11723] slab_unreclaimable 1441792 [ 302.946140][T11723] pgfault 22836 [ 302.946140][T11723] pgmajfault 0 [ 302.946140][T11723] workingset_refault 0 [ 302.946140][T11723] workingset_activate 0 [ 302.946140][T11723] workingset_nodereclaim 0 [ 302.946140][T11723] pgrefill 37 [ 302.946140][T11723] pgscan 66 [ 302.946140][T11723] pgsteal 0 [ 302.946140][T11723] pgactivate 33 [ 303.070609][T11723] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11699,uid=0 [ 303.094079][T11723] Memory cgroup out of memory: Killed process 11699 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 303.136250][ T1129] oom_reaper: reaped process 11699 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 14:11:25 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:25 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:25 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:25 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:25 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:25 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 303.807093][T11778] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 303.825323][T11778] CPU: 0 PID: 11778 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 303.834083][T11778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.844274][T11778] Call Trace: [ 303.847660][T11778] dump_stack+0x197/0x210 [ 303.852022][T11778] dump_header+0x10b/0x82d 14:11:25 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 303.856578][T11778] oom_kill_process.cold+0x10/0x15 [ 303.861828][T11778] out_of_memory+0x334/0x13c0 [ 303.866543][T11778] ? find_held_lock+0x35/0x130 [ 303.871332][T11778] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 303.877154][T11778] ? oom_killer_disable+0x280/0x280 [ 303.882399][T11778] mem_cgroup_out_of_memory+0x1d8/0x240 [ 303.887989][T11778] ? memcg_oom_wake_function+0x700/0x700 [ 303.894185][T11778] ? do_raw_spin_unlock+0x181/0x270 [ 303.899447][T11778] ? _raw_spin_unlock+0x28/0x40 [ 303.904330][T11778] try_charge+0xf76/0x14d0 [ 303.908911][T11778] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 303.914475][T11778] ? percpu_ref_tryget+0x102/0x230 [ 303.919607][T11778] ? rcu_read_lock_held+0x9c/0xb0 [ 303.924662][T11778] ? __kasan_check_read+0x11/0x20 [ 303.929713][T11778] ? get_mem_cgroup_from_mm+0x151/0x310 [ 303.935267][T11778] mem_cgroup_try_charge+0x136/0x590 [ 303.940586][T11778] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 303.946238][T11778] __handle_mm_fault+0x1f61/0x3cc0 [ 303.951357][T11778] ? apply_to_existing_page_range+0x50/0x50 [ 303.957371][T11778] ? handle_mm_fault+0x292/0xa50 [ 303.962339][T11778] ? handle_mm_fault+0x7a0/0xa50 [ 303.967293][T11778] ? __kasan_check_read+0x11/0x20 [ 303.972357][T11778] handle_mm_fault+0x3b2/0xa50 [ 303.977126][T11778] __get_user_pages+0x7b2/0x1ac0 [ 303.982233][T11778] ? mark_held_locks+0xf0/0xf0 [ 303.987022][T11778] ? follow_page_mask+0x1dd0/0x1dd0 [ 303.992247][T11778] ? __mm_populate+0x270/0x380 [ 303.997020][T11778] ? __kasan_check_write+0x14/0x20 [ 304.002148][T11778] ? down_read+0x109/0x430 [ 304.006673][T11778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 304.013033][T11778] populate_vma_page_range+0x20d/0x2a0 [ 304.018513][T11778] __mm_populate+0x204/0x380 [ 304.023125][T11778] ? populate_vma_page_range+0x2a0/0x2a0 [ 304.028771][T11778] ? __kasan_check_write+0x14/0x20 [ 304.033930][T11778] ? up_write+0x150/0x490 [ 304.038259][T11778] ? ns_capable_common+0x93/0x100 [ 304.043327][T11778] __x64_sys_mlockall+0x473/0x520 [ 304.048369][T11778] do_syscall_64+0xfa/0x790 [ 304.053033][T11778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 304.058943][T11778] RIP: 0033:0x45aff9 [ 304.062846][T11778] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 304.082462][T11778] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 304.090903][T11778] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 304.098890][T11778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 14:11:26 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 304.106958][T11778] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 304.115036][T11778] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 304.123020][T11778] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 304.145886][T11778] memory: usage 307188kB, limit 307200kB, failcnt 100 14:11:26 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 304.166784][T11778] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 304.215935][T11778] Memory cgroup stats for /syz5: [ 304.216078][T11778] anon 309137408 [ 304.216078][T11778] file 0 [ 304.216078][T11778] kernel_stack 589824 [ 304.216078][T11778] slab 1847296 [ 304.216078][T11778] sock 0 [ 304.216078][T11778] shmem 0 [ 304.216078][T11778] file_mapped 0 [ 304.216078][T11778] file_dirty 0 [ 304.216078][T11778] file_writeback 0 [ 304.216078][T11778] anon_thp 272629760 [ 304.216078][T11778] inactive_anon 203902976 [ 304.216078][T11778] active_anon 98304 [ 304.216078][T11778] inactive_file 0 14:11:26 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 304.216078][T11778] active_file 0 [ 304.216078][T11778] unevictable 105295872 [ 304.216078][T11778] slab_reclaimable 405504 [ 304.216078][T11778] slab_unreclaimable 1441792 [ 304.216078][T11778] pgfault 24717 [ 304.216078][T11778] pgmajfault 0 [ 304.216078][T11778] workingset_refault 0 [ 304.216078][T11778] workingset_activate 0 [ 304.216078][T11778] workingset_nodereclaim 0 [ 304.216078][T11778] pgrefill 37 [ 304.216078][T11778] pgscan 66 [ 304.216078][T11778] pgsteal 0 [ 304.216078][T11778] pgactivate 33 [ 304.442412][T11778] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11761,uid=0 [ 304.476868][T11778] Memory cgroup out of memory: Killed process 11761 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:26 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:26 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:27 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 2: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 2: socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:27 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 305.929355][T11842] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 305.974316][T11842] CPU: 1 PID: 11842 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 305.983048][T11842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.993121][T11842] Call Trace: [ 305.996432][T11842] dump_stack+0x197/0x210 [ 306.000792][T11842] dump_header+0x10b/0x82d [ 306.005238][T11842] oom_kill_process.cold+0x10/0x15 [ 306.010664][T11842] out_of_memory+0x334/0x13c0 [ 306.015373][T11842] ? find_held_lock+0x35/0x130 [ 306.020172][T11842] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 306.026008][T11842] ? oom_killer_disable+0x280/0x280 [ 306.031261][T11842] mem_cgroup_out_of_memory+0x1d8/0x240 [ 306.036839][T11842] ? memcg_oom_wake_function+0x700/0x700 [ 306.042508][T11842] ? do_raw_spin_unlock+0x181/0x270 [ 306.047784][T11842] ? _raw_spin_unlock+0x28/0x40 [ 306.052671][T11842] try_charge+0xf76/0x14d0 [ 306.057132][T11842] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 306.062815][T11842] ? percpu_ref_tryget+0x102/0x230 [ 306.067951][T11842] ? rcu_read_lock_held+0x9c/0xb0 [ 306.073005][T11842] ? __kasan_check_read+0x11/0x20 [ 306.078058][T11842] ? get_mem_cgroup_from_mm+0x151/0x310 [ 306.083640][T11842] mem_cgroup_try_charge+0x136/0x590 [ 306.089244][T11842] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 306.095061][T11842] __handle_mm_fault+0x1f61/0x3cc0 [ 306.100206][T11842] ? apply_to_existing_page_range+0x50/0x50 [ 306.106133][T11842] ? handle_mm_fault+0x292/0xa50 [ 306.111109][T11842] ? handle_mm_fault+0x7a0/0xa50 [ 306.116073][T11842] ? __kasan_check_read+0x11/0x20 [ 306.121129][T11842] handle_mm_fault+0x3b2/0xa50 [ 306.126357][T11842] __get_user_pages+0x7b2/0x1ac0 [ 306.131431][T11842] ? mark_held_locks+0xf0/0xf0 [ 306.136240][T11842] ? follow_page_mask+0x1dd0/0x1dd0 [ 306.141460][T11842] ? __mm_populate+0x270/0x380 [ 306.146257][T11842] ? __kasan_check_write+0x14/0x20 [ 306.151390][T11842] ? down_read+0x109/0x430 [ 306.155835][T11842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.162266][T11842] populate_vma_page_range+0x20d/0x2a0 [ 306.167757][T11842] __mm_populate+0x204/0x380 [ 306.172659][T11842] ? populate_vma_page_range+0x2a0/0x2a0 [ 306.178316][T11842] ? __kasan_check_write+0x14/0x20 [ 306.183460][T11842] ? up_write+0x150/0x490 [ 306.187808][T11842] ? ns_capable_common+0x93/0x100 [ 306.192994][T11842] __x64_sys_mlockall+0x473/0x520 [ 306.198049][T11842] do_syscall_64+0xfa/0x790 [ 306.202581][T11842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 306.208486][T11842] RIP: 0033:0x45aff9 [ 306.212399][T11842] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 306.232040][T11842] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 306.240566][T11842] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 306.248761][T11842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 306.256752][T11842] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 306.264750][T11842] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 306.272743][T11842] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 306.357163][T11842] memory: usage 307200kB, limit 307200kB, failcnt 130 [ 306.364048][T11842] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 306.372466][T11842] Memory cgroup stats for /syz5: [ 306.373278][T11842] anon 309059584 [ 306.373278][T11842] file 0 [ 306.373278][T11842] kernel_stack 589824 [ 306.373278][T11842] slab 1847296 [ 306.373278][T11842] sock 0 [ 306.373278][T11842] shmem 0 [ 306.373278][T11842] file_mapped 0 [ 306.373278][T11842] file_dirty 0 [ 306.373278][T11842] file_writeback 0 [ 306.373278][T11842] anon_thp 272629760 [ 306.373278][T11842] inactive_anon 203902976 [ 306.373278][T11842] active_anon 98304 [ 306.373278][T11842] inactive_file 0 [ 306.373278][T11842] active_file 0 [ 306.373278][T11842] unevictable 105127936 [ 306.373278][T11842] slab_reclaimable 405504 [ 306.373278][T11842] slab_unreclaimable 1441792 [ 306.373278][T11842] pgfault 26532 [ 306.373278][T11842] pgmajfault 0 [ 306.373278][T11842] workingset_refault 0 [ 306.373278][T11842] workingset_activate 0 [ 306.373278][T11842] workingset_nodereclaim 0 [ 306.373278][T11842] pgrefill 37 [ 306.373278][T11842] pgscan 66 [ 306.373278][T11842] pgsteal 0 [ 306.373278][T11842] pgactivate 33 [ 306.507337][T11842] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11823,uid=0 [ 306.523943][T11842] Memory cgroup out of memory: Killed process 11823 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 306.576070][ T1129] oom_reaper: reaped process 11823 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 306.756313][T11878] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 306.766959][T11878] CPU: 0 PID: 11878 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 306.775760][T11878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.785827][T11878] Call Trace: [ 306.789125][T11878] dump_stack+0x197/0x210 [ 306.793444][T11878] dump_header+0x10b/0x82d [ 306.798028][T11878] oom_kill_process.cold+0x10/0x15 [ 306.803156][T11878] out_of_memory+0x334/0x13c0 [ 306.807865][T11878] ? find_held_lock+0x35/0x130 [ 306.812740][T11878] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 306.818543][T11878] ? oom_killer_disable+0x280/0x280 [ 306.823745][T11878] mem_cgroup_out_of_memory+0x1d8/0x240 [ 306.829359][T11878] ? memcg_oom_wake_function+0x700/0x700 [ 306.834996][T11878] ? do_raw_spin_unlock+0x181/0x270 [ 306.840243][T11878] ? _raw_spin_unlock+0x28/0x40 [ 306.845095][T11878] try_charge+0xf76/0x14d0 [ 306.849693][T11878] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 306.855239][T11878] ? percpu_ref_tryget+0x102/0x230 [ 306.860366][T11878] ? rcu_read_lock_held+0x9c/0xb0 [ 306.865398][T11878] ? __kasan_check_read+0x11/0x20 [ 306.870563][T11878] ? get_mem_cgroup_from_mm+0x151/0x310 [ 306.876434][T11878] mem_cgroup_try_charge+0x136/0x590 [ 306.881837][T11878] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 306.887497][T11878] wp_page_copy+0x407/0x1560 [ 306.892202][T11878] ? find_held_lock+0x35/0x130 [ 306.896966][T11878] ? follow_pfn+0x2a0/0x2a0 [ 306.901524][T11878] ? lock_downgrade+0x920/0x920 [ 306.906483][T11878] ? swp_swapcount+0x540/0x540 [ 306.911243][T11878] ? do_raw_spin_unlock+0x181/0x270 [ 306.916532][T11878] do_wp_page+0x543/0x1540 [ 306.920964][T11878] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 306.926386][T11878] __handle_mm_fault+0x3112/0x3cc0 [ 306.931546][T11878] ? apply_to_existing_page_range+0x50/0x50 [ 306.937554][T11878] ? handle_mm_fault+0x292/0xa50 [ 306.942505][T11878] ? handle_mm_fault+0x7a0/0xa50 [ 306.947559][T11878] ? __kasan_check_read+0x11/0x20 [ 306.952663][T11878] handle_mm_fault+0x3b2/0xa50 [ 306.957441][T11878] __get_user_pages+0x7b2/0x1ac0 [ 306.962607][T11878] ? mark_held_locks+0xf0/0xf0 [ 306.967404][T11878] ? follow_page_mask+0x1dd0/0x1dd0 [ 306.972604][T11878] ? __mm_populate+0x270/0x380 [ 306.977440][T11878] ? __kasan_check_write+0x14/0x20 [ 306.982748][T11878] ? down_read+0x109/0x430 [ 306.987174][T11878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.993599][T11878] populate_vma_page_range+0x20d/0x2a0 [ 306.999180][T11878] __mm_populate+0x204/0x380 [ 307.003792][T11878] ? populate_vma_page_range+0x2a0/0x2a0 [ 307.009433][T11878] ? __kasan_check_write+0x14/0x20 [ 307.014947][T11878] ? up_write+0x150/0x490 [ 307.019304][T11878] ? ns_capable_common+0x93/0x100 [ 307.024436][T11878] __x64_sys_mlockall+0x473/0x520 [ 307.029537][T11878] do_syscall_64+0xfa/0x790 [ 307.034098][T11878] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 307.040129][T11878] RIP: 0033:0x45aff9 [ 307.044022][T11878] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 307.063807][T11878] RSP: 002b:00007f3b58bfec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 307.072837][T11878] RAX: ffffffffffffffda RBX: 00007f3b58bff6d4 RCX: 000000000045aff9 [ 307.080932][T11878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 307.089144][T11878] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 307.097500][T11878] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 307.105528][T11878] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bfd4 [ 307.118257][T11878] memory: usage 307132kB, limit 307200kB, failcnt 177 [ 307.125059][T11878] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 307.132059][T11878] Memory cgroup stats for /syz5: [ 307.132169][T11878] anon 308977664 [ 307.132169][T11878] file 0 [ 307.132169][T11878] kernel_stack 552960 [ 307.132169][T11878] slab 1847296 [ 307.132169][T11878] sock 0 [ 307.132169][T11878] shmem 0 [ 307.132169][T11878] file_mapped 0 [ 307.132169][T11878] file_dirty 0 [ 307.132169][T11878] file_writeback 0 [ 307.132169][T11878] anon_thp 272629760 [ 307.132169][T11878] inactive_anon 193691648 [ 307.132169][T11878] active_anon 98304 [ 307.132169][T11878] inactive_file 0 [ 307.132169][T11878] active_file 0 [ 307.132169][T11878] unevictable 115240960 [ 307.132169][T11878] slab_reclaimable 405504 [ 307.132169][T11878] slab_unreclaimable 1441792 [ 307.132169][T11878] pgfault 27819 [ 307.132169][T11878] pgmajfault 0 [ 307.132169][T11878] workingset_refault 0 [ 307.132169][T11878] workingset_activate 0 [ 307.132169][T11878] workingset_nodereclaim 0 [ 307.132169][T11878] pgrefill 37 [ 307.132169][T11878] pgscan 66 [ 307.132169][T11878] pgsteal 0 [ 307.132169][T11878] pgactivate 33 [ 307.231220][T11878] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11839,uid=0 [ 307.247134][T11878] Memory cgroup out of memory: Killed process 11878 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 307.265676][ T1129] oom_reaper: reaped process 11878 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:11:29 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:29 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 0: socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:29 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 307.833029][T11909] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 307.895866][T11909] CPU: 1 PID: 11909 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 307.904597][T11909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.914781][T11909] Call Trace: [ 307.918108][T11909] dump_stack+0x197/0x210 [ 307.922464][T11909] dump_header+0x10b/0x82d [ 307.926903][T11909] oom_kill_process.cold+0x10/0x15 [ 307.932045][T11909] out_of_memory+0x334/0x13c0 [ 307.936743][T11909] ? find_held_lock+0x35/0x130 [ 307.941536][T11909] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 307.947370][T11909] ? oom_killer_disable+0x280/0x280 [ 307.952600][T11909] mem_cgroup_out_of_memory+0x1d8/0x240 [ 307.958157][T11909] ? memcg_oom_wake_function+0x700/0x700 [ 307.963797][T11909] ? do_raw_spin_unlock+0x181/0x270 [ 307.969145][T11909] ? _raw_spin_unlock+0x28/0x40 [ 307.974023][T11909] try_charge+0xf76/0x14d0 [ 307.978472][T11909] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 307.984019][T11909] ? percpu_ref_tryget+0x102/0x230 [ 307.989140][T11909] ? rcu_read_lock_held+0x9c/0xb0 [ 307.994161][T11909] ? __kasan_check_read+0x11/0x20 [ 307.999318][T11909] ? get_mem_cgroup_from_mm+0x151/0x310 [ 308.004866][T11909] mem_cgroup_try_charge+0x136/0x590 [ 308.010177][T11909] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 308.015817][T11909] __handle_mm_fault+0x1f61/0x3cc0 [ 308.020931][T11909] ? apply_to_existing_page_range+0x50/0x50 [ 308.026831][T11909] ? handle_mm_fault+0x292/0xa50 [ 308.031790][T11909] ? handle_mm_fault+0x7a0/0xa50 [ 308.036737][T11909] ? __kasan_check_read+0x11/0x20 [ 308.041784][T11909] handle_mm_fault+0x3b2/0xa50 [ 308.046562][T11909] __get_user_pages+0x7b2/0x1ac0 [ 308.051511][T11909] ? mark_held_locks+0xf0/0xf0 [ 308.056292][T11909] ? follow_page_mask+0x1dd0/0x1dd0 [ 308.061497][T11909] ? __mm_populate+0x270/0x380 [ 308.066309][T11909] ? __kasan_check_write+0x14/0x20 [ 308.071423][T11909] ? down_read+0x109/0x430 [ 308.075853][T11909] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.082132][T11909] populate_vma_page_range+0x20d/0x2a0 [ 308.087610][T11909] __mm_populate+0x204/0x380 [ 308.092216][T11909] ? populate_vma_page_range+0x2a0/0x2a0 [ 308.097845][T11909] ? __kasan_check_write+0x14/0x20 [ 308.103080][T11909] ? up_write+0x150/0x490 [ 308.107419][T11909] ? ns_capable_common+0x93/0x100 [ 308.112587][T11909] __x64_sys_mlockall+0x473/0x520 [ 308.117634][T11909] do_syscall_64+0xfa/0x790 [ 308.122152][T11909] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.128049][T11909] RIP: 0033:0x45aff9 [ 308.131943][T11909] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 308.151930][T11909] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 308.160356][T11909] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 308.168478][T11909] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 308.176537][T11909] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 308.184513][T11909] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 308.192499][T11909] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:11:30 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 308.594039][T11909] memory: usage 307200kB, limit 307200kB, failcnt 209 [ 308.601082][T11909] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 308.615868][T11909] Memory cgroup stats for /syz5: [ 308.615987][T11909] anon 309116928 [ 308.615987][T11909] file 0 [ 308.615987][T11909] kernel_stack 589824 [ 308.615987][T11909] slab 1847296 [ 308.615987][T11909] sock 0 [ 308.615987][T11909] shmem 0 [ 308.615987][T11909] file_mapped 0 [ 308.615987][T11909] file_dirty 0 [ 308.615987][T11909] file_writeback 0 [ 308.615987][T11909] anon_thp 272629760 [ 308.615987][T11909] inactive_anon 203812864 [ 308.615987][T11909] active_anon 98304 [ 308.615987][T11909] inactive_file 0 [ 308.615987][T11909] active_file 0 [ 308.615987][T11909] unevictable 105164800 [ 308.615987][T11909] slab_reclaimable 405504 [ 308.615987][T11909] slab_unreclaimable 1441792 [ 308.615987][T11909] pgfault 28479 [ 308.615987][T11909] pgmajfault 0 [ 308.615987][T11909] workingset_refault 0 [ 308.615987][T11909] workingset_activate 0 [ 308.615987][T11909] workingset_nodereclaim 0 [ 308.615987][T11909] pgrefill 37 [ 308.615987][T11909] pgscan 99 [ 308.615987][T11909] pgsteal 0 [ 308.615987][T11909] pgactivate 33 [ 308.734338][T11909] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11879,uid=0 [ 308.750714][T11909] Memory cgroup out of memory: Killed process 11879 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 308.777837][ T1129] oom_reaper: reaped process 11879 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 14:11:30 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(0xffffffffffffffff, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:30 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:30 executing program 1: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:30 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:30 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:30 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:31 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:31 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 309.430301][T11972] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 309.523265][T11972] CPU: 0 PID: 11972 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 309.532110][T11972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.542188][T11972] Call Trace: [ 309.545505][T11972] dump_stack+0x197/0x210 [ 309.549910][T11972] dump_header+0x10b/0x82d [ 309.554368][T11972] oom_kill_process.cold+0x10/0x15 [ 309.559526][T11972] out_of_memory+0x334/0x13c0 [ 309.564237][T11972] ? find_held_lock+0x35/0x130 [ 309.569029][T11972] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 309.574872][T11972] ? oom_killer_disable+0x280/0x280 [ 309.580110][T11972] mem_cgroup_out_of_memory+0x1d8/0x240 [ 309.585904][T11972] ? memcg_oom_wake_function+0x700/0x700 [ 309.591575][T11972] ? do_raw_spin_unlock+0x181/0x270 [ 309.596801][T11972] ? _raw_spin_unlock+0x28/0x40 [ 309.601694][T11972] try_charge+0xf76/0x14d0 [ 309.606149][T11972] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 309.611731][T11972] ? percpu_ref_tryget+0x102/0x230 [ 309.616860][T11972] ? rcu_read_lock_held+0x9c/0xb0 [ 309.621908][T11972] ? __kasan_check_read+0x11/0x20 [ 309.626968][T11972] ? get_mem_cgroup_from_mm+0x151/0x310 [ 309.632541][T11972] mem_cgroup_try_charge+0x136/0x590 [ 309.638003][T11972] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 309.643675][T11972] __handle_mm_fault+0x1f61/0x3cc0 [ 309.648822][T11972] ? apply_to_existing_page_range+0x50/0x50 [ 309.654742][T11972] ? handle_mm_fault+0x292/0xa50 [ 309.659720][T11972] ? handle_mm_fault+0x7a0/0xa50 [ 309.664700][T11972] ? __kasan_check_read+0x11/0x20 [ 309.669753][T11972] handle_mm_fault+0x3b2/0xa50 [ 309.675416][T11972] __get_user_pages+0x7b2/0x1ac0 [ 309.680371][T11972] ? mark_held_locks+0xf0/0xf0 [ 309.685173][T11972] ? follow_page_mask+0x1dd0/0x1dd0 [ 309.690434][T11972] ? __mm_populate+0x270/0x380 [ 309.695216][T11972] ? __kasan_check_write+0x14/0x20 [ 309.700368][T11972] ? down_read+0x109/0x430 [ 309.704806][T11972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.711074][T11972] populate_vma_page_range+0x20d/0x2a0 [ 309.716560][T11972] __mm_populate+0x204/0x380 [ 309.721171][T11972] ? populate_vma_page_range+0x2a0/0x2a0 [ 309.726936][T11972] ? __kasan_check_write+0x14/0x20 [ 309.732063][T11972] ? up_write+0x150/0x490 [ 309.736508][T11972] ? ns_capable_common+0x93/0x100 [ 309.741671][T11972] __x64_sys_mlockall+0x473/0x520 [ 309.746722][T11972] do_syscall_64+0xfa/0x790 [ 309.751300][T11972] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.757277][T11972] RIP: 0033:0x45aff9 [ 309.761548][T11972] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.781337][T11972] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 309.789888][T11972] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 309.797877][T11972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 309.805956][T11972] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 309.813952][T11972] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 14:11:31 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 309.822125][T11972] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 309.847338][T11972] memory: usage 307200kB, limit 307200kB, failcnt 249 [ 309.854144][T11972] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 309.867328][T11972] Memory cgroup stats for /syz5: [ 309.867464][T11972] anon 309137408 [ 309.867464][T11972] file 0 [ 309.867464][T11972] kernel_stack 589824 [ 309.867464][T11972] slab 1847296 [ 309.867464][T11972] sock 0 [ 309.867464][T11972] shmem 0 [ 309.867464][T11972] file_mapped 0 [ 309.867464][T11972] file_dirty 0 [ 309.867464][T11972] file_writeback 0 [ 309.867464][T11972] anon_thp 272629760 [ 309.867464][T11972] inactive_anon 203915264 [ 309.867464][T11972] active_anon 98304 [ 309.867464][T11972] inactive_file 0 [ 309.867464][T11972] active_file 0 [ 309.867464][T11972] unevictable 105295872 14:11:31 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:31 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) [ 309.867464][T11972] slab_reclaimable 405504 [ 309.867464][T11972] slab_unreclaimable 1441792 [ 309.867464][T11972] pgfault 30294 [ 309.867464][T11972] pgmajfault 0 [ 309.867464][T11972] workingset_refault 0 [ 309.867464][T11972] workingset_activate 0 [ 309.867464][T11972] workingset_nodereclaim 0 [ 309.867464][T11972] pgrefill 70 [ 309.867464][T11972] pgscan 99 [ 309.867464][T11972] pgsteal 0 [ 309.867464][T11972] pgactivate 66 14:11:31 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 309.995837][T11972] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=11959,uid=0 [ 310.047121][T11972] Memory cgroup out of memory: Killed process 11959 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:32 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:32 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:32 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:32 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:32 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(0xffffffffffffffff, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:32 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:33 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:33 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:33 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:33 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:33 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 311.394476][T12074] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 311.499110][T12074] CPU: 0 PID: 12074 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 311.507945][T12074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.518175][T12074] Call Trace: [ 311.521522][T12074] dump_stack+0x197/0x210 [ 311.526043][T12074] dump_header+0x10b/0x82d [ 311.530581][T12074] oom_kill_process.cold+0x10/0x15 [ 311.535867][T12074] out_of_memory+0x334/0x13c0 [ 311.540576][T12074] ? find_held_lock+0x35/0x130 [ 311.545367][T12074] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 311.551466][T12074] ? oom_killer_disable+0x280/0x280 [ 311.556824][T12074] mem_cgroup_out_of_memory+0x1d8/0x240 [ 311.562533][T12074] ? memcg_oom_wake_function+0x700/0x700 [ 311.568342][T12074] ? do_raw_spin_unlock+0x181/0x270 [ 311.573783][T12074] ? _raw_spin_unlock+0x28/0x40 [ 311.578673][T12074] try_charge+0xf76/0x14d0 [ 311.583129][T12074] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 311.588696][T12074] ? percpu_ref_tryget+0x102/0x230 [ 311.594191][T12074] ? rcu_read_lock_held+0x9c/0xb0 [ 311.599491][T12074] ? __kasan_check_read+0x11/0x20 [ 311.604642][T12074] ? get_mem_cgroup_from_mm+0x151/0x310 [ 311.610207][T12074] mem_cgroup_try_charge+0x136/0x590 [ 311.615520][T12074] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 311.621168][T12074] __handle_mm_fault+0x1f61/0x3cc0 [ 311.626296][T12074] ? apply_to_existing_page_range+0x50/0x50 [ 311.632185][T12074] ? handle_mm_fault+0x292/0xa50 [ 311.637130][T12074] ? handle_mm_fault+0x7a0/0xa50 [ 311.642097][T12074] ? __kasan_check_read+0x11/0x20 [ 311.647245][T12074] handle_mm_fault+0x3b2/0xa50 [ 311.652016][T12074] __get_user_pages+0x7b2/0x1ac0 [ 311.657105][T12074] ? mark_held_locks+0xf0/0xf0 [ 311.661881][T12074] ? follow_page_mask+0x1dd0/0x1dd0 [ 311.667098][T12074] ? __mm_populate+0x270/0x380 [ 311.672328][T12074] ? __kasan_check_write+0x14/0x20 [ 311.677436][T12074] ? down_read+0x109/0x430 [ 311.681979][T12074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.688247][T12074] populate_vma_page_range+0x20d/0x2a0 [ 311.693751][T12074] __mm_populate+0x204/0x380 [ 311.698492][T12074] ? populate_vma_page_range+0x2a0/0x2a0 [ 311.704154][T12074] ? __kasan_check_write+0x14/0x20 [ 311.709277][T12074] ? up_write+0x150/0x490 [ 311.713796][T12074] ? ns_capable_common+0x93/0x100 [ 311.718839][T12074] __x64_sys_mlockall+0x473/0x520 [ 311.723888][T12074] do_syscall_64+0xfa/0x790 [ 311.728420][T12074] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.734498][T12074] RIP: 0033:0x45aff9 [ 311.738399][T12074] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.758651][T12074] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 311.767186][T12074] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 311.775944][T12074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 311.784456][T12074] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.792625][T12074] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 311.800617][T12074] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 311.817831][T12074] memory: usage 307200kB, limit 307200kB, failcnt 266 [ 311.838178][T12074] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 311.853403][T12074] Memory cgroup stats for /syz5: [ 311.853546][T12074] anon 309096448 [ 311.853546][T12074] file 0 [ 311.853546][T12074] kernel_stack 589824 [ 311.853546][T12074] slab 1847296 [ 311.853546][T12074] sock 0 [ 311.853546][T12074] shmem 0 [ 311.853546][T12074] file_mapped 0 [ 311.853546][T12074] file_dirty 0 [ 311.853546][T12074] file_writeback 0 [ 311.853546][T12074] anon_thp 272629760 [ 311.853546][T12074] inactive_anon 205869056 [ 311.853546][T12074] active_anon 98304 [ 311.853546][T12074] inactive_file 0 14:11:33 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 311.853546][T12074] active_file 0 [ 311.853546][T12074] unevictable 103034880 [ 311.853546][T12074] slab_reclaimable 405504 [ 311.853546][T12074] slab_unreclaimable 1441792 [ 311.853546][T12074] pgfault 32010 [ 311.853546][T12074] pgmajfault 0 [ 311.853546][T12074] workingset_refault 0 [ 311.853546][T12074] workingset_activate 0 [ 311.853546][T12074] workingset_nodereclaim 0 [ 311.853546][T12074] pgrefill 70 [ 311.853546][T12074] pgscan 99 [ 311.853546][T12074] pgsteal 0 [ 311.853546][T12074] pgactivate 66 14:11:34 executing program 3: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:34 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 312.404949][T12074] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12042,uid=0 [ 312.461391][T12074] Memory cgroup out of memory: Killed process 12042 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:34 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:34 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(0xffffffffffffffff, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:35 executing program 3: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(0xffffffffffffffff, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:35 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:35 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 313.851062][T12182] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 313.917547][T12182] CPU: 1 PID: 12182 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 313.926373][T12182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.936675][T12182] Call Trace: [ 313.939995][T12182] dump_stack+0x197/0x210 [ 313.944359][T12182] dump_header+0x10b/0x82d [ 313.948803][T12182] oom_kill_process.cold+0x10/0x15 [ 313.953958][T12182] out_of_memory+0x334/0x13c0 [ 313.959584][T12182] ? find_held_lock+0x35/0x130 [ 313.964375][T12182] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 313.970203][T12182] ? oom_killer_disable+0x280/0x280 [ 313.975435][T12182] mem_cgroup_out_of_memory+0x1d8/0x240 [ 313.981144][T12182] ? memcg_oom_wake_function+0x700/0x700 [ 313.986893][T12182] ? do_raw_spin_unlock+0x181/0x270 [ 313.992118][T12182] ? _raw_spin_unlock+0x28/0x40 [ 313.996997][T12182] try_charge+0xf76/0x14d0 [ 314.001453][T12182] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 314.007018][T12182] ? percpu_ref_tryget+0x102/0x230 [ 314.012148][T12182] ? rcu_read_lock_held+0x9c/0xb0 [ 314.017198][T12182] ? __kasan_check_read+0x11/0x20 [ 314.022345][T12182] ? get_mem_cgroup_from_mm+0x151/0x310 [ 314.027915][T12182] mem_cgroup_try_charge+0x136/0x590 [ 314.033499][T12182] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 314.039161][T12182] __handle_mm_fault+0x1f61/0x3cc0 [ 314.044305][T12182] ? apply_to_existing_page_range+0x50/0x50 [ 314.050219][T12182] ? handle_mm_fault+0x292/0xa50 [ 314.055200][T12182] ? handle_mm_fault+0x7a0/0xa50 [ 314.060163][T12182] ? __kasan_check_read+0x11/0x20 [ 314.065205][T12182] handle_mm_fault+0x3b2/0xa50 [ 314.070000][T12182] __get_user_pages+0x7b2/0x1ac0 [ 314.075485][T12182] ? mark_held_locks+0xf0/0xf0 [ 314.080292][T12182] ? follow_page_mask+0x1dd0/0x1dd0 [ 314.085556][T12182] ? __mm_populate+0x270/0x380 [ 314.090488][T12182] ? __kasan_check_write+0x14/0x20 [ 314.095618][T12182] ? down_read+0x109/0x430 [ 314.100049][T12182] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.106442][T12182] populate_vma_page_range+0x20d/0x2a0 [ 314.111932][T12182] __mm_populate+0x204/0x380 [ 314.116546][T12182] ? populate_vma_page_range+0x2a0/0x2a0 [ 314.122353][T12182] ? __kasan_check_write+0x14/0x20 [ 314.127488][T12182] ? up_write+0x150/0x490 [ 314.131835][T12182] ? ns_capable_common+0x93/0x100 [ 314.136904][T12182] __x64_sys_mlockall+0x473/0x520 [ 314.141961][T12182] do_syscall_64+0xfa/0x790 [ 314.146490][T12182] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.152392][T12182] RIP: 0033:0x45aff9 [ 314.156484][T12182] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.176249][T12182] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 314.186012][T12182] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 314.194001][T12182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 314.201995][T12182] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 314.210413][T12182] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 14:11:36 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 314.218409][T12182] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 314.246091][T12182] memory: usage 307200kB, limit 307200kB, failcnt 296 [ 314.253107][T12182] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 314.260759][T12182] Memory cgroup stats for /syz5: [ 314.260902][T12182] anon 309092352 [ 314.260902][T12182] file 0 [ 314.260902][T12182] kernel_stack 589824 [ 314.260902][T12182] slab 1847296 [ 314.260902][T12182] sock 0 [ 314.260902][T12182] shmem 0 [ 314.260902][T12182] file_mapped 0 [ 314.260902][T12182] file_dirty 0 [ 314.260902][T12182] file_writeback 0 [ 314.260902][T12182] anon_thp 272629760 [ 314.260902][T12182] inactive_anon 203845632 [ 314.260902][T12182] active_anon 98304 [ 314.260902][T12182] inactive_file 0 [ 314.260902][T12182] active_file 0 [ 314.260902][T12182] unevictable 105168896 [ 314.260902][T12182] slab_reclaimable 405504 [ 314.260902][T12182] slab_unreclaimable 1441792 [ 314.260902][T12182] pgfault 33759 [ 314.260902][T12182] pgmajfault 0 [ 314.260902][T12182] workingset_refault 0 [ 314.260902][T12182] workingset_activate 0 [ 314.260902][T12182] workingset_nodereclaim 0 [ 314.260902][T12182] pgrefill 104 [ 314.260902][T12182] pgscan 99 [ 314.260902][T12182] pgsteal 0 [ 314.260902][T12182] pgactivate 99 [ 314.376714][T12182] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12155,uid=0 [ 314.392538][T12182] Memory cgroup out of memory: Killed process 12155 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 314.421179][ T1129] oom_reaper: reaped process 12155 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 14:11:36 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) [ 315.201952][T12224] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 315.219348][T12224] CPU: 0 PID: 12224 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 315.228058][T12224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.238123][T12224] Call Trace: [ 315.241491][T12224] dump_stack+0x197/0x210 [ 315.245850][T12224] dump_header+0x10b/0x82d [ 315.250287][T12224] oom_kill_process.cold+0x10/0x15 [ 315.255430][T12224] out_of_memory+0x334/0x13c0 [ 315.260294][T12224] ? find_held_lock+0x35/0x130 [ 315.265071][T12224] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 315.271018][T12224] ? oom_killer_disable+0x280/0x280 [ 315.276248][T12224] mem_cgroup_out_of_memory+0x1d8/0x240 [ 315.281807][T12224] ? memcg_oom_wake_function+0x700/0x700 [ 315.287485][T12224] ? do_raw_spin_unlock+0x181/0x270 [ 315.292691][T12224] ? _raw_spin_unlock+0x28/0x40 [ 315.297564][T12224] try_charge+0xf76/0x14d0 [ 315.302011][T12224] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 315.307574][T12224] ? percpu_ref_tryget+0x102/0x230 [ 315.312791][T12224] ? rcu_read_lock_held+0x9c/0xb0 [ 315.319616][T12224] ? __kasan_check_read+0x11/0x20 [ 315.324657][T12224] ? get_mem_cgroup_from_mm+0x151/0x310 [ 315.330305][T12224] mem_cgroup_try_charge+0x136/0x590 [ 315.335604][T12224] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 315.341260][T12224] __handle_mm_fault+0x1f61/0x3cc0 [ 315.346402][T12224] ? apply_to_existing_page_range+0x50/0x50 [ 315.352318][T12224] ? handle_mm_fault+0x292/0xa50 [ 315.357294][T12224] ? handle_mm_fault+0x7a0/0xa50 [ 315.362314][T12224] ? __kasan_check_read+0x11/0x20 [ 315.367480][T12224] handle_mm_fault+0x3b2/0xa50 [ 315.372268][T12224] __get_user_pages+0x7b2/0x1ac0 [ 315.377226][T12224] ? mark_held_locks+0xf0/0xf0 [ 315.382032][T12224] ? follow_page_mask+0x1dd0/0x1dd0 [ 315.387267][T12224] ? __mm_populate+0x270/0x380 [ 315.392061][T12224] ? __kasan_check_write+0x14/0x20 [ 315.397189][T12224] ? down_read+0x109/0x430 [ 315.401631][T12224] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.407904][T12224] populate_vma_page_range+0x20d/0x2a0 [ 315.413392][T12224] __mm_populate+0x204/0x380 [ 315.418000][T12224] ? populate_vma_page_range+0x2a0/0x2a0 [ 315.423652][T12224] ? __kasan_check_write+0x14/0x20 [ 315.428796][T12224] ? up_write+0x150/0x490 [ 315.433144][T12224] ? ns_capable_common+0x93/0x100 [ 315.438188][T12224] __x64_sys_mlockall+0x473/0x520 [ 315.443244][T12224] do_syscall_64+0xfa/0x790 [ 315.447768][T12224] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.453670][T12224] RIP: 0033:0x45aff9 [ 315.457669][T12224] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.477388][T12224] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 315.486098][T12224] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 315.494344][T12224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 14:11:37 executing program 3: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(0xffffffffffffffff, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:37 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:37 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:37 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:37 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 315.502367][T12224] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.510439][T12224] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 315.518604][T12224] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 315.529307][T12224] memory: usage 307200kB, limit 307200kB, failcnt 316 [ 315.536258][T12224] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 315.573488][T12224] Memory cgroup stats for /syz5: [ 315.573620][T12224] anon 309116928 [ 315.573620][T12224] file 0 [ 315.573620][T12224] kernel_stack 552960 [ 315.573620][T12224] slab 1847296 [ 315.573620][T12224] sock 0 [ 315.573620][T12224] shmem 0 [ 315.573620][T12224] file_mapped 0 [ 315.573620][T12224] file_dirty 0 [ 315.573620][T12224] file_writeback 0 [ 315.573620][T12224] anon_thp 272629760 [ 315.573620][T12224] inactive_anon 208224256 [ 315.573620][T12224] active_anon 98304 [ 315.573620][T12224] inactive_file 0 [ 315.573620][T12224] active_file 0 [ 315.573620][T12224] unevictable 100970496 [ 315.573620][T12224] slab_reclaimable 405504 [ 315.573620][T12224] slab_unreclaimable 1441792 [ 315.573620][T12224] pgfault 35244 [ 315.573620][T12224] pgmajfault 0 [ 315.573620][T12224] workingset_refault 0 [ 315.573620][T12224] workingset_activate 0 [ 315.573620][T12224] workingset_nodereclaim 0 [ 315.573620][T12224] pgrefill 104 [ 315.573620][T12224] pgscan 132 [ 315.573620][T12224] pgsteal 0 [ 315.573620][T12224] pgactivate 99 [ 315.729498][T12224] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12221,uid=0 [ 315.778603][T12224] Memory cgroup out of memory: Killed process 12221 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 315.865107][ T1129] oom_reaper: reaped process 12221 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB 14:11:37 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:37 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:37 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:38 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:38 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:38 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 317.272538][T12293] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 317.329125][T12293] CPU: 1 PID: 12293 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 317.337972][T12293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.348038][T12293] Call Trace: [ 317.351363][T12293] dump_stack+0x197/0x210 [ 317.355721][T12293] dump_header+0x10b/0x82d [ 317.360166][T12293] oom_kill_process.cold+0x10/0x15 [ 317.365305][T12293] out_of_memory+0x334/0x13c0 [ 317.370103][T12293] ? find_held_lock+0x35/0x130 [ 317.375015][T12293] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 317.380838][T12293] ? oom_killer_disable+0x280/0x280 [ 317.386234][T12293] mem_cgroup_out_of_memory+0x1d8/0x240 [ 317.391814][T12293] ? memcg_oom_wake_function+0x700/0x700 [ 317.407113][T12293] ? do_raw_spin_unlock+0x181/0x270 [ 317.412470][T12293] ? _raw_spin_unlock+0x28/0x40 [ 317.417496][T12293] try_charge+0xf76/0x14d0 [ 317.421950][T12293] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 317.427650][T12293] ? percpu_ref_tryget+0x102/0x230 [ 317.432780][T12293] ? rcu_read_lock_held+0x9c/0xb0 [ 317.437928][T12293] ? __kasan_check_read+0x11/0x20 [ 317.442977][T12293] ? get_mem_cgroup_from_mm+0x151/0x310 [ 317.448555][T12293] mem_cgroup_try_charge+0x136/0x590 [ 317.453880][T12293] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 317.459537][T12293] __handle_mm_fault+0x1f61/0x3cc0 [ 317.464807][T12293] ? apply_to_existing_page_range+0x50/0x50 [ 317.470720][T12293] ? handle_mm_fault+0x292/0xa50 [ 317.476528][T12293] ? handle_mm_fault+0x7a0/0xa50 [ 317.481503][T12293] ? __kasan_check_read+0x11/0x20 [ 317.486762][T12293] handle_mm_fault+0x3b2/0xa50 [ 317.491563][T12293] __get_user_pages+0x7b2/0x1ac0 [ 317.497371][T12293] ? mark_held_locks+0xf0/0xf0 [ 317.502185][T12293] ? follow_page_mask+0x1dd0/0x1dd0 [ 317.507406][T12293] ? __mm_populate+0x270/0x380 [ 317.512201][T12293] ? __kasan_check_write+0x14/0x20 [ 317.517338][T12293] ? down_read+0x109/0x430 [ 317.521898][T12293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.528198][T12293] populate_vma_page_range+0x20d/0x2a0 [ 317.533694][T12293] __mm_populate+0x204/0x380 [ 317.538471][T12293] ? populate_vma_page_range+0x2a0/0x2a0 [ 317.544133][T12293] ? __kasan_check_write+0x14/0x20 [ 317.549305][T12293] ? up_write+0x150/0x490 [ 317.553666][T12293] ? ns_capable_common+0x93/0x100 [ 317.558721][T12293] __x64_sys_mlockall+0x473/0x520 [ 317.563768][T12293] do_syscall_64+0xfa/0x790 [ 317.570063][T12293] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.575978][T12293] RIP: 0033:0x45aff9 [ 317.579892][T12293] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 317.599703][T12293] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 317.608141][T12293] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 317.616479][T12293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 14:11:39 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:39 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:39 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:39 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:39 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 317.624596][T12293] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 317.632692][T12293] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 317.641287][T12293] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 317.665816][T12293] memory: usage 307200kB, limit 307200kB, failcnt 352 14:11:39 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 317.714060][T12293] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 317.803133][T12293] Memory cgroup stats for /syz5: [ 317.803274][T12293] anon 309116928 [ 317.803274][T12293] file 0 [ 317.803274][T12293] kernel_stack 589824 [ 317.803274][T12293] slab 1847296 [ 317.803274][T12293] sock 0 [ 317.803274][T12293] shmem 0 [ 317.803274][T12293] file_mapped 0 [ 317.803274][T12293] file_dirty 0 [ 317.803274][T12293] file_writeback 0 [ 317.803274][T12293] anon_thp 272629760 [ 317.803274][T12293] inactive_anon 208064512 [ 317.803274][T12293] active_anon 98304 [ 317.803274][T12293] inactive_file 0 [ 317.803274][T12293] active_file 0 [ 317.803274][T12293] unevictable 100929536 [ 317.803274][T12293] slab_reclaimable 405504 [ 317.803274][T12293] slab_unreclaimable 1441792 [ 317.803274][T12293] pgfault 36729 [ 317.803274][T12293] pgmajfault 0 [ 317.803274][T12293] workingset_refault 0 [ 317.803274][T12293] workingset_activate 0 [ 317.803274][T12293] workingset_nodereclaim 0 [ 317.803274][T12293] pgrefill 104 [ 317.803274][T12293] pgscan 132 [ 317.803274][T12293] pgsteal 0 [ 317.803274][T12293] pgactivate 99 [ 318.110870][T12293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12285,uid=0 [ 318.161767][T12293] Memory cgroup out of memory: Killed process 12285 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 318.221391][ T1129] oom_reaper: reaped process 12285 (syz-executor.5), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB 14:11:40 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:40 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:40 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 1: socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:40 executing program 4: perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:40 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 318.986322][T12378] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 319.051458][T12378] CPU: 0 PID: 12378 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 319.060327][T12378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.071003][T12378] Call Trace: [ 319.074848][T12378] dump_stack+0x197/0x210 [ 319.079350][T12378] dump_header+0x10b/0x82d [ 319.083885][T12378] oom_kill_process.cold+0x10/0x15 [ 319.089035][T12378] out_of_memory+0x334/0x13c0 [ 319.093740][T12378] ? find_held_lock+0x35/0x130 [ 319.098539][T12378] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 319.104600][T12378] ? oom_killer_disable+0x280/0x280 [ 319.110095][T12378] mem_cgroup_out_of_memory+0x1d8/0x240 [ 319.116392][T12378] ? memcg_oom_wake_function+0x700/0x700 [ 319.122493][T12378] ? do_raw_spin_unlock+0x181/0x270 [ 319.127995][T12378] ? _raw_spin_unlock+0x28/0x40 [ 319.133100][T12378] try_charge+0xf76/0x14d0 [ 319.137827][T12378] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 319.143501][T12378] ? percpu_ref_tryget+0x102/0x230 [ 319.148640][T12378] ? rcu_read_lock_held+0x9c/0xb0 [ 319.153696][T12378] ? __kasan_check_read+0x11/0x20 [ 319.158762][T12378] ? get_mem_cgroup_from_mm+0x151/0x310 [ 319.164342][T12378] mem_cgroup_try_charge+0x136/0x590 [ 319.169663][T12378] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 319.175332][T12378] __handle_mm_fault+0x1f61/0x3cc0 [ 319.180485][T12378] ? apply_to_existing_page_range+0x50/0x50 [ 319.186498][T12378] ? handle_mm_fault+0x292/0xa50 [ 319.191650][T12378] ? handle_mm_fault+0x7a0/0xa50 [ 319.196619][T12378] ? __kasan_check_read+0x11/0x20 [ 319.202286][T12378] handle_mm_fault+0x3b2/0xa50 [ 319.207518][T12378] __get_user_pages+0x7b2/0x1ac0 [ 319.212474][T12378] ? mark_held_locks+0xf0/0xf0 [ 319.217275][T12378] ? follow_page_mask+0x1dd0/0x1dd0 [ 319.222488][T12378] ? __mm_populate+0x270/0x380 [ 319.227483][T12378] ? __kasan_check_write+0x14/0x20 [ 319.232716][T12378] ? down_read+0x109/0x430 [ 319.237157][T12378] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.243425][T12378] populate_vma_page_range+0x20d/0x2a0 [ 319.248908][T12378] __mm_populate+0x204/0x380 [ 319.253519][T12378] ? populate_vma_page_range+0x2a0/0x2a0 [ 319.259293][T12378] ? __kasan_check_write+0x14/0x20 [ 319.264455][T12378] ? up_write+0x150/0x490 [ 319.268811][T12378] ? ns_capable_common+0x93/0x100 [ 319.273859][T12378] __x64_sys_mlockall+0x473/0x520 [ 319.280646][T12378] do_syscall_64+0xfa/0x790 [ 319.285266][T12378] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.291182][T12378] RIP: 0033:0x45aff9 [ 319.295089][T12378] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 319.315413][T12378] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 319.324121][T12378] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 319.332222][T12378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 319.341113][T12378] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 319.349240][T12378] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 319.358969][T12378] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 319.449663][T12378] memory: usage 307200kB, limit 307200kB, failcnt 405 [ 319.475663][T12378] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 319.483412][T12378] Memory cgroup stats for /syz5: [ 319.483527][T12378] anon 309100544 [ 319.483527][T12378] file 0 [ 319.483527][T12378] kernel_stack 589824 [ 319.483527][T12378] slab 1847296 [ 319.483527][T12378] sock 0 [ 319.483527][T12378] shmem 0 [ 319.483527][T12378] file_mapped 0 [ 319.483527][T12378] file_dirty 0 [ 319.483527][T12378] file_writeback 0 [ 319.483527][T12378] anon_thp 272629760 [ 319.483527][T12378] inactive_anon 203821056 [ 319.483527][T12378] active_anon 98304 [ 319.483527][T12378] inactive_file 0 [ 319.483527][T12378] active_file 0 [ 319.483527][T12378] unevictable 105164800 [ 319.483527][T12378] slab_reclaimable 405504 [ 319.483527][T12378] slab_unreclaimable 1441792 [ 319.483527][T12378] pgfault 38478 [ 319.483527][T12378] pgmajfault 0 [ 319.483527][T12378] workingset_refault 0 [ 319.483527][T12378] workingset_activate 0 [ 319.483527][T12378] workingset_nodereclaim 0 [ 319.483527][T12378] pgrefill 137 [ 319.483527][T12378] pgscan 132 [ 319.483527][T12378] pgsteal 0 [ 319.483527][T12378] pgactivate 99 [ 319.608409][T12378] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12356,uid=0 [ 319.624384][T12378] Memory cgroup out of memory: Killed process 12356 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:41 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:41 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:41 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:41 executing program 4: perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:41 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:41 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:41 executing program 4: perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:42 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:42 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:42 executing program 2: socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:42 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:42 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 320.501580][T12452] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 320.602064][T12452] CPU: 0 PID: 12452 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 320.610779][T12452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.620966][T12452] Call Trace: [ 320.624399][T12452] dump_stack+0x197/0x210 [ 320.628756][T12452] dump_header+0x10b/0x82d [ 320.633202][T12452] oom_kill_process.cold+0x10/0x15 [ 320.638339][T12452] out_of_memory+0x334/0x13c0 [ 320.643132][T12452] ? find_held_lock+0x35/0x130 [ 320.647920][T12452] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 320.653884][T12452] ? oom_killer_disable+0x280/0x280 [ 320.659117][T12452] mem_cgroup_out_of_memory+0x1d8/0x240 [ 320.664686][T12452] ? memcg_oom_wake_function+0x700/0x700 [ 320.670358][T12452] ? do_raw_spin_unlock+0x181/0x270 [ 320.675577][T12452] ? _raw_spin_unlock+0x28/0x40 [ 320.680463][T12452] try_charge+0xf76/0x14d0 [ 320.684922][T12452] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 320.690498][T12452] ? percpu_ref_tryget+0x102/0x230 [ 320.695634][T12452] ? rcu_read_lock_held+0x9c/0xb0 [ 320.700683][T12452] ? __kasan_check_read+0x11/0x20 [ 320.705733][T12452] ? get_mem_cgroup_from_mm+0x151/0x310 [ 320.711430][T12452] mem_cgroup_try_charge+0x136/0x590 [ 320.716735][T12452] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 320.722395][T12452] __handle_mm_fault+0x1f61/0x3cc0 [ 320.727539][T12452] ? apply_to_existing_page_range+0x50/0x50 [ 320.733455][T12452] ? handle_mm_fault+0x292/0xa50 [ 320.738430][T12452] ? handle_mm_fault+0x7a0/0xa50 [ 320.743494][T12452] ? __kasan_check_read+0x11/0x20 [ 320.748546][T12452] handle_mm_fault+0x3b2/0xa50 [ 320.753345][T12452] __get_user_pages+0x7b2/0x1ac0 [ 320.758415][T12452] ? mark_held_locks+0xf0/0xf0 [ 320.763217][T12452] ? follow_page_mask+0x1dd0/0x1dd0 [ 320.768436][T12452] ? __mm_populate+0x270/0x380 [ 320.773227][T12452] ? __kasan_check_write+0x14/0x20 [ 320.778362][T12452] ? down_read+0x109/0x430 [ 320.782796][T12452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.789193][T12452] populate_vma_page_range+0x20d/0x2a0 [ 320.794678][T12452] __mm_populate+0x204/0x380 [ 320.799420][T12452] ? populate_vma_page_range+0x2a0/0x2a0 [ 320.805213][T12452] ? __kasan_check_write+0x14/0x20 [ 320.810360][T12452] ? up_write+0x150/0x490 [ 320.814706][T12452] ? ns_capable_common+0x93/0x100 [ 320.819751][T12452] __x64_sys_mlockall+0x473/0x520 [ 320.824809][T12452] do_syscall_64+0xfa/0x790 [ 320.829348][T12452] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.835263][T12452] RIP: 0033:0x45aff9 [ 320.840936][T12452] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 320.860664][T12452] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 320.869103][T12452] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 320.877108][T12452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 320.885101][T12452] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 320.893239][T12452] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 320.901260][T12452] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 321.085379][T12452] memory: usage 307200kB, limit 307200kB, failcnt 424 [ 321.108945][T12452] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 321.117161][T12452] Memory cgroup stats for /syz5: [ 321.117305][T12452] anon 309055488 [ 321.117305][T12452] file 0 [ 321.117305][T12452] kernel_stack 589824 [ 321.117305][T12452] slab 1847296 [ 321.117305][T12452] sock 0 [ 321.117305][T12452] shmem 0 [ 321.117305][T12452] file_mapped 0 [ 321.117305][T12452] file_dirty 0 [ 321.117305][T12452] file_writeback 0 [ 321.117305][T12452] anon_thp 272629760 [ 321.117305][T12452] inactive_anon 203837440 [ 321.117305][T12452] active_anon 98304 [ 321.117305][T12452] inactive_file 0 [ 321.117305][T12452] active_file 0 [ 321.117305][T12452] unevictable 105123840 [ 321.117305][T12452] slab_reclaimable 405504 [ 321.117305][T12452] slab_unreclaimable 1441792 [ 321.117305][T12452] pgfault 40293 [ 321.117305][T12452] pgmajfault 0 [ 321.117305][T12452] workingset_refault 0 [ 321.117305][T12452] workingset_activate 0 [ 321.117305][T12452] workingset_nodereclaim 0 [ 321.117305][T12452] pgrefill 137 [ 321.117305][T12452] pgscan 132 [ 321.117305][T12452] pgsteal 0 [ 321.117305][T12452] pgactivate 132 [ 321.217432][T12452] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12421,uid=0 [ 321.233409][T12452] Memory cgroup out of memory: Killed process 12421 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 321.254211][ T1129] oom_reaper: reaped process 12421 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 14:11:43 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:43 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:43 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:43 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 321.893214][T12511] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 321.965899][T12511] CPU: 0 PID: 12511 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 321.974621][T12511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.984834][T12511] Call Trace: [ 321.988136][T12511] dump_stack+0x197/0x210 [ 321.992495][T12511] dump_header+0x10b/0x82d [ 321.996949][T12511] oom_kill_process.cold+0x10/0x15 [ 322.002099][T12511] out_of_memory+0x334/0x13c0 [ 322.006885][T12511] ? find_held_lock+0x35/0x130 [ 322.011692][T12511] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 322.017519][T12511] ? oom_killer_disable+0x280/0x280 [ 322.023045][T12511] mem_cgroup_out_of_memory+0x1d8/0x240 [ 322.028610][T12511] ? memcg_oom_wake_function+0x700/0x700 [ 322.034272][T12511] ? do_raw_spin_unlock+0x181/0x270 [ 322.039508][T12511] ? _raw_spin_unlock+0x28/0x40 [ 322.044490][T12511] try_charge+0xf76/0x14d0 [ 322.048974][T12511] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 322.054541][T12511] ? percpu_ref_tryget+0x102/0x230 [ 322.059700][T12511] ? rcu_read_lock_held+0x9c/0xb0 [ 322.064745][T12511] ? __kasan_check_read+0x11/0x20 [ 322.069796][T12511] ? get_mem_cgroup_from_mm+0x151/0x310 [ 322.075363][T12511] mem_cgroup_try_charge+0x136/0x590 [ 322.080700][T12511] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 322.086367][T12511] __handle_mm_fault+0x1f61/0x3cc0 [ 322.091511][T12511] ? apply_to_existing_page_range+0x50/0x50 [ 322.097431][T12511] ? handle_mm_fault+0x292/0xa50 [ 322.102408][T12511] ? handle_mm_fault+0x7a0/0xa50 [ 322.107384][T12511] ? __kasan_check_read+0x11/0x20 [ 322.112432][T12511] handle_mm_fault+0x3b2/0xa50 [ 322.117229][T12511] __get_user_pages+0x7b2/0x1ac0 [ 322.122305][T12511] ? mark_held_locks+0xf0/0xf0 [ 322.127108][T12511] ? follow_page_mask+0x1dd0/0x1dd0 [ 322.132335][T12511] ? __mm_populate+0x270/0x380 [ 322.137144][T12511] ? __kasan_check_write+0x14/0x20 [ 322.142268][T12511] ? down_read+0x109/0x430 [ 322.146727][T12511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.153111][T12511] populate_vma_page_range+0x20d/0x2a0 [ 322.158849][T12511] __mm_populate+0x204/0x380 [ 322.163466][T12511] ? populate_vma_page_range+0x2a0/0x2a0 [ 322.169149][T12511] ? __kasan_check_write+0x14/0x20 [ 322.174297][T12511] ? up_write+0x150/0x490 [ 322.178647][T12511] ? ns_capable_common+0x93/0x100 [ 322.183695][T12511] __x64_sys_mlockall+0x473/0x520 [ 322.188741][T12511] do_syscall_64+0xfa/0x790 [ 322.193290][T12511] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.199201][T12511] RIP: 0033:0x45aff9 [ 322.203115][T12511] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 322.222770][T12511] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 322.231582][T12511] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 322.239746][T12511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 322.247734][T12511] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 322.255829][T12511] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 14:11:43 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:44 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 322.263819][T12511] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 322.472559][T12511] memory: usage 307196kB, limit 307200kB, failcnt 464 [ 322.498601][T12511] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 322.551421][T12511] Memory cgroup stats for /syz5: [ 322.551541][T12511] anon 309137408 [ 322.551541][T12511] file 0 [ 322.551541][T12511] kernel_stack 589824 [ 322.551541][T12511] slab 1847296 [ 322.551541][T12511] sock 0 [ 322.551541][T12511] shmem 0 [ 322.551541][T12511] file_mapped 0 [ 322.551541][T12511] file_dirty 0 [ 322.551541][T12511] file_writeback 0 [ 322.551541][T12511] anon_thp 272629760 [ 322.551541][T12511] inactive_anon 203845632 [ 322.551541][T12511] active_anon 98304 [ 322.551541][T12511] inactive_file 0 [ 322.551541][T12511] active_file 0 [ 322.551541][T12511] unevictable 105295872 [ 322.551541][T12511] slab_reclaimable 405504 [ 322.551541][T12511] slab_unreclaimable 1441792 [ 322.551541][T12511] pgfault 42009 [ 322.551541][T12511] pgmajfault 0 [ 322.551541][T12511] workingset_refault 0 [ 322.551541][T12511] workingset_activate 0 [ 322.551541][T12511] workingset_nodereclaim 0 [ 322.551541][T12511] pgrefill 137 [ 322.551541][T12511] pgscan 165 [ 322.551541][T12511] pgsteal 0 [ 322.551541][T12511] pgactivate 132 [ 322.726036][T12511] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12493,uid=0 [ 322.755939][T12511] Memory cgroup out of memory: Killed process 12493 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:45 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:45 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:45 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:45 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:45 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:45 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 323.509249][T12553] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 323.605047][T12553] CPU: 1 PID: 12553 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 323.613891][T12553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.624138][T12553] Call Trace: [ 323.627450][T12553] dump_stack+0x197/0x210 [ 323.631800][T12553] dump_header+0x10b/0x82d [ 323.636242][T12553] oom_kill_process.cold+0x10/0x15 [ 323.641389][T12553] out_of_memory+0x334/0x13c0 [ 323.646182][T12553] ? find_held_lock+0x35/0x130 14:11:45 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 323.651149][T12553] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 323.656980][T12553] ? oom_killer_disable+0x280/0x280 [ 323.662819][T12553] mem_cgroup_out_of_memory+0x1d8/0x240 [ 323.668570][T12553] ? memcg_oom_wake_function+0x700/0x700 [ 323.674363][T12553] ? do_raw_spin_unlock+0x181/0x270 [ 323.679592][T12553] ? _raw_spin_unlock+0x28/0x40 [ 323.684468][T12553] try_charge+0xf76/0x14d0 [ 323.688925][T12553] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 323.694495][T12553] ? percpu_ref_tryget+0x102/0x230 [ 323.699651][T12553] ? rcu_read_lock_held+0x9c/0xb0 [ 323.704814][T12553] ? __kasan_check_read+0x11/0x20 [ 323.709872][T12553] ? get_mem_cgroup_from_mm+0x151/0x310 [ 323.715445][T12553] mem_cgroup_try_charge+0x136/0x590 [ 323.720771][T12553] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 323.726432][T12553] __handle_mm_fault+0x1f61/0x3cc0 [ 323.731580][T12553] ? apply_to_existing_page_range+0x50/0x50 [ 323.737643][T12553] ? handle_mm_fault+0x292/0xa50 [ 323.742614][T12553] ? handle_mm_fault+0x7a0/0xa50 [ 323.747672][T12553] ? __kasan_check_read+0x11/0x20 [ 323.752738][T12553] handle_mm_fault+0x3b2/0xa50 [ 323.757548][T12553] __get_user_pages+0x7b2/0x1ac0 [ 323.762600][T12553] ? mark_held_locks+0xf0/0xf0 [ 323.767603][T12553] ? follow_page_mask+0x1dd0/0x1dd0 [ 323.772823][T12553] ? __mm_populate+0x270/0x380 [ 323.777620][T12553] ? __kasan_check_write+0x14/0x20 [ 323.782828][T12553] ? down_read+0x109/0x430 [ 323.787272][T12553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.793563][T12553] populate_vma_page_range+0x20d/0x2a0 [ 323.799079][T12553] __mm_populate+0x204/0x380 [ 323.803786][T12553] ? populate_vma_page_range+0x2a0/0x2a0 [ 323.809447][T12553] ? __kasan_check_write+0x14/0x20 [ 323.814584][T12553] ? up_write+0x150/0x490 [ 323.818949][T12553] ? ns_capable_common+0x93/0x100 [ 323.824006][T12553] __x64_sys_mlockall+0x473/0x520 [ 323.829061][T12553] do_syscall_64+0xfa/0x790 [ 323.833705][T12553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.839611][T12553] RIP: 0033:0x45aff9 [ 323.843527][T12553] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.863271][T12553] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 323.871702][T12553] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 323.879691][T12553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 323.887690][T12553] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 323.895679][T12553] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 323.903668][T12553] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:11:45 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:45 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 323.963090][T12553] memory: usage 307200kB, limit 307200kB, failcnt 487 [ 323.979255][T12553] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 323.994362][T12553] Memory cgroup stats for /syz5: [ 323.994496][T12553] anon 308985856 [ 323.994496][T12553] file 0 [ 323.994496][T12553] kernel_stack 552960 [ 323.994496][T12553] slab 1847296 [ 323.994496][T12553] sock 0 [ 323.994496][T12553] shmem 0 [ 323.994496][T12553] file_mapped 0 [ 323.994496][T12553] file_dirty 0 [ 323.994496][T12553] file_writeback 0 [ 323.994496][T12553] anon_thp 272629760 [ 323.994496][T12553] inactive_anon 208113664 [ 323.994496][T12553] active_anon 98304 [ 323.994496][T12553] inactive_file 0 [ 323.994496][T12553] active_file 0 [ 323.994496][T12553] unevictable 100954112 [ 323.994496][T12553] slab_reclaimable 405504 [ 323.994496][T12553] slab_unreclaimable 1441792 [ 323.994496][T12553] pgfault 43527 14:11:45 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:45 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x9f04, 0xfdb) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 323.994496][T12553] pgmajfault 0 [ 323.994496][T12553] workingset_refault 0 [ 323.994496][T12553] workingset_activate 0 [ 323.994496][T12553] workingset_nodereclaim 0 [ 323.994496][T12553] pgrefill 137 [ 323.994496][T12553] pgscan 198 [ 323.994496][T12553] pgsteal 0 [ 323.994496][T12553] pgactivate 132 [ 324.265996][T12553] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12549,uid=0 14:11:46 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 324.347921][T12553] Memory cgroup out of memory: Killed process 12549 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:46 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:46 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:46 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:46 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:46 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:46 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 325.205622][T12616] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 325.239035][T12616] CPU: 0 PID: 12616 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 325.247876][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.257939][T12616] Call Trace: [ 325.261250][T12616] dump_stack+0x197/0x210 [ 325.265606][T12616] dump_header+0x10b/0x82d [ 325.270394][T12616] oom_kill_process.cold+0x10/0x15 [ 325.275534][T12616] out_of_memory+0x334/0x13c0 [ 325.282698][T12616] ? find_held_lock+0x35/0x130 [ 325.287493][T12616] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 325.293328][T12616] ? oom_killer_disable+0x280/0x280 [ 325.298561][T12616] mem_cgroup_out_of_memory+0x1d8/0x240 [ 325.304405][T12616] ? memcg_oom_wake_function+0x700/0x700 [ 325.310065][T12616] ? do_raw_spin_unlock+0x181/0x270 [ 325.315291][T12616] ? _raw_spin_unlock+0x28/0x40 [ 325.320168][T12616] try_charge+0xf76/0x14d0 [ 325.324636][T12616] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 325.330330][T12616] ? percpu_ref_tryget+0x102/0x230 [ 325.335558][T12616] ? rcu_read_lock_held+0x9c/0xb0 [ 325.340604][T12616] ? __kasan_check_read+0x11/0x20 [ 325.345673][T12616] ? get_mem_cgroup_from_mm+0x151/0x310 [ 325.351247][T12616] mem_cgroup_try_charge+0x136/0x590 [ 325.356701][T12616] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 325.362363][T12616] __handle_mm_fault+0x1f61/0x3cc0 [ 325.367561][T12616] ? apply_to_existing_page_range+0x50/0x50 [ 325.373510][T12616] ? handle_mm_fault+0x292/0xa50 [ 325.378652][T12616] ? handle_mm_fault+0x7a0/0xa50 [ 325.383613][T12616] ? __kasan_check_read+0x11/0x20 [ 325.388664][T12616] handle_mm_fault+0x3b2/0xa50 [ 325.393450][T12616] __get_user_pages+0x7b2/0x1ac0 [ 325.398526][T12616] ? mark_held_locks+0xf0/0xf0 [ 325.403318][T12616] ? follow_page_mask+0x1dd0/0x1dd0 [ 325.408645][T12616] ? __mm_populate+0x270/0x380 [ 325.413429][T12616] ? __kasan_check_write+0x14/0x20 [ 325.418552][T12616] ? down_read+0x109/0x430 [ 325.422988][T12616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.429502][T12616] populate_vma_page_range+0x20d/0x2a0 [ 325.434996][T12616] __mm_populate+0x204/0x380 [ 325.439653][T12616] ? populate_vma_page_range+0x2a0/0x2a0 [ 325.445483][T12616] ? __kasan_check_write+0x14/0x20 [ 325.450622][T12616] ? up_write+0x150/0x490 [ 325.455087][T12616] ? ns_capable_common+0x93/0x100 [ 325.460137][T12616] __x64_sys_mlockall+0x473/0x520 [ 325.465191][T12616] do_syscall_64+0xfa/0x790 [ 325.469724][T12616] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.475635][T12616] RIP: 0033:0x45aff9 [ 325.479553][T12616] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:11:47 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:47 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 325.499303][T12616] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 325.507957][T12616] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 325.515955][T12616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 325.523966][T12616] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 325.531987][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 325.539982][T12616] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:11:47 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:47 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:47 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:47 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 326.043958][T12616] memory: usage 307192kB, limit 307200kB, failcnt 497 [ 326.057869][T12616] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 326.072050][T12616] Memory cgroup stats for /syz5: [ 326.072183][T12616] anon 308977664 [ 326.072183][T12616] file 0 [ 326.072183][T12616] kernel_stack 589824 [ 326.072183][T12616] slab 1847296 [ 326.072183][T12616] sock 0 [ 326.072183][T12616] shmem 0 [ 326.072183][T12616] file_mapped 0 [ 326.072183][T12616] file_dirty 0 [ 326.072183][T12616] file_writeback 0 [ 326.072183][T12616] anon_thp 272629760 [ 326.072183][T12616] inactive_anon 208117760 [ 326.072183][T12616] active_anon 98304 [ 326.072183][T12616] inactive_file 0 [ 326.072183][T12616] active_file 0 [ 326.072183][T12616] unevictable 100720640 [ 326.072183][T12616] slab_reclaimable 405504 [ 326.072183][T12616] slab_unreclaimable 1441792 [ 326.072183][T12616] pgfault 45045 [ 326.072183][T12616] pgmajfault 0 [ 326.072183][T12616] workingset_refault 0 [ 326.072183][T12616] workingset_activate 0 [ 326.072183][T12616] workingset_nodereclaim 0 [ 326.072183][T12616] pgrefill 170 [ 326.072183][T12616] pgscan 198 [ 326.072183][T12616] pgsteal 0 [ 326.072183][T12616] pgactivate 132 [ 326.274540][T12616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12613,uid=0 [ 326.290184][T12616] Memory cgroup out of memory: Killed process 12613 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 327.091744][T12616] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 327.102348][T12616] CPU: 0 PID: 12616 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 327.111037][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.121108][T12616] Call Trace: [ 327.124421][T12616] dump_stack+0x197/0x210 [ 327.128782][T12616] dump_header+0x10b/0x82d [ 327.133265][T12616] oom_kill_process.cold+0x10/0x15 [ 327.138406][T12616] out_of_memory+0x334/0x13c0 [ 327.143106][T12616] ? find_held_lock+0x35/0x130 [ 327.147911][T12616] ? oom_killer_disable+0x280/0x280 [ 327.153144][T12616] mem_cgroup_out_of_memory+0x1d8/0x240 [ 327.158717][T12616] ? memcg_oom_wake_function+0x700/0x700 [ 327.164499][T12616] ? _raw_spin_unlock+0x3c/0x40 [ 327.169386][T12616] try_charge+0xf76/0x14d0 [ 327.173834][T12616] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 327.179409][T12616] ? percpu_ref_tryget+0x102/0x230 [ 327.184544][T12616] ? rcu_read_lock_held+0x9c/0xb0 [ 327.189594][T12616] ? __kasan_check_read+0x11/0x20 [ 327.194649][T12616] ? get_mem_cgroup_from_mm+0x151/0x310 [ 327.200215][T12616] mem_cgroup_try_charge+0x136/0x590 [ 327.205525][T12616] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 327.211206][T12616] wp_page_copy+0x407/0x1560 [ 327.215827][T12616] ? find_held_lock+0x35/0x130 [ 327.220620][T12616] ? follow_pfn+0x2a0/0x2a0 [ 327.225155][T12616] ? lock_downgrade+0x920/0x920 [ 327.230031][T12616] ? swp_swapcount+0x540/0x540 [ 327.234822][T12616] ? do_raw_spin_unlock+0x181/0x270 [ 327.240159][T12616] do_wp_page+0x543/0x1540 [ 327.244614][T12616] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 327.250327][T12616] __handle_mm_fault+0x3112/0x3cc0 [ 327.255457][T12616] ? apply_to_existing_page_range+0x50/0x50 [ 327.261401][T12616] ? handle_mm_fault+0x292/0xa50 [ 327.266346][T12616] ? handle_mm_fault+0x7a0/0xa50 [ 327.271353][T12616] ? __kasan_check_read+0x11/0x20 [ 327.276373][T12616] handle_mm_fault+0x3b2/0xa50 [ 327.281261][T12616] __get_user_pages+0x7b2/0x1ac0 [ 327.286208][T12616] ? follow_page_mask+0x1dd0/0x1dd0 [ 327.291424][T12616] ? __this_cpu_preempt_check+0x35/0x190 [ 327.297056][T12616] ? retint_kernel+0x2b/0x2b [ 327.301809][T12616] populate_vma_page_range+0x20d/0x2a0 [ 327.307383][T12616] __mm_populate+0x204/0x380 [ 327.312117][T12616] ? populate_vma_page_range+0x2a0/0x2a0 [ 327.317755][T12616] ? __kasan_check_write+0x14/0x20 [ 327.322879][T12616] ? up_write+0x150/0x490 [ 327.327196][T12616] ? ns_capable_common+0x93/0x100 [ 327.332235][T12616] __x64_sys_mlockall+0x473/0x520 [ 327.337373][T12616] do_syscall_64+0xfa/0x790 [ 327.342017][T12616] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.348017][T12616] RIP: 0033:0x45aff9 [ 327.351911][T12616] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 327.371614][T12616] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 327.380026][T12616] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 327.388133][T12616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 327.396104][T12616] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 327.404067][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 327.412152][T12616] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 327.423313][T12616] memory: usage 307200kB, limit 307200kB, failcnt 522 [ 327.436748][T12616] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 327.443817][T12616] Memory cgroup stats for /syz5: [ 327.452450][T12616] anon 308871168 [ 327.452450][T12616] file 0 [ 327.452450][T12616] kernel_stack 626688 [ 327.452450][T12616] slab 1847296 [ 327.452450][T12616] sock 0 [ 327.452450][T12616] shmem 0 [ 327.452450][T12616] file_mapped 0 [ 327.452450][T12616] file_dirty 0 [ 327.452450][T12616] file_writeback 0 [ 327.452450][T12616] anon_thp 272629760 [ 327.452450][T12616] inactive_anon 193851392 [ 327.452450][T12616] active_anon 98304 [ 327.452450][T12616] inactive_file 0 [ 327.452450][T12616] active_file 0 [ 327.452450][T12616] unevictable 115109888 [ 327.452450][T12616] slab_reclaimable 405504 [ 327.452450][T12616] slab_unreclaimable 1441792 [ 327.452450][T12616] pgfault 46299 [ 327.452450][T12616] pgmajfault 0 [ 327.452450][T12616] workingset_refault 0 [ 327.452450][T12616] workingset_activate 0 [ 327.452450][T12616] workingset_nodereclaim 0 [ 327.452450][T12616] pgrefill 170 [ 327.452450][T12616] pgscan 198 [ 327.452450][T12616] pgsteal 0 [ 327.452450][T12616] pgactivate 132 [ 327.551200][T12616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12614,uid=0 [ 327.567654][T12616] Memory cgroup out of memory: Killed process 12614 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 327.588728][ T1129] oom_reaper: reaped process 12614 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:11:49 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:49 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:49 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:49 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:49 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:49 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:50 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:50 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:50 executing program 0: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:50 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:50 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:50 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:50 executing program 0: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:50 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:50 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:50 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 330.077913][T12693] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 330.095089][T12693] CPU: 0 PID: 12693 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 330.103958][T12693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.114031][T12693] Call Trace: [ 330.117352][T12693] dump_stack+0x197/0x210 [ 330.121715][T12693] dump_header+0x10b/0x82d [ 330.126161][T12693] oom_kill_process.cold+0x10/0x15 [ 330.131309][T12693] out_of_memory+0x334/0x13c0 [ 330.136016][T12693] ? find_held_lock+0x35/0x130 [ 330.140820][T12693] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 330.146652][T12693] ? oom_killer_disable+0x280/0x280 [ 330.151886][T12693] mem_cgroup_out_of_memory+0x1d8/0x240 [ 330.157465][T12693] ? memcg_oom_wake_function+0x700/0x700 [ 330.163261][T12693] ? do_raw_spin_unlock+0x181/0x270 [ 330.168515][T12693] ? _raw_spin_unlock+0x28/0x40 [ 330.173433][T12693] try_charge+0xf76/0x14d0 [ 330.177980][T12693] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 330.183580][T12693] ? __rcu_read_unlock+0x224/0x710 [ 330.188707][T12693] ? __kasan_check_read+0x11/0x20 [ 330.193884][T12693] ? get_mem_cgroup_from_mm+0x151/0x310 [ 330.199471][T12693] mem_cgroup_try_charge+0x136/0x590 [ 330.204791][T12693] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 330.210475][T12693] wp_page_copy+0x407/0x1560 [ 330.215076][T12693] ? find_held_lock+0x35/0x130 [ 330.220136][T12693] ? follow_pfn+0x2a0/0x2a0 [ 330.224662][T12693] ? lock_downgrade+0x920/0x920 [ 330.229654][T12693] ? swp_swapcount+0x540/0x540 [ 330.234439][T12693] ? do_raw_spin_unlock+0x181/0x270 [ 330.239663][T12693] do_wp_page+0x543/0x1540 [ 330.244110][T12693] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 330.249516][T12693] __handle_mm_fault+0x3112/0x3cc0 [ 330.254674][T12693] ? apply_to_existing_page_range+0x50/0x50 [ 330.260614][T12693] ? handle_mm_fault+0x292/0xa50 [ 330.265693][T12693] ? handle_mm_fault+0x7a0/0xa50 [ 330.270654][T12693] ? __kasan_check_read+0x11/0x20 [ 330.275710][T12693] handle_mm_fault+0x3b2/0xa50 [ 330.280491][T12693] __get_user_pages+0x7b2/0x1ac0 [ 330.285594][T12693] ? follow_page_mask+0x1dd0/0x1dd0 [ 330.290850][T12693] ? retint_kernel+0x2b/0x2b [ 330.295512][T12693] populate_vma_page_range+0x20d/0x2a0 [ 330.300997][T12693] __mm_populate+0x204/0x380 [ 330.305800][T12693] ? populate_vma_page_range+0x2a0/0x2a0 [ 330.311558][T12693] ? __kasan_check_write+0x14/0x20 [ 330.316682][T12693] ? up_write+0x150/0x490 [ 330.321033][T12693] ? ns_capable_common+0x93/0x100 [ 330.326110][T12693] __x64_sys_mlockall+0x473/0x520 [ 330.331150][T12693] do_syscall_64+0xfa/0x790 [ 330.335664][T12693] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.341566][T12693] RIP: 0033:0x45aff9 [ 330.345497][T12693] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 330.365297][T12693] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 330.373795][T12693] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 330.381960][T12693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 330.389959][T12693] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 330.397951][T12693] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 330.405944][T12693] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 330.423764][T12693] memory: usage 307200kB, limit 307200kB, failcnt 559 [ 330.430883][T12693] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 330.431015][T12693] Memory cgroup stats for /syz5: [ 330.432531][T12693] anon 308895744 [ 330.432531][T12693] file 0 [ 330.432531][T12693] kernel_stack 626688 [ 330.432531][T12693] slab 1847296 [ 330.432531][T12693] sock 0 [ 330.432531][T12693] shmem 0 [ 330.432531][T12693] file_mapped 0 [ 330.432531][T12693] file_dirty 0 [ 330.432531][T12693] file_writeback 0 [ 330.432531][T12693] anon_thp 274726912 [ 330.432531][T12693] inactive_anon 194994176 [ 330.432531][T12693] active_anon 98304 [ 330.432531][T12693] inactive_file 0 [ 330.432531][T12693] active_file 0 [ 330.432531][T12693] unevictable 113823744 [ 330.432531][T12693] slab_reclaimable 405504 [ 330.432531][T12693] slab_unreclaimable 1441792 [ 330.432531][T12693] pgfault 47685 [ 330.432531][T12693] pgmajfault 0 [ 330.432531][T12693] workingset_refault 0 [ 330.432531][T12693] workingset_activate 0 [ 330.432531][T12693] workingset_nodereclaim 0 [ 330.432531][T12693] pgrefill 170 [ 330.432531][T12693] pgscan 231 [ 330.432531][T12693] pgsteal 0 [ 330.432531][T12693] pgactivate 132 [ 330.538735][T12693] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12690,uid=0 [ 330.559034][T12693] Memory cgroup out of memory: Killed process 12690 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 330.582483][ T1129] oom_reaper: reaped process 12690 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:11:52 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:52 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:52 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:52 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:11:52 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:52 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:52 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:53 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 331.362916][T12780] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 331.415897][T12780] CPU: 1 PID: 12780 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 331.424615][T12780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.434685][T12780] Call Trace: [ 331.438007][T12780] dump_stack+0x197/0x210 [ 331.442359][T12780] dump_header+0x10b/0x82d [ 331.446799][T12780] oom_kill_process.cold+0x10/0x15 [ 331.451936][T12780] out_of_memory+0x334/0x13c0 [ 331.456624][T12780] ? find_held_lock+0x35/0x130 [ 331.461415][T12780] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 331.467271][T12780] ? oom_killer_disable+0x280/0x280 [ 331.472501][T12780] mem_cgroup_out_of_memory+0x1d8/0x240 [ 331.478099][T12780] ? memcg_oom_wake_function+0x700/0x700 [ 331.483885][T12780] ? do_raw_spin_unlock+0x181/0x270 [ 331.489099][T12780] ? _raw_spin_unlock+0x28/0x40 [ 331.494077][T12780] try_charge+0xf76/0x14d0 [ 331.498524][T12780] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 331.504205][T12780] ? percpu_ref_tryget+0x102/0x230 [ 331.509331][T12780] ? rcu_read_lock_held+0x9c/0xb0 [ 331.514372][T12780] ? __kasan_check_read+0x11/0x20 [ 331.519462][T12780] ? get_mem_cgroup_from_mm+0x151/0x310 [ 331.525027][T12780] mem_cgroup_try_charge+0x136/0x590 [ 331.530358][T12780] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 331.536007][T12780] __handle_mm_fault+0x1f61/0x3cc0 [ 331.541249][T12780] ? apply_to_existing_page_range+0x50/0x50 [ 331.547170][T12780] ? handle_mm_fault+0x292/0xa50 [ 331.552140][T12780] ? handle_mm_fault+0x7a0/0xa50 [ 331.557134][T12780] ? __kasan_check_read+0x11/0x20 [ 331.562273][T12780] handle_mm_fault+0x3b2/0xa50 [ 331.567062][T12780] __get_user_pages+0x7b2/0x1ac0 [ 331.572012][T12780] ? mark_held_locks+0xf0/0xf0 [ 331.576833][T12780] ? follow_page_mask+0x1dd0/0x1dd0 [ 331.582048][T12780] ? __mm_populate+0x270/0x380 [ 331.586842][T12780] ? __kasan_check_write+0x14/0x20 [ 331.592076][T12780] ? down_read+0x109/0x430 [ 331.596513][T12780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.603039][T12780] populate_vma_page_range+0x20d/0x2a0 [ 331.608697][T12780] __mm_populate+0x204/0x380 [ 331.613313][T12780] ? populate_vma_page_range+0x2a0/0x2a0 [ 331.618974][T12780] ? __kasan_check_write+0x14/0x20 [ 331.624129][T12780] ? up_write+0x150/0x490 [ 331.628474][T12780] ? ns_capable_common+0x93/0x100 [ 331.633572][T12780] __x64_sys_mlockall+0x473/0x520 [ 331.638701][T12780] do_syscall_64+0xfa/0x790 [ 331.643230][T12780] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.649145][T12780] RIP: 0033:0x45aff9 [ 331.653061][T12780] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.672706][T12780] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 331.681138][T12780] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 331.689127][T12780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 331.697113][T12780] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 331.705100][T12780] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 331.713263][T12780] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 331.824214][T12780] memory: usage 307200kB, limit 307200kB, failcnt 575 [ 331.871245][T12780] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 331.890821][T12780] Memory cgroup stats for /syz5: [ 331.890981][T12780] anon 308965376 [ 331.890981][T12780] file 0 [ 331.890981][T12780] kernel_stack 552960 [ 331.890981][T12780] slab 1847296 [ 331.890981][T12780] sock 0 [ 331.890981][T12780] shmem 0 [ 331.890981][T12780] file_mapped 0 [ 331.890981][T12780] file_dirty 0 [ 331.890981][T12780] file_writeback 0 [ 331.890981][T12780] anon_thp 274726912 [ 331.890981][T12780] inactive_anon 203927552 [ 331.890981][T12780] active_anon 98304 [ 331.890981][T12780] inactive_file 0 [ 331.890981][T12780] active_file 0 [ 331.890981][T12780] unevictable 105029632 [ 331.890981][T12780] slab_reclaimable 405504 [ 331.890981][T12780] slab_unreclaimable 1441792 [ 331.890981][T12780] pgfault 48378 [ 331.890981][T12780] pgmajfault 0 [ 331.890981][T12780] workingset_refault 0 [ 331.890981][T12780] workingset_activate 0 [ 331.890981][T12780] workingset_nodereclaim 0 [ 331.890981][T12780] pgrefill 170 [ 331.890981][T12780] pgscan 231 [ 331.890981][T12780] pgsteal 0 [ 331.890981][T12780] pgactivate 132 [ 332.024410][T12780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12733,uid=0 [ 332.048550][T12780] Memory cgroup out of memory: Killed process 12733 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:11:54 executing program 0: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:54 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:54 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:54 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:54 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:54 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) [ 333.070802][T12818] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 333.095715][T12818] CPU: 1 PID: 12818 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 333.104462][T12818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.114536][T12818] Call Trace: [ 333.117957][T12818] dump_stack+0x197/0x210 [ 333.122322][T12818] dump_header+0x10b/0x82d [ 333.126759][T12818] oom_kill_process.cold+0x10/0x15 [ 333.131900][T12818] out_of_memory+0x334/0x13c0 [ 333.136729][T12818] ? find_held_lock+0x35/0x130 [ 333.141610][T12818] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 333.147440][T12818] ? oom_killer_disable+0x280/0x280 [ 333.152670][T12818] mem_cgroup_out_of_memory+0x1d8/0x240 [ 333.158232][T12818] ? memcg_oom_wake_function+0x700/0x700 [ 333.163889][T12818] ? do_raw_spin_unlock+0x181/0x270 [ 333.169104][T12818] ? _raw_spin_unlock+0x28/0x40 [ 333.173973][T12818] try_charge+0xf76/0x14d0 [ 333.178423][T12818] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 333.184590][T12818] ? percpu_ref_tryget+0x102/0x230 [ 333.189722][T12818] ? rcu_read_lock_held+0x9c/0xb0 [ 333.194761][T12818] ? __kasan_check_read+0x11/0x20 [ 333.199826][T12818] ? get_mem_cgroup_from_mm+0x151/0x310 [ 333.205389][T12818] mem_cgroup_try_charge+0x136/0x590 [ 333.210728][T12818] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 333.216422][T12818] __handle_mm_fault+0x1f61/0x3cc0 [ 333.221567][T12818] ? apply_to_existing_page_range+0x50/0x50 [ 333.227565][T12818] ? handle_mm_fault+0x292/0xa50 [ 333.232559][T12818] ? handle_mm_fault+0x7a0/0xa50 [ 333.237547][T12818] ? __kasan_check_read+0x11/0x20 [ 333.242599][T12818] handle_mm_fault+0x3b2/0xa50 [ 333.247575][T12818] __get_user_pages+0x7b2/0x1ac0 [ 333.252527][T12818] ? mark_held_locks+0xf0/0xf0 [ 333.257319][T12818] ? follow_page_mask+0x1dd0/0x1dd0 [ 333.262531][T12818] ? __mm_populate+0x270/0x380 [ 333.267400][T12818] ? __kasan_check_write+0x14/0x20 [ 333.272528][T12818] ? down_read+0x109/0x430 [ 333.277045][T12818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.283336][T12818] populate_vma_page_range+0x20d/0x2a0 [ 333.288948][T12818] __mm_populate+0x204/0x380 [ 333.293559][T12818] ? populate_vma_page_range+0x2a0/0x2a0 [ 333.299205][T12818] ? __kasan_check_write+0x14/0x20 [ 333.304334][T12818] ? up_write+0x150/0x490 [ 333.308769][T12818] ? ns_capable_common+0x93/0x100 [ 333.313808][T12818] __x64_sys_mlockall+0x473/0x520 [ 333.318854][T12818] do_syscall_64+0xfa/0x790 [ 333.323514][T12818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.329424][T12818] RIP: 0033:0x45aff9 [ 333.333328][T12818] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 333.353036][T12818] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 333.361468][T12818] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 14:11:55 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:55 executing program 1: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:11:55 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 333.370150][T12818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 333.378275][T12818] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 333.386261][T12818] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 333.394445][T12818] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:11:55 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:55 executing program 1: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:55 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 333.785890][T12818] memory: usage 307200kB, limit 307200kB, failcnt 618 [ 333.819435][T12818] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 333.855993][T12818] Memory cgroup stats for /syz5: [ 333.856428][T12818] anon 308981760 [ 333.856428][T12818] file 0 [ 333.856428][T12818] kernel_stack 589824 [ 333.856428][T12818] slab 1847296 [ 333.856428][T12818] sock 0 [ 333.856428][T12818] shmem 0 [ 333.856428][T12818] file_mapped 0 [ 333.856428][T12818] file_dirty 0 [ 333.856428][T12818] file_writeback 0 [ 333.856428][T12818] anon_thp 272629760 [ 333.856428][T12818] inactive_anon 208224256 [ 333.856428][T12818] active_anon 98304 [ 333.856428][T12818] inactive_file 0 [ 333.856428][T12818] active_file 0 [ 333.856428][T12818] unevictable 100835328 [ 333.856428][T12818] slab_reclaimable 405504 [ 333.856428][T12818] slab_unreclaimable 1441792 [ 333.856428][T12818] pgfault 49962 [ 333.856428][T12818] pgmajfault 0 [ 333.856428][T12818] workingset_refault 0 [ 333.856428][T12818] workingset_activate 0 [ 333.856428][T12818] workingset_nodereclaim 0 [ 333.856428][T12818] pgrefill 203 [ 333.856428][T12818] pgscan 231 [ 333.856428][T12818] pgsteal 0 [ 333.856428][T12818] pgactivate 132 [ 334.214862][T12818] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12805,uid=0 [ 334.251902][T12818] Memory cgroup out of memory: Killed process 12805 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 335.118517][T12818] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 335.156536][T12818] CPU: 0 PID: 12818 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 335.165273][T12818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.175338][T12818] Call Trace: [ 335.178743][T12818] dump_stack+0x197/0x210 [ 335.183087][T12818] dump_header+0x10b/0x82d [ 335.187523][T12818] oom_kill_process.cold+0x10/0x15 [ 335.192860][T12818] out_of_memory+0x334/0x13c0 [ 335.198508][T12818] ? find_held_lock+0x35/0x130 [ 335.203296][T12818] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 335.209118][T12818] ? oom_killer_disable+0x280/0x280 [ 335.214346][T12818] mem_cgroup_out_of_memory+0x1d8/0x240 [ 335.220443][T12818] ? memcg_oom_wake_function+0x700/0x700 [ 335.226275][T12818] ? do_raw_spin_unlock+0x181/0x270 [ 335.231655][T12818] ? _raw_spin_unlock+0x28/0x40 [ 335.236528][T12818] try_charge+0xf76/0x14d0 [ 335.240958][T12818] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 335.246503][T12818] ? percpu_ref_tryget+0x102/0x230 [ 335.251804][T12818] ? rcu_read_lock_held+0x9c/0xb0 [ 335.258662][T12818] ? __kasan_check_read+0x11/0x20 [ 335.263693][T12818] ? get_mem_cgroup_from_mm+0x151/0x310 [ 335.269232][T12818] mem_cgroup_try_charge+0x136/0x590 [ 335.274522][T12818] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 335.280164][T12818] wp_page_copy+0x407/0x1560 [ 335.284746][T12818] ? find_held_lock+0x35/0x130 [ 335.297040][T12818] ? follow_pfn+0x2a0/0x2a0 [ 335.301540][T12818] ? lock_downgrade+0x920/0x920 [ 335.306396][T12818] ? swp_swapcount+0x540/0x540 [ 335.311172][T12818] ? do_raw_spin_unlock+0x181/0x270 [ 335.316390][T12818] do_wp_page+0x543/0x1540 [ 335.320818][T12818] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 335.326312][T12818] __handle_mm_fault+0x3112/0x3cc0 [ 335.331444][T12818] ? apply_to_existing_page_range+0x50/0x50 [ 335.337342][T12818] ? handle_mm_fault+0x292/0xa50 [ 335.342686][T12818] ? handle_mm_fault+0x7a0/0xa50 [ 335.347633][T12818] ? __kasan_check_read+0x11/0x20 [ 335.353108][T12818] handle_mm_fault+0x3b2/0xa50 [ 335.357902][T12818] __get_user_pages+0x7b2/0x1ac0 [ 335.362856][T12818] ? mark_held_locks+0xf0/0xf0 [ 335.367639][T12818] ? follow_page_mask+0x1dd0/0x1dd0 [ 335.372842][T12818] ? __mm_populate+0x270/0x380 [ 335.377767][T12818] ? __kasan_check_write+0x14/0x20 [ 335.382887][T12818] ? down_read+0x109/0x430 [ 335.387311][T12818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.393568][T12818] populate_vma_page_range+0x20d/0x2a0 [ 335.399024][T12818] __mm_populate+0x204/0x380 [ 335.403625][T12818] ? populate_vma_page_range+0x2a0/0x2a0 [ 335.409281][T12818] ? __kasan_check_write+0x14/0x20 [ 335.414434][T12818] ? up_write+0x150/0x490 [ 335.418761][T12818] ? ns_capable_common+0x93/0x100 [ 335.423916][T12818] __x64_sys_mlockall+0x473/0x520 [ 335.428953][T12818] do_syscall_64+0xfa/0x790 [ 335.433456][T12818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.439354][T12818] RIP: 0033:0x45aff9 [ 335.443255][T12818] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.462876][T12818] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 335.471290][T12818] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 335.479266][T12818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 335.487265][T12818] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 335.495247][T12818] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 335.503217][T12818] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 335.523713][T12818] memory: usage 307200kB, limit 307200kB, failcnt 647 [ 335.530633][T12818] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 335.538181][T12818] Memory cgroup stats for /syz5: [ 335.538325][T12818] anon 308854784 [ 335.538325][T12818] file 0 [ 335.538325][T12818] kernel_stack 626688 [ 335.538325][T12818] slab 1847296 [ 335.538325][T12818] sock 0 [ 335.538325][T12818] shmem 0 [ 335.538325][T12818] file_mapped 0 [ 335.538325][T12818] file_dirty 0 [ 335.538325][T12818] file_writeback 0 [ 335.538325][T12818] anon_thp 272629760 [ 335.538325][T12818] inactive_anon 193576960 [ 335.538325][T12818] active_anon 98304 [ 335.538325][T12818] inactive_file 0 [ 335.538325][T12818] active_file 0 [ 335.538325][T12818] unevictable 115245056 [ 335.538325][T12818] slab_reclaimable 405504 [ 335.538325][T12818] slab_unreclaimable 1441792 [ 335.538325][T12818] pgfault 51216 [ 335.538325][T12818] pgmajfault 0 [ 335.538325][T12818] workingset_refault 0 [ 335.538325][T12818] workingset_activate 0 [ 335.538325][T12818] workingset_nodereclaim 0 [ 335.538325][T12818] pgrefill 203 [ 335.538325][T12818] pgscan 231 [ 335.538325][T12818] pgsteal 0 [ 335.538325][T12818] pgactivate 165 [ 335.716476][T12818] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12811,uid=0 [ 335.746459][T12818] Memory cgroup out of memory: Killed process 12811 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 14:11:57 executing program 0: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:57 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:57 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:57 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 335.778309][ T1129] oom_reaper: reaped process 12811 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:11:57 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:58 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000), 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 1: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:58 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 337.422271][T12886] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 337.462379][T12886] CPU: 1 PID: 12886 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 337.471104][T12886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.481194][T12886] Call Trace: [ 337.484511][T12886] dump_stack+0x197/0x210 [ 337.488870][T12886] dump_header+0x10b/0x82d [ 337.493433][T12886] oom_kill_process.cold+0x10/0x15 [ 337.498702][T12886] out_of_memory+0x334/0x13c0 [ 337.503410][T12886] ? find_held_lock+0x35/0x130 [ 337.508207][T12886] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 337.514043][T12886] ? oom_killer_disable+0x280/0x280 [ 337.519273][T12886] mem_cgroup_out_of_memory+0x1d8/0x240 [ 337.524843][T12886] ? memcg_oom_wake_function+0x700/0x700 [ 337.530614][T12886] ? do_raw_spin_unlock+0x181/0x270 [ 337.535843][T12886] ? _raw_spin_unlock+0x28/0x40 [ 337.540720][T12886] try_charge+0xf76/0x14d0 [ 337.545173][T12886] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 337.550744][T12886] ? percpu_ref_tryget+0x102/0x230 [ 337.555886][T12886] ? rcu_read_lock_held+0x9c/0xb0 [ 337.560937][T12886] ? __kasan_check_read+0x11/0x20 [ 337.565978][T12886] ? get_mem_cgroup_from_mm+0x151/0x310 [ 337.571654][T12886] mem_cgroup_try_charge+0x136/0x590 [ 337.576961][T12886] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 337.582610][T12886] wp_page_copy+0x407/0x1560 [ 337.587230][T12886] ? find_held_lock+0x35/0x130 [ 337.592014][T12886] ? follow_pfn+0x2a0/0x2a0 [ 337.596529][T12886] ? lock_downgrade+0x920/0x920 [ 337.601548][T12886] ? swp_swapcount+0x540/0x540 [ 337.606357][T12886] ? do_raw_spin_unlock+0x181/0x270 [ 337.611573][T12886] do_wp_page+0x543/0x1540 [ 337.616045][T12886] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 337.621447][T12886] __handle_mm_fault+0x3112/0x3cc0 [ 337.626580][T12886] ? apply_to_existing_page_range+0x50/0x50 [ 337.632481][T12886] ? handle_mm_fault+0x292/0xa50 [ 337.637437][T12886] ? handle_mm_fault+0x7a0/0xa50 [ 337.642403][T12886] ? __kasan_check_read+0x11/0x20 [ 337.647446][T12886] handle_mm_fault+0x3b2/0xa50 [ 337.652230][T12886] __get_user_pages+0x7b2/0x1ac0 [ 337.657178][T12886] ? mark_held_locks+0xf0/0xf0 [ 337.661983][T12886] ? follow_page_mask+0x1dd0/0x1dd0 [ 337.667190][T12886] ? __mm_populate+0x270/0x380 [ 337.671994][T12886] ? __kasan_check_write+0x14/0x20 [ 337.677115][T12886] ? down_read+0x109/0x430 [ 337.681551][T12886] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.687808][T12886] populate_vma_page_range+0x20d/0x2a0 [ 337.693311][T12886] __mm_populate+0x204/0x380 [ 337.697915][T12886] ? populate_vma_page_range+0x2a0/0x2a0 [ 337.703612][T12886] ? __kasan_check_write+0x14/0x20 [ 337.708744][T12886] ? up_write+0x150/0x490 [ 337.713088][T12886] ? ns_capable_common+0x93/0x100 [ 337.718138][T12886] __x64_sys_mlockall+0x473/0x520 [ 337.723177][T12886] do_syscall_64+0xfa/0x790 [ 337.727701][T12886] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.733608][T12886] RIP: 0033:0x45aff9 [ 337.737524][T12886] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.758309][T12886] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 337.766736][T12886] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 337.774718][T12886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 337.782708][T12886] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 337.790817][T12886] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 337.799193][T12886] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 337.824291][T12886] memory: usage 307136kB, limit 307200kB, failcnt 663 [ 337.831272][T12886] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 337.838797][T12886] Memory cgroup stats for /syz5: [ 337.838942][T12886] anon 308727808 [ 337.838942][T12886] file 0 [ 337.838942][T12886] kernel_stack 552960 [ 337.838942][T12886] slab 1982464 [ 337.838942][T12886] sock 0 [ 337.838942][T12886] shmem 0 [ 337.838942][T12886] file_mapped 0 [ 337.838942][T12886] file_dirty 0 [ 337.838942][T12886] file_writeback 0 [ 337.838942][T12886] anon_thp 274726912 [ 337.838942][T12886] inactive_anon 195211264 [ 337.838942][T12886] active_anon 98304 [ 337.838942][T12886] inactive_file 0 [ 337.838942][T12886] active_file 0 [ 337.838942][T12886] unevictable 113553408 [ 337.838942][T12886] slab_reclaimable 405504 [ 337.838942][T12886] slab_unreclaimable 1576960 [ 337.838942][T12886] pgfault 52602 [ 337.838942][T12886] pgmajfault 0 [ 337.838942][T12886] workingset_refault 0 [ 337.838942][T12886] workingset_activate 0 [ 337.838942][T12886] workingset_nodereclaim 0 [ 337.838942][T12886] pgrefill 203 [ 337.838942][T12886] pgscan 264 [ 337.838942][T12886] pgsteal 0 [ 337.838942][T12886] pgactivate 198 [ 337.939860][T12886] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12884,uid=0 [ 337.963409][T12886] Memory cgroup out of memory: Killed process 12886 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 337.991662][ T1129] oom_reaper: reaped process 12886 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:11:59 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r2, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:59 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000), 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:59 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:11:59 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:11:59 executing program 1: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) 14:11:59 executing program 5: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:00 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000), 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:00 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 338.670977][T12929] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 338.720754][T12929] CPU: 1 PID: 12929 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 338.729484][T12929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.739675][T12929] Call Trace: [ 338.742991][T12929] dump_stack+0x197/0x210 [ 338.747380][T12929] dump_header+0x10b/0x82d [ 338.751824][T12929] oom_kill_process.cold+0x10/0x15 [ 338.756963][T12929] out_of_memory+0x334/0x13c0 [ 338.761653][T12929] ? find_held_lock+0x35/0x130 [ 338.766448][T12929] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 338.772280][T12929] ? oom_killer_disable+0x280/0x280 [ 338.777674][T12929] mem_cgroup_out_of_memory+0x1d8/0x240 [ 338.783242][T12929] ? memcg_oom_wake_function+0x700/0x700 [ 338.789009][T12929] ? do_raw_spin_unlock+0x181/0x270 [ 338.794229][T12929] ? _raw_spin_unlock+0x28/0x40 [ 338.799110][T12929] try_charge+0xf76/0x14d0 [ 338.803561][T12929] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 338.809117][T12929] ? percpu_ref_tryget+0x102/0x230 [ 338.814240][T12929] ? rcu_read_lock_held+0x9c/0xb0 [ 338.819281][T12929] ? __kasan_check_read+0x11/0x20 [ 338.824334][T12929] ? get_mem_cgroup_from_mm+0x151/0x310 [ 338.829896][T12929] mem_cgroup_try_charge+0x136/0x590 [ 338.835224][T12929] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 338.840889][T12929] __handle_mm_fault+0x1f61/0x3cc0 [ 338.846026][T12929] ? apply_to_existing_page_range+0x50/0x50 [ 338.852167][T12929] ? handle_mm_fault+0x292/0xa50 [ 338.857132][T12929] ? handle_mm_fault+0x7a0/0xa50 [ 338.862195][T12929] ? __kasan_check_read+0x11/0x20 [ 338.867235][T12929] handle_mm_fault+0x3b2/0xa50 [ 338.872019][T12929] __get_user_pages+0x7b2/0x1ac0 [ 338.876969][T12929] ? mark_held_locks+0xf0/0xf0 [ 338.881760][T12929] ? follow_page_mask+0x1dd0/0x1dd0 [ 338.886975][T12929] ? __mm_populate+0x270/0x380 [ 338.891757][T12929] ? __kasan_check_write+0x14/0x20 [ 338.897020][T12929] ? down_read+0x109/0x430 [ 338.901450][T12929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.907704][T12929] populate_vma_page_range+0x20d/0x2a0 [ 338.913182][T12929] __mm_populate+0x204/0x380 [ 338.917919][T12929] ? populate_vma_page_range+0x2a0/0x2a0 [ 338.923563][T12929] ? __kasan_check_write+0x14/0x20 [ 338.928715][T12929] ? up_write+0x150/0x490 [ 338.933081][T12929] ? ns_capable_common+0x93/0x100 [ 338.938317][T12929] __x64_sys_mlockall+0x473/0x520 [ 338.943365][T12929] do_syscall_64+0xfa/0x790 [ 338.947894][T12929] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.953802][T12929] RIP: 0033:0x45aff9 [ 338.957713][T12929] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 338.977328][T12929] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 338.985759][T12929] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 338.993750][T12929] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 339.001864][T12929] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 339.009878][T12929] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 14:12:00 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:00 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 339.017930][T12929] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c 14:12:00 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 339.104534][T12929] memory: usage 307200kB, limit 307200kB, failcnt 683 [ 339.139545][T12929] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 339.190384][T12929] Memory cgroup stats for /syz5: [ 339.190526][T12929] anon 308858880 [ 339.190526][T12929] file 0 [ 339.190526][T12929] kernel_stack 589824 [ 339.190526][T12929] slab 1982464 [ 339.190526][T12929] sock 0 [ 339.190526][T12929] shmem 0 [ 339.190526][T12929] file_mapped 0 [ 339.190526][T12929] file_dirty 0 [ 339.190526][T12929] file_writeback 0 [ 339.190526][T12929] anon_thp 274726912 [ 339.190526][T12929] inactive_anon 203988992 [ 339.190526][T12929] active_anon 98304 [ 339.190526][T12929] inactive_file 0 14:12:01 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:01 executing program 0: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) socket$inet6(0xa, 0x6, 0x0) fallocate(r0, 0x4, 0x9f04, 0xfdb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) socket(0x0, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@empty, @dev}, 0x3b0) epoll_wait(0xffffffffffffffff, &(0x7f000000affb)=[{}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 339.190526][T12929] active_file 0 [ 339.190526][T12929] unevictable 104898560 [ 339.190526][T12929] slab_reclaimable 405504 [ 339.190526][T12929] slab_unreclaimable 1576960 [ 339.190526][T12929] pgfault 53262 [ 339.190526][T12929] pgmajfault 0 [ 339.190526][T12929] workingset_refault 0 [ 339.190526][T12929] workingset_activate 0 [ 339.190526][T12929] workingset_nodereclaim 0 [ 339.190526][T12929] pgrefill 203 [ 339.190526][T12929] pgscan 264 [ 339.190526][T12929] pgsteal 33 [ 339.190526][T12929] pgactivate 198 14:12:01 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 339.491252][T12929] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12907,uid=0 [ 339.609587][T12929] Memory cgroup out of memory: Killed process 12907 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:12:01 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:01 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 340.529135][T12929] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 340.596280][T12929] CPU: 0 PID: 12929 Comm: syz-executor.5 Not tainted 5.5.0-rc6-syzkaller #0 [ 340.605004][T12929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.615252][T12929] Call Trace: [ 340.618578][T12929] dump_stack+0x197/0x210 [ 340.622938][T12929] dump_header+0x10b/0x82d [ 340.627386][T12929] oom_kill_process.cold+0x10/0x15 [ 340.632521][T12929] out_of_memory+0x334/0x13c0 [ 340.637216][T12929] ? find_held_lock+0x35/0x130 [ 340.642009][T12929] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 340.647852][T12929] ? oom_killer_disable+0x280/0x280 [ 340.653079][T12929] mem_cgroup_out_of_memory+0x1d8/0x240 [ 340.658671][T12929] ? memcg_oom_wake_function+0x700/0x700 [ 340.664332][T12929] ? do_raw_spin_unlock+0x181/0x270 [ 340.669548][T12929] ? _raw_spin_unlock+0x28/0x40 [ 340.674686][T12929] try_charge+0xf76/0x14d0 [ 340.679307][T12929] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 340.685020][T12929] ? percpu_ref_tryget+0x102/0x230 [ 340.690154][T12929] ? rcu_read_lock_held+0x9c/0xb0 [ 340.695196][T12929] ? __kasan_check_read+0x11/0x20 [ 340.700247][T12929] ? get_mem_cgroup_from_mm+0x151/0x310 [ 340.705819][T12929] mem_cgroup_try_charge+0x136/0x590 [ 340.711237][T12929] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 340.716903][T12929] wp_page_copy+0x407/0x1560 [ 340.721524][T12929] ? find_held_lock+0x35/0x130 [ 340.726316][T12929] ? follow_pfn+0x2a0/0x2a0 [ 340.730839][T12929] ? lock_downgrade+0x920/0x920 [ 340.735711][T12929] ? swp_swapcount+0x540/0x540 [ 340.740597][T12929] ? do_raw_spin_unlock+0x181/0x270 [ 340.745823][T12929] do_wp_page+0x543/0x1540 [ 340.750269][T12929] ? finish_mkwrite_fault+0x5c0/0x5c0 [ 340.755671][T12929] __handle_mm_fault+0x3112/0x3cc0 [ 340.760815][T12929] ? apply_to_existing_page_range+0x50/0x50 [ 340.766863][T12929] ? handle_mm_fault+0x292/0xa50 [ 340.772030][T12929] ? handle_mm_fault+0x7a0/0xa50 [ 340.777003][T12929] ? __kasan_check_read+0x11/0x20 [ 340.782051][T12929] handle_mm_fault+0x3b2/0xa50 [ 340.786891][T12929] __get_user_pages+0x7b2/0x1ac0 [ 340.791850][T12929] ? mark_held_locks+0xf0/0xf0 [ 340.796643][T12929] ? follow_page_mask+0x1dd0/0x1dd0 [ 340.801862][T12929] ? __mm_populate+0x270/0x380 [ 340.806697][T12929] ? __kasan_check_write+0x14/0x20 [ 340.811909][T12929] ? down_read+0x109/0x430 [ 340.816694][T12929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.822959][T12929] populate_vma_page_range+0x20d/0x2a0 [ 340.828454][T12929] __mm_populate+0x204/0x380 [ 340.833071][T12929] ? populate_vma_page_range+0x2a0/0x2a0 [ 340.838905][T12929] ? __kasan_check_write+0x14/0x20 [ 340.844140][T12929] ? up_write+0x150/0x490 [ 340.848596][T12929] ? ns_capable_common+0x93/0x100 [ 340.853656][T12929] __x64_sys_mlockall+0x473/0x520 [ 340.858713][T12929] do_syscall_64+0xfa/0x790 [ 340.863274][T12929] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.869206][T12929] RIP: 0033:0x45aff9 [ 340.873815][T12929] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.893562][T12929] RSP: 002b:00007f3b58c1fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 340.901997][T12929] RAX: ffffffffffffffda RBX: 00007f3b58c206d4 RCX: 000000000045aff9 [ 340.910118][T12929] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 340.918116][T12929] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 340.926219][T12929] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 340.934224][T12929] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 340.973491][T12929] memory: usage 307200kB, limit 307200kB, failcnt 720 [ 340.980379][T12929] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 340.987681][T12929] Memory cgroup stats for /syz5: [ 340.987825][T12929] anon 308985856 [ 340.987825][T12929] file 0 [ 340.987825][T12929] kernel_stack 626688 [ 340.987825][T12929] slab 1982464 [ 340.987825][T12929] sock 0 [ 340.987825][T12929] shmem 0 [ 340.987825][T12929] file_mapped 0 [ 340.987825][T12929] file_dirty 0 [ 340.987825][T12929] file_writeback 0 [ 340.987825][T12929] anon_thp 272629760 [ 340.987825][T12929] inactive_anon 193658880 [ 340.987825][T12929] active_anon 98304 [ 340.987825][T12929] inactive_file 0 [ 340.987825][T12929] active_file 0 [ 340.987825][T12929] unevictable 115240960 [ 340.987825][T12929] slab_reclaimable 405504 [ 340.987825][T12929] slab_unreclaimable 1576960 [ 340.987825][T12929] pgfault 54516 [ 340.987825][T12929] pgmajfault 0 [ 340.987825][T12929] workingset_refault 0 [ 340.987825][T12929] workingset_activate 0 [ 340.987825][T12929] workingset_nodereclaim 0 [ 340.987825][T12929] pgrefill 203 [ 340.987825][T12929] pgscan 264 [ 340.987825][T12929] pgsteal 33 [ 340.987825][T12929] pgactivate 198 [ 341.095522][T12929] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=12928,uid=0 [ 341.146164][T12929] Memory cgroup out of memory: Killed process 12928 (syz-executor.5) total-vm:72716kB, anon-rss:18332kB, file-rss:54368kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 341.198803][ T1129] oom_reaper: reaped process 12928 (syz-executor.5), now anon-rss:18332kB, file-rss:54364kB, shmem-rss:0kB 14:12:03 executing program 1 (fault-call:5 fault-nth:0): socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 341.419798][T12990] FAULT_INJECTION: forcing a failure. [ 341.419798][T12990] name failslab, interval 1, probability 0, space 0, times 1 [ 341.472447][T12990] CPU: 0 PID: 12990 Comm: syz-executor.1 Not tainted 5.5.0-rc6-syzkaller #0 [ 341.481168][T12990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.491356][T12990] Call Trace: [ 341.494676][T12990] dump_stack+0x197/0x210 [ 341.499043][T12990] should_fail.cold+0xa/0x15 [ 341.503797][T12990] ? fault_create_debugfs_attr+0x180/0x180 [ 341.509632][T12990] ? ___might_sleep+0x163/0x2c0 [ 341.514498][T12990] __should_failslab+0x121/0x190 [ 341.519691][T12990] should_failslab+0x9/0x14 [ 341.524264][T12990] __kmalloc+0x2e0/0x770 [ 341.528558][T12990] ? mutex_trylock+0x252/0x2d0 [ 341.533357][T12990] ? tty_write_lock+0x23/0x90 [ 341.538188][T12990] ? tty_write+0x58e/0x7f0 [ 341.542619][T12990] tty_write+0x58e/0x7f0 [ 341.546886][T12990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.553141][T12990] ? n_tty_read+0x1bf0/0x1bf0 [ 341.557835][T12990] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 341.563150][T12990] __vfs_write+0x8a/0x110 [ 341.567707][T12990] ? put_tty_driver+0x20/0x20 [ 341.572520][T12990] vfs_write+0x268/0x5d0 [ 341.576872][T12990] ksys_write+0x14f/0x290 [ 341.581216][T12990] ? __ia32_sys_read+0xb0/0xb0 [ 341.586005][T12990] ? do_syscall_64+0x26/0x790 [ 341.590697][T12990] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.596788][T12990] ? do_syscall_64+0x26/0x790 [ 341.601857][T12990] __x64_sys_write+0x73/0xb0 [ 341.606574][T12990] do_syscall_64+0xfa/0x790 [ 341.611104][T12990] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.617180][T12990] RIP: 0033:0x45aff9 [ 341.621086][T12990] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 341.640914][T12990] RSP: 002b:00007f612a1c2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.649352][T12990] RAX: ffffffffffffffda RBX: 00007f612a1c36d4 RCX: 000000000045aff9 [ 341.657862][T12990] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 14:12:03 executing program 5: mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:03 executing program 0 (fault-call:3 fault-nth:0): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:03 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:03 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:03 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) [ 341.665860][T12990] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 341.673847][T12990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 341.681837][T12990] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000000 14:12:03 executing program 1 (fault-call:5 fault-nth:1): socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 341.879965][T13009] FAULT_INJECTION: forcing a failure. [ 341.879965][T13009] name failslab, interval 1, probability 0, space 0, times 0 14:12:03 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 341.969240][T13009] CPU: 1 PID: 13009 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 341.977958][T13009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.988130][T13009] Call Trace: [ 341.991449][T13009] dump_stack+0x197/0x210 [ 341.995809][T13009] should_fail.cold+0xa/0x15 [ 342.000441][T13009] ? fault_create_debugfs_attr+0x180/0x180 [ 342.006278][T13009] ? ___might_sleep+0x163/0x2c0 [ 342.011176][T13009] __should_failslab+0x121/0x190 [ 342.016146][T13009] should_failslab+0x9/0x14 [ 342.020678][T13009] __kmalloc+0x2e0/0x770 [ 342.024950][T13009] ? mutex_trylock+0x252/0x2d0 [ 342.029742][T13009] ? tty_write_lock+0x23/0x90 [ 342.034451][T13009] ? tty_write+0x58e/0x7f0 [ 342.037638][T13016] FAULT_INJECTION: forcing a failure. [ 342.037638][T13016] name failslab, interval 1, probability 0, space 0, times 0 [ 342.038881][T13009] tty_write+0x58e/0x7f0 [ 342.038898][T13009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.038909][T13009] ? n_tty_read+0x1bf0/0x1bf0 [ 342.038920][T13009] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 342.038931][T13009] __vfs_write+0x8a/0x110 [ 342.038942][T13009] ? put_tty_driver+0x20/0x20 [ 342.038953][T13009] vfs_write+0x268/0x5d0 [ 342.038965][T13009] ksys_write+0x14f/0x290 [ 342.038976][T13009] ? __ia32_sys_read+0xb0/0xb0 [ 342.038989][T13009] ? do_syscall_64+0x26/0x790 [ 342.039000][T13009] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.039011][T13009] ? do_syscall_64+0x26/0x790 [ 342.039023][T13009] __x64_sys_write+0x73/0xb0 [ 342.039036][T13009] do_syscall_64+0xfa/0x790 [ 342.039048][T13009] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.039057][T13009] RIP: 0033:0x45aff9 [ 342.039069][T13009] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.039075][T13009] RSP: 002b:00007f6a8258fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.039086][T13009] RAX: ffffffffffffffda RBX: 00007f6a825906d4 RCX: 000000000045aff9 [ 342.039092][T13009] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000004 [ 342.039098][T13009] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 342.039109][T13009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 342.039116][T13009] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000000 [ 342.199343][T13016] CPU: 0 PID: 13016 Comm: syz-executor.1 Not tainted 5.5.0-rc6-syzkaller #0 [ 342.208018][T13016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.218079][T13016] Call Trace: [ 342.221388][T13016] dump_stack+0x197/0x210 [ 342.225729][T13016] should_fail.cold+0xa/0x15 [ 342.230363][T13016] ? fault_create_debugfs_attr+0x180/0x180 [ 342.236399][T13016] ? __kasan_check_read+0x11/0x20 [ 342.241473][T13016] __should_failslab+0x121/0x190 [ 342.246436][T13016] should_failslab+0x9/0x14 [ 342.250950][T13016] __kmalloc+0x71/0x770 [ 342.255130][T13016] ? mark_held_locks+0xf0/0xf0 [ 342.259908][T13016] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 342.265727][T13016] __tty_buffer_request_room+0x1fb/0x5c0 [ 342.271417][T13016] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 342.277691][T13016] pty_write+0x133/0x200 [ 342.281950][T13016] n_tty_write+0xb1d/0x1080 [ 342.286467][T13016] ? lock_downgrade+0x920/0x920 [ 342.291330][T13016] ? n_tty_read+0x1bf0/0x1bf0 [ 342.296012][T13016] ? prepare_to_wait_exclusive+0x320/0x320 [ 342.301829][T13016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 342.308173][T13016] ? _copy_from_user+0x12c/0x1a0 [ 342.313124][T13016] tty_write+0x496/0x7f0 [ 342.317405][T13016] ? n_tty_read+0x1bf0/0x1bf0 [ 342.322102][T13016] __vfs_write+0x8a/0x110 [ 342.326632][T13016] ? put_tty_driver+0x20/0x20 [ 342.331317][T13016] vfs_write+0x268/0x5d0 [ 342.335574][T13016] ksys_write+0x14f/0x290 [ 342.340043][T13016] ? __ia32_sys_read+0xb0/0xb0 [ 342.344831][T13016] ? do_syscall_64+0x26/0x790 [ 342.349569][T13016] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.356034][T13016] ? do_syscall_64+0x26/0x790 [ 342.360731][T13016] __x64_sys_write+0x73/0xb0 [ 342.365343][T13016] do_syscall_64+0xfa/0x790 [ 342.369863][T13016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.375762][T13016] RIP: 0033:0x45aff9 [ 342.379665][T13016] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.399377][T13016] RSP: 002b:00007f612a1c2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.407803][T13016] RAX: ffffffffffffffda RBX: 00007f612a1c36d4 RCX: 000000000045aff9 [ 342.416071][T13016] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 342.424080][T13016] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 342.432175][T13016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 342.440279][T13016] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000001 [ 342.448277][ C0] [ 342.448284][ C0] ====================================================== [ 342.448290][ C0] WARNING: possible circular locking dependency detected [ 342.448295][ C0] 5.5.0-rc6-syzkaller #0 Not tainted [ 342.448300][ C0] ------------------------------------------------------ [ 342.448306][ C0] syz-executor.1/13016 is trying to acquire lock: [ 342.448309][ C0] ffffffff899992a0 (console_owner){-.-.}, at: vprintk_emit+0x3fd/0x700 [ 342.448323][ C0] [ 342.448328][ C0] but task is already holding lock: [ 342.448331][ C0] ffff88809efc8940 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 [ 342.448344][ C0] [ 342.448350][ C0] which lock already depends on the new lock. [ 342.448352][ C0] 14:12:04 executing program 0 (fault-call:3 fault-nth:1): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:04 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:04 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) [ 342.448354][ C0] [ 342.448359][ C0] the existing dependency chain (in reverse order) is: [ 342.448361][ C0] [ 342.448364][ C0] -> #2 (&(&port->lock)->rlock){-.-.}: [ 342.448379][ C0] _raw_spin_lock_irqsave+0x95/0xcd [ 342.448383][ C0] tty_port_tty_get+0x24/0x100 [ 342.448388][ C0] tty_port_default_wakeup+0x16/0x40 [ 342.448393][ C0] tty_port_tty_wakeup+0x57/0x70 [ 342.448397][ C0] uart_write_wakeup+0x46/0x70 [ 342.448400][ C0] serial8250_tx_chars+0x495/0xaf0 [ 342.448406][ C0] serial8250_handle_irq.part.0+0x261/0x2b0 [ 342.448411][ C0] serial8250_default_handle_irq+0xc0/0x150 [ 342.448416][ C0] serial8250_interrupt+0xf1/0x1a0 [ 342.448420][ C0] __handle_irq_event_percpu+0x15d/0x970 [ 342.448424][ C0] handle_irq_event_percpu+0x74/0x160 [ 342.448428][ C0] handle_irq_event+0xa7/0x134 [ 342.448433][ C0] handle_edge_irq+0x25e/0x8d0 [ 342.448436][ C0] do_IRQ+0xde/0x280 [ 342.448440][ C0] ret_from_intr+0x0/0x36 [ 342.448443][ C0] native_safe_halt+0xe/0x10 [ 342.448448][ C0] arch_cpu_idle+0xa/0x10 [ 342.448451][ C0] default_idle_call+0x84/0xb0 [ 342.448455][ C0] do_idle+0x3c8/0x6e0 [ 342.448458][ C0] cpu_startup_entry+0x1b/0x20 [ 342.448461][ C0] start_secondary+0x2f4/0x410 [ 342.448465][ C0] secondary_startup_64+0xa4/0xb0 [ 342.448467][ C0] [ 342.448469][ C0] -> #1 (&port_lock_key){-.-.}: [ 342.448483][ C0] _raw_spin_lock_irqsave+0x95/0xcd [ 342.448488][ C0] serial8250_console_write+0x253/0x9a0 [ 342.448492][ C0] univ8250_console_write+0x5f/0x70 [ 342.448496][ C0] console_unlock+0xb7a/0xf00 [ 342.448499][ C0] vprintk_emit+0x2a0/0x700 [ 342.448503][ C0] vprintk_default+0x28/0x30 [ 342.448506][ C0] vprintk_func+0x7e/0x189 [ 342.448510][ C0] printk+0xba/0xed [ 342.448514][ C0] register_console+0x745/0xb50 [ 342.448517][ C0] univ8250_console_init+0x3e/0x4b [ 342.448521][ C0] console_init+0x461/0x67b [ 342.448524][ C0] start_kernel+0x653/0x943 [ 342.448567][ C0] x86_64_start_reservations+0x29/0x2b [ 342.448571][ C0] x86_64_start_kernel+0x77/0x7b [ 342.448575][ C0] secondary_startup_64+0xa4/0xb0 [ 342.448577][ C0] [ 342.448579][ C0] -> #0 (console_owner){-.-.}: [ 342.448593][ C0] __lock_acquire+0x2596/0x4a00 [ 342.448597][ C0] lock_acquire+0x190/0x410 [ 342.448601][ C0] vprintk_emit+0x43a/0x700 [ 342.448604][ C0] vprintk_default+0x28/0x30 [ 342.448608][ C0] vprintk_func+0x7e/0x189 [ 342.448612][ C0] printk+0xba/0xed [ 342.448616][ C0] should_fail+0x708/0x852 [ 342.448620][ C0] __should_failslab+0x121/0x190 [ 342.448624][ C0] should_failslab+0x9/0x14 [ 342.448627][ C0] __kmalloc+0x71/0x770 [ 342.448633][ C0] __tty_buffer_request_room+0x1fb/0x5c0 [ 342.448638][ C0] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 342.448641][ C0] pty_write+0x133/0x200 [ 342.448645][ C0] n_tty_write+0xb1d/0x1080 [ 342.448649][ C0] tty_write+0x496/0x7f0 [ 342.448653][ C0] __vfs_write+0x8a/0x110 [ 342.448657][ C0] vfs_write+0x268/0x5d0 [ 342.448661][ C0] ksys_write+0x14f/0x290 [ 342.448665][ C0] __x64_sys_write+0x73/0xb0 [ 342.448669][ C0] do_syscall_64+0xfa/0x790 [ 342.448673][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.448675][ C0] [ 342.448679][ C0] other info that might help us debug this: [ 342.448681][ C0] [ 342.448684][ C0] Chain exists of: [ 342.448686][ C0] console_owner --> &port_lock_key --> &(&port->lock)->rlock [ 342.448703][ C0] [ 342.448708][ C0] Possible unsafe locking scenario: [ 342.448710][ C0] [ 342.448714][ C0] CPU0 CPU1 [ 342.448719][ C0] ---- ---- [ 342.448721][ C0] lock(&(&port->lock)->rlock); [ 342.448731][ C0] lock(&port_lock_key); [ 342.448741][ C0] lock(&(&port->lock)->rlock); [ 342.448749][ C0] lock(console_owner); [ 342.448757][ C0] [ 342.448760][ C0] *** DEADLOCK *** [ 342.448762][ C0] [ 342.448767][ C0] 5 locks held by syz-executor.1/13016: [ 342.448769][ C0] #0: ffff88808e73a090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 342.448787][ C0] #1: ffff88808e73a118 (&tty->atomic_write_lock){+.+.}, at: tty_write_lock+0x23/0x90 [ 342.448805][ C0] #2: ffff88808e73a2a0 (&tty->termios_rwsem){++++}, at: n_tty_write+0x1b5/0x1080 [ 342.448823][ C0] #3: ffffc90016bc3360 (&ldata->output_lock){+.+.}, at: n_tty_write+0xadd/0x1080 [ 342.448840][ C0] #4: ffff88809efc8940 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 [ 342.448858][ C0] [ 342.448861][ C0] stack backtrace: [ 342.448868][ C0] CPU: 0 PID: 13016 Comm: syz-executor.1 Not tainted 5.5.0-rc6-syzkaller #0 [ 342.448875][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.448878][ C0] Call Trace: [ 342.448882][ C0] dump_stack+0x197/0x210 [ 342.448886][ C0] print_circular_bug.isra.0.cold+0x163/0x172 [ 342.448891][ C0] check_noncircular+0x32e/0x3e0 [ 342.448896][ C0] ? print_circular_bug.isra.0+0x230/0x230 [ 342.448900][ C0] ? print_circular_bug.isra.0+0x230/0x230 [ 342.448904][ C0] ? alloc_list_entry+0xc0/0xc0 [ 342.448909][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 342.448913][ C0] ? find_first_zero_bit+0x9a/0xc0 [ 342.448918][ C0] __lock_acquire+0x2596/0x4a00 [ 342.448922][ C0] ? mark_held_locks+0xf0/0xf0 [ 342.448925][ C0] lock_acquire+0x190/0x410 [ 342.448929][ C0] ? vprintk_emit+0x3fd/0x700 [ 342.448933][ C0] vprintk_emit+0x43a/0x700 [ 342.448937][ C0] ? vprintk_emit+0x3fd/0x700 [ 342.448941][ C0] vprintk_default+0x28/0x30 [ 342.448945][ C0] vprintk_func+0x7e/0x189 [ 342.448949][ C0] printk+0xba/0xed [ 342.448953][ C0] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 342.448958][ C0] ? __lock_acquire+0x16f2/0x4a00 [ 342.448962][ C0] ? kernel_text_address+0x73/0xf0 [ 342.448967][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.448971][ C0] ? ___ratelimit+0x60/0x595 [ 342.448975][ C0] should_fail+0x708/0x852 [ 342.448980][ C0] ? fault_create_debugfs_attr+0x180/0x180 [ 342.448984][ C0] ? __kasan_check_read+0x11/0x20 [ 342.448988][ C0] __should_failslab+0x121/0x190 [ 342.448991][ C0] should_failslab+0x9/0x14 [ 342.448995][ C0] __kmalloc+0x71/0x770 [ 342.448999][ C0] ? mark_held_locks+0xf0/0xf0 [ 342.449004][ C0] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 342.449009][ C0] __tty_buffer_request_room+0x1fb/0x5c0 [ 342.449014][ C0] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 342.449017][ C0] pty_write+0x133/0x200 [ 342.449021][ C0] n_tty_write+0xb1d/0x1080 [ 342.449024][ C0] ? lock_downgrade+0x920/0x920 [ 342.449028][ C0] ? n_tty_read+0x1bf0/0x1bf0 [ 342.449032][ C0] ? prepare_to_wait_exclusive+0x320/0x320 [ 342.449037][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 342.449041][ C0] ? _copy_from_user+0x12c/0x1a0 [ 342.449044][ C0] tty_write+0x496/0x7f0 [ 342.449047][ C0] ? n_tty_read+0x1bf0/0x1bf0 [ 342.449051][ C0] __vfs_write+0x8a/0x110 [ 342.449055][ C0] ? put_tty_driver+0x20/0x20 [ 342.449058][ C0] vfs_write+0x268/0x5d0 [ 342.449062][ C0] ksys_write+0x14f/0x290 [ 342.449066][ C0] ? __ia32_sys_read+0xb0/0xb0 [ 342.449070][ C0] ? do_syscall_64+0x26/0x790 [ 342.449075][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.449079][ C0] ? do_syscall_64+0x26/0x790 [ 342.449082][ C0] __x64_sys_write+0x73/0xb0 [ 342.449086][ C0] do_syscall_64+0xfa/0x790 [ 342.449091][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.449095][ C0] RIP: 0033:0x45aff9 [ 342.449109][ C0] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.449114][ C0] RSP: 002b:00007f612a1c2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.449125][ C0] RAX: ffffffffffffffda RBX: 00007f612a1c36d4 RCX: 000000000045aff9 [ 342.449131][ C0] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 342.449137][ C0] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 342.449144][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 342.449150][ C0] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000001 [ 342.521629][T13036] FAULT_INJECTION: forcing a failure. [ 342.521629][T13036] name failslab, interval 1, probability 0, space 0, times 0 [ 343.363823][T13036] CPU: 1 PID: 13036 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 343.372516][T13036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.382569][T13036] Call Trace: [ 343.385855][T13036] dump_stack+0x197/0x210 [ 343.390169][T13036] should_fail.cold+0xa/0x15 [ 343.394743][T13036] ? fault_create_debugfs_attr+0x180/0x180 [ 343.400581][T13036] ? lock_acquire+0x190/0x410 [ 343.406046][T13036] __should_failslab+0x121/0x190 [ 343.411024][T13036] should_failslab+0x9/0x14 [ 343.415536][T13036] __kmalloc+0x71/0x770 [ 343.419696][T13036] ? __mutex_lock+0x458/0x13c0 [ 343.424465][T13036] ? mark_held_locks+0xf0/0xf0 [ 343.429240][T13036] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 343.435045][T13036] __tty_buffer_request_room+0x1fb/0x5c0 [ 343.440874][T13036] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 343.447120][T13036] pty_write+0x133/0x200 [ 343.451392][T13036] n_tty_write+0xb1d/0x1080 [ 343.455891][T13036] ? lock_downgrade+0x920/0x920 [ 343.460747][T13036] ? n_tty_read+0x1bf0/0x1bf0 [ 343.465436][T13036] ? prepare_to_wait_exclusive+0x320/0x320 [ 343.471991][T13036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 343.478259][T13036] ? _copy_from_user+0x12c/0x1a0 [ 343.483233][T13036] tty_write+0x496/0x7f0 [ 343.487488][T13036] ? n_tty_read+0x1bf0/0x1bf0 [ 343.492168][T13036] __vfs_write+0x8a/0x110 [ 343.496490][T13036] ? put_tty_driver+0x20/0x20 [ 343.501163][T13036] vfs_write+0x268/0x5d0 [ 343.505393][T13036] ksys_write+0x14f/0x290 [ 343.509735][T13036] ? __ia32_sys_read+0xb0/0xb0 [ 343.514503][T13036] ? switch_fpu_return+0x1f9/0x4f0 [ 343.519623][T13036] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 343.525710][T13036] __x64_sys_write+0x73/0xb0 [ 343.530311][T13036] do_syscall_64+0xfa/0x790 [ 343.534958][T13036] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.540850][T13036] RIP: 0033:0x45aff9 [ 343.544735][T13036] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 343.564606][T13036] RSP: 002b:00007f6a8258fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 14:12:05 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:05 executing program 1 (fault-call:5 fault-nth:2): socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:05 executing program 5: mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) [ 343.573031][T13036] RAX: ffffffffffffffda RBX: 00007f6a825906d4 RCX: 000000000045aff9 [ 343.580994][T13036] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000004 [ 343.589066][T13036] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 343.597048][T13036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 343.605032][T13036] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000001 14:12:05 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 343.759419][T13051] FAULT_INJECTION: forcing a failure. [ 343.759419][T13051] name failslab, interval 1, probability 0, space 0, times 0 [ 343.772173][T13051] CPU: 1 PID: 13051 Comm: syz-executor.1 Not tainted 5.5.0-rc6-syzkaller #0 [ 343.780872][T13051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.790931][T13051] Call Trace: [ 343.794241][T13051] dump_stack+0x197/0x210 [ 343.798706][T13051] should_fail.cold+0xa/0x15 [ 343.803316][T13051] ? fault_create_debugfs_attr+0x180/0x180 [ 343.809147][T13051] ? lock_acquire+0x190/0x410 [ 343.813852][T13051] __should_failslab+0x121/0x190 [ 343.819474][T13051] should_failslab+0x9/0x14 [ 343.823996][T13051] __kmalloc+0x71/0x770 [ 343.828164][T13051] ? __mutex_lock+0x458/0x13c0 [ 343.832939][T13051] ? mark_held_locks+0xf0/0xf0 [ 343.838415][T13051] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 343.844230][T13051] __tty_buffer_request_room+0x1fb/0x5c0 [ 343.850024][T13051] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 343.856488][T13051] pty_write+0x133/0x200 [ 343.860745][T13051] n_tty_write+0xb1d/0x1080 [ 343.865260][T13051] ? lock_downgrade+0x920/0x920 [ 343.870292][T13051] ? n_tty_read+0x1bf0/0x1bf0 [ 343.874994][T13051] ? prepare_to_wait_exclusive+0x320/0x320 [ 343.880816][T13051] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 343.887067][T13051] ? _copy_from_user+0x12c/0x1a0 [ 343.892008][T13051] tty_write+0x496/0x7f0 [ 343.896284][T13051] ? n_tty_read+0x1bf0/0x1bf0 [ 343.900972][T13051] __vfs_write+0x8a/0x110 [ 343.905313][T13051] ? put_tty_driver+0x20/0x20 [ 343.910001][T13051] vfs_write+0x268/0x5d0 [ 343.914441][T13051] ksys_write+0x14f/0x290 [ 343.918781][T13051] ? __ia32_sys_read+0xb0/0xb0 [ 343.923556][T13051] ? switch_fpu_return+0x1f9/0x4f0 [ 343.928861][T13051] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 343.934948][T13051] __x64_sys_write+0x73/0xb0 [ 343.939552][T13051] do_syscall_64+0xfa/0x790 [ 343.944280][T13051] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.950180][T13051] RIP: 0033:0x45aff9 [ 343.954080][T13051] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 343.973811][T13051] RSP: 002b:00007f612a1c2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 343.982234][T13051] RAX: ffffffffffffffda RBX: 00007f612a1c36d4 RCX: 000000000045aff9 [ 343.990214][T13051] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 343.998189][T13051] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 14:12:05 executing program 5: mlockall(0x3) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:05 executing program 0 (fault-call:3 fault-nth:2): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 344.006212][T13051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 344.014186][T13051] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000002 14:12:06 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:06 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:06 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 344.248158][T13066] FAULT_INJECTION: forcing a failure. [ 344.248158][T13066] name failslab, interval 1, probability 0, space 0, times 0 [ 344.261052][T13066] CPU: 1 PID: 13066 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 344.269737][T13066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.279802][T13066] Call Trace: [ 344.283113][T13066] dump_stack+0x197/0x210 [ 344.287460][T13066] should_fail.cold+0xa/0x15 [ 344.292174][T13066] ? fault_create_debugfs_attr+0x180/0x180 [ 344.298008][T13066] ? lock_acquire+0x190/0x410 [ 344.302734][T13066] __should_failslab+0x121/0x190 [ 344.307694][T13066] should_failslab+0x9/0x14 [ 344.312222][T13066] __kmalloc+0x71/0x770 [ 344.316403][T13066] ? __mutex_lock+0x458/0x13c0 [ 344.321188][T13066] ? mark_held_locks+0xf0/0xf0 [ 344.325968][T13066] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 344.331789][T13066] __tty_buffer_request_room+0x1fb/0x5c0 [ 344.337447][T13066] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 344.343712][T13066] pty_write+0x133/0x200 [ 344.347979][T13066] n_tty_write+0xb1d/0x1080 [ 344.352498][T13066] ? lock_downgrade+0x920/0x920 [ 344.357473][T13066] ? n_tty_read+0x1bf0/0x1bf0 [ 344.362189][T13066] ? prepare_to_wait_exclusive+0x320/0x320 [ 344.368020][T13066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.374279][T13066] ? _copy_from_user+0x12c/0x1a0 [ 344.379238][T13066] tty_write+0x496/0x7f0 [ 344.383505][T13066] ? n_tty_read+0x1bf0/0x1bf0 [ 344.388327][T13066] __vfs_write+0x8a/0x110 [ 344.392671][T13066] ? put_tty_driver+0x20/0x20 14:12:06 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 344.397368][T13066] vfs_write+0x268/0x5d0 [ 344.401680][T13066] ksys_write+0x14f/0x290 [ 344.406024][T13066] ? __ia32_sys_read+0xb0/0xb0 [ 344.410811][T13066] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 344.416996][T13066] __x64_sys_write+0x73/0xb0 [ 344.421628][T13066] do_syscall_64+0xfa/0x790 [ 344.426145][T13066] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.432152][T13066] RIP: 0033:0x45aff9 [ 344.436058][T13066] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 344.455780][T13066] RSP: 002b:00007f6a825d1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 344.464203][T13066] RAX: ffffffffffffffda RBX: 00007f6a825d26d4 RCX: 000000000045aff9 [ 344.472183][T13066] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 344.480164][T13066] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 344.488141][T13066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 344.496122][T13066] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000002 14:12:06 executing program 1 (fault-call:5 fault-nth:3): socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:06 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:06 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:06 executing program 0 (fault-call:3 fault-nth:3): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 344.819550][T13105] FAULT_INJECTION: forcing a failure. [ 344.819550][T13105] name failslab, interval 1, probability 0, space 0, times 0 [ 344.832207][T13105] CPU: 0 PID: 13105 Comm: syz-executor.1 Not tainted 5.5.0-rc6-syzkaller #0 [ 344.840880][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.850941][T13105] Call Trace: [ 344.854343][T13105] dump_stack+0x197/0x210 [ 344.858691][T13105] should_fail.cold+0xa/0x15 [ 344.863295][T13105] ? trace_hardirqs_on+0x67/0x240 [ 344.868778][T13105] ? fault_create_debugfs_attr+0x180/0x180 [ 344.874685][T13105] ? lock_acquire+0x190/0x410 [ 344.879378][T13105] __should_failslab+0x121/0x190 [ 344.884350][T13105] should_failslab+0x9/0x14 [ 344.888916][T13105] __kmalloc+0x71/0x770 [ 344.893086][T13105] ? __mutex_lock+0x458/0x13c0 [ 344.894951][T13113] FAULT_INJECTION: forcing a failure. [ 344.894951][T13113] name failslab, interval 1, probability 0, space 0, times 0 [ 344.897872][T13105] ? mark_held_locks+0xf0/0xf0 [ 344.915271][T13105] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 344.921174][T13105] __tty_buffer_request_room+0x1fb/0x5c0 [ 344.926909][T13105] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 344.933246][T13105] pty_write+0x133/0x200 [ 344.937498][T13105] n_tty_write+0xb1d/0x1080 [ 344.941994][T13105] ? lock_downgrade+0x920/0x920 [ 344.946844][T13105] ? n_tty_read+0x1bf0/0x1bf0 [ 344.951535][T13105] ? prepare_to_wait_exclusive+0x320/0x320 [ 344.957360][T13105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.963594][T13105] ? _copy_from_user+0x12c/0x1a0 [ 344.968609][T13105] tty_write+0x496/0x7f0 [ 344.972845][T13105] ? n_tty_read+0x1bf0/0x1bf0 [ 344.977508][T13105] __vfs_write+0x8a/0x110 [ 344.981835][T13105] ? put_tty_driver+0x20/0x20 [ 344.986496][T13105] vfs_write+0x268/0x5d0 [ 344.990737][T13105] ksys_write+0x14f/0x290 [ 344.995399][T13105] ? __ia32_sys_read+0xb0/0xb0 [ 345.000161][T13105] ? switch_fpu_return+0x1f9/0x4f0 [ 345.005277][T13105] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.011338][T13105] __x64_sys_write+0x73/0xb0 [ 345.015934][T13105] do_syscall_64+0xfa/0x790 [ 345.020449][T13105] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.026338][T13105] RIP: 0033:0x45aff9 [ 345.030221][T13105] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.049810][T13105] RSP: 002b:00007f612a1c2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.058208][T13105] RAX: ffffffffffffffda RBX: 00007f612a1c36d4 RCX: 000000000045aff9 14:12:06 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 345.066159][T13105] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 345.074112][T13105] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 345.082069][T13105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 345.090021][T13105] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000003 [ 345.097994][T13113] CPU: 1 PID: 13113 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 345.106681][T13113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.117173][T13113] Call Trace: 14:12:06 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, 0x0, 0x0) [ 345.120477][T13113] dump_stack+0x197/0x210 [ 345.125191][T13113] should_fail.cold+0xa/0x15 [ 345.129801][T13113] ? trace_hardirqs_on+0x67/0x240 [ 345.134863][T13113] ? fault_create_debugfs_attr+0x180/0x180 [ 345.140685][T13113] ? lock_acquire+0x190/0x410 [ 345.145374][T13113] __should_failslab+0x121/0x190 [ 345.150330][T13113] should_failslab+0x9/0x14 [ 345.154848][T13113] __kmalloc+0x71/0x770 [ 345.159017][T13113] ? __mutex_lock+0x458/0x13c0 [ 345.163798][T13113] ? mark_held_locks+0xf0/0xf0 [ 345.168661][T13113] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 345.174480][T13113] __tty_buffer_request_room+0x1fb/0x5c0 [ 345.180127][T13113] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 345.186382][T13113] pty_write+0x133/0x200 [ 345.190646][T13113] n_tty_write+0xb1d/0x1080 [ 345.195180][T13113] ? lock_downgrade+0x920/0x920 [ 345.200823][T13113] ? n_tty_read+0x1bf0/0x1bf0 [ 345.205506][T13113] ? prepare_to_wait_exclusive+0x320/0x320 [ 345.211402][T13113] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 345.217648][T13113] ? _copy_from_user+0x12c/0x1a0 [ 345.222593][T13113] tty_write+0x496/0x7f0 [ 345.226938][T13113] ? n_tty_read+0x1bf0/0x1bf0 [ 345.231719][T13113] __vfs_write+0x8a/0x110 [ 345.236183][T13113] ? put_tty_driver+0x20/0x20 [ 345.240864][T13113] vfs_write+0x268/0x5d0 [ 345.245108][T13113] ksys_write+0x14f/0x290 [ 345.249444][T13113] ? __ia32_sys_read+0xb0/0xb0 [ 345.254230][T13113] ? switch_fpu_return+0x1f9/0x4f0 [ 345.259354][T13113] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.265435][T13113] __x64_sys_write+0x73/0xb0 [ 345.270044][T13113] do_syscall_64+0xfa/0x790 [ 345.274569][T13113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.280479][T13113] RIP: 0033:0x45aff9 [ 345.284385][T13113] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.303995][T13113] RSP: 002b:00007f6a8258fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.312542][T13113] RAX: ffffffffffffffda RBX: 00007f6a825906d4 RCX: 000000000045aff9 [ 345.320521][T13113] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000004 [ 345.328502][T13113] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 345.336504][T13113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 345.344489][T13113] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000003 14:12:07 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:07 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, 0x0, 0x0) 14:12:07 executing program 0 (fault-call:3 fault-nth:4): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:07 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:07 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:07 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:07 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:07 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe02) [ 345.712030][T13131] FAULT_INJECTION: forcing a failure. [ 345.712030][T13131] name failslab, interval 1, probability 0, space 0, times 0 [ 345.724784][T13131] CPU: 1 PID: 13131 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 345.733726][T13131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.743902][T13131] Call Trace: [ 345.747212][T13131] dump_stack+0x197/0x210 [ 345.751560][T13131] should_fail.cold+0xa/0x15 [ 345.756375][T13131] ? fault_create_debugfs_attr+0x180/0x180 [ 345.762193][T13131] ? lock_acquire+0x190/0x410 [ 345.767017][T13131] __should_failslab+0x121/0x190 [ 345.772239][T13131] should_failslab+0x9/0x14 [ 345.776865][T13131] __kmalloc+0x71/0x770 [ 345.781037][T13131] ? __mutex_lock+0x458/0x13c0 [ 345.785804][T13131] ? mark_held_locks+0xf0/0xf0 [ 345.790571][T13131] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 345.796395][T13131] __tty_buffer_request_room+0x1fb/0x5c0 [ 345.802050][T13131] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 345.808432][T13131] pty_write+0x133/0x200 [ 345.812738][T13131] n_tty_write+0xb1d/0x1080 [ 345.817269][T13131] ? lock_downgrade+0x920/0x920 [ 345.822148][T13131] ? n_tty_read+0x1bf0/0x1bf0 [ 345.826834][T13131] ? prepare_to_wait_exclusive+0x320/0x320 [ 345.832757][T13131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 345.839012][T13131] ? _copy_from_user+0x12c/0x1a0 [ 345.843985][T13131] tty_write+0x496/0x7f0 [ 345.848257][T13131] ? n_tty_read+0x1bf0/0x1bf0 [ 345.852955][T13131] __vfs_write+0x8a/0x110 [ 345.857297][T13131] ? put_tty_driver+0x20/0x20 14:12:07 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, 0x0, 0x0) [ 345.861993][T13131] vfs_write+0x268/0x5d0 [ 345.866244][T13131] ksys_write+0x14f/0x290 [ 345.870580][T13131] ? __ia32_sys_read+0xb0/0xb0 [ 345.875448][T13131] ? switch_fpu_return+0x1f9/0x4f0 [ 345.883443][T13131] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.889537][T13131] __x64_sys_write+0x73/0xb0 [ 345.894148][T13131] do_syscall_64+0xfa/0x790 [ 345.898685][T13131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.904584][T13131] RIP: 0033:0x45aff9 [ 345.908494][T13131] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.928105][T13131] RSP: 002b:00007f6a825d1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.936543][T13131] RAX: ffffffffffffffda RBX: 00007f6a825d26d4 RCX: 000000000045aff9 [ 345.944521][T13131] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000004 [ 345.952505][T13131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 14:12:07 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 345.960488][T13131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 345.969079][T13131] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000004 14:12:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040), 0x0) 14:12:08 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0x11ffffe40) 14:12:08 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040), 0x0) 14:12:08 executing program 0 (fault-call:3 fault-nth:5): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) [ 346.737347][T13196] FAULT_INJECTION: forcing a failure. [ 346.737347][T13196] name failslab, interval 1, probability 0, space 0, times 0 [ 346.750067][T13196] CPU: 0 PID: 13196 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 346.759092][T13196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.769154][T13196] Call Trace: [ 346.772463][T13196] dump_stack+0x197/0x210 [ 346.776804][T13196] should_fail.cold+0xa/0x15 [ 346.781424][T13196] ? fault_create_debugfs_attr+0x180/0x180 [ 346.787247][T13196] ? lock_acquire+0x190/0x410 [ 346.792042][T13196] __should_failslab+0x121/0x190 [ 346.797010][T13196] should_failslab+0x9/0x14 [ 346.801534][T13196] __kmalloc+0x71/0x770 [ 346.805712][T13196] ? __mutex_lock+0x458/0x13c0 [ 346.810487][T13196] ? mark_held_locks+0xf0/0xf0 [ 346.815261][T13196] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 346.821089][T13196] __tty_buffer_request_room+0x1fb/0x5c0 [ 346.826742][T13196] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 346.832995][T13196] pty_write+0x133/0x200 [ 346.837252][T13196] n_tty_write+0xb1d/0x1080 [ 346.841785][T13196] ? lock_downgrade+0x920/0x920 [ 346.846661][T13196] ? n_tty_read+0x1bf0/0x1bf0 [ 346.851354][T13196] ? prepare_to_wait_exclusive+0x320/0x320 [ 346.857175][T13196] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 346.863427][T13196] ? _copy_from_user+0x12c/0x1a0 [ 346.868378][T13196] tty_write+0x496/0x7f0 [ 346.872977][T13196] ? n_tty_read+0x1bf0/0x1bf0 [ 346.877746][T13196] __vfs_write+0x8a/0x110 [ 346.882099][T13196] ? put_tty_driver+0x20/0x20 [ 346.886915][T13196] vfs_write+0x268/0x5d0 [ 346.891175][T13196] ksys_write+0x14f/0x290 [ 346.895535][T13196] ? __ia32_sys_read+0xb0/0xb0 [ 346.900308][T13196] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 346.906509][T13196] __x64_sys_write+0x73/0xb0 [ 346.911117][T13196] do_syscall_64+0xfa/0x790 [ 346.915634][T13196] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.921534][T13196] RIP: 0033:0x45aff9 [ 346.925443][T13196] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 346.945152][T13196] RSP: 002b:00007f6a825d1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 346.953589][T13196] RAX: ffffffffffffffda RBX: 00007f6a825d26d4 RCX: 000000000045aff9 [ 346.961569][T13196] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 346.969548][T13196] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 346.977529][T13196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:12:08 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:08 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:08 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:08 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x1f) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000001c0)=0xffffffffffffffff) connect$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) r3 = fcntl$dupfd(0xffffffffffffffff, 0x80c, r2) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r3, 0x40a85321, &(0x7f0000000080)={{0x3, 0x40}, 'port1\x00', 0x33, 0x22, 0x20, 0xac5, 0x7, 0x9952, 0x7, 0x0, 0x4, 0xee}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r4, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040), 0x0) [ 346.985623][T13196] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000005 14:12:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040), 0x0) 14:12:08 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:09 executing program 0 (fault-call:3 fault-nth:6): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:09 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:09 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) [ 347.476451][T13232] FAULT_INJECTION: forcing a failure. [ 347.476451][T13232] name failslab, interval 1, probability 0, space 0, times 0 [ 347.489082][T13232] CPU: 1 PID: 13232 Comm: syz-executor.0 Not tainted 5.5.0-rc6-syzkaller #0 [ 347.497774][T13232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.507836][T13232] Call Trace: [ 347.511165][T13232] dump_stack+0x197/0x210 [ 347.515513][T13232] should_fail.cold+0xa/0x15 [ 347.520245][T13232] ? fault_create_debugfs_attr+0x180/0x180 14:12:09 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 347.526075][T13232] ? lock_acquire+0x190/0x410 [ 347.531905][T13232] __should_failslab+0x121/0x190 [ 347.536957][T13232] should_failslab+0x9/0x14 [ 347.541483][T13232] __kmalloc+0x71/0x770 [ 347.546444][T13232] ? __mutex_lock+0x458/0x13c0 [ 347.551238][T13232] ? mark_held_locks+0xf0/0xf0 [ 347.556006][T13232] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 347.561828][T13232] __tty_buffer_request_room+0x1fb/0x5c0 [ 347.567470][T13232] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 347.573802][T13232] pty_write+0x133/0x200 [ 347.578169][T13232] n_tty_write+0xb1d/0x1080 [ 347.582691][T13232] ? lock_downgrade+0x920/0x920 [ 347.587729][T13232] ? n_tty_read+0x1bf0/0x1bf0 [ 347.592420][T13232] ? prepare_to_wait_exclusive+0x320/0x320 [ 347.598343][T13232] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.604590][T13232] ? _copy_from_user+0x12c/0x1a0 [ 347.609654][T13232] tty_write+0x496/0x7f0 [ 347.613932][T13232] ? n_tty_read+0x1bf0/0x1bf0 [ 347.618625][T13232] __vfs_write+0x8a/0x110 [ 347.622975][T13232] ? put_tty_driver+0x20/0x20 [ 347.627664][T13232] vfs_write+0x268/0x5d0 [ 347.631909][T13232] ksys_write+0x14f/0x290 [ 347.636251][T13232] ? __ia32_sys_read+0xb0/0xb0 [ 347.641021][T13232] ? switch_fpu_return+0x1f9/0x4f0 [ 347.646139][T13232] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 347.652221][T13232] __x64_sys_write+0x73/0xb0 [ 347.656822][T13232] do_syscall_64+0xfa/0x790 [ 347.661358][T13232] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.667252][T13232] RIP: 0033:0x45aff9 14:12:09 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) [ 347.671150][T13232] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 347.690889][T13232] RSP: 002b:00007f6a825d1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 347.699313][T13232] RAX: ffffffffffffffda RBX: 00007f6a825d26d4 RCX: 000000000045aff9 [ 347.707304][T13232] RDX: 00000000fffffe00 RSI: 0000000020000040 RDI: 0000000000000003 [ 347.715282][T13232] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 347.723389][T13232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 347.731488][T13232] R13: 0000000000000bd2 R14: 00000000004c857c R15: 0000000000000006 14:12:09 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:09 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, 0x4, 0x0, 0x40, &(0x7f0000ffb000/0x1000)=nil, 0xb8}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0xfbb, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000100)="59e95a6cf547293101d7b070a65285f6e6070c81", 0x14}, {&(0x7f0000000140)="8dd1152d38495e4b46839fdab8de460be1bbf11312da69b6a865b375449c7e335f210112ec197e1491a8aa024ff6d54ece82e7d7ed903db8e05ab749d1d42619dcecb0a636ffe69d2d06c841a4e44aa598e95ffcd362fd0be8adfb53e581d380b046bbe875", 0x65, 0x100000001}], 0x3100015, &(0x7f0000000340)=ANY=[@ANYBLOB="6465766966653d2e2f66696c65302c6e6f626172726965722c6e6f666c7573686f6e636f616d69742c73706163655f63616368653d76322c636f6d70726573732d666f7263653d7a7374642c6e6f64617461636f772c656e6f7370635f64656275672c73706163655f63616368652c6e745f6d82d0fe35c2cc303030303030303032302c6172642c636f6e746578743d757365725f752c61756469742c683c512d03df122a972c8822337adac30654bf651060635072538363ceda9b2cdf22cfb92b5d5861fb2fe2c0f941de28cbcd33f3a5dc4a83a2a2aa5265c1000000000000efb537e1f4ce937233ff171056b253ae951dca7b1093d91f558c7fb303a6a15e2e1abeb8a2f82c6ce8eb43de84a913aebcfafe67d5b6a800000000000000000000000000001000000000000046b39e16cb40647817437ac60bb0b97c882cfdf0ae4c1dc85af01af236293a04638afb8a86899fc4e05705765e9589743155db67ea5b57f5eb218e783dd1e692e71e8d08a1fd3ee80ce2263d7c7a9d8d389fb74ca65a6075768cd7f224b8f0f6c1d9d48b9eca7d9c1651328f291d160daaf846167fa2a67c7b04ceea0b3f8d000000000040cc56252b36ae52f3e64247b092524c656a4f4622f08de7519b2019691a2b16d5b9cce68fa9a839abbb3f24c4c25613da5bda5dbf300000000000000000"]) r0 = syz_open_dev$media(&(0x7f00000002c0)='/dev/media#\x00', 0x7, 0x210040) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x4e20, @local}, {0x2, 0x4e20, @empty}, {0x2, 0x4e24, @rand_addr=0x4}, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x8000, 0x2}) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000300)=0x6, 0x4) 14:12:10 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:10 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:10 executing program 0 (fault-call:3 fault-nth:7): socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:10 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, 0x0, 0x0) 14:12:10 executing program 1: socket$inet6(0xa, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9f04, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2ba93d529aa2a4dd, 0x0) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000140)={@remote}, &(0x7f0000000180)=0xc) ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f00000001c0)=0xffffffffffffffff) connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) fsetxattr(r1, &(0x7f0000000000)=@random={'trusted.', '/dev/ptmx\x00'}, &(0x7f0000000080)='/dev/ptmx\x00', 0xa, 0x1) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:10 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:10 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:12:10 executing program 0: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe00) 14:12:10 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:12:10 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:11 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:11 executing program 0: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0xfffffe02) 14:12:12 executing program 5: mlockall(0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:12 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:12:12 executing program 0: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040)="e0", 0x11ffffe40) 14:12:12 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:12:12 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e21, 0x100, @remote}, {0xa, 0x4e22, 0x7fff, @rand_addr="99f1d2740452a1c582f9bb8156275723", 0x2}, 0x203, [0x10001, 0x9, 0x800, 0x7ff, 0x6, 0x3ff, 0x117, 0x7fff]}, 0x5c) 14:12:12 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) 14:12:12 executing program 2: mlockall(0x3) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) read$usbmon(r0, &(0x7f0000000080)=""/75, 0x4b) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:12 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:12 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r0, &(0x7f0000000040), 0x0) [ 351.009895][T13390] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 351.076248][T13390] CPU: 0 PID: 13390 Comm: syz-executor.2 Not tainted 5.5.0-rc6-syzkaller #0 [ 351.085192][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.095250][T13390] Call Trace: [ 351.098559][T13390] dump_stack+0x197/0x210 [ 351.102903][T13390] dump_header+0x10b/0x82d [ 351.107332][T13390] oom_kill_process.cold+0x10/0x15 [ 351.112610][T13390] out_of_memory+0x334/0x13c0 [ 351.117765][T13390] ? rcu_read_unlock+0x16/0x60 [ 351.122542][T13390] ? __kasan_check_read+0x11/0x20 [ 351.127586][T13390] ? oom_killer_disable+0x280/0x280 [ 351.132810][T13390] mem_cgroup_out_of_memory+0x1d8/0x240 [ 351.138369][T13390] ? memcg_oom_wake_function+0x700/0x700 [ 351.144026][T13390] ? do_raw_spin_unlock+0x181/0x270 [ 351.149380][T13390] ? _raw_spin_unlock+0x28/0x40 [ 351.154243][T13390] try_charge+0xf76/0x14d0 [ 351.158691][T13390] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 351.164260][T13390] ? percpu_ref_tryget+0x102/0x230 [ 351.169409][T13390] ? get_mem_cgroup_from_mm+0x16/0x310 [ 351.174993][T13390] ? get_mem_cgroup_from_mm+0x151/0x310 [ 351.180578][T13390] mem_cgroup_try_charge+0x136/0x590 [ 351.185911][T13390] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 351.191569][T13390] __handle_mm_fault+0x1f61/0x3cc0 [ 351.196786][T13390] ? apply_to_existing_page_range+0x50/0x50 [ 351.202693][T13390] ? handle_mm_fault+0x292/0xa50 [ 351.207638][T13390] ? __kasan_check_read+0x11/0x20 [ 351.212679][T13390] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 351.218927][T13390] ? __this_cpu_preempt_check+0x35/0x190 [ 351.224574][T13390] ? trace_hardirqs_on+0x67/0x240 [ 351.229612][T13390] handle_mm_fault+0x3b2/0xa50 [ 351.234381][T13390] __get_user_pages+0x7b2/0x1ac0 [ 351.239327][T13390] ? mark_held_locks+0xf0/0xf0 [ 351.244105][T13390] ? follow_page_mask+0x1dd0/0x1dd0 [ 351.249307][T13390] ? __mm_populate+0x270/0x380 [ 351.254084][T13390] ? __kasan_check_write+0x14/0x20 [ 351.259193][T13390] ? down_read+0x109/0x430 [ 351.263637][T13390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.269891][T13390] populate_vma_page_range+0x20d/0x2a0 [ 351.275364][T13390] __mm_populate+0x204/0x380 [ 351.279964][T13390] ? populate_vma_page_range+0x2a0/0x2a0 [ 351.285599][T13390] ? __kasan_check_write+0x14/0x20 [ 351.290729][T13390] ? up_write+0x150/0x490 [ 351.295079][T13390] ? ns_capable_common+0x93/0x100 [ 351.300222][T13390] __x64_sys_mlockall+0x473/0x520 [ 351.305265][T13390] do_syscall_64+0xfa/0x790 [ 351.309781][T13390] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.315820][T13390] RIP: 0033:0x45aff9 [ 351.319724][T13390] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.339960][T13390] RSP: 002b:00007f4b93917c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 351.348505][T13390] RAX: ffffffffffffffda RBX: 00007f4b939186d4 RCX: 000000000045aff9 [ 351.356924][T13390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 351.364911][T13390] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 351.372889][T13390] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 351.380869][T13390] R13: 000000000000070f R14: 00000000004c846b R15: 000000000075bf2c [ 351.408950][T13390] memory: usage 307200kB, limit 307200kB, failcnt 58 [ 351.423804][T13390] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 351.612684][T13390] Memory cgroup stats for /syz2: [ 351.612805][T13390] anon 309055488 [ 351.612805][T13390] file 86016 [ 351.612805][T13390] kernel_stack 589824 [ 351.612805][T13390] slab 2035712 [ 351.612805][T13390] sock 0 [ 351.612805][T13390] shmem 0 [ 351.612805][T13390] file_mapped 0 [ 351.612805][T13390] file_dirty 0 [ 351.612805][T13390] file_writeback 0 [ 351.612805][T13390] anon_thp 274726912 [ 351.612805][T13390] inactive_anon 159956992 [ 351.612805][T13390] active_anon 135168 [ 351.612805][T13390] inactive_file 0 [ 351.612805][T13390] active_file 0 [ 351.612805][T13390] unevictable 149180416 [ 351.612805][T13390] slab_reclaimable 540672 [ 351.612805][T13390] slab_unreclaimable 1495040 [ 351.612805][T13390] pgfault 23397 [ 351.612805][T13390] pgmajfault 0 [ 351.612805][T13390] workingset_refault 0 [ 351.612805][T13390] workingset_activate 0 [ 351.612805][T13390] workingset_nodereclaim 0 [ 351.612805][T13390] pgrefill 0 [ 351.612805][T13390] pgscan 0 [ 351.612805][T13390] pgsteal 0 [ 351.612805][T13390] pgactivate 0 14:12:13 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) [ 351.848266][T13390] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13344,uid=0 [ 351.877522][T13390] Memory cgroup out of memory: Killed process 13344 (syz-executor.2) total-vm:72716kB, anon-rss:18332kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 14:12:13 executing program 5: mlockall(0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x802, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x6, 0x0, [{0x80000001, 0x4, 0xcf, 0x7, 0xc1}, {0xd, 0xc6, 0x0, 0x85c3, 0x1}, {0x40000001, 0x5, 0x2, 0x4}, {0x180000017, 0x2, 0xe5c, 0x40, 0x101}, {0x40000000, 0x8001, 0x6, 0xffffffff, 0x100}, {0x0, 0x20, 0x2, 0x902, 0x2}]}) read$usbmon(r1, &(0x7f0000000080)=""/75, 0x4b) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x45c) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="ed66a42e498bcb8c3bc72a640ad12f1318f137d79781db9257c45428ee90e9781b81d2221723f9a5", 0x28) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x480000, 0x0) 14:12:13 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x6, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:13 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) write(r1, &(0x7f0000000040)="e0", 0xfffffe00) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0xa8f9, 0x4) 14:12:13 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:13 executing program 3: openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:14 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) 14:12:14 executing program 0: socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x1a1502, 0x0) ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000180)={{{0x5, 0x1}}, 0xe2, 0x7, &(0x7f0000000080)="2e0f1ecb7d3fa986121a8ea9eacb762538c677fd7c9433e32fb48d786789cd7edd0919ee33920fd0fa46de245fdfc2b1b8e4b88c741fe30196fb7f19a57cb90855cebac4ccfa2815238f5fa0d0c9438ef26216ab843c2f46a14d2a37d367f0681980bd69ceb895385063e5f801901748c841d9c527a4c79069a8e92851066784480134ccd023a54f283abdedc7a0a76b804e0e3cb83e1fdd6464bee767b404cd16a6b8a48a7698ccd8456e0826d2c1c67e5a76b0a381eee87991f6487ac22723df82648e2e60b0bca7a8f16c777910158711e79d3c769c71a5748ab111a0ca81092f"}) write(r0, &(0x7f0000000040)="e0", 0xfffffe00)